# App — session sealing key for nuxt-auth-utils (must be ≥32 chars) NUXT_SESSION_PASSWORD=change-me-to-a-long-random-string-min-32-chars # Database (Postgres) — Coolify-managed in prod, docker-compose in dev DATABASE_URL=postgres://andon:andon@localhost:5432/andon # Credentials for the bundled Postgres service in docker-compose.yml POSTGRES_USER=andon POSTGRES_PASSWORD=andon POSTGRES_DB=andon # Google OAuth (Task 9) — nuxt-auth-utils reads these exact names. Access is # restricted server-side to verified @theodo.com emails (the `hd` claim is not # trusted on its own). REDIRECT_URL must match an Authorized redirect URI in the # Google Cloud console (defaults to /auth/google/callback if unset). NUXT_OAUTH_GOOGLE_CLIENT_ID= NUXT_OAUTH_GOOGLE_CLIENT_SECRET= NUXT_OAUTH_GOOGLE_REDIRECT_URL= # Web Push / VAPID (Task 10) VAPID_PUBLIC_KEY= VAPID_PRIVATE_KEY= VAPID_SUBJECT=mailto:example@theodo.com