# Postgres POSTGRES_DB=fleet POSTGRES_USER=fleet POSTGRES_PASSWORD=change-me # App connection (via pgbouncer in prod, direct in dev is also fine) DATABASE_URL=postgresql://fleet:change-me@pgbouncer:6432/fleet # Auth JWT_SECRET=replace-with-64-bytes-of-random JWT_ACCESS_TTL_MIN=15 JWT_REFRESH_TTL_DAYS=30 # Tracksolid push (shared token Tracksolid POSTs in form body) TRACKSOLID_PUSH_TOKEN=set-from-tracksolid-console # Tracksolid polled API TRACKSOLID_API_BASE_URL=https://eu-open.tracksolidpro.com/route/rest TRACKSOLID_PROD_ACCOUNTS= # JSON array of {account_id, app_key, secret} — populated from current TARGETS env TRACKSOLID_SANDBOX_ACCOUNT_ID= TRACKSOLID_SANDBOX_APP_KEY= TRACKSOLID_SANDBOX_SECRET= # Geocoding (P2) NOMINATIM_BASE_URL= MAPBOX_TOKEN= # Alerting (D9) NTFY_BASE_URL=https://ntfy.rahamafresh.com NTFY_TOPIC=fleet-slo-breach NTFY_TOKEN= # Runtime APP_MODE=dev # dev|prod — dev enables uvicorn --reload APP_ROLE=gateway # gateway|worker|cron — selected per container APP_LOG_LEVEL=INFO # Build-time (injected by CI) APP_GIT_SHA=local