-
Notifications
You must be signed in to change notification settings - Fork 4
Expand file tree
/
Copy pathenv.example
More file actions
133 lines (110 loc) · 6.18 KB
/
env.example
File metadata and controls
133 lines (110 loc) · 6.18 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
# Environment Variables
# This file documents all environment variables needed for local development and production deployment
# Copy the relevant sections to your actual .env files or platform configuration
# ============================================================================
# LOCAL DEVELOPMENT (Backend)
# ============================================================================
# Copy these to server/.env for local development
# MongoDB Connection (Required)
# Format: mongodb://[username:password@]host[:port][/database][?options]
MONGODB_URI=mongodb://localhost:27017/job-app-assistant
# Example with authentication:
# MONGODB_URI=mongodb://username:password@localhost:27017/job-app-assistant?authSource=admin
# Example with MongoDB Atlas:
# MONGODB_URI=mongodb+srv://username:password@cluster0.xxxxx.mongodb.net/job-app-assistant?retryWrites=true&w=majority
# JWT Authentication Secret (Required)
# Generate a secure random string for production (e.g., using: openssl rand -base64 32)
JWT_SECRET=your-super-secret-jwt-key-change-this-in-production-min-32-chars
# Encryption Key for API Keys (Required)
# Used to encrypt user API keys at rest in the database
# Generate a secure random string (32+ characters recommended)
# Generate using: openssl rand -base64 32
# Or using Node.js: node -e "console.log(require('crypto').randomBytes(32).toString('base64'))"
# Important: Keep this secret secure and never commit it to version control
# If you change this key, all encrypted API keys will need to be re-encrypted
ENCRYPTION_KEY=your-encryption-key-for-api-keys-min-32-chars-change-in-production
# Frontend URL (Optional - for CORS in local development)
# Supports a single origin or a comma-separated list when you need multiple frontends
# FRONTEND_URL=http://localhost:5173
# Google OAuth 2.0 (Optional - Required for Google Calendar reminder sync)
# 1. Go to https://console.cloud.google.com/
# 2. Create a project → Enable "Google Calendar API"
# 3. OAuth consent screen → Create credentials → OAuth 2.0 Client ID (Web application)
# 4. Add Authorized redirect URI: http://localhost:5001/api/auth/google/callback
# GOOGLE_CLIENT_ID=your-google-client-id.apps.googleusercontent.com
# GOOGLE_CLIENT_SECRET=your-google-client-secret
# GOOGLE_REDIRECT_URI=http://localhost:5001/api/auth/google/callback
# Node Environment (Optional - defaults to development)
# NODE_ENV=development
# Server Port (Optional - defaults to 5001)
# PORT=5001
# SMTP Email (Required for password-reset emails)
# Recommended: use a Gmail account with a Google App Password
# 1. Enable 2FA on your Google account
# 2. Go to https://myaccount.google.com/apppasswords
# 3. Create an App Password for "Mail" — use that 16-char value as SMTP_PASS
# SMTP_HOST=smtp.gmail.com
# SMTP_PORT=587
# SMTP_USER=your-gmail-address@gmail.com
# SMTP_PASS=your-16-char-google-app-password
# Stripe Payments (Required for subscription billing)
# Get these from https://dashboard.stripe.com/apikeys (use test keys for development)
# STRIPE_SECRET_KEY=sk_test_...
# Webhook secret — get from: stripe listen --forward-to localhost:5001/api/webhooks/stripe
# STRIPE_WEBHOOK_SECRET=whsec_...
# Price IDs — create products in Stripe dashboard, then copy the price IDs
# STRIPE_PRICE_STARTER=price_...
# STRIPE_PRICE_PRO=price_...
# STRIPE_PRICE_PREMIUM=price_...
# ============================================================================
# HEROKU DEPLOYMENT (Backend)
# ============================================================================
# Set these in Heroku dashboard or via CLI: heroku config:set KEY=value
# See DEPLOYMENT.md for detailed instructions
# MongoDB Connection String (Required)
# Get from MongoDB Atlas dashboard
# MONGODB_URI=mongodb+srv://username:password@cluster0.xxxxx.mongodb.net/job-app-assistant?retryWrites=true&w=majority
# JWT Secret (Required)
# Generate a strong random string (min 32 characters)
# JWT_SECRET=your-production-jwt-secret-min-32-chars
# Encryption Key for API Keys (Required)
# Used to encrypt user API keys at rest in the database
# Generate using: openssl rand -base64 32
# ENCRYPTION_KEY=your-production-encryption-key-min-32-chars
# Frontend URL (Required for CORS)
# Your deployed frontend origin, or a comma-separated list if you use multiple domains
# FRONTEND_URL=https://vibehired-ai.netlify.app,https://vibehired.ganainy.dev
# Node Environment (Required)
# NODE_ENV=production
# Puppeteer / PDF Rendering (Optional but recommended for Heroku/container deploys)
# If Chrome is provided by a buildpack/system package, point Puppeteer to it.
# PUPPETEER_EXECUTABLE_PATH=/app/.apt/usr/bin/google-chrome-stable
# SMTP Email (Required for password-reset emails)
# Recommended: use a Gmail account with a Google App Password
# 1. Enable 2FA on your Google account
# 2. Go to https://myaccount.google.com/apppasswords
# 3. Create an App Password for "Mail" — use that 16-char value as SMTP_PASS
# SMTP_HOST=smtp.gmail.com
# SMTP_PORT=587
# SMTP_USER=your-gmail-address@gmail.com
# SMTP_PASS=your-16-char-google-app-password
# Port (Automatically set by Heroku - do not set manually)
# PORT is set automatically by Heroku
# ============================================================================
# NETLIFY DEPLOYMENT (Frontend)
# ============================================================================
# Set these in Netlify dashboard: Site settings → Environment variables
# See DEPLOYMENT.md for detailed instructions
# Backend API URL (Required)
# Your Heroku backend URL + /api
# VITE_BACKEND_URL=https://your-heroku-app.herokuapp.com/api
# Example: VITE_BACKEND_URL=https://job-app-backend.herokuapp.com/api
# Payments / Stripe feature flag (Optional — defaults to enabled)
# Set to "false" to hide Stripe checkout and upgrade CTAs on the frontend.
# Useful while Stripe is in sandbox mode and not ready for public use.
# Flip to "true" (or remove the var entirely) when ready to enable payments.
VITE_PAYMENTS_ENABLED=false
# Interview Buddy companion app download URL (optional)
# Points to the compiled Electron installer hosted on GitHub Releases or similar.
# Shown as a fallback link when the companion is not detected on the user's machine.
# VITE_COMPANION_DOWNLOAD_URL=https://github.com/your-org/interview-buddy/releases/latest