.env.example

SECRET_KEY_BASE=your-secret-key-base
RAILS_ENV=development
SPLAT_HOST=localhost:3030
SPLAT_INTERNAL_HOST=localhost:3030

SMTP_ADDRESS=smtp.example.com
SMTP_PORT=587
SMTP_USER_NAME=your-email@example.com
SMTP_PASSWORD=your-smtp-password

MISSION_CONTROL_USERNAME=admin
MISSION_CONTROL_PASSWORD=your-mission-control-password

# OpenID Connect Authentication
# Single OIDC provider configuration (no OmniAuth complexity)

# Required OIDC Environment Variables
OIDC_CLIENT_ID=your-oidc-client-id
OIDC_CLIENT_SECRET=your-oidc-client-secret
OIDC_DISCOVERY_URL=https://auth.yourdomain.com/.well-known/openid-configuration

# Optional OIDC Configuration
OIDC_PROVIDER_NAME=Company Auth

# Example configurations for different providers:

# Google Workspace:
# OIDC_CLIENT_ID=your-google-client-id
# OIDC_CLIENT_SECRET=your-google-client-secret
# OIDC_DISCOVERY_URL=https://accounts.google.com/.well-known/openid-configuration
# OIDC_PROVIDER_NAME=Google Workspace

# Keycloak:
# OIDC_CLIENT_ID=your-keycloak-client-id
# OIDC_CLIENT_SECRET=your-keycloak-client-secret
# OIDC_DISCOVERY_URL=https://keycloak.yourdomain.com/realms/your-realm/.well-known/openid-configuration
# OIDC_PROVIDER_NAME=Keycloak

# Authorization - Who can access the application
# Specific users (comma-separated email addresses)
SPLAT_ALLOWED_USERS=external@contractor.com,consultant@agency.com

# Allowed domains (comma-separated, supports subdomains)
SPLAT_ALLOWED_DOMAINS=booko.com.au,booko.au

# Model Context Protocol Authentication
# Allows Claude and other AI assistants to query error tracking data
# Generate using: openssl rand -hex 32
# Or: ruby -r securerandom -e 'puts SecureRandom.hex(32)'
MCP_AUTH_TOKEN=your-secret-token-here

# Sentry Error Tracking (production only)
# Only configure in production environment
# Version is auto-generated from git tags (e.g., "2025.01", "2025.02")
# Format: "2025.01" (exact tag) or "2025.01-4-gabc123def" (commits after tag)
SENTRY_DSN=https://your-dsn@sentry.io/project-id
SENTRY_TRACES_SAMPLE_RATE=0.01