maciejpi/nordabiz
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

auto-claude: 4.1 - Add clear comments in .env.example explaining DATABASE_URL and PGPASSWORD

Browse Source 
- Added comprehensive DATABASE_URL documentation with examples for dev/prod
- Added PGPASSWORD documentation for shell scripts (psql, pg_dump)
- Included security warnings about CWE-798 and hardcoded credentials
- Added usage examples: export, inline, and .pgpass file method
- Documented that shell scripts cannot read .env files automatically
This commit is contained in:
Maciej Pienczyn 2026-01-10 13:00:47 +01:00
parent 3e3c3cb18c
commit 76f6ac19dc
1 changed files with 38 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
.env.example
View File

@ -9,9 +9,46 @@ FLASK_ENV=development
PORT=5000
HOST=0.0.0.0
# Database Configuration (PostgreSQL on NORDABIZ-01)
# Database Configuration
# ==============================================
#
# DATABASE_URL: Full PostgreSQL connection string used by Python scripts
# Format: postgresql://username:password@host:port/database
#
# Development (local Docker):
# DATABASE_URL=postgresql://nordabiz_user:nordabiz_password@localhost:5433/nordabiz
#
# Production (NORDABIZ-01 server):
# DATABASE_URL=postgresql://nordabiz_app:your_password_here@10.22.68.249:5432/nordabiz
#
# IMPORTANT SECURITY NOTE:
# - NEVER hardcode production passwords in source code (CWE-798)
# - Keep this file (.env) out of version control (already in .gitignore)
# - Set DATABASE_URL as environment variable before running any script
# - All Python scripts will fail safely if DATABASE_URL is not set
#
DATABASE_URL=postgresql://nordabiz_app:your_password_here@10.22.68.249:5432/nordabiz
# PGPASSWORD: PostgreSQL password for shell scripts (psql, pg_dump, etc.)
# This environment variable is used by PostgreSQL command-line tools
#
# Shell scripts (like view_maturity_results.sh) require PGPASSWORD to be set:
# export PGPASSWORD='your_database_password'
# ./view_maturity_results.sh
#
# Or set it inline (one-time):
# PGPASSWORD='your_database_password' ./view_maturity_results.sh
#
# SECURITY WARNING:
# - Do NOT set PGPASSWORD in this .env file (it's only read by Python/Flask)
# - Shell scripts cannot read .env files automatically
# - Set PGPASSWORD in your shell session or use .pgpass file instead
# - See: https://www.postgresql.org/docs/current/libpq-pgpass.html
#
# Example .pgpass file (~/.pgpass with chmod 600):
# 10.22.68.249:5432:nordabiz:nordabiz_app:your_password_here
# localhost:5433:nordabiz:nordabiz_user:nordabiz_password
# Google Gemini API
GOOGLE_GEMINI_API_KEY=your_gemini_api_key_here