-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy path.env.example
More file actions
294 lines (242 loc) · 10.9 KB
/
.env.example
File metadata and controls
294 lines (242 loc) · 10.9 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
# ========================================
# LinkedIn Post Bot - Environment Variables
# ========================================
# Copy this file to .env and fill in your actual values
# NEVER commit .env to version control!
# ========================================
# TWITTER/X API CREDENTIALS
# ========================================
# Get these from: https://developer.twitter.com/en/portal/dashboard
# 1. Create a project and app
# 2. Enable OAuth 1.0a with Read and Write permissions
# 3. Copy API Key & Secret from "Keys and Tokens" → "Consumer Keys"
# 4. Generate Access Token & Secret from "Keys and Tokens" → "Authentication Tokens"
# OAuth 2.0 (for newer API features)
TWITTER_CLIENT_ID=your_twitter_client_id_here
TWITTER_CLIENT_SECRET=your_twitter_client_secret_here
# OAuth 1.0a (required for posting tweets)
TWITTER_API_KEY=your_twitter_api_key_here
TWITTER_API_SECRET=your_twitter_api_secret_here
TWITTER_ACCESS_TOKEN=your_twitter_access_token_here
TWITTER_ACCESS_TOKEN_SECRET=your_twitter_access_token_secret_here
# ========================================
# LINKEDIN OAUTH CREDENTIALS
# ========================================
# Get these from: https://www.linkedin.com/developers/apps
# 1. Create a new app
# 2. Add "Sign In with LinkedIn" product
# 3. Set redirect URL to: http://localhost:8000/callback
# 4. Copy Client ID and Client Secret from the "Auth" tab
# 5. Run `python auth.py` to get ACCESS_TOKEN and USER_URN
LINKEDIN_CLIENT_ID=your_linkedin_client_id_here
LINKEDIN_CLIENT_SECRET=your_linkedin_client_secret_here
LINKEDIN_REDIRECT_URI=http://localhost:8000/callback
# Run auth.py to generate these:
LINKEDIN_ACCESS_TOKEN=your_linkedin_access_token_here
LINKEDIN_USER_URN=your_linkedin_user_urn_here
# ========================================
# AI SERVICE (GROQ) - Free Tier Default
# ========================================
# Get your API key from: https://console.groq.com/keys
# 1. Sign up for a free account
# 2. Navigate to API Keys section
# 3. Create a new API key
# Free tier: 30 requests/minute, great for development
GROQ_API_KEY=your_groq_api_key_here
# ========================================
# AI SERVICE (OPENAI) - Pro Tier
# ========================================
# Get your API key from: https://platform.openai.com/api-keys
# Required for GPT-4o access (Pro tier only)
# Usage-based pricing, ~$5-15/1M tokens
OPENAI_API_KEY=your_openai_api_key_here
# ========================================
# AI SERVICE (ANTHROPIC) - Pro Tier
# ========================================
# Get your API key from: https://console.anthropic.com/
# Required for Claude 3.5 Sonnet access (Pro tier only)
# Usage-based pricing, ~$3-15/1M tokens
ANTHROPIC_API_KEY=your_anthropic_api_key_here
# ========================================
# GITHUB INTEGRATION (Optional)
# ========================================
# Your GitHub username (required for activity detection)
GITHUB_USERNAME=your_github_username_here
# Personal access token (optional but recommended)
# Get from: https://github.com/settings/tokens
# 1. Go to Settings > Developer settings > Personal access tokens > Tokens (classic)
# 2. Generate new token (classic)
# 3. Select scopes: public_repo (for public repos only)
# 4. Copy the token
# Note: Without this, you'll hit GitHub API rate limits (60 req/hour vs 5000 req/hour)
GITHUB_TOKEN=your_github_personal_access_token_here
