# ============================================================================= # DELPHI CONSULTING GROUP DATABASE SYSTEM - ENVIRONMENT VARIABLES # ============================================================================= # # Copy this file to .env and set secure values for all variables # NEVER commit .env files to version control # # SECURITY CRITICAL: All variables marked ⚠️ MUST be changed from defaults # ============================================================================= # ============================================================================= # 🔒 SECURITY SETTINGS (CRITICAL - MUST BE SET) # ============================================================================= # ⚠️ SECRET_KEY: Cryptographic key for JWT tokens and session security # REQUIREMENT: Minimum 32 characters, use cryptographically secure random string # Generate with: python -c "import secrets; print(secrets.token_urlsafe(32))" SECRET_KEY=CHANGE_ME_TO_32_PLUS_CHARACTER_RANDOM_STRING # ⚠️ ADMIN_PASSWORD: Initial admin account password # REQUIREMENT: Minimum 12 characters, mixed case, numbers, symbols # Generate with: python -c "import secrets, string; print(''.join(secrets.choice(string.ascii_letters + string.digits + '!@#$%^&*') for _ in range(16)))" ADMIN_PASSWORD=CHANGE_ME_TO_SECURE_PASSWORD # Optional: Previous secret key for seamless key rotation # PREVIOUS_SECRET_KEY= # ============================================================================= # 🌐 CORS SETTINGS (IMPORTANT FOR PRODUCTION) # ============================================================================= # ⚠️ CORS_ORIGINS: Comma-separated list of allowed origins # Example: https://app.yourcompany.com,https://www.yourcompany.com # For development, localhost is automatically allowed CORS_ORIGINS=https://your-production-domain.com # ============================================================================= # 👤 ADMIN ACCOUNT SETTINGS # ============================================================================= ADMIN_USERNAME=admin ADMIN_EMAIL=admin@yourcompany.com ADMIN_FULLNAME=System Administrator # ============================================================================= # 🗄️ DATABASE SETTINGS # ============================================================================= # Database URL (SQLite by default, can use PostgreSQL for production) DATABASE_URL=sqlite:///./data/delphi_database.db # ============================================================================= # ⚙️ APPLICATION SETTINGS # ============================================================================= # Application settings APP_NAME=Delphi Consulting Group Database System DEBUG=False # JWT Token expiration ACCESS_TOKEN_EXPIRE_MINUTES=240 REFRESH_TOKEN_EXPIRE_MINUTES=43200 # File paths UPLOAD_DIR=./uploads BACKUP_DIR=./backups # Pagination DEFAULT_PAGE_SIZE=50 MAX_PAGE_SIZE=200 # ============================================================================= # 📝 LOGGING SETTINGS # ============================================================================= LOG_LEVEL=INFO LOG_TO_FILE=True LOG_ROTATION=10 MB LOG_RETENTION=30 days # ============================================================================= # 🔄 CACHE SETTINGS (OPTIONAL) # ============================================================================= CACHE_ENABLED=False # REDIS_URL=redis://localhost:6379 # ============================================================================= # 📧 NOTIFICATION SETTINGS (OPTIONAL) # ============================================================================= NOTIFICATIONS_ENABLED=False # Email settings (if notifications enabled) # SMTP_HOST=smtp.gmail.com # SMTP_PORT=587 # SMTP_USERNAME=your-email@company.com # SMTP_PASSWORD=your-email-password # SMTP_STARTTLS=True # NOTIFICATION_EMAIL_FROM=no-reply@yourcompany.com # QDRO notification recipients (comma-separated) # QDRO_NOTIFY_EMAIL_TO=legal@yourcompany.com,admin@yourcompany.com # Webhook settings (optional) # QDRO_NOTIFY_WEBHOOK_URL=https://your-webhook-endpoint.com # QDRO_NOTIFY_WEBHOOK_SECRET=your-webhook-secret # ============================================================================= # 🐳 DOCKER/DEPLOYMENT SETTINGS (OPTIONAL) # ============================================================================= # EXTERNAL_PORT=8000 # ALLOWED_HOSTS=yourcompany.com,www.yourcompany.com # SECURE_COOKIES=True # COMPOSE_PROJECT_NAME=delphi-db # ============================================================================= # 🚨 SECURITY CHECKLIST # ============================================================================= # # Before deploying to production, verify: # ✅ SECRET_KEY is 32+ character random string # ✅ ADMIN_PASSWORD is strong (12+ chars, mixed case, symbols) # ✅ CORS_ORIGINS set to specific domains (not localhost) # ✅ DEBUG=False # ✅ SECURE_COOKIES=True (if using HTTPS) # ✅ Database backups configured and tested # ✅ Log monitoring configured # ✅ This .env file is never committed to version control # # =============================================================================