Gerhard Scheikl
40 lines
1.7 KiB
Bash
40 lines
1.7 KiB
Bash
# DEV environment for linumiq-invoice (custom app installed on linumiq-dev.myshopify.com).
|
|
# Copy to `.env.dev` on the server (in /docker/linumiq-invoice/dev/) and fill in real values.
|
|
# NEVER commit the real file.
|
|
|
|
# --- Shopify app credentials ---
|
|
# Partner Dashboard → Apps → linumiq-invoice-dev → API credentials.
|
|
SHOPIFY_API_KEY=fbc263e6cc28e8de031878d2a0f17444
|
|
SHOPIFY_API_SECRET=REPLACE_ME
|
|
|
|
# Public URL Shopify uses for OAuth, webhooks and admin embedding. Must match shopify.app.dev.toml.
|
|
SHOPIFY_APP_URL=https://invoice-app-dev.linumiq.com
|
|
|
|
# Single-merchant lock-in: only this myshopify domain may install the app.
|
|
ALLOWED_SHOP=linumiq-dev.myshopify.com
|
|
|
|
# Must match `scopes` in shopify.app.dev.toml.
|
|
SCOPES=read_orders,write_orders,read_all_orders,read_customers,read_companies,read_files,write_files
|
|
|
|
# --- Secrets at rest ---
|
|
# Field-level encryption key for secrets stored in the DB (SMTP password,
|
|
# Shopify session access/refresh tokens). Must be base64 of exactly 32 bytes.
|
|
# Generate with: node -e "console.log(require('crypto').randomBytes(32).toString('base64'))"
|
|
DATA_ENCRYPTION_KEY=REPLACE_ME_BASE64_32_BYTES
|
|
|
|
# Dedicated HMAC key for signing public GiroCode URLs. base64 of 32 bytes.
|
|
# If unset, the app falls back to SHOPIFY_API_SECRET (kept for backward compat).
|
|
# Generate with: node -e "console.log(require('crypto').randomBytes(32).toString('base64'))"
|
|
GIROCODE_SIGNING_KEY=REPLACE_ME_BASE64_32_BYTES
|
|
|
|
# --- Runtime ---
|
|
NODE_ENV=production
|
|
PORT=3000
|
|
|
|
# DATABASE_URL is set in docker-compose.dev.yml (file:/data/prod.sqlite on the bind mount).
|
|
|
|
# --- Email (optional) ---
|
|
# Archival BCC for every invoice email. Off by default for privacy/GDPR.
|
|
# Set to a single address or a comma-separated list to opt in.
|
|
# INVOICE_BCC=archive@example.com
|