-
Notifications
You must be signed in to change notification settings - Fork 61
Expand file tree
/
Copy path.env.example
More file actions
142 lines (123 loc) · 6.79 KB
/
.env.example
File metadata and controls
142 lines (123 loc) · 6.79 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
# ==============================================================================
# Core API — Environment Variables
# ==============================================================================
# Copy this file to .env and fill in the values.
#
# Variables are organized into tiers:
# [REQUIRED] — The app will not start without these
# [OPTIONAL] — Enables additional functionality, graceful fallback without
# [FEATURE] — Required only for specific features (email sync, AI, etc.)
# ==============================================================================
# ------------------------------------------------------------------------------
# General
# ------------------------------------------------------------------------------
API_ENV=development # development | production
DEBUG=false
# ------------------------------------------------------------------------------
# [REQUIRED] Supabase
# ------------------------------------------------------------------------------
# Create a project at https://supabase.com and grab these from Settings > API
SUPABASE_URL=https://your-project.supabase.co
SUPABASE_ANON_KEY=your-anon-key
SUPABASE_SERVICE_ROLE_KEY=your-service-role-key
SUPABASE_JWT_SECRET=your-jwt-secret # Settings > API > JWT Secret
# ------------------------------------------------------------------------------
# [REQUIRED] CORS
# ------------------------------------------------------------------------------
# Comma-separated production origins (localhost is included by default)
# ALLOWED_ORIGINS_ENV=https://yourapp.vercel.app,https://yourdomain.com
# ------------------------------------------------------------------------------
# [OPTIONAL] Redis — Rate Limiting
# ------------------------------------------------------------------------------
# Falls back to in-memory rate limiting if not set (fine for single-instance)
# UPSTASH_REDIS_URL=https://your-redis.upstash.io
# UPSTASH_REDIS_TOKEN=your-redis-token
# ------------------------------------------------------------------------------
# [OPTIONAL] Sentry — Error Tracking
# ------------------------------------------------------------------------------
# Disabled if not set (no errors sent, app works normally)
# SENTRY_DSN=https://your-dsn@sentry.io/project-id
# ------------------------------------------------------------------------------
# [FEATURE] AI Chat — OpenAI / Anthropic
# ------------------------------------------------------------------------------
# At least one is needed for the /api/chat endpoints to work
# OPENAI_API_KEY=sk-...
# ANTHROPIC_API_KEY=sk-ant-...
# ------------------------------------------------------------------------------
# [FEATURE] Email AI Analysis — Groq
# ------------------------------------------------------------------------------
# Falls back to generic summaries if not set
# GROQ_API_KEY=gsk_...
# ------------------------------------------------------------------------------
# [FEATURE] Web Search — Exa
# ------------------------------------------------------------------------------
# Chat web search tool disabled if not set
# EXA_API_KEY=your-exa-key
# ------------------------------------------------------------------------------
# [FEATURE] File Storage — Cloudflare R2 (S3-compatible)
# ------------------------------------------------------------------------------
# Required for: file uploads, avatars, chat attachments
# R2_ACCOUNT_ID=your-account-id
# R2_ACCESS_KEY_ID=your-access-key
# R2_SECRET_ACCESS_KEY=your-secret-key
# R2_BUCKET_NAME=core-os-files
# R2_S3_API=https://your-account-id.r2.cloudflarestorage.com
# R2_PUBLIC_URL=https://files.yourdomain.com
# Public bucket (avatars)
# R2_PUBLIC_BUCKET=core-public
# R2_PUBLIC_ACCESS_URL=https://pub-xxx.r2.dev
# ------------------------------------------------------------------------------
# [FEATURE] Image Proxy — Cloudflare Worker
# ------------------------------------------------------------------------------
# IMAGE_PROXY_URL=https://img.yourdomain.com
# IMAGE_PROXY_SECRET=your-hmac-shared-secret
# ------------------------------------------------------------------------------
# [FEATURE] Workspace Invitations — Resend
# ------------------------------------------------------------------------------
# Invitations will fail if not set (users can still join via direct link)
# RESEND_API_KEY=re_...
# RESEND_FROM_DOMAIN=yourdomain.com
# RESEND_FROM_EMAIL=Core <invites@yourdomain.com>
FRONTEND_URL=http://localhost:5173
# ------------------------------------------------------------------------------
# [FEATURE] Google OAuth — Gmail & Calendar Sync
# ------------------------------------------------------------------------------
# GOOGLE_CLIENT_ID=your-client-id.apps.googleusercontent.com
# GOOGLE_CLIENT_SECRET=your-client-secret
# Google Cloud Pub/Sub (Gmail push notifications)
# GOOGLE_CLOUD_PROJECT_ID=your-gcp-project-id
# GOOGLE_PUBSUB_TOPIC=projects/YOUR_PROJECT_ID/topics/gmail-sync-topic
# ------------------------------------------------------------------------------
# [FEATURE] Microsoft OAuth — Outlook & Microsoft 365 Sync
# ------------------------------------------------------------------------------
# MICROSOFT_CLIENT_ID=your-client-id
# MICROSOFT_CLIENT_SECRET=your-client-secret
# MICROSOFT_TENANT_ID=common
# MICROSOFT_WEBHOOK_URL=https://your-api.vercel.app/api/webhooks/microsoft
# ------------------------------------------------------------------------------
# [OPTIONAL] Token Encryption — OAuth tokens at rest
# ------------------------------------------------------------------------------
# Encrypts Google & Microsoft access/refresh tokens stored in the database.
# Generate a key: python -c "from cryptography.fernet import Fernet; print(Fernet.generate_key().decode())"
# TOKEN_ENCRYPTION_KEY=your-fernet-key
# TOKEN_ENCRYPTION_KEY_PREVIOUS= # Only set during key rotation
# ------------------------------------------------------------------------------
# [FEATURE] Webhooks & Cron
# ------------------------------------------------------------------------------
# WEBHOOK_BASE_URL=https://your-api.vercel.app
# CRON_SECRET=your-random-secret
# ------------------------------------------------------------------------------
# [FEATURE] QStash — Job Queue
# ------------------------------------------------------------------------------
# Falls back to no-op if not set (cron jobs handle sync instead)
# QSTASH_TOKEN=your-token
# QSTASH_URL=https://qstash.upstash.io
# QSTASH_CURRENT_SIGNING_KEY=your-signing-key
# QSTASH_NEXT_SIGNING_KEY=your-next-signing-key
# QSTASH_WORKER_URL=https://your-api.vercel.app
# ------------------------------------------------------------------------------
# [FEATURE] AI Agent Sandboxes — E2B
# ------------------------------------------------------------------------------
# E2B_API_KEY=e2b_...
# E2B_DEFAULT_TEMPLATE=base
# AGENT_WEBHOOK_SECRET=your-webhook-secret