···
1
+
# Coves Environment Configuration
2
+
# Copy this file to .env and update values for your deployment
4
+
# === Database Configuration ===
5
+
DATABASE_URL=postgres://dev_user:dev_password@localhost:5433/coves_dev?sslmode=disable
7
+
# === PDS Configuration ===
8
+
PDS_URL=http://localhost:3001
10
+
# === Server Configuration ===
12
+
API_BASE_URL=https://api.coves.social
14
+
# === Identity Resolution ===
15
+
IDENTITY_PLC_URL=https://plc.directory
16
+
IDENTITY_CACHE_TTL=1h
18
+
# === Jetstream Configuration ===
19
+
JETSTREAM_URL=wss://jetstream2.us-east.bsky.network/subscribe?wantedCollections=app.bsky.actor.profile
20
+
JETSTREAM_PDS_FILTER= # Optional: filter to specific PDS
22
+
# === OAuth Configuration ===
23
+
OAUTH_COOKIE_SECRET= # Base64-encoded 32-byte secret (generate with: openssl rand -base64 32)
24
+
OAUTH_PRIVATE_JWK= # Private JWK for signing OAuth tokens (generate with: cmd/genjwks)
26
+
# === Verification Service (DID Configuration) ===
27
+
# DID for signing phone verifications (e.g., did:web:coves.social)
28
+
VERIFICATION_SERVICE_DID=did:web:coves.social
30
+
# Private key for signing verifications (PEM format, P-256 EC key)
31
+
# Generate with: openssl ecparam -name prime256v1 -genkey -noout
32
+
VERIFICATION_PRIVATE_KEY= # Base64-encoded PEM or plain PEM
34
+
# === SMS Provider (Telnyx) ===
35
+
TELNYX_API_KEY= # Your Telnyx API key
36
+
TELNYX_MESSAGING_PROFILE_ID= # Your Telnyx messaging profile ID
37
+
TELNYX_FROM_NUMBER= # Phone number to send SMS from (E.164 format)
39
+
# === Security Configuration ===
40
+
# Secret pepper for hashing phone numbers (generate with: openssl rand -base64 32)
41
+
PHONE_HASH_PEPPER= # NEVER change this after initial setup!
43
+
# === Rate Limiting ===
44
+
# Phone verification rate limits
45
+
PHONE_VERIFICATION_RATE_LIMIT_PER_PHONE=3 # Max requests per phone per hour
46
+
PHONE_VERIFICATION_RATE_LIMIT_PER_DID=5 # Max requests per user per day
bretton.dev