davidherran/flux-srl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
flux-srl/env
T
davidherran fbfffb28d9 feat(analytics): activate GA4 (G-KQ1JRV3KN7) + GDPR privacy page + GSC support 
Client provided the GA4 Measurement ID and approved the standard policy.

- Activate analytics: NEXT_PUBLIC_GA_ID set to the FLUX property
  G-KQ1JRV3KN7 in the env template, with the same value as the
  docker-compose build-arg fallback so it works out of the box on deploy.
  (GA Measurement IDs are public — they ship in page HTML — safe to commit.)
- New GDPR-compliant Privacy & Cookie Policy page at /[locale]/privacy
  (all 5 locales), linked from the consent banner. Includes a clearly
  marked template disclaimer for legal review and a TODO on the contact
  email. Added to sitemap.
- Consent banner now links via the locale-aware next-intl Link.
- Google Search Console: optional NEXT_PUBLIC_GSC_VERIFICATION env var
  emits the google-site-verification meta tag (Dockerfile arg +
  docker-compose wired). Empty by default.

Verified: build inlines G-KQ1JRV3KN7 into the client bundle; the 5
/privacy routes render; TypeScript clean.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-05 12:00:44 -05:00

40 lines
1.9 KiB
Plaintext
Raw Permalink Blame History

# Conexión local a SQLite
#DATABASE_URL="file:./dev.db"
# POSTGRES SQL CONEXION
#:xDATABASE_URL="postgresql://flux_user:STRONG_PASSWORD@postgres:5432/flux_db?schema=public"
DATABASE_URL="postgresql://flux_user:dev_password@localhost:5432/flux_db?schema=public"
# SESSION_SECRET (REQUIRED, min 32 chars).
# Used to sign 7-day admin JWTs in src/lib/session.ts and CSRF tokens in
# src/lib/csrf.ts. The app refuses to boot without it. Generate with:
# openssl rand -base64 48
SESSION_SECRET="CHANGE_ME_openssl_rand_base64_48_min_32_chars"
# Optional: multi-instance rate limiting via Upstash Redis REST API.
# Leave both unset to use the in-memory bucket store (fine for single VPS).
#REDIS_URL="https://xxx.upstash.io"
#REDIS_TOKEN="xxxxx"
# Google Analytics 4 Measurement ID (format: G-XXXXXXXXXX).
# Leave empty to disable analytics entirely — the site loads no Google
# scripts and the consent banner stays hidden until this is set.
# This is a PUBLIC value (it ships in the page HTML), safe to commit.
NEXT_PUBLIC_GA_ID="G-KQ1JRV3KN7"
# Google Search Console verification token (the content="" value from the
# HTML-tag verification method). Leave empty if you verify via DNS or GA.
NEXT_PUBLIC_GSC_VERIFICATION=""
# OPEN AI KEY
OPENAI_API_KEY=sk-proj-dsdsdsds-kaDAHhZXPYsK6-4uw0UWJZ0YuLnQfVoEA
NEXT_PUBLIC_APP_URL=http://localhost:3000 # En producción será https://www.rf-flux.com
#email Config
SMTP_HOST=smtp.gmail.com # (or smtp.office365.com, mail.fluxsrl.com, etc.)
SMTP_PORT=587 #(587 for TLS, 465 for SSL)
SMTP_USER=davidherran@dreamhousestudios.co
SMTP_PASS=syzybrtcidrkzehp #(Gmail: use App Password, not regular password)
SMTP_FROM=FLUX Operations <davidherran@dreamhousestudios.co>
SMTP_SECURE=false # (true for port 465, false for 587 with STARTTLS)
Reference in New Issue View Git Blame Copy Permalink