DB_PASSWORD=your_strong_password_here
JWT_SECRET=your_jwt_secret_at_least_32_chars
ADMIN_USER=admin
ADMIN_PASSWORD=change_me
ADMIN_EMAIL=
REDIS_ENABLED=true
CORS_ALLOW_ANY=false
CORS_ALLOWED_ORIGIN0=https://your-frontend.example.com
STORAGE_CLIENT_RSA_PUBLIC_KEY_PEM=
STORAGE_REQUIRE_HTTPS_FOR_DOWNLOAD_KEY=true