# ============================================================================= # GoHorse Backoffice - Environment Variables # ============================================================================= # Server BACKOFFICE_PORT=3001 BACKOFFICE_HOST=0.0.0.0 NODE_ENV=development # CORS Origins (comma-separated) CORS_ORIGINS=http://localhost:3000,http://localhost:8963 # ============================================================================= # Stripe # ============================================================================= STRIPE_SECRET_KEY=sk_test_your_stripe_secret_key STRIPE_WEBHOOK_SECRET=whsec_your_webhook_secret STRIPE_PUBLISHABLE_KEY=pk_test_your_publishable_key # ============================================================================= # Gateway de Pagamento (Fictício) # ============================================================================= PAYMENT_GATEWAY_MERCHANT_ID=merchant_demo PAYMENT_GATEWAY_API_KEY=fake_gateway_key PAYMENT_GATEWAY_ENDPOINT=https://payments.example.com/api PAYMENT_GATEWAY_WEBHOOK_SECRET=fake_webhook_secret # ============================================================================= # Database # ============================================================================= DATABASE_URL=postgresql://user:password@localhost:5432/gohorse_backoffice # ============================================================================= # JWT Authentication (Shared with Backend) # ============================================================================= # The backoffice validates JWT tokens issued by the backend. # These values MUST match the backend configuration for auth to work. # MUST match backend/.env JWT_SECRET exactly JWT_SECRET=your-super-secret-jwt-key # Token expiration (should match backend for consistency) JWT_EXPIRATION=7d # RSA Private Key (for Credentials Encryption) # Must match the one used by the Backend to decrypt. RSA_PRIVATE_KEY_BASE64=your-base64-encoded-private-key # NOTE: PASSWORD_PEPPER is NOT needed here. # The backoffice does not handle login - it only validates tokens via Bearer header or cookie. # ============================================================================= # Cloudflare API (for cache management) # ============================================================================= CLOUDFLARE_API_TOKEN=your-cloudflare-api-token CLOUDFLARE_ZONE_ID=your-zone-id # ============================================================================= # cPanel API (for email management) # ============================================================================= CPANEL_HOST=https://cpanel.yourdomain.com:2083 CPANEL_USERNAME=your-cpanel-username CPANEL_API_TOKEN=your-cpanel-api-token # ============================================================================= # LavinMQ (AMQP) # ============================================================================= AMQP_URL=amqps://nwigjply:nwEGZdcfz3--H8xc68IKmjiBCVtI09Cq@horse.lmq.cloudamqp.com/nwigjply