arifal
38 lines
1.7 KiB
Plaintext
38 lines
1.7 KiB
Plaintext
DATABASE_URL="postgresql://setrip_user:setrip_password@localhost:5432/setrip_db"
|
|
NEXTAUTH_SECRET="3GaP/mqi1IYbafyLfyI54ouPRDE0IUK5vFqpKJQM5hg="
|
|
NEXTAUTH_URL="http://localhost:3000"
|
|
NEXT_PUBLIC_SITE_URL="https://arifal.imola.ai"
|
|
ADMIN_EMAILS=admin@setrip.id
|
|
|
|
# 32-byte key (hex) for AES-256-GCM encryption of KYC data (NIK + KTP/liveness files)
|
|
# Generate with: node -e "console.log(require('crypto').randomBytes(32).toString('hex'))"
|
|
KYC_ENCRYPTION_KEY=
|
|
# 32-byte hex secret used as HMAC pepper for NIK uniqueness lookup
|
|
# Generate with: node -e "console.log(require('crypto').randomBytes(32).toString('hex'))"
|
|
KYC_NIK_PEPPER=
|
|
# Absolute path for private KYC uploads (default: <cwd>/uploads/private)
|
|
KYC_UPLOAD_DIR=
|
|
|
|
GOOGLE_CLIENT_ID="xxxxxxxx"
|
|
GOOGLE_CLIENT_SECRET="xxxxxxxx"
|
|
|
|
# === Midtrans payment gateway (Phase C) ===
|
|
# Server key dari dashboard Midtrans (sandbox: SB-Mid-server-..., production: Mid-server-...).
|
|
# RAHASIA — server-side only, jangan commit nilai aslinya.
|
|
MIDTRANS_SERVER_KEY=
|
|
# Client key untuk init Snap.js di browser (sandbox: SB-Mid-client-..., production: Mid-client-...).
|
|
# Aman diekspos via NEXT_PUBLIC_ — bukan rahasia.
|
|
NEXT_PUBLIC_MIDTRANS_CLIENT_KEY=
|
|
# 'true' untuk production, 'false' atau kosong untuk sandbox.
|
|
# Dibaca di server (untuk Snap API endpoint) DAN client (untuk Snap.js URL).
|
|
NEXT_PUBLIC_MIDTRANS_IS_PRODUCTION=false
|
|
# Webhook URL di Midtrans dashboard harus diset ke: <NEXT_PUBLIC_SITE_URL>/api/webhooks/midtrans
|
|
|
|
|
|
# === Cron jobs (auto-complete trip, dst) ===
|
|
# Bearer token yang harus di-kirim cron eksternal (system crontab / Vercel Cron / dst)
|
|
# saat memanggil endpoint `/api/cron/*`. Kalau kosong, endpoint hard-fail 500.
|
|
# Generate ≥32-byte hex secret:
|
|
# openssl rand -hex 32
|
|
# Setup detail: lihat docs/CRON_SETUP.md
|
|
CRON_SECRET= |