# Node TZ=UTC PORT=3333 HOST=0.0.0.0 NODE_ENV=development # App LOG_LEVEL=info APP_KEY= # APP_URL est l'URL publique (utilisée dans les emails check-in/relance, # les redirects, etc.). Volontairement découplée de HOST : on bind sur # 0.0.0.0 mais on expose `localhost` (en dev) ou le vrai domaine (en prod). APP_URL=http://localhost:3333 # Session SESSION_DRIVER=cookie #-------------------------------------------------------------------- # CORS (configure allowed origins for API access) #-------------------------------------------------------------------- # CORS_ORIGIN=http://localhost:5173,http://localhost:3000 #-------------------------------------------------------------------- # Database (Postgres via docker-compose.dev.yml) #-------------------------------------------------------------------- DB_CONNECTION=postgres PG_HOST=localhost PG_PORT=5433 PG_USER=rubis PG_PASSWORD=rubis PG_DB_NAME=rubis_dev #-------------------------------------------------------------------- # Redis (BullMQ + cache) #-------------------------------------------------------------------- REDIS_HOST=localhost REDIS_PORT=6380 REDIS_PASSWORD= #-------------------------------------------------------------------- # Storage (MinIO via S3 driver) #-------------------------------------------------------------------- DRIVE_DISK=s3 S3_ENDPOINT=http://localhost:9100 S3_REGION=fr-par S3_BUCKET=rubis-invoices S3_ACCESS_KEY=rubis S3_SECRET_KEY=rubis-dev-secret S3_FORCE_PATH_STYLE=true #-------------------------------------------------------------------- # Mail (Resend par défaut, Mailpit en fallback dev via MAIL_DRIVER=smtp) #-------------------------------------------------------------------- MAIL_FROM_ADDRESS=rubis@arthurbarre.fr MAIL_FROM_NAME=Rubis Sur l'Ongle MAIL_DRIVER=resend RESEND_API_KEY= # Fallback Mailpit (si MAIL_DRIVER=smtp) SMTP_HOST=localhost SMTP_PORT=1025 #-------------------------------------------------------------------- # OCR (Mistral) #-------------------------------------------------------------------- OCR_PROVIDER=mistral MISTRAL_API_KEY= #-------------------------------------------------------------------- # Web (URL du SPA, utilisée pour les redirects post-checkin) #-------------------------------------------------------------------- WEB_URL=http://localhost:5173 #-------------------------------------------------------------------- # Auth (refresh tokens) #-------------------------------------------------------------------- ACCESS_TOKEN_TTL_MINUTES=30 REFRESH_TOKEN_TTL_DAYS=30 COOKIE_DOMAIN= COOKIE_SECURE=false #-------------------------------------------------------------------- # Google SSO (Ally) — créer un OAuth Client ID web sur Google Cloud # Console, puis ajouter les redirect URIs : # - http://localhost:3333/api/v1/auth/google/callback (dev) # - https://app.rubis.arthurbarre.fr/api/v1/auth/google/callback (prod) #-------------------------------------------------------------------- GOOGLE_CLIENT_ID= GOOGLE_CLIENT_SECRET= GOOGLE_CALLBACK_URL=http://localhost:3333/api/v1/auth/google/callback #-------------------------------------------------------------------- # Microsoft SSO (Ally) — App registration sur https://portal.azure.com # (Microsoft Entra ID → App registrations → New registration → Web), # redirect URIs à enregistrer : # - http://localhost:3333/api/v1/auth/microsoft/callback (dev) # - https://app.rubis.arthurbarre.fr/api/v1/auth/microsoft/callback (prod) # Tenant : 'common' (work + perso), 'organizations' (M365 only) ou un GUID. #-------------------------------------------------------------------- MICROSOFT_CLIENT_ID= MICROSOFT_CLIENT_SECRET= MICROSOFT_TENANT=common MICROSOFT_CALLBACK_URL=http://localhost:3333/api/v1/auth/microsoft/callback LIMITER_STORE=redis