# local, heroku, stage, production APP_ENV=local SERVER_URL=http://localhost:6060 PORT=6060 NEXTAUTH_URL=http://localhost:6060 # 1: disables the dockerflow endpoints # see: https://github.com/mozilla-services/Dockerflow#containerized-app-requirements DISABLE_DOCKERFLOW= # Database server DATABASE_URL=postgres://postgres@localhost:5432/blurts # How many seconds can unverified subscribers remain in the database DELETE_UNVERIFIED_SUBSCRIBERS_TIMER=86400 # How many seconds until page tokens expire? PAGE_TOKEN_TIMER=0 # Email server SMTP_URL= # From: address used in emails EMAIL_FROM= # https://docs.aws.amazon.com/ses/latest/DeveloperGuide/using-configuration-sets.html SES_CONFIG_SET= # 1: only log messages coming back from SES SES_NOTIFICATION_LOG_ONLY= # s3 bucket for cdn AWS_ACCESS_KEY_ID= AWS_SECRET_ACCESS_KEY= AWS_REGION= S3_BUCKET= # Firefox Accounts OAuth FXA_SETTINGS_URL=https://accounts.stage.mozaws.net/settings OAUTH_CLIENT_ID=edd29a80019d61a1 OAUTH_CLIENT_SECRET=get-this-from-groovecoder-or-fxmonitor-engineering OAUTH_AUTHORIZATION_URI=https://oauth.stage.mozaws.net/v1/authorization OAUTH_METRICS_FLOW_URI=https://accounts.stage.mozaws.net/metrics-flow OAUTH_PROFILE_URI=https://profile.stage.mozaws.net/v1/profile OAUTH_TOKEN_URI=https://oauth.stage.mozaws.net/v1/token OAUTH_ACCOUNT_URI="https://api-accounts.stage.mozaws.net/v1" # HIBP API for breach data # How many seconds to wait before refreshing upstream breach data from HIBP HIBP_RELOAD_BREACHES_TIMER=600 # HIBP API for range search and subscription HIBP_KANON_API_ROOT=https://enterprise.stage-api.haveibeenpwned.com HIBP_KANON_API_TOKEN= HIBP_API_ROOT=https://haveibeenpwned.com/api/v2 HIBP_API_TOKEN= # How many milliseconds to wait before retrying an HIBP request HIBP_THROTTLE_DELAY=2000 # Max number of times to try an HIBP request before throwing error HIBP_THROTTLE_MAX_TRIES=5 # Authorization token for HIBP to present to /hibp/notify endpoint HIBP_NOTIFY_TOKEN=unsafe-default-token-for-dev # Domains we prefer to not link to HIBP_BREACH_DOMAIN_BLOCKLIST=a-blocked-domain.com,another-blocked-domain.org # OneRep API for exposure scanning ONEREP_API_BASE=https://mozilla.api.onerep.com ONEREP_API_KEY= ONEREP_WEBHOOK_SECRET="unsafe-default-secret-for-dev" # Firefox Remote Settings FX_REMOTE_SETTINGS_WRITER_SERVER=https://settings-writer.prod.mozaws.net/v1 FX_REMOTE_SETTINGS_WRITER_USER= FX_REMOTE_SETTINGS_WRITER_PASS= # DSN for Sentry error and event capturing # e.g., SENTRY_DSN=https://{key}@sentry.prod.mozaws.net/408 SENTRY_DSN= SENTRY_DSN_LEGACY= BREACH_RESOLUTION_ENABLED=1 PRODUCT_PROMOS_ENABLED=1 # Experiment Flag EXPERIMENT_ACTIVE=0 REDIS_URL=redis://redis.mock SUPPORTED_LOCALES=cak,cs,cy,da,de,el,en,en-CA,en-GB,es-AR,es-CL,es-ES,es-MX,fi,fr,fy-NL,gn,hu,kab,ia,id,it,ja,nb-NO,nl,nn-NO,pt-BR,pt-PT,ro,ru,sk,sl,sq,sv-SE,tr,uk,vi,zh-CN,zh-TW # Locales blocked from viewing Mozilla VPN promos. Use CSV without