# Database (Required)
DATABASE_URL="postgresql://postgres:password@localhost:5432/postgres"

# PostgreSQL Port (Optional) - defaults to 5432 if not specified
# POSTGRES_PORT=5432

# Authentication (Required unless DISABLE_AUTH=true)
BETTER_AUTH_SECRET=your_secret_key  # Use `openssl rand -hex 32` to generate, or visit https://www.better-auth.com/docs/installation
BETTER_AUTH_URL=http://localhost:3000

# Authentication Bypass (Optional - for self-hosted deployments behind private networks)
# DISABLE_AUTH=true  # Uncomment to bypass authentication entirely. Creates an anonymous session for all requests.

# NextJS (Required)
NEXT_PUBLIC_APP_URL=http://localhost:3000

# Security (Required)
ENCRYPTION_KEY=your_encryption_key  # Use `openssl rand -hex 32` to generate, used to encrypt environment variables
INTERNAL_API_SECRET=your_internal_api_secret # Use `openssl rand -hex 32` to generate, used to encrypt internal api routes
API_ENCRYPTION_KEY=your_api_encryption_key # Use `openssl rand -hex 32` to generate, used to encrypt api keys

# Email Provider (Optional)
# RESEND_API_KEY=  # Uncomment and add your key from https://resend.com to send actual emails
                   # If left commented out, emails will be logged to console instead

# Local AI Models (Optional)
# OLLAMA_URL=http://localhost:11434  # URL for local Ollama server - uncomment if using local models
# VLLM_BASE_URL=http://localhost:8000    # Base URL for your self-hosted vLLM (OpenAI-compatible)
# VLLM_API_KEY=                          # Optional bearer token if your vLLM instance requires auth

# Admin API (Optional - for self-hosted GitOps)
# ADMIN_API_KEY=  # Use `openssl rand -hex 32` to generate. Enables admin API for workflow export/import.
                  # Usage: curl -H "x-admin-key: your_key" https://your-instance/api/v1/admin/workspaces