From b26580cf6b1e83492660663c4722ad3de9de74d7 Mon Sep 17 00:00:00 2001
From: jessikitty <jess.rogerson.29@outlook.com>
Date: Wed, 3 Jun 2026 09:48:31 +1000
Subject: [PATCH] Add .env.example documenting required secrets

---
 .env.example | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 .env.example

diff --git a/.env.example b/.env.example
new file mode 100644
index 0000000..d2fe244
--- /dev/null
+++ b/.env.example
@@ -0,0 +1,12 @@
+# Copy to .env and fill in. Never commit the real .env.
+
+# Long random string — used to sign admin login tokens.
+# Generate one with:  node -e "console.log(require('crypto').randomBytes(48).toString('hex'))"
+JWT_SECRET=
+
+# Used only by `npm run seed` to create the first admin account.
+ADMIN_USER=admin
+ADMIN_PASS=change-me-to-something-strong
+
+# Port the Node server listens on (nginx reverse-proxies to this).
+PORT=3000