Cradicle Explorer
333Method
/ .env.secrets.example
.env.secrets.example
  1  # ─────────────────────────────────────────────────────────────────────────────
  2  # .env.secrets — API keys, tokens, and passwords
  3  # ─────────────────────────────────────────────────────────────────────────────
  4  # Production values are managed via SOPS (333Method-infra/secrets/production.yaml)
  5  # This file documents what keys are needed and provides placeholder values.
  6  # Loaded by src/utils/load-env.js (alongside .env and .env.agents)
  7  
  8  # ─── ZenRows (SERP Scraping) ────────────────────────────────────────────────
  9  ZENROWS_API_KEY=your_zenrows_api_key_here
 10  
 11  # ─── OpenRouter (Multi-model LLM Gateway) ───────────────────────────────────
 12  # Used by: All pipeline LLM calls (scoring, proposals, enrichment, autoresponder)
 13  # Claude Max orchestrator handles zero-cost calls separately via claude CLI.
 14  OPENROUTER_API_KEY=your_openrouter_api_key_here
 15  
 16  # ─── ZeroBounce (Email Validation) ─────────────────────────────────────────
 17  # Get key at https://app.zerobounce.net/api-credentials
 18  ZEROBOUNCE_API_KEY=your_zerobounce_api_key_here
 19  
 20  # ─── Email Service (Resend) ─────────────────────────────────────────────────
 21  RESEND_API_KEY=your_resend_api_key_here
 22  # Optional: Separate test API key for integration tests
 23  RESEND_TEST_API_KEY=your_resend_test_api_key_here
 24  RESEND_WEBHOOK_SECRET=whsec_...
 25  # BCC address for Trustpilot review invitations (added to report delivery emails)
 26  TRUSTPILOT_BCC_EMAIL=auditandfix.com+a2d3a72486@invite.trustpilot.com
 27  
 28  # ─── SMS Service (Twilio) ───────────────────────────────────────────────────
 29  TWILIO_ACCOUNT_SID=your_twilio_account_sid
 30  TWILIO_AUTH_TOKEN=your_twilio_auth_token
 31  TWILIO_PHONE_NUMBER=+1234567890
 32  
 33  # Twilio Test Credentials (for integration testing)
 34  # Optional: Separate test credentials that don't send real SMS
 35  # Get from: https://www.twilio.com/console/project/settings
 36  TWILIO_TEST_ACCOUNT_SID=your_test_account_sid
 37  TWILIO_TEST_AUTH_TOKEN=your_test_auth_token
 38  
 39  # ─── Keyword Validation (DataForSEO) ────────────────────────────────────────
 40  # Sign up at https://dataforseo.com/
 41  DATAFORSEO_LOGIN=your_email@example.com
 42  DATAFORSEO_PASSWORD=your_api_password
 43  
 44  # ─── PayPal Payment Integration ─────────────────────────────────────────────
 45  # Sign up at https://developer.paypal.com/
 46  # Mode: 'sandbox' for testing, 'live' for production
 47  PAYPAL_MODE=sandbox
 48  PAYPAL_CLIENT_ID=your_paypal_client_id_here
 49  PAYPAL_CLIENT_SECRET=your_paypal_client_secret_here
 50  
 51  # PayPal Sandbox Test Accounts
 52  # Create at: https://developer.paypal.com/dashboard/accounts
 53  PAYPAL_SANDBOX_BUYER_EMAIL=sb-abc123@personal.example.com
 54  PAYPAL_SANDBOX_BUYER_PASSWORD=your_sandbox_buyer_password
 55  
 56  # ─── Exchange Rate API (Fixer.io) ───────────────────────────────────────────
 57  # Free tier: 1,000 requests/month. Used for weekly repricing.
