blurts-server/.env-dist

# local, heroku, stage, production
APP_ENV=local
SERVER_URL=http://localhost:6060
PORT=6060
LOGOS_ORIGIN=
NEXTAUTH_URL=http://localhost:6060
COOKIE_SECRET=3895d33b5f9730f5eb2a2067fe0a690e298f55f5e382c032fd3656863412
CSRF_SECRET=
SESSION_DURATION_HOURS=48
EMAIL_TEST_RECIPIENT=localmonitor20200827@mailinator.com

# see https://www.npmjs.com/package/mozlog
# default values are for dev/debug
MOZLOG_FMT=pretty
MOZLOG_LEVEL=debug

# 1: disables the dockerflow endpoints
# see: https://github.com/mozilla-services/Dockerflow#containerized-app-requirements
DISABLE_DOCKERFLOW=

# Database server
DATABASE_URL=postgres://postgres@localhost:5432/blurts
# How many seconds can unverified subscribers remain in the database
DELETE_UNVERIFIED_SUBSCRIBERS_TIMER=86400

# How many seconds until page tokens expire?
PAGE_TOKEN_TIMER=0

# Email server
SMTP_URL=
# From: address used in emails
EMAIL_FROM=
# https://docs.aws.amazon.com/ses/latest/DeveloperGuide/using-configuration-sets.html
SES_CONFIG_SET=
# 1: only log messages coming back from SES
SES_NOTIFICATION_LOG_ONLY=

# s3 bucket for cdn
AWS_ACCESS_KEY_ID=
AWS_SECRET_ACCESS_KEY=
AWS_REGION=
S3_BUCKET=

# Firefox Accounts OAuth
# leave FXA_ENABLED empty to disable FXA
FXA_ENABLED=
FXA_SETTINGS_URL=https://accounts.stage.mozaws.net/settings

OAUTH_CLIENT_ID=edd29a80019d61a1
OAUTH_CLIENT_SECRET=get-this-from-groovecoder-or-fxmonitor-engineering
OAUTH_AUTHORIZATION_URI=https://oauth.stage.mozaws.net/v1/authorization
OAUTH_PROFILE_URI=https://profile.stage.mozaws.net/v1/profile
OAUTH_TOKEN_URI=https://oauth.stage.mozaws.net/v1/token
OAUTH_ACCOUNT_URI = "https://oauth.accounts.firefox.com/v1"
OAUTH_API_URI="https://api-accounts.stage.mozaws.net/v1"

# HIBP API for breach data
# How many seconds to wait before refreshing upstream breach data from HIBP
HIBP_RELOAD_BREACHES_TIMER=600
# HIBP API for range search and subscription
HIBP_KANON_API_ROOT=https://api.haveibeenpwned.com
HIBP_KANON_API_TOKEN=
HIBP_API_ROOT=https://haveibeenpwned.com/api/v2
HIBP_API_TOKEN=
# How many milliseconds to wait before retrying an HIBP request
HIBP_THROTTLE_DELAY=2000
# Max number of times to try an HIBP request before throwing error
HIBP_THROTTLE_MAX_TRIES=5
# Authorization token for HIBP to present to /hibp/notify endpoint
HIBP_NOTIFY_TOKEN=unsafe-default-token-for-dev
# Domains we prefer to not link to
HIBP_BREACH_DOMAIN_BLOCKLIST=a-blocked-domain.com,another-blocked-domain.org

# OneRep API for exposure scanning
ONEREP_API_BASE=https://api.onerep.com
ONEREP_API_KEY=
ONEREP_WEBHOOK_SECRET=

# Firefox Remote Settings
FX_REMOTE_SETTINGS_WRITER_SERVER=https://settings-writer.prod.mozaws.net/v1
FX_REMOTE_SETTINGS_WRITER_USER=
FX_REMOTE_SETTINGS_WRITER_PASS=

# DSN for Sentry error and event capturing
# e.g., SENTRY_DSN=https://{key}@sentry.prod.mozaws.net/408
SENTRY_DSN=
SENTRY_DSN_LEGACY=