whitespace. VPN_PROMO_BLOCKED_LOCALES=zh-CN # MaxMind GeoLite2 geolocation service used for VPN Banner # For Heroku deploys, the following 3 vars are generated automatically via Buildpack https://github.com/HiMamaInc/heroku-buildpack-geoip-geolite2 # Staging and production environments will need variables set manually # Local environment uses a test database with limited data (preset here) GEOIP_GEOLITE2_PATH=./tests/mmdb/ GEOIP_GEOLITE2_CITY_FILENAME=GeoLite2-City-Test.mmdb GEOIP_GEOLITE2_COUNTRY_FILENAME=GeoLite2-Country-Test.mmdb # Educational video src urls, hosted by SRE team on a CDN EDUCATION_VIDEO_URL_RELAY=https://monitor.cdn.mozilla.net/videos/FF_Relay_version_02.mp4 EDUCATION_VIDEO_URL_VPN=https://monitor.cdn.mozilla.net/videos/Mozilla_VPN.mp4 # Email addresses that are allowed to test and send emails ADMINS= # Enable monthly cron-job, currently for sending unresolved breach reminder emails MONTHLY_CRON_ENABLED= # E2E Tests E2E_TEST_ENV= E2E_TEST_BASE_URL= E2E_TEST_ACCOUNT_EMAIL= E2E_TEST_ACCOUNT_PASSWORD= E2E_TEST_ACCOUNT_EMAIL_ZERO_BROKERS= E2E_TEST_ACCOUNT_EMAIL_ZERO_BREACHES_ZERO_BROKERS= E2E_TEST_ACCOUNT_EMAIL_EXPOSURES_STARTED= E2E_TEST_PAYPAL_LOGIN= E2E_TEST_PAYPAL_PASSWORD= # Monitor Premium features # Link to start user on the subscription process. PREMIUM_ENABLED must be set to `true`. FXA_SUBSCRIPTIONS_URL=https://accounts.stage.mozaws.net/subscriptions PREMIUM_PRODUCT_ID=prod_NErZh679W62lai PREMIUM_PLAN_ID_MONTHLY_US=price_1MUNq0Kb9q6OnNsL4BoJgepf PREMIUM_PLAN_ID_YEARLY_US= SUBSCRIPTION_BILLING_AMOUNT_YEARLY_US=13.37 SUBSCRIPTION_BILLING_AMOUNT_MONTHLY_US=42.42 # This date is used to direct users who signed up after data broker scanning # was released to the welcome flow. Users who had signed up before and thus # have seen data breach results before, will be able to see their known breaches # first: BROKER_SCAN_RELEASE_DATE=2024-02-06 MONTHLY_SUBSCRIBERS_QUOTA= MONTHLY_SCANS_QUOTA= STATS_TOKEN= # GCP PubSub Project ID and subscription name GCP_PUBSUB_PROJECT_ID= GCP_PUBSUB_TOPIC_NAME= GCP_PUBSUB_SUBSCRIPTION_NAME= # Randomly-generated UUIDv5 namespace, until/unless we are approved to use FxA UID for Nimbus User ID. NIMBUS_UUID_NAMESPACE=00000000-0000-0000-0000-000000000000 NIMBUS_SIDECAR_URL=http://localhost:8001 # The maximum number of jobs that the email breach alert worker will process. EMAIL_BREACH_ALERT_MAX_MESSAGES = 10000 # The maximum number of scans and profiles allowed. May be used for alerts, and for redirecting to waitlist. MAX_MANUAL_SCANS=100 MAX_INITIAL_SCANS=100 MAX_PROFILES_ACTIVATED=100 MAX_PROFILES_CREATED=100 # Used during CI to upload sourcemaps to Sentry. UPLOAD_SENTRY_SOURCEMAPS=false SENTRY_AUTH_TOKEN= # Whether GA4 sends data or not. NOTE: must be set in build environment. NEXT_PUBLIC_GA4_DEBUG_MODE=true CURRENT_COUPON_CODE_ID= GA4_API_SECRET=unsafe-default-secret-for-dev # Data broker removal estimates data DATA_BROKER_REMOVAL_ESTIMATES_DATA=[]