mo/mitlist
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
8b3c784e54
mitlist/env.production.template
Mohamad 8b3c784e54 feat: Enhance application configuration and logging with new features 
This commit introduces several improvements to the application configuration and logging mechanisms, including:

- Added a new `REDIS_URL` configuration option in the production environment template for easier Redis setup.
- Implemented a soft delete method in the `UserManager` class to anonymize user data while maintaining referential integrity.
- Enhanced session secret management to ensure a secure fallback in non-production environments.
- Introduced a `PiiRedactionFilter` to loggers for redacting sensitive information from logs.
- Added rate limiting middleware to control API request rates and prevent abuse.

These changes aim to improve security, maintainability, and user data protection within the application.
2025-06-27 11:55:29 +02:00

59 lines
2.1 KiB
Plaintext
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Production Environment Variables Template
# Copy this file to .env.production and fill in the actual values
# NEVER commit the actual .env.production file to version control
# Database Configuration
POSTGRES_USER=mitlist_user
POSTGRES_PASSWORD=your_secure_database_password_here
POSTGRES_DB=mitlist_prod
DATABASE_URL=postgresql+asyncpg://mitlist_user:your_secure_database_password_here@db:5432/mitlist_prod
# Security Keys (Generate with: openssl rand -hex 32)
SECRET_KEY=your_secret_key_here_minimum_32_characters_long
SESSION_SECRET_KEY=your_session_secret_key_here_minimum_32_characters_long
# API Keys
GEMINI_API_KEY=your_gemini_api_key_here
# Redis Configuration
# If you are running the Redis container from docker-compose, the connection URL is usually:
# redis://:<password>@redis:6379/0
# Otherwise adjust host/port/password as required.
REDIS_URL=redis://:your_redis_password_here@redis:6379/0
REDIS_PASSWORD=your_redis_password_here
# Sentry Configuration (Optional but recommended)
SENTRY_DSN=your_sentry_dsn_here
# CORS Configuration
CORS_ORIGINS=https://yourdomain.com,https://www.yourdomain.com
FRONTEND_URL=https://yourdomain.com
# Frontend Build Variables
VITE_API_URL=https://yourdomain.com/api
VITE_SENTRY_DSN=your_frontend_sentry_dsn_here
VITE_ROUTER_MODE=history
# Google OAuth Configuration - Replace with your actual credentials
GOOGLE_CLIENT_ID="YOUR_GOOGLE_CLIENT_ID_HERE"
GOOGLE_CLIENT_SECRET="YOUR_GOOGLE_CLIENT_SECRET_HERE"
GOOGLE_REDIRECT_URI=https://yourdomain.com/auth/google/callback
APPLE_CLIENT_ID=your_apple_client_id
APPLE_TEAM_ID=your_apple_team_id
APPLE_KEY_ID=your_apple_key_id
APPLE_PRIVATE_KEY=your_apple_private_key
APPLE_REDIRECT_URI=https://yourdomain.com/auth/apple/callback
# Production Settings
ENVIRONMENT=production
# Logging Configuration
# Valid LOG_LEVEL values: DEBUG, INFO, WARNING, ERROR, CRITICAL
LOG_LEVEL=INFO
# LOG_FORMAT defaults to a timestamped pattern override only if you have special needs.
# LOG_FORMAT="%(asctime)s - %(name)s - %(levelname)s - %(message)s"
# Auth / Security
# By default JWT access tokens live for 60 minutes; you can shorten or extend here (in minutes).
ACCESS_TOKEN_EXPIRE_MINUTES=60
Reference in New Issue View Git Blame Copy Permalink