# ── Common Platform Environment Variables ────────────────────── # Copy to .env and fill in real values. # ── Azure Key Vault (optional — secrets fall back to env vars) ─ # Set this to resolve secrets from AKV instead of .env: AZURE_KEYVAULT_URL= # ── Cosmos DB (prototype defaults to local emulator) ─────────── # For the Docker prototype stack, leave these pointed at the local emulator. # When you move to a managed environment later, replace them with real Azure values. COSMOS_ENDPOINT=http://cosmos-emulator:8081 COSMOS_KEY= COSMOS_DATABASE=lysnrai # ── Auth (platform-service) ───────────────────────── JWT_SECRET=change-me-prototype-jwt-secret RATE_LIMIT_STORE_MODE=datastore RATE_LIMIT_CONFIG_JSON= API_KEY_RATE_LIMIT_CONFIG_JSON= API_KEY_PRODUCT_RATE_LIMIT_CONFIG_JSON= # ── Azure Blob Storage (platform-service) ───────────────────── STORAGE_PROVIDER=azure AZURE_BLOB_CONNECTION_STRING=DefaultEndpointsProtocol=http;AccountName=devstoreaccount1;AccountKey=;BlobEndpoint=http://azurite:10000/devstoreaccount1; AZURE_BLOB_ACCOUNT_NAME=devstoreaccount1 AZURE_BLOB_ACCOUNT_KEY= AZURE_BLOB_PUBLIC_ENDPOINT=http://localhost:10000/devstoreaccount1 # ── Stripe (platform-service) ──────────────────────── STRIPE_SECRET_KEY=sk_test_... STRIPE_WEBHOOK_SECRET=whsec_... STRIPE_PRICE_PRO=price_... STRIPE_PRICE_ENTERPRISE=price_... # ── Email Delivery (platform-service) ───────────────────────── # Use `smtp` for a self-hosted SMTP relay such as Mailpit, Postal, Mailcow, etc. EMAIL_PROVIDER=smtp EMAIL_FROM_ADDRESS=noreply@bytelyst.local EMAIL_FROM_NAME=ByteLyst SMTP_HOST=mailpit SMTP_PORT=1025 SMTP_SECURE=false SMTP_USER= SMTP_PASSWORD= TELEGRAM_BOT_TOKEN= TELEGRAM_DEFAULT_CHAT_ID= SLACK_WEBHOOK_URL= SLACK_DEFAULT_CHANNEL= EVENT_BUS_BACKEND=file EVENT_BUS_FILE=.data/platform-events.json EVENT_BUS_POLL_MS=100 EVENT_BUS_LEASE_MS=30000 # ── Extraction Service (port 4005 + Python sidecar 4006) ───── PYTHON_SIDECAR_URL=http://localhost:4006 DEFAULT_MODEL_ID=gemini-2.5-flash GEMINI_API_KEY=your-gemini-api-key EXTRACTION_QUEUE_BACKEND=file EXTRACTION_QUEUE_FILE=.data/extraction-jobs.json EXTRACTION_QUEUE_POLL_MS=100 EXTRACTION_QUEUE_LEASE_MS=30000 # ── Webhooks (optional — fire-and-forget callbacks) ────────── WEBHOOK_INVITATION_REDEEMED_URL= WEBHOOK_REFERRAL_STATUS_URL= WEBHOOK_WAITLIST_JOINED_URL= # ── Telemetry (platform-service) ────────────────────────────── TELEMETRY_ENABLED=true TELEMETRY_ALERT_WEBHOOK_URL= TELEMETRY_GEO_API_URL=http://ip-api.com/json TELEMETRY_EVENT_TTL_DAYS=90 # ── Field Encryption (@bytelyst/field-encrypt) ────────────── # Key provider: 'akv' (production) | 'env' (dev/staging) | 'memory' (tests) FIELD_ENCRYPT_KEY_PROVIDER=memory # Hex-encoded 32-byte key — only for 'env' provider (like AUTH_TOTP_ENCRYPTION_KEY) FIELD_ENCRYPT_KEY= # Product-specific MEK name in AKV — only for 'akv' provider FIELD_ENCRYPT_MEK_NAME=lysnr-mek # ── Product Identity ────────────────────────────────────────── DEFAULT_PRODUCT_ID=lysnrai