# ========================================
# IMAGE SERVICE (UNSPLASH) - Optional
# ========================================
# Get your access key from: https://unsplash.com/developers
# 1. Create a new application
# 2. Copy the "Access Key" from your app dashboard
# Free tier: 50 requests/hour
UNSPLASH_ACCESS_KEY=your_unsplash_access_key_here
# ========================================
# CLERK AUTHENTICATION & WEBHOOKS
# ========================================
# Get these from your Clerk Dashboard:
# - Dashboard → Configure → API Keys for the keys below
# - Dashboard → Webhooks → Add Endpoint for the webhook secret
# Required for authentication
# CLERK_PUBLISHABLE_KEY=pk_test_...
# CLERK_SECRET_KEY=sk_test_...
# Webhook Secret (for user.deleted event handling)
# 1. Go to Clerk Dashboard → Webhooks → Add Endpoint
# 2. URL: https://your-api-domain.com/webhooks/clerk
# 3. Select events: user.deleted (required)
# 4. Copy the Signing Secret below
CLERK_WEBHOOK_SECRET=whsec_your_signing_secret_here
# Clerk issuer URL for JWT verification (REQUIRED for production)
# Format: https://your-clerk-instance.clerk.accounts.dev
CLERK_ISSUER=https://your-clerk-instance.clerk.accounts.dev
# Development mode (set to 'true' only for local development)
# WARNING: Never set to 'true' in production!
DEV_MODE=false
# ========================================
# PRODUCTION SETTINGS
# ========================================
# Set to 'production' for JSON structured logging
# Leave unset or 'development' for human-readable console logs
ENVIRONMENT=development
# SSL Certificate Verification (default: true)
# SECURITY: NEVER set to 'false' in production!
# Only disable for local development with self-signed certificates
SSL_VERIFY=true
# Request timeout for OAuth API calls (in seconds)
AUTH_REQUEST_TIMEOUT=15
# ========================================
# REDIS (Task Queue)
# ========================================
# Redis URL for Celery message broker and result backend
# Format: redis://[[username]:[password]]@host:port/db
# Docker Compose default: redis://redis:6379/0
# Local development: redis://localhost:6379/0
REDIS_URL=redis://localhost:6379/0
# ========================================
# DATABASE (Production)
# ========================================
# PostgreSQL connection string for production
# Format: postgresql://user:password@host:5432/database
# Leave unset for local SQLite fallback
# DATABASE_URL=postgresql://user:password@host:5432/database
# ========================================
# PAYSTACK PAYMENTS (Optional)
# ========================================
# Get these from: https://dashboard.paystack.com/
# 1. Go to Settings → API Keys & Webhooks
# 2. Copy your Secret Key and Public Key
# 3. Add a webhook URL: https://your-api-domain.com/webhook/paystack
# 4. Create subscription plans in Paystack and copy the plan codes below
PAYSTACK_SECRET_KEY=sk_test_your_paystack_secret_key_here
PAYSTACK_PUBLIC_KEY=pk_test_your_paystack_public_key_here
# Optional: explicit webhook secret override. If omitted, the backend falls back
# to PAYSTACK_SECRET_KEY for signature verification.
PAYSTACK_WEBHOOK_SECRET=your_paystack_webhook_secret_here
# Paystack plan codes for your subscription plans
PAYSTACK_PLAN_PRO_MONTHLY=PLN_your_monthly_plan_code
PAYSTACK_PLAN_PRO_YEARLY=PLN_your_yearly_plan_code
# Redirect URLs after checkout
PAYSTACK_SUCCESS_URL=http://localhost:3000/dashboard?payment=success
PAYSTACK_CANCEL_URL=http://localhost:3000/pricing
# Optional: your own subscription management page (Paystack has no native billing portal)
# PAYSTACK_MANAGE_SUBSCRIPTION_URL=http://localhost:3000/settings/billing
# ========================================
# SECURITY - Token Encryption
# ========================================
# 32-byte key for encrypting OAuth tokens at rest
# Generate with: python -c "import secrets; print(secrets.token_hex(32))"
ENCRYPTION_KEY=your_64_char_hex_key_here
