.env.example

# Project Nomad Environment Configuration
# Copy this to .env and adjust as needed

# ============================================
# FireSTARR Configuration
# ============================================

# FireSTARR container version
# IMPORTANT: v0.9.6+ has raster corruption bugs (malformed TIFF output).
# Use v0.9.5.10 until upstream TIFF fixes land in a tagged release.
# See: https://github.com/WISE-Developers/project_nomad/issues/184
VERSION=v0.9.5.10

# FireSTARR Docker image (set by installer - must target a specific version, never :latest)
# Images from CWFMF firestarr-cpp repository

# For x86_64 (Linux/Windows) use:
# FIRESTARR_IMAGE=ghcr.io/cwfmf/firestarr-cpp/firestarr:v0.9.5.10

# For ARM64 (Apple Silicon / Colima) use:
# FIRESTARR_IMAGE=ghcr.io/cwfmf/firestarr-cpp/firestarr:v0.9.5.10

# User mapping for container permissions
USERNAME=user
USER_ID=1000

# FireSTARR dataset source - URL or local path to zip file
# Examples:
#   https://fgmfiles.spyd.com/datasets/FireSTARR_Dataset_2025_V1.1.zip  (download from URL)
#   /path/to/local/FireSTARR_Dataset_2025_V1.1.zip                      (use local file)
FIRESTARR_DATASET_SOURCE=https://fgmfiles.spyd.com/datasets/FireSTARR_Dataset_2025_V1.1.zip

# Path to FireSTARR dataset (fuel grids, DEM, bounds, simulations)
# Run ./scripts/install-firestarr-dataset.sh to download
# Structure: {path}/generated/grid/100m/{year|default}/fuel_*.tif
#            {path}/sims/ (working directories)
# IMPORTANT: Must be an ABSOLUTE path for Docker deployment
FIRESTARR_DATASET_PATH=/absolute/path/to/firestarr_data

# FireSTARR Execution Mode
# docker = run FireSTARR in Docker containers (default)
# binary = run FireSTARR as native binary on host
FIRESTARR_EXECUTION_MODE=docker

# FireSTARR Binary Path (only used when FIRESTARR_EXECUTION_MODE=binary)
# Path to the compiled FireSTARR executable
# FIRESTARR_BINARY_PATH=/path/to/firestarr

# PROJ Data Path (required for coordinate transformations in binary mode)
# Path to directory containing proj.db
# macOS Homebrew (Apple Silicon): /opt/homebrew/share/proj
# macOS Homebrew (Intel): /usr/local/share/proj
# Linux: /usr/share/proj
# PROJ_DATA=/opt/homebrew/share/proj

# ============================================
# Backend Configuration
# ============================================

# Deployment Mode
# SAN = Stand Alone Nomad (self-hosted PWA)
# ACN = Agency Centric Nomad (integrated deployment)
NOMAD_DEPLOYMENT_MODE=SAN

# Agency ID (optional)
# When set, loads configuration from /configuration/{NOMAD_AGENCY_ID}/config.json
# Leave empty to use generic configuration
NOMAD_AGENCY_ID=

# Data Directory (optional)
# Override where Nomad stores its data (SQLite database in SAN mode)
# Defaults to FIRESTARR_DATASET_PATH if not set
# NOMAD_DATA_PATH=/path/to/data

# Node Environment
# development, production, or test
NODE_ENV=development

# Server Configuration
PORT=4901
HOST=localhost
VITE_API_PORT=4901
VITE_DEV_PORT=5177
VITE_API_BASE_URL=http://localhost:4901/

# Docker Host Port Mapping
# These control which ports the containers expose on the host
NOMAD_BACKEND_HOST_PORT=4901
NOMAD_FRONTEND_HOST_PORT=3901

# ============================================
# Database Configuration (ACN Mode)
# ============================================
# For SAN mode, SQLite is used automatically (no config needed)
# For ACN mode, configure the agency's database below

# Database client: sqlite3, pg, mysql, mysql2, mssql, oracledb
# Default: better-sqlite3 for SAN mode
NOMAD_DB_CLIENT=pg

# Database host (required for non-SQLite)
NOMAD_DB_HOST=localhost

# Database port (optional - uses client defaults)
# PostgreSQL: 5432, MySQL: 3306, SQL Server: 1433, Oracle: 1521
NOMAD_DB_PORT=5432

