.env

# Note: Most values overwritten by K8s ConfigMap at deploy time

# local, heroku, stage, production
APP_ENV=local
SERVER_URL=http://localhost:6060
PORT=6060
NEXTAUTH_URL=http://localhost:6060
NEXTAUTH_SECRET=placeholder-random-string

# 1: disables the dockerflow endpoints
# see: https://github.com/mozilla-services/Dockerflow#containerized-app-requirements
DISABLE_DOCKERFLOW=

# Database server
DATABASE_URL=postgres://blurts:blurts@localhost:5432/blurts
# How many seconds can unverified subscribers remain in the database
DELETE_UNVERIFIED_SUBSCRIBERS_TIMER=86400

# How many seconds until page tokens expire?
PAGE_TOKEN_TIMER=0

# Email server
SMTP_URL=
# From: address used in emails
EMAIL_FROM="Mozilla Monitor Stage <breach-alerts@stage.mozaws.net>"
# https://docs.aws.amazon.com/ses/latest/DeveloperGuide/using-configuration-sets.html
SES_CONFIG_SET=
# 1: only log messages coming back from SES
SES_NOTIFICATION_LOG_ONLY=

# s3 bucket for cdn
AWS_ACCESS_KEY_ID=
AWS_SECRET_ACCESS_KEY=
AWS_REGION=
S3_BUCKET=mock-bucket

# Firefox Accounts OAuth
FXA_SETTINGS_URL=https://accounts.stage.mozaws.net/settings

OAUTH_CLIENT_ID=edd29a80019d61a1
OAUTH_CLIENT_SECRET=get-this-from-groovecoder-or-fxmonitor-engineering
OAUTH_AUTHORIZATION_URI=https://accounts.stage.mozaws.net/authorization
OAUTH_METRICS_FLOW_URI=https://accounts.stage.mozaws.net/metrics-flow
OAUTH_PROFILE_URI=https://profile.stage.mozaws.net/v1/profile
OAUTH_TOKEN_URI=https://oauth.stage.mozaws.net/v1/token
OAUTH_ACCOUNT_URI="https://api-accounts.stage.mozaws.net/v1"

# HIBP API for breach data
# How many seconds to wait before refreshing upstream breach data from HIBP
HIBP_RELOAD_BREACHES_TIMER=600
# HIBP API for range search and subscription
HIBP_KANON_API_ROOT=https://enterprise.stage-api.haveibeenpwned.com
HIBP_KANON_API_TOKEN=mock-api-token
HIBP_API_ROOT=https://haveibeenpwned.com/api/v2

# How many milliseconds to wait before retrying an HIBP request
HIBP_THROTTLE_DELAY=2000
# Max number of times to try an HIBP request before throwing error
HIBP_THROTTLE_MAX_TRIES=5
# Authorization token for HIBP to present to /hibp/notify endpoint
HIBP_NOTIFY_TOKEN=unsafe-default-token-for-dev
# Domains we prefer to not link to
HIBP_BREACH_DOMAIN_BLOCKLIST=a-blocked-domain.com,another-blocked-domain.org

# Firefox Remote Settings
FX_REMOTE_SETTINGS_WRITER_SERVER=https://settings-writer.prod.mozaws.net/v1
FX_REMOTE_SETTINGS_WRITER_USER=mock-user
FX_REMOTE_SETTINGS_WRITER_PASS=mock-password

# DSN for Sentry error and event capturing
# e.g., SENTRY_DSN=https://{key}@sentry.prod.mozaws.net/408
SENTRY_DSN=

REDIS_URL=redis://redis.mock

SUPPORTED_LOCALES=cs,cy,da,de,el,en,en-CA,en-GB,es-AR,es-CL,es-ES,es-MX,fi,fr,fy-NL,gn,hu,kab,ia,id,it,ja,ko,nb-NO,nl,nn-NO,pt-BR,pt-PT,ro,ru,sk,sl,sq,sv-SE,th,tr,uk,vi,zh-CN,zh-TW

# Educational video src urls, hosted by SRE team on a CDN
EDUCATION_VIDEO_URL_RELAY=https://monitor.cdn.mozilla.net/videos/FF_Relay_version_02.mp4
EDUCATION_VIDEO_URL_VPN=https://monitor.cdn.mozilla.net/videos/Mozilla_VPN.mp4

# Email addresses that are allowed to test and send emails
ADMINS=

# Functional tests
E2E_TEST_ENV=local
E2E_TEST_SECRET=test-secret
E2E_TEST_ACCOUNT_BASE_EMAIL=test-account
E2E_TEST_ACCOUNT_BASE_PASSWORD=test-password

# GCP PubSub Project ID and subscription name
GCP_PUBSUB_PROJECT_ID=your-project-name
GCP_PUBSUB_TOPIC_NAME=hibp-breaches
GCP_PUBSUB_SUBSCRIPTION_NAME=hibp-cron

# Randomly-generated UUIDv5 namespace, until/unless we are approved to use FxA UID for Nimbus User ID.
NIMBUS_UUID_NAMESPACE=00000000-0000-0000-0000-000000000000
NIMBUS_SIDECAR_URL=http://localhost:8001

# Used during CI to upload sourcemaps to Sentry.
UPLOAD_SENTRY_SOURCEMAPS=false
SENTRY_AUTH_TOKEN=

# Whether GA4 sends data or not. NOTE: must be set in build environment.
NEXT_PUBLIC_GA4_DEBUG_MODE=true