# Admin email for receiving feedback notifications
ADMIN_EMAIL=admin@example.com
# ========================================
# DATABASE PATHS (Optional)
# ========================================
# These default to the project root directory
# Only set these if you want to use custom locations
# TOKEN_DB_PATH=./backend_tokens.db
# USER_SETTINGS_DB_PATH=./user_settings.db
# POST_HISTORY_DB_PATH=./post_history.db
# ========================================
# BACKEND SERVER (Optional)
# ========================================
# Port for the FastAPI backend server
# Default: 8000
# PORT=8000
# ========================================
# CORS (Cross-Origin Resource Sharing)
# ========================================
# Comma-separated list of allowed origins for CORS
# Development: http://localhost:3000
# Production: Add your frontend domain(s)
# Example: CORS_ORIGINS=http://localhost:3000,https://your-app.vercel.app
CORS_ORIGINS=http://localhost:3000
# ========================================
# RATE LIMITING (Optional)
# ========================================
# Per-user rate limits for AI post generation and publishing.
# Defaults: 10 generations/hour, 5 publishes/hour, 60 general requests/minute.
# POST_GENERATION_RATE_LIMIT=10
# POST_GENERATION_RATE_WINDOW=3600
# PUBLISH_RATE_LIMIT=5
# PUBLISH_RATE_WINDOW=3600
# RATE_LIMIT_REQUESTS=60
# RATE_LIMIT_WINDOW=60
# ========================================
# JWKS CACHE (Optional)
# ========================================
# How long (in seconds) to cache Clerk's JWKS public keys.
# Default: 3600 (1 hour). Reduce if you need faster key rotation pickup.
# JWKS_CACHE_TTL_SECONDS=3600
# ========================================
# EMAIL SERVICE (SMTP) - Optional
# ========================================
# For contact form submissions
# Gmail setup:
# 1. Go to Google Account > Security > 2-Step Verification
# 2. At the bottom, select "App passwords"
# 3. Generate a password for "Mail" on "Other (Custom name)"
# 4. Use your Gmail address as SMTP_USERNAME and the generated password as SMTP_PASSWORD
SMTP_SERVER=smtp.gmail.com
SMTP_PORT=587
SMTP_USERNAME=your_email@example.com
SMTP_PASSWORD=your_app_password_here
FROM_EMAIL=your_email@example.com
# Alternative SMTP providers:
# SendGrid: smtp.sendgrid.net, port 587
# AWS SES: email-smtp.us-east-1.amazonaws.com, port 587
# Mailgun: smtp.mailgun.org, port 587
# ========================================
# FRONTEND (Next.js)
# ========================================
# API URL for the frontend to connect to the backend
# Development: http://localhost:8000
# Production: https://your-api-domain.com
NEXT_PUBLIC_API_URL=http://localhost:8000
NEXT_PUBLIC_PAYSTACK_PUBLIC_KEY=pk_test_your_paystack_public_key_here
# Redirect URI for OAuth callback (must match LinkedIn app settings)
# Development: http://localhost:3000/auth/callback
# Production: https://your-domain.com/auth/callback
NEXT_PUBLIC_REDIRECT_URI=http://localhost:3000/auth/callback
# ========================================
# SETUP CHECKLIST
# ========================================
# Before running the app, make sure you have:
# ✅ Copied this file to .env
# ✅ Set TWITTER_API_KEY, TWITTER_API_SECRET, TWITTER_ACCESS_TOKEN, TWITTER_ACCESS_TOKEN_SECRET
# ✅ Set LINKEDIN_CLIENT_ID and LINKEDIN_CLIENT_SECRET
# ✅ Set GROQ_API_KEY
# ✅ (Optional) Set GITHUB_TOKEN for higher rate limits
# ✅ (Optional) Set UNSPLASH_ACCESS_KEY for image generation
# ✅ (Optional) Set PAYSTACK_SECRET_KEY and PAYSTACK plan codes for paid tiers
# ✅ Updated redirect URIs in LinkedIn app settings
# ✅ Run: pip install -r backend/requirements.txt
# ✅ Run: cd web && npm install
# ✅ Start backend: uvicorn backend.app:app --reload --port 8000
# ✅ Start frontend: cd web && npm run dev