|
| 1 | +# ============================================================================ |
| 2 | +# Routis Environment Configuration |
| 3 | +# ============================================================================ |
| 4 | +# Copy this file to .env and fill in your values. |
| 5 | +# For local development, the defaults below are safe. |
| 6 | +# For production, use strong, unique values and never commit the actual .env file. |
| 7 | + |
| 8 | +# ============================================================================ |
| 9 | +# Application Environment |
| 10 | +# ============================================================================ |
| 11 | + |
| 12 | +# deployment environment: development, staging, production |
| 13 | +APP_ENV=development |
| 14 | + |
| 15 | +# ============================================================================ |
| 16 | +# Database (PostgreSQL) |
| 17 | +# ============================================================================ |
| 18 | + |
| 19 | +# PostgreSQL connection string |
| 20 | +# Format: postgresql://username:password@host:port/database |
| 21 | +# Local dev: use "postgres" hostname (Docker service name) |
| 22 | +# Production: use managed RDS endpoint or external host |
| 23 | +DATABASE_URL=postgresql://postgres:postgres@postgres:5432/routis |
| 24 | + |
| 25 | +# PostgreSQL credentials (used by docker-compose for initialization) |
| 26 | +POSTGRES_USER=postgres |
| 27 | +POSTGRES_PASSWORD=postgres |
| 28 | +POSTGRES_DB=routis |
| 29 | + |
| 30 | +# ============================================================================ |
| 31 | +# Cache & Rate Limiting (Redis) |
| 32 | +# ============================================================================ |
| 33 | + |
| 34 | +# Redis connection URL |
| 35 | +# Format: redis://[password@]host:port/[db] |
| 36 | +# Local dev: use "redis" hostname (Docker service name) |
| 37 | +# Production: use ElastiCache endpoint or external Redis host |
| 38 | +REDIS_URL=redis://redis:6379/0 |
| 39 | + |
| 40 | +# ============================================================================ |
| 41 | +# Security & Anonymity |
| 42 | +# ============================================================================ |
| 43 | + |
| 44 | +# Secret salt for email verification hashing |
| 45 | +# Used in: SHA256(email + implementation_id + SECRET_SALT) |
| 46 | +# Must be a long, random, secret string |
| 47 | +# Generate: openssl rand -hex 32 |
| 48 | +SECRET_SALT=your-secret-salt-change-this-in-production-never-commit-the-real-value |
| 49 | + |
| 50 | +# ============================================================================ |
| 51 | +# AWS S3 (Database Backups) |
| 52 | +# ============================================================================ |
| 53 | + |
| 54 | +# S3 bucket name for database backups |
| 55 | +# Bucket should have versioning and object lock enabled |
| 56 | +# See: docs/runbooks/restore-db.md |
| 57 | +S3_BACKUP_BUCKET=routis-db-backups-prod |
| 58 | + |
| 59 | +# AWS access credentials (for db-backup sidecar container) |
| 60 | +# DO NOT commit these to version control |
| 61 | +# Use IAM roles in production, or AWS Secrets Manager |
| 62 | +AWS_ACCESS_KEY_ID=your-aws-access-key-id |
| 63 | +AWS_SECRET_ACCESS_KEY=your-aws-secret-access-key |
| 64 | + |
| 65 | +# AWS region for S3 operations |
| 66 | +AWS_REGION=eu-west-1 |
| 67 | + |
| 68 | +# Backup retention policy |
| 69 | +# Daily backups retained for N days; weekly backups for N weeks |
| 70 | +S3_BACKUP_RETENTION_DAYS=30 |
| 71 | +S3_BACKUP_RETENTION_WEEKS=26 |
| 72 | + |
| 73 | +# ============================================================================ |
| 74 | +# Frontend (Next.js) |
| 75 | +# ============================================================================ |
| 76 | + |
| 77 | +# Public API URL (exposed to browser) |
| 78 | +# Local dev: http://localhost:8000 |
| 79 | +# Production: https://api.yourdomain.com |
| 80 | +NEXT_PUBLIC_API_URL=http://localhost:8000 |
| 81 | + |
| 82 | +# ============================================================================ |
| 83 | +# Email Verification (Future) |
| 84 | +# ============================================================================ |
| 85 | + |
| 86 | +# Email provider credentials (stub for now) |
| 87 | +# SMTP_HOST=smtp.example.com |
| 88 | +# SMTP_PORT=587 |
| 89 | +# SMTP_USER=noreply@routis.local |
| 90 | +# SMTP_PASSWORD=your-email-password |
| 91 | + |
| 92 | +# Email domain whitelist (comma-separated) |
| 93 | +# Only @student.oulu.fi addresses can verify reviews |
| 94 | +ALLOWED_EMAIL_DOMAINS=student.oulu.fi |
| 95 | + |
| 96 | +# ============================================================================ |
| 97 | +# Feature Flags (Future) |
| 98 | +# ============================================================================ |
| 99 | + |
| 100 | +# ENABLE_EMAIL_VERIFICATION=false |
| 101 | +# ENABLE_LEADERBOARD=true |
0 commit comments