# Navi Staging Environment

Date: 2026-05-04

## Required Services

- API service: NestJS app from `apps/api`.
- Dashboard service: Next.js app from `apps/dashboard`.
- Website service: Next.js app from `apps/website`.
- PostgreSQL database.
- Redis instance.
- Object storage provider once uploads are enabled.
- Email/SMS provider before real OTP outside local development.
- Payment provider sandbox before payment beta.

## Required Secrets

- `DATABASE_URL`
- `REDIS_URL`
- `JWT_ACCESS_SECRET`
- `JWT_REFRESH_SECRET`
- `CORS_ORIGINS`
- `WEBHOOK_SECRET_<PROVIDER>`
- Provider-specific payment, email, SMS, OCR, AI, translation, and storage secrets.

## Environment Rules

- No production environment may use console/mock providers for real user traffic.
- Production must fail boot if JWT or webhook secrets are weak or missing.
- Staging may use mock providers only when the release gate labels the build as mock/demo.
- Database migration deploy must run before app rollout.
- Seed data must not overwrite production user data.