# Copy to `.env` for local development (never commit real secrets).

# PostgreSQL — use `docker compose up -d postgres` and match user/db/password.
DATABASE_URL="postgresql://communityrule:communityrule@localhost:5432/communityrule"

# Session signing + secret used when hashing magic-link tokens. Min 16 characters; use a long random string in production.
SESSION_SECRET="dev-only-change-me-16chars-min"

# Optional: Nodemailer transport URL, e.g. `smtp://localhost:1025` with Mailhog from docker-compose.
# Leave unset in development to log the magic-link verify URL to the server console instead of sending email.
SMTP_URL=
SMTP_FROM="Community Rule <noreply@localhost>"

# Set to `true` to sync the create-flow draft with `/api/drafts/me` when the user is signed in.
NEXT_PUBLIC_ENABLE_BACKEND_SYNC=

# Web vitals API (CR-80): `external` = structured logs only, no writes under `.next` (default in production).
# `local` = file-based aggregates under `.next/web-vitals` (default in development). Omit to use defaults.
# WEB_VITALS_STORAGE=external

# Optional: URL shown on /monitor when using external storage (Grafana, Kibana, vendor RUM, etc.).
# NEXT_PUBLIC_RUM_DASHBOARD_URL=

# Writable directory for `POST /api/uploads` (community photo + custom-method attachments).
# In production (e.g. Cloudron localstorage mount), set to the mounted path. Local dev example:
# UPLOAD_ROOT="/absolute/path/to/community-rule/var/uploads"