# ---- Core ----
NODE_ENV=development

# ---- Database ----
DATABASE_URL=postgresql://bmm:bmm@localhost:5432/bmm
REDIS_URL=redis://localhost:6379

# ---- Auth (Better-Auth) ----
BETTER_AUTH_SECRET=replace-me-with-32-bytes-of-random-hex-1234567890abcdef
BETTER_AUTH_URL=http://localhost:3000
NEXT_PUBLIC_APP_URL=http://localhost:3000
NEXT_PUBLIC_API_URL=http://localhost:4000

# ---- GitHub OAuth (optional in dev) ----
GITHUB_OAUTH_ID=
GITHUB_OAUTH_SECRET=

# ---- Anthropic ----
ANTHROPIC_API_KEY=

# ---- Crypto ----
# 32-byte hex for AES-256-GCM; generate with: openssl rand -hex 32
SECRETS_ENCRYPTION_KEY=0000000000000000000000000000000000000000000000000000000000000000

# ---- OAuth signing (RS256 JWKS) ----
# Path to PEM keypair; auto-generated on api boot if missing
OAUTH_KEY_DIR=./keys

# ---- Runner / Generator ----
# Where MCP runtime containers bind (host machine reachable from API)
RUNNER_HOST=localhost
# Range of host ports used for generated MCP containers
RUNNER_PORT_RANGE_START=4100
RUNNER_PORT_RANGE_END=4999
# Public URL template — $SLUG and $PORT are interpolated
RUNNER_PUBLIC_URL_TEMPLATE=http://localhost:$PORT
# Control plane URL reachable from runner containers
CONTROL_PLANE_URL=http://host.docker.internal:4000

# ---- Stripe (Sprint 4) ----
STRIPE_SECRET_KEY=
STRIPE_WEBHOOK_SECRET=

# ---- Observability (optional) ----
SENTRY_DSN=
OTEL_EXPORTER_OTLP_ENDPOINT=