rubis/apps/api/start/env.ts

/*
|--------------------------------------------------------------------------
| Environment variables service
|--------------------------------------------------------------------------
|
| The `Env.create` method creates an instance of the Env service. The
| service validates the environment variables and also cast values
| to JavaScript data types.
|
*/

import { Env } from '@adonisjs/core/env'

export default await Env.create(new URL('../', import.meta.url), {
  // Node
  NODE_ENV: Env.schema.enum(['development', 'production', 'test'] as const),
  PORT: Env.schema.number(),
  HOST: Env.schema.string({ format: 'host' }),
  LOG_LEVEL: Env.schema.string(),

  // App
  APP_KEY: Env.schema.secret(),
  APP_URL: Env.schema.string({ format: 'url', tld: false }),

  // Session
  SESSION_DRIVER: Env.schema.enum(['cookie', 'memory', 'database'] as const),

  // Database
  DB_CONNECTION: Env.schema.enum.optional(['postgres', 'sqlite'] as const),
  PG_HOST: Env.schema.string.optional({ format: 'host' }),
  PG_PORT: Env.schema.number.optional(),
  PG_USER: Env.schema.string.optional(),
  PG_PASSWORD: Env.schema.string.optional(),
  PG_DB_NAME: Env.schema.string.optional(),

  // Redis (BullMQ + cache)
  REDIS_HOST: Env.schema.string.optional({ format: 'host' }),
  REDIS_PORT: Env.schema.number.optional(),
  REDIS_PASSWORD: Env.schema.string.optional(),

  // Storage (MinIO via S3 driver)
  DRIVE_DISK: Env.schema.enum.optional(['s3', 'fs'] as const),
  S3_ENDPOINT: Env.schema.string.optional({ format: 'url', tld: false }),
  S3_REGION: Env.schema.string.optional(),
  S3_BUCKET: Env.schema.string.optional(),
  S3_ACCESS_KEY: Env.schema.string.optional(),
  S3_SECRET_KEY: Env.schema.string.optional(),
  S3_FORCE_PATH_STYLE: Env.schema.boolean.optional(),

  // Mail
  MAIL_FROM_ADDRESS: Env.schema.string.optional(),
  MAIL_FROM_NAME: Env.schema.string.optional(),
  MAIL_DRIVER: Env.schema.enum.optional(['smtp', 'resend'] as const),
  SMTP_HOST: Env.schema.string.optional({ format: 'host' }),
  SMTP_PORT: Env.schema.number.optional(),
  RESEND_API_KEY: Env.schema.string.optional(),

  // OCR
  OCR_PROVIDER: Env.schema.enum.optional(['mock', 'mistral'] as const),
  MISTRAL_API_KEY: Env.schema.string.optional(),

  // Stripe — secret key + webhook signing secret. Optional en dev sans
  // billing actif. La commande `stripe:setup` et le webhook handler les
  // exigent au runtime.
  STRIPE_SECRET_KEY: Env.schema.string.optional(),
  STRIPE_WEBHOOK_SECRET: Env.schema.string.optional(),

  // Web (URL du SPA pour redirects post-checkin)
  WEB_URL: Env.schema.string.optional({ format: 'url', tld: false }),

  // Landing public (lien dans le footer des emails — branding)
  LANDING_URL: Env.schema.string.optional({ format: 'url', tld: false }),

  // Auth
  ACCESS_TOKEN_TTL_MINUTES: Env.schema.number.optional(),
  REFRESH_TOKEN_TTL_DAYS: Env.schema.number.optional(),
  COOKIE_DOMAIN: Env.schema.string.optional(),
  COOKIE_SECURE: Env.schema.boolean.optional(),

  // Google SSO (Ally)
  GOOGLE_CLIENT_ID: Env.schema.string.optional(),
  GOOGLE_CLIENT_SECRET: Env.schema.string.optional(),
  GOOGLE_CALLBACK_URL: Env.schema.string.optional({ format: 'url', tld: false }),

  // Microsoft SSO (Ally)
  MICROSOFT_CLIENT_ID: Env.schema.string.optional(),
  MICROSOFT_CLIENT_SECRET: Env.schema.string.optional(),
  MICROSOFT_TENANT: Env.schema.string.optional(),
  MICROSOFT_CALLBACK_URL: Env.schema.string.optional({ format: 'url', tld: false }),

  /*
  |----------------------------------------------------------
  | Variables for configuring the limiter package
  |----------------------------------------------------------
  */
  LIMITER_STORE: Env.schema.enum(['redis', 'memory'] as const)
})