# Copy this template to one of:
#   .env           — production target, loaded by main.ts
#   .env.sandbox   — sandbox target,    loaded by provisionSandbox.ts
# Both are gitignored. Never commit real secret values.

# --- Target ---
# prod:    https://erp.arcodange.lab          (.env)
# sandbox: https://erp-sandbox.arcodange.lab  (.env.sandbox)
DOLIBARR_ADDRESS=https://erp.arcodange.lab

DOLI_ADMIN_LOGIN=admin
DOLI_ADMIN_PASSWORD=""
DOLI_DB_PASSWORD=""
ROOT_FOLDER=$HOME/erp

# Populate the passwords from the cluster secrets, e.g. (prod shown):
#   DOLI_ADMIN_PASSWORD  <- kubectl get secret secretkv -n erp -o jsonpath='{.data.DOLI_ADMIN_PASSWORD}' | base64 -d
#   DOLI_DB_PASSWORD     <- kubectl get secret vso-db-credentials -n erp -o jsonpath='{.data.password}' | base64 -d
#
# NOTE for a sandbox SEEDED from prod (ops/sandbox/sandbox-lifecycle.sh): the seed
# clones prod's admin password into the sandbox, so .env.sandbox's
# DOLI_ADMIN_PASSWORD must be PROD's admin password (-n erp), not the sandbox
# secretkv. The DB password is the sandbox's own (-n erp-sandbox).

# Optional: fix the provisioned user's password (else one is generated and only
# the API key is emitted to .ai_agent_sandbox.key).
# AI_AGENT_SANDBOX_PASSWORD=""