# Database name
NOMAD_DB_NAME=nomad

# Database credentials (required for non-SQLite)
NOMAD_DB_USER=nomad
NOMAD_DB_PASSWORD=

# Enable SSL/TLS connection
NOMAD_DB_SSL=false

# Connection pool settings
NOMAD_DB_POOL_MIN=2
NOMAD_DB_POOL_MAX=10

# ============================================
# Frontend Configuration
# ============================================

# Maps use MapLibre GL with CartoDB basemaps
# No API token required - maps work out of the box

# ============================================
# Authentication Mode (SAN Mode)
# ============================================
# none   = No authentication (open access, field laptop use)
# simple = Username-based tracking (users enter name on splash screen)
# oauth  = OAuth social login via Google/Microsoft/GitHub (requires provider config below)
NOMAD_AUTH_MODE=simple
VITE_AUTH_MODE=simple

# DEPRECATED — use NOMAD_AUTH_MODE / VITE_AUTH_MODE instead
# VITE_SIMPLE_AUTH=true

# ============================================
# OAuth Provider Credentials (only when NOMAD_AUTH_MODE=oauth)
# ============================================
# You need at least ONE provider configured. Only providers with both
# CLIENT_ID and CLIENT_SECRET will appear as login options.
#
# --- Google ---
# 1. Go to https://console.cloud.google.com/apis/credentials
# 2. Create OAuth 2.0 Client ID (Web application)
# 3. Add authorized redirect URI: http://localhost:4901/api/auth/callback/google
# 4. Copy Client ID and Client Secret below
NOMAD_OAUTH_GOOGLE_CLIENT_ID=your-google-client-id
NOMAD_OAUTH_GOOGLE_CLIENT_SECRET=your-google-client-secret
#
# --- Microsoft ---
# 1. Go to https://portal.azure.com → Microsoft Entra ID → App registrations
# 2. New registration → Web → Redirect URI: http://localhost:4901/api/auth/callback/microsoft
# 3. Certificates & secrets → New client secret
# 4. Copy Application (client) ID and secret value below
NOMAD_OAUTH_MICROSOFT_CLIENT_ID=your-microsoft-client-id
NOMAD_OAUTH_MICROSOFT_CLIENT_SECRET=your-microsoft-client-secret
#
# --- GitHub ---
# 1. Go to https://github.com/settings/developers → OAuth Apps → New OAuth App
# 2. Homepage URL: http://localhost:4901
# 3. Authorization callback URL: http://localhost:4901/api/auth/callback/github
# 4. Copy Client ID and generate a Client Secret below
NOMAD_OAUTH_GITHUB_CLIENT_ID=your-github-client-id
NOMAD_OAUTH_GITHUB_CLIENT_SECRET=your-github-client-secret
#
# --- Apple ---
# 1. Go to https://developer.apple.com/account/resources/identifiers
# 2. Register a Services ID, enable "Sign in with Apple"
# 3. Configure domain + redirect URI: http://localhost:4901/api/auth/callback/apple
# 4. Generate a key and construct the client secret (JWT)
NOMAD_OAUTH_APPLE_CLIENT_ID=your-apple-client-id
NOMAD_OAUTH_APPLE_CLIENT_SECRET=your-apple-client-secret
#
# --- Discord ---
# 1. Go to https://discord.com/developers/applications → New Application
# 2. OAuth2 → Add redirect: http://localhost:4901/api/auth/callback/discord
# 3. Copy Client ID and Client Secret below
NOMAD_OAUTH_DISCORD_CLIENT_ID=your-discord-client-id
NOMAD_OAUTH_DISCORD_CLIENT_SECRET=your-discord-client-secret
#
# --- Facebook ---
# 1. Go to https://developers.facebook.com/apps → Create App
# 2. Add Facebook Login product → Settings
# 3. Valid OAuth redirect URI: http://localhost:4901/api/auth/callback/facebook
# 4. Copy App ID and App Secret below
NOMAD_OAUTH_FACEBOOK_CLIENT_ID=your-facebook-client-id
NOMAD_OAUTH_FACEBOOK_CLIENT_SECRET=your-facebook-client-secret
#
# --- Twitter/X ---
# 1. Go to https://developer.x.com/en/portal/projects-and-apps → Create App
# 2. Authentication settings → OAuth 2.0 → Callback URL: http://localhost:4901/api/auth/callback/twitter
# 3. Copy Client ID and Client Secret below
NOMAD_OAUTH_TWITTER_CLIENT_ID=your-twitter-client-id
NOMAD_OAUTH_TWITTER_CLIENT_SECRET=your-twitter-client-secret

#your spotwx.com api key
SPOTWX_API_KEY=

# ============================================
# CFS FireSTARR WMS Authentication
# ============================================

# CFS FireSTARR WMS Authentication Key
# Required to display CFS FireSTARR WMS layers on the map.
# This value can also be set via the Settings UI (gear icon in the header).
# UI setting overrides this env var.
# CFS_FIRESTARR_AUTHKEY=