# ============================================================================= # GoodGo Platform — Environment Variables # Copy this file to .env and update values for your local environment # ============================================================================= # ----------------------------------------------------------------------------- # PostgreSQL + PostGIS # ----------------------------------------------------------------------------- DB_HOST=localhost DB_PORT=5432 DB_NAME=goodgo DB_USER=goodgo DB_PASSWORD=CHANGE_ME DATABASE_URL=postgresql://${DB_USER}:${DB_PASSWORD}@${DB_HOST}:${DB_PORT}/${DB_NAME}?schema=public # Direct connection (bypasses PgBouncer — used for migrations/introspection) DATABASE_URL_DIRECT=postgresql://${DB_USER}:${DB_PASSWORD}@${DB_HOST}:${DB_PORT}/${DB_NAME}?schema=public # ----------------------------------------------------------------------------- # PgBouncer (Connection Pooling — production only) # ----------------------------------------------------------------------------- PGBOUNCER_POOL_SIZE=20 PGBOUNCER_MAX_CLIENT_CONN=200 PGBOUNCER_ADMIN_PASSWORD=CHANGE_ME PGBOUNCER_STATS_PASSWORD=CHANGE_ME # ----------------------------------------------------------------------------- # Redis # ----------------------------------------------------------------------------- REDIS_HOST=localhost REDIS_PORT=6379 REDIS_PASSWORD= REDIS_URL=redis://${REDIS_HOST}:${REDIS_PORT} # ----------------------------------------------------------------------------- # Typesense # ----------------------------------------------------------------------------- TYPESENSE_HOST=localhost TYPESENSE_PORT=8108 TYPESENSE_PROTOCOL=http TYPESENSE_API_KEY=CHANGE_ME # ----------------------------------------------------------------------------- # MinIO (S3-compatible Object Storage) # ----------------------------------------------------------------------------- MINIO_ENDPOINT=localhost MINIO_PORT=9000 MINIO_CONSOLE_PORT=9001 MINIO_ACCESS_KEY=CHANGE_ME MINIO_SECRET_KEY=CHANGE_ME MINIO_BUCKET=goodgo-media MINIO_USE_SSL=false # ----------------------------------------------------------------------------- # NestJS API # ----------------------------------------------------------------------------- API_PORT=3000 PORT=3001 NODE_ENV=development # ----------------------------------------------------------------------------- # CORS — comma-separated allowed origins (REQUIRED in production) # ----------------------------------------------------------------------------- CORS_ORIGINS=http://localhost:3000,http://localhost:3001 # ----------------------------------------------------------------------------- # JWT / Auth (REQUIRED — app will not start without these) # # SECURITY: Generate strong, random secrets (min 32 characters). # openssl rand -base64 48 # # Do NOT use placeholder values like "CHANGE_ME" — the app will reject them. # Each secret must be unique and kept out of version control. # ----------------------------------------------------------------------------- JWT_SECRET= JWT_EXPIRES_IN=15m JWT_REFRESH_SECRET= JWT_REFRESH_EXPIRES_IN=7d # ----------------------------------------------------------------------------- # OAuth Providers # ----------------------------------------------------------------------------- GOOGLE_CLIENT_ID= GOOGLE_CLIENT_SECRET= GOOGLE_CALLBACK_URL=http://localhost:3001/auth/google/callback ZALO_APP_ID= ZALO_APP_SECRET= ZALO_CALLBACK_URL=http://localhost:3001/auth/zalo/callback FRONTEND_URL=http://localhost:3000 # ----------------------------------------------------------------------------- # Next.js Web # ----------------------------------------------------------------------------- NEXT_PUBLIC_API_URL=http://localhost:3000 WEB_PORT=3001 # ----------------------------------------------------------------------------- # AI Service (Python/FastAPI) # ----------------------------------------------------------------------------- AI_SERVICE_PORT=8000 AI_SERVICE_URL=http://localhost:8000 CLAUDE_API_KEY= # ----------------------------------------------------------------------------- # Mapbox # ----------------------------------------------------------------------------- NEXT_PUBLIC_MAPBOX_TOKEN= # ----------------------------------------------------------------------------- # Payment Gateways (VNPay, MoMo, ZaloPay) # Leave empty if not using payment features # ----------------------------------------------------------------------------- VNPAY_TMN_CODE= VNPAY_HASH_SECRET= VNPAY_BASE_URL=https://sandbox.vnpayment.vn/paymentv2/vpcpay.html VNPAY_API_URL=https://sandbox.vnpayment.vn/merchant_webapi/api/transaction MOMO_PARTNER_CODE= MOMO_ACCESS_KEY= MOMO_SECRET_KEY= MOMO_ENDPOINT=https://test-payment.momo.vn/v2/gateway/api ZALOPAY_APP_ID= ZALOPAY_KEY1= ZALOPAY_KEY2= ZALOPAY_ENDPOINT=https://sb-openapi.zalopay.vn/v2 # ----------------------------------------------------------------------------- # Email / SMTP # ----------------------------------------------------------------------------- SMTP_HOST=localhost SMTP_PORT=1025 SMTP_USER= SMTP_PASS= SMTP_FROM=noreply@goodgo.vn # ----------------------------------------------------------------------------- # Firebase Cloud Messaging (optional) # ----------------------------------------------------------------------------- FIREBASE_SERVICE_ACCOUNT= # ----------------------------------------------------------------------------- # Sentry Error Tracking # ----------------------------------------------------------------------------- SENTRY_DSN= NEXT_PUBLIC_SENTRY_DSN= SENTRY_AUTH_TOKEN= SENTRY_ORG= SENTRY_PROJECT= # ----------------------------------------------------------------------------- # KYC Field Encryption (REQUIRED in production) # # AES-256-GCM key for encrypting sensitive KYC data at rest. # Must be exactly 64 hex characters (32 bytes). # openssl rand -hex 32 # ----------------------------------------------------------------------------- KYC_ENCRYPTION_KEY= KYC_ENCRYPTION_KEY_VERSION=1 # ----------------------------------------------------------------------------- # Logging # ----------------------------------------------------------------------------- LOG_LEVEL=info