# Production environment for bifrost-portal.fenja.ai
# Copy to /opt/bifrost-portal/.env on the server and fill in real values.
# Keep it chmod 600, owned by fenja:fenja. NEVER commit the real file.
# (Matches the existing apps' convention of an in-dir .env loaded via
#  EnvironmentFile in the systemd unit.)

# Long random string used to sign sessions and invite tokens.
# Generate with:  openssl rand -hex 32
BIFROST_SECRET=change-me-openssl-rand-hex-32

# Absolute path to the SQLite database. Lives under the shared /opt/fenja/data
# tree (the only path the service may write to) and OUTSIDE the deploy dir, so
# redeploys never touch it. Honored by src/lib/db.ts and scripts/migrate.js.
BIFROST_DB_PATH=/opt/fenja/data/bifrost-portal/bifrost.db

# Absolute path to the runtime uploads dir (event photos). Honored by
# src/lib/uploads.ts.
BIFROST_UPLOAD_DIR=/opt/fenja/data/bifrost-portal/uploads

# Bind address + port for the Node standalone server. Loopback only — nginx
# is the only thing that should reach it. 4322 is free on this box (3000/3001
# are the existing fenja / bifrost-customer apps).
HOST=127.0.0.1
PORT=4322

NODE_ENV=production