133 lines
5.0 KiB
Plaintext
133 lines
5.0 KiB
Plaintext
# =============================================================================
|
|
# DELPHI CONSULTING GROUP DATABASE SYSTEM - ENVIRONMENT VARIABLES
|
|
# =============================================================================
|
|
#
|
|
# Copy this file to .env and set secure values for all variables
|
|
# NEVER commit .env files to version control
|
|
#
|
|
# SECURITY CRITICAL: All variables marked ⚠️ MUST be changed from defaults
|
|
# =============================================================================
|
|
|
|
# =============================================================================
|
|
# 🔒 SECURITY SETTINGS (CRITICAL - MUST BE SET)
|
|
# =============================================================================
|
|
|
|
# ⚠️ SECRET_KEY: Cryptographic key for JWT tokens and session security
|
|
# REQUIREMENT: Minimum 32 characters, use cryptographically secure random string
|
|
# Generate with: python -c "import secrets; print(secrets.token_urlsafe(32))"
|
|
SECRET_KEY=CHANGE_ME_TO_32_PLUS_CHARACTER_RANDOM_STRING
|
|
|
|
# ⚠️ ADMIN_PASSWORD: Initial admin account password
|
|
# REQUIREMENT: Minimum 12 characters, mixed case, numbers, symbols
|
|
# Generate with: python -c "import secrets, string; print(''.join(secrets.choice(string.ascii_letters + string.digits + '!@#$%^&*') for _ in range(16)))"
|
|
ADMIN_PASSWORD=CHANGE_ME_TO_SECURE_PASSWORD
|
|
|
|
# Optional: Previous secret key for seamless key rotation
|
|
# PREVIOUS_SECRET_KEY=
|
|
|
|
# =============================================================================
|
|
# 🌐 CORS SETTINGS (IMPORTANT FOR PRODUCTION)
|
|
# =============================================================================
|
|
|
|
# ⚠️ CORS_ORIGINS: Comma-separated list of allowed origins
|
|
# Example: https://app.yourcompany.com,https://www.yourcompany.com
|
|
# For development, localhost is automatically allowed
|
|
CORS_ORIGINS=https://your-production-domain.com
|
|
|
|
# =============================================================================
|
|
# 👤 ADMIN ACCOUNT SETTINGS
|
|
# =============================================================================
|
|
|
|
ADMIN_USERNAME=admin
|
|
ADMIN_EMAIL=admin@yourcompany.com
|
|
ADMIN_FULLNAME=System Administrator
|
|
|
|
# =============================================================================
|
|
# 🗄️ DATABASE SETTINGS
|
|
# =============================================================================
|
|
|
|
# Database URL (SQLite by default, can use PostgreSQL for production)
|
|
DATABASE_URL=sqlite:///./data/delphi_database.db
|
|
|
|
# =============================================================================
|
|
# ⚙️ APPLICATION SETTINGS
|
|
# =============================================================================
|
|
|
|
# Application settings
|
|
APP_NAME=Delphi Consulting Group Database System
|
|
DEBUG=False
|
|
|
|
# JWT Token expiration
|
|
ACCESS_TOKEN_EXPIRE_MINUTES=240
|
|
REFRESH_TOKEN_EXPIRE_MINUTES=43200
|
|
|
|
# File paths
|
|
UPLOAD_DIR=./uploads
|
|
BACKUP_DIR=./backups
|
|
|
|
# Pagination
|
|
DEFAULT_PAGE_SIZE=50
|
|
MAX_PAGE_SIZE=200
|
|
|
|
# =============================================================================
|
|
# 📝 LOGGING SETTINGS
|
|
# =============================================================================
|
|
|
|
LOG_LEVEL=INFO
|
|
LOG_TO_FILE=True
|
|
LOG_ROTATION=10 MB
|
|
LOG_RETENTION=30 days
|
|
|
|
# =============================================================================
|
|
# 🔄 CACHE SETTINGS (OPTIONAL)
|
|
# =============================================================================
|
|
|
|
CACHE_ENABLED=False
|
|
# REDIS_URL=redis://localhost:6379
|
|
|
|
# =============================================================================
|
|
# 📧 NOTIFICATION SETTINGS (OPTIONAL)
|
|
# =============================================================================
|
|
|
|
NOTIFICATIONS_ENABLED=False
|
|
|
|
# Email settings (if notifications enabled)
|
|
# SMTP_HOST=smtp.gmail.com
|
|
# SMTP_PORT=587
|
|
# SMTP_USERNAME=your-email@company.com
|
|
# SMTP_PASSWORD=your-email-password
|
|
# SMTP_STARTTLS=True
|
|
# NOTIFICATION_EMAIL_FROM=no-reply@yourcompany.com
|
|
|
|
# QDRO notification recipients (comma-separated)
|
|
# QDRO_NOTIFY_EMAIL_TO=legal@yourcompany.com,admin@yourcompany.com
|
|
|
|
# Webhook settings (optional)
|
|
# QDRO_NOTIFY_WEBHOOK_URL=https://your-webhook-endpoint.com
|
|
# QDRO_NOTIFY_WEBHOOK_SECRET=your-webhook-secret
|
|
|
|
# =============================================================================
|
|
# 🐳 DOCKER/DEPLOYMENT SETTINGS (OPTIONAL)
|
|
# =============================================================================
|
|
|
|
# EXTERNAL_PORT=8000
|
|
# ALLOWED_HOSTS=yourcompany.com,www.yourcompany.com
|
|
# SECURE_COOKIES=True
|
|
# COMPOSE_PROJECT_NAME=delphi-db
|
|
|
|
# =============================================================================
|
|
# 🚨 SECURITY CHECKLIST
|
|
# =============================================================================
|
|
#
|
|
# Before deploying to production, verify:
|
|
# ✅ SECRET_KEY is 32+ character random string
|
|
# ✅ ADMIN_PASSWORD is strong (12+ chars, mixed case, symbols)
|
|
# ✅ CORS_ORIGINS set to specific domains (not localhost)
|
|
# ✅ DEBUG=False
|
|
# ✅ SECURE_COOKIES=True (if using HTTPS)
|
|
# ✅ Database backups configured and tested
|
|
# ✅ Log monitoring configured
|
|
# ✅ This .env file is never committed to version control
|
|
#
|
|
# =============================================================================
|