228 lines
6.4 KiB
Plaintext
228 lines
6.4 KiB
Plaintext
# Looking Backend - Environment Variables
|
|
# Copy this file to .env and fill in your values
|
|
# NEVER commit .env files to version control
|
|
|
|
# ============================================
|
|
# SERVER CONFIGURATION
|
|
# ============================================
|
|
|
|
# Port for Express server to listen on
|
|
# Default: 3069
|
|
# Production: Use same port or configure via load balancer
|
|
PORT=3069
|
|
|
|
# Node environment
|
|
# Options: development, production, test
|
|
NODE_ENV=development
|
|
|
|
# ============================================
|
|
# DATABASE CONFIGURATION
|
|
# ============================================
|
|
|
|
# MongoDB connection string
|
|
# Development (DevContainer): mongodb://mongo:27017/urge
|
|
# Development (Local): mongodb://localhost:27017/urge
|
|
# Production: Use MongoDB Atlas or managed instance
|
|
MONGODB_URI=mongodb://mongo:27017/urge
|
|
|
|
# MongoDB Admin Credentials (for connection if auth enabled)
|
|
# Only needed if MongoDB requires authentication
|
|
# MONGO_USER=admin
|
|
# MONGO_PASS=password
|
|
|
|
# ============================================
|
|
# JWT AUTHENTICATION
|
|
# ============================================
|
|
|
|
# Secret key for JWT token signing
|
|
# CRITICAL: Use a strong random string (minimum 32 characters)
|
|
# Generate with: openssl rand -base64 32
|
|
# NEVER share or commit this value
|
|
JWT_SECRET=your-super-secret-jwt-key-change-this-to-random-32-chars
|
|
|
|
# JWT token expiration time
|
|
# Options: '15m', '1h', '24h', '7d'
|
|
# Default: 15m (15 minutes)
|
|
JWT_EXPIRES_IN=15m
|
|
|
|
# ============================================
|
|
# GOOGLE MAPS API
|
|
# ============================================
|
|
|
|
# Google Maps API key for geocoding features
|
|
# Get API key: https://console.cloud.google.com/apis/credentials
|
|
# Enable: Geocoding API, Places API (if used)
|
|
# Restrict: Set HTTP referrer or IP restrictions for security
|
|
GOOGLE_MAPS_API_KEY=AIzaSyXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
|
|
|
|
# ============================================
|
|
# EMAIL CONFIGURATION (SMTP)
|
|
# ============================================
|
|
|
|
# SMTP server hostname
|
|
# Examples:
|
|
# Gmail: smtp.gmail.com
|
|
# Outlook: smtp-mail.outlook.com
|
|
# SendGrid: smtp.sendgrid.net
|
|
# Custom: mail.yourdomain.com
|
|
MAIL_HOST=smtp.gmail.com
|
|
|
|
# SMTP server port
|
|
# Common ports:
|
|
# 587 - TLS/STARTTLS (recommended)
|
|
# 465 - SSL
|
|
# 25 - Unencrypted (not recommended)
|
|
MAIL_PORT=587
|
|
|
|
# SMTP username (usually your email address)
|
|
MAIL_USER=support@example.com
|
|
|
|
# SMTP password or app-specific password
|
|
# For Gmail: Use App Password (not your account password)
|
|
# 1. Go to Google Account → Security → 2-Step Verification
|
|
# 2. Scroll to "App passwords"
|
|
# 3. Generate password for "Mail"
|
|
# 4. Use that 16-character password here
|
|
MAIL_PASS=your-email-password-or-app-specific-password
|
|
|
|
# Email sender name (displayed in "From" field)
|
|
MAIL_FROM_NAME=Looking App Support
|
|
|
|
# Email sender address (must match MAIL_USER or authorized sender)
|
|
MAIL_FROM_ADDRESS=support@example.com
|
|
|
|
# ============================================
|
|
# CORS CONFIGURATION
|
|
# ============================================
|
|
|
|
# Allowed origins for CORS (comma-separated)
|
|
# Development: * (all origins)
|
|
# Production: Specific domains only
|
|
# Examples:
|
|
# Development: *
|
|
# Production: https://pfosi.mifi.dev,https://www.pfosi.mifi.dev
|
|
CORS_ORIGIN=*
|
|
|
|
# ============================================
|
|
# FILE UPLOAD CONFIGURATION
|