BREACH_RESOLUTION_ENABLED=1
PRODUCT_PROMOS_ENABLED=1

# Experiment Flag
EXPERIMENT_ACTIVE=0

REDIS_URL=redis-mock
MAX_NUM_ADDRESSES=5

RECRUITMENT_BANNER_LINK=
RECRUITMENT_BANNER_TEXT=

SUPPORTED_LOCALES=cak,cs,cy,da,de,el,en,en-CA,en-GB,es-AR,es-CL,es-ES,es-MX,fi,fr,fy-NL,gn,hu,kab,ia,id,it,ja,nb-NO,nl,nn-NO,pt-BR,pt-PT,ro,ru,sk,sl,sq,sv-SE,tr,uk,vi,zh-CN,zh-TW

# Locales blocked from viewing Mozilla VPN promos. Use CSV without whitespace.
VPN_PROMO_BLOCKED_LOCALES=zh-CN

# MaxMind GeoLite2 geolocation service used for VPN Banner
# For Heroku deploys, the following 3 vars are generated automatically via Buildpack https://github.com/HiMamaInc/heroku-buildpack-geoip-geolite2
# Staging and production environments will need variables set manually
# Local environment uses a test database with limited data (preset here)
GEOIP_GEOLITE2_PATH=./tests/mmdb/
GEOIP_GEOLITE2_CITY_FILENAME=GeoLite2-City-Test.mmdb
GEOIP_GEOLITE2_COUNTRY_FILENAME=GeoLite2-Country-Test.mmdb

# Educational video src urls, hosted by SRE team on a CDN
EDUCATION_VIDEO_URL_RELAY=https://monitor.cdn.mozilla.net/videos/FF_Relay_version_02.mp4
EDUCATION_VIDEO_URL_VPN=https://monitor.cdn.mozilla.net/videos/Mozilla_VPN.mp4

# Email addresses that are allowed to test and send emails
ADMINS=

# Enable monthly cron-job, currently for sending unresolved breach reminder emails
MONTHLY_CRON_ENABLED=

NEXT_PUBLIC_GA4_MEASUREMENT_ID=G-CXG8K4KW4P

# E2E Tests
E2E_TEST_ENV=
E2E_TEST_BASE_URL=
E2E_TEST_ACCOUNT_EMAIL=
E2E_TEST_ACCOUNT_PASSWORD=

# Monitor Premium features
NEXT_PUBLIC_ONEREP_DATA_BROKER_COUNT=190
# Link to start user on the subscription process. PREMIUM_ENABLED must be set to `true`.
FXA_SUBSCRIPTIONS_URL=https://accounts.stage.mozaws.net/subscriptions
PREMIUM_PRODUCT_ID=prod_NErZh679W62lai
PREMIUM_PLAN_ID_MONTHLY_US=price_1MUNq0Kb9q6OnNsL4BoJgepf
PREMIUM_PLAN_ID_YEARLY_US=
# This date is used to direct users who signed up after data broker scanning
# was released to the welcome flow. Users who had signed up before and thus
# have seen data breach results before, will be able to see their known breaches
# first:
BROKER_SCAN_RELEASE_DATE=2023-12-05

MONTHLY_SUBSCRIBERS_QUOTA=
MONTHLY_SCANS_QUOTA=
STATS_TOKEN=

# Support article link
NEXT_PUBLIC_MONITOR_SUPPORT_URL=https://support.mozilla.org/kb/firefox-monitor

# Support How it Works page
NEXT_PUBLIC_HOW_IT_WORKS_SUMO_URL=https://support.mozilla.org/kb/how-does-monitor-plus-work

# GCP PubSub Project ID and subscription name
GCP_PUBSUB_PROJECT_ID=
GCP_PUBSUB_TOPIC_NAME=
GCP_PUBSUB_SUBSCRIPTION_NAME=

# Randomly-generated UUIDv5 namespace, until/unless we are approved to use FxA UID for Nimbus User ID.
NIMBUS_UUID_NAMESPACE=00000000-0000-0000-0000-000000000000
NIMBUS_SIDECAR_URL=http://localhost:8001

# The maximum number of jobs that the email breach alert worker will process.
EMAIL_BREACH_ALERT_MAX_MESSAGES = 10000