A community based topic aggregation platform built on atproto
bretton.dev
1# Coves Local Development Environment Configuration
2# This file contains all environment variables for the local atProto development stack
3# DO NOT commit secrets to version control in production!
4
5# =============================================================================
6# PostgreSQL Configuration (Development Database)
7# =============================================================================
8# Development database for Coves AppView (runs on port 5433)
9POSTGRES_HOST=localhost
10POSTGRES_PORT=5433
11POSTGRES_DB=coves_dev
12POSTGRES_USER=dev_user
13POSTGRES_PASSWORD=dev_password
14
15# =============================================================================
16# PDS (Personal Data Server) Configuration
17# =============================================================================
18# PDS runs on port 3001 (to avoid conflict with production PDS on :3000)
19PDS_HOSTNAME=localhost
20PDS_PORT=3001
21
22# DID PLC Directory (use Bluesky's for development)
23PDS_DID_PLC_URL=https://plc.directory
24
25# JWT Secret (for signing tokens - change in production!)
26PDS_JWT_SECRET=local-dev-jwt-secret-change-in-production
27
28# Admin password for PDS management
29PDS_ADMIN_PASSWORD=admin
30
31# Handle domains (users will get handles like alice.local.coves.dev)
32PDS_SERVICE_HANDLE_DOMAINS=.local.coves.dev
33
34# PLC Rotation Key (k256 private key in hex format - for local dev only)
35# This is a randomly generated key for testing - DO NOT use in production
36PDS_PLC_ROTATION_KEY=af514fb84c4356241deed29feb392d1ee359f99c05a7b8f7bff2e5f2614f64b2
37
38# =============================================================================
39# AppView Configuration (Your Go Application)
40# =============================================================================
41# AppView runs on port 8081 (to avoid conflicts)
42APPVIEW_PORT=8081
43
44# PDS Firehose URL (WebSocket connection - direct to PDS, no relay)
45FIREHOSE_URL=ws://localhost:3001/xrpc/com.atproto.sync.subscribeRepos
46
47# PDS URL (for XRPC calls)
48PDS_URL=http://localhost:3001
49
50# =============================================================================
51# Test Database Configuration
52# =============================================================================
53# Test database runs on port 5434 (separate from dev on 5433)
54POSTGRES_TEST_DB=coves_test
55POSTGRES_TEST_USER=test_user
56POSTGRES_TEST_PASSWORD=test_password
57POSTGRES_TEST_PORT=5434
58
59# =============================================================================
60# Jetstream Configuration (Read-Forward User Indexing)
61# =============================================================================
62# Jetstream WebSocket URL for real-time atProto events
63#
64# Production: Use Bluesky's public Jetstream (indexes entire network)
65# JETSTREAM_URL=wss://jetstream2.us-east.bsky.network/subscribe?wantedCollections=app.bsky.actor.profile
66#
67# Local E2E Testing: Use local Jetstream (indexes only local PDS)
68# 1. Start local Jetstream: docker-compose --profile jetstream up pds jetstream
69# 2. Use this URL:
70JETSTREAM_URL=ws://localhost:6008/subscribe
71
72# Optional: Filter events to specific PDS
73# JETSTREAM_PDS_FILTER=http://localhost:3001
74
75# =============================================================================
76# Identity Resolution Configuration
77# =============================================================================
78# PLC Directory URL for DID resolution
79IDENTITY_PLC_URL=https://plc.directory
80
81# Cache TTL for resolved identities (Go duration format: 24h, 1h30m, etc.)
82IDENTITY_CACHE_TTL=24h
83
84# =============================================================================
85# OAuth Configuration
86# =============================================================================
87# OAuth client private key (ES256 keypair - generate with: go run cmd/genjwks/main.go)
88# DO NOT commit this to version control in production!
89#
90# Supports two formats:
91# 1. Plain JSON (easier for local development):
92# OAUTH_PRIVATE_JWK={"alg":"ES256","crv":"P-256",...}
93#
94# 2. Base64 encoded (recommended for production to avoid shell escaping):
95# OAUTH_PRIVATE_JWK=base64:eyJhbGciOiJFUzI1NiIsImNydiI6IlAtMjU2Ii...
96# Generate with: echo '{"alg":...}' | base64 -w 0
97#
98OAUTH_PRIVATE_JWK={"alg":"ES256","crv":"P-256","d":"9tCMceYSgyZfO5KYOCm3rWEhXLqq2l4LjP7-PJtJKyk","kid":"oauth-client-key","kty":"EC","use":"sig","x":"EOYWEgZ2d-smTO6jh0f-9B7YSFYdlrvlryjuXTCrOjE","y":"_FR2jBcWNxoJl5cd1eq9sYtAs33No9AVtd42UyyWYi4"}
99
100# Cookie secret for session encryption (generate with: openssl rand -hex 32)
101# Also supports base64: prefix for consistency
102OAUTH_COOKIE_SECRET=f1132c01b1a625a865c6c455a75ee793572cedb059cebe0c4c1ae4c446598f7d
103
104# AppView public URL (used for OAuth callback and client metadata)
105# Dev: http://127.0.0.1:8081 (use 127.0.0.1 instead of localhost per RFC 8252)
106# Prod: https://coves.social
107APPVIEW_PUBLIC_URL=http://127.0.0.1:8081
108
109# =============================================================================
110# Development Settings
111# =============================================================================
112# Environment
113ENV=development
114NODE_ENV=development
115
116# Logging
117LOG_LEVEL=debug
118LOG_ENABLED=true
119
120# =============================================================================
121# Notes
122# =============================================================================
123# All local development configuration in one file!
124# - Dev PostgreSQL: port 5433
125# - Test PostgreSQL: port 5434 (via --profile test)
126# - PDS: port 3001 (avoids conflict with production on :3000)
127# - AppView: port 8081
128# - PDS is self-contained (SQLite + CAR files)
129# - PostgreSQL is only for Coves AppView indexing
130# - AppView subscribes directly to PDS firehose (no relay needed)
131# - PDS firehose: ws://localhost:3001/xrpc/com.atproto.sync.subscribeRepos