|
# ============================================
|
|
|
|
# Maximum file size for image uploads (in bytes)
|
|
# 5MB = 5242880 bytes
|
|
# 10MB = 10485760 bytes
|
|
MAX_FILE_SIZE=5242880
|
|
|
|
# Allowed image MIME types (comma-separated)
|
|
ALLOWED_IMAGE_TYPES=image/jpeg,image/png,image/gif,image/webp
|
|
|
|
# ============================================
|
|
# LOGGING CONFIGURATION
|
|
# ============================================
|
|
|
|
# Log level
|
|
# Options: error, warn, info, http, verbose, debug, silly
|
|
# Production: info or warn
|
|
# Development: debug or verbose
|
|
LOG_LEVEL=debug
|
|
|
|
# Log file location (if file logging enabled)
|
|
# Default: logs/combined.log
|
|
LOG_FILE=logs/combined.log
|
|
|
|
# Error log file location
|
|
LOG_ERROR_FILE=logs/error.log
|
|
|
|
# ============================================
|
|
# SECURITY CONFIGURATION
|
|
# ============================================
|
|
|
|
# Password hashing iterations (PBKDF2)
|
|
# Higher = more secure but slower
|
|
# Default: 233335
|
|
# Recommended: 100000+
|
|
PASSWORD_HASH_ITERATIONS=233335
|
|
|
|
# Password minimum length
|
|
PASSWORD_MIN_LENGTH=8
|
|
|
|
# Session secret for express-session (if using sessions)
|
|
# SESSION_SECRET=your-session-secret-change-this
|
|
|
|
# ============================================
|
|
# RATE LIMITING (if implemented)
|
|
# ============================================
|
|
|
|
# Maximum requests per window
|
|
# RATE_LIMIT_MAX=100
|
|
|
|
# Time window in milliseconds (15 minutes = 900000)
|
|
# RATE_LIMIT_WINDOW_MS=900000
|
|
|
|
# ============================================
|
|
# PRODUCTION DEPLOYMENT
|
|
# ============================================
|
|
|
|
# Domain/hostname for the application
|
|
# Used for email links, CORS, etc.
|
|
# APP_URL=https://pfosi.mifi.dev
|
|
# API_URL=https://api.pfosi.mifi.dev
|
|
|
|
# Traefik labels (if using docker-compose with Traefik)
|
|
# TRAEFIK_ENABLE=true
|
|
# TRAEFIK_DOMAIN=api.pfosi.mifi.dev
|
|
|
|
# ============================================
|
|
# MONITORING & ANALYTICS (optional)
|
|
# ============================================
|
|
|
|
# Sentry DSN for error tracking
|
|
# SENTRY_DSN=https://xxxxx@sentry.io/xxxxx
|
|
|
|
# Google Analytics tracking ID
|
|
# GA_TRACKING_ID=UA-XXXXXXXXX-X
|
|
|
|
# ============================================
|
|
# DATABASE SEEDING
|
|
# ============================================
|
|
|
|
# Path to seed data file
|
|
# Default: data/profiles.json
|
|
SEED_DATA_PATH=data/profiles.json
|
|
|
|
# Auto-seed database on startup (true/false)
|
|
# WARNING: This will wipe existing data
|
|
# Only use in development
|
|
AUTO_SEED=false
|
|
|
|
# ============================================
|
|
# FEATURE FLAGS (optional)
|
|
# ============================================
|
|
|
|
# Enable user story submissions via public endpoint
|
|
# ENABLE_SUBMISSIONS=true
|
|
|
|
# Require admin approval for submitted stories
|
|
# REQUIRE_APPROVAL=true
|
|
|
|
# Enable email notifications for new submissions
|
|
# NOTIFY_ON_SUBMISSION=true
|
|
|
|
# ============================================
|
|
# NOTES
|
|
# ============================================
|
|
|
|
# 1. NEVER commit this file with real values to version control
|
|
# 2. Add .env to .gitignore (already done)
|
|
# 3. Use different values for development and production
|
|
# 4. Rotate secrets regularly in production
|
|
# 5. Use environment-specific .env files:
|
|
# - .env.development
|
|
# - .env.production
|
|
# - .env.test
|
|
# 6. In production, use secret management tools:
|
|
# - Docker secrets
|
|
# - Kubernetes secrets
|
|
# - AWS Secrets Manager
|
|
# - Azure Key Vault
|
|
# - HashiCorp Vault
|