 58  FIXER_API_KEY=your_fixer_api_key_here
 59  
 60  # ─── Google Sheets API (Outreach Review Workflow) ────────────────────────────
 61  # Setup instructions:
 62  # 1. Create project at https://console.cloud.google.com/
 63  # 2. Enable Google Sheets API
 64  # 3. Create Service Account with Editor role
 65  # 4. Generate JSON key and extract client_email + private_key
 66  # 5. Create a blank Google Sheet and share with service account as Editor
 67  # 6. Copy the spreadsheet ID from the URL (between /d/ and /edit)
 68  # IMPORTANT: Keep \n characters in GOOGLE_SHEETS_PRIVATE_KEY
 69  GOOGLE_SHEETS_CLIENT_EMAIL=your-service-account@project-id.iam.gserviceaccount.com
 70  GOOGLE_SHEETS_PRIVATE_KEY="-----BEGIN PRIVATE KEY-----\nYOUR_PRIVATE_KEY_HERE\n-----END PRIVATE KEY-----\n"
 71  GOOGLE_SHEETS_FOLDER_ID=optional-folder-id-for-organizing-sheets
 72  
 73  # ─── Cloudflare Worker URLs ─────────────────────────────────────────────────
 74  # Set after deploying Workers (see workers/*/wrangler.toml for deploy instructions)
 75  #
 76  # Outreach pipeline workers (333Method):
 77  UNSUBSCRIBE_WORKER_URL=https://unsubscribe-worker.auditandfix.workers.dev
 78  EMAIL_EVENTS_WORKER_URL=https://resend-webhook-worker.auditandfix.workers.dev
 79  #
 80  # PayPal webhook worker — receives async payment events from PayPal (PAYMENT.CAPTURE.COMPLETED etc.)
 81  # and stores them in R2 for polling by src/payment/poll-paypal-events.js.
 82  # Two separate deployments to isolate sandbox events from live events:
 83  #   prod:  workers/paypal-webhook/ (wrangler deploy)          → paypal-events R2 bucket
 84  #   test:  workers/paypal-webhook/ (wrangler deploy --env test) → paypal-events-test R2 bucket
 85  # Configure in PayPal Developer Dashboard → your app → Webhooks:
 86  #   Live app  → https://paypal-webhook-worker.auditandfix.workers.dev/webhook/paypal
 87  #   Sandbox app → https://paypal-webhook-worker-test.auditandfix.workers.dev/webhook/paypal
 88  PAYPAL_EVENTS_WORKER_URL=https://paypal-webhook-worker.auditandfix.workers.dev
 89  
 90  # ─── Security Secrets ───────────────────────────────────────────────────────
 91  # Unsubscribe link HMAC signing key (32+ chars recommended)
 92  # Generate: openssl rand -hex 32
 93  UNSUBSCRIBE_SECRET=change-this-to-a-random-32-char-string
 94  
 95  # ─── Audit&Fix.com Sales Page API ───────────────────────────────────────────
 96  # auditandfix-api worker handles purchase initiation and report delivery.
 97  # Two separate deployments:
 98  #   prod:  workers/auditandfix-api/ (wrangler deploy)          → live PayPal + prod KV
 99  #   test:  workers/auditandfix-api/ (wrangler deploy --env test) → sandbox PayPal + test KV
100  # The PHP sales page routes to the correct worker based on ?sandbox=1 query param.
101  AUDITANDFIX_WORKER_URL=https://auditandfix-api.auditandfix.workers.dev
102  AUDITANDFIX_WORKER_SANDBOX_URL=https://auditandfix-api-test.auditandfix.workers.dev
103  # Shared secret between PHP sales page and CF worker (both environments can use same value)
104  # Generate: openssl rand -hex 32
105  AUDITANDFIX_WORKER_SECRET=your-shared-secret
106  AUDITANDFIX_SENDER_EMAIL=reports@auditandfix.com
107  
108  # ─── NopeCHA CAPTCHA Solver ─────────────────────────────────────────────────
109  # https://nopecha.com — 100 solves/day free
110  # NOPECHA_API_KEY=your_nopecha_api_key_here
111  
112  # ─── End-to-End Test Credentials ────────────────────────────────────────────
113  TEST_E2E_URL=https://yoursite.com/e2e-test-page-????????.php
114  TEST_E2E_KEYWORD=site:yoursite.com/terms
115  TEST_E2E_PASSWORD=change-this-to-a-random-password
116