maciejpi/nordabiz
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
7b31e6ba44
nordabiz/.env.example
Maciej Pienczyn 76f6ac19dc auto-claude: 4.1 - Add clear comments in .env.example explaining DATABASE_URL and PGPASSWORD 
- Added comprehensive DATABASE_URL documentation with examples for dev/prod
- Added PGPASSWORD documentation for shell scripts (psql, pg_dump)
- Included security warnings about CWE-798 and hardcoded credentials
- Added usage examples: export, inline, and .pgpass file method
- Documented that shell scripts cannot read .env files automatically
2026-01-10 13:00:47 +01:00

77 lines
2.8 KiB
Plaintext
Raw Blame History

# Norda Biznes Hub - Environment Configuration
# ==============================================
# Flask Configuration
SECRET_KEY=your-super-secret-key-change-in-production
FLASK_ENV=development
# Server Configuration
PORT=5000
HOST=0.0.0.0
# Database Configuration
# ==============================================
#
# DATABASE_URL: Full PostgreSQL connection string used by Python scripts
# Format: postgresql://username:password@host:port/database
#
# Development (local Docker):
# DATABASE_URL=postgresql://nordabiz_user:nordabiz_password@localhost:5433/nordabiz
#
# Production (NORDABIZ-01 server):
# DATABASE_URL=postgresql://nordabiz_app:your_password_here@10.22.68.249:5432/nordabiz
#
# IMPORTANT SECURITY NOTE:
# - NEVER hardcode production passwords in source code (CWE-798)
# - Keep this file (.env) out of version control (already in .gitignore)
# - Set DATABASE_URL as environment variable before running any script
# - All Python scripts will fail safely if DATABASE_URL is not set
#
DATABASE_URL=postgresql://nordabiz_app:your_password_here@10.22.68.249:5432/nordabiz
# PGPASSWORD: PostgreSQL password for shell scripts (psql, pg_dump, etc.)
# This environment variable is used by PostgreSQL command-line tools
#
# Shell scripts (like view_maturity_results.sh) require PGPASSWORD to be set:
# export PGPASSWORD='your_database_password'
# ./view_maturity_results.sh
#
# Or set it inline (one-time):
# PGPASSWORD='your_database_password' ./view_maturity_results.sh
#
# SECURITY WARNING:
# - Do NOT set PGPASSWORD in this .env file (it's only read by Python/Flask)
# - Shell scripts cannot read .env files automatically
# - Set PGPASSWORD in your shell session or use .pgpass file instead
# - See: https://www.postgresql.org/docs/current/libpq-pgpass.html
#
# Example .pgpass file (~/.pgpass with chmod 600):
# 10.22.68.249:5432:nordabiz:nordabiz_app:your_password_here
# localhost:5433:nordabiz:nordabiz_user:nordabiz_password
# Google Gemini API
GOOGLE_GEMINI_API_KEY=your_gemini_api_key_here
# Google PageSpeed Insights API (for SEO audits)
# Get your API key from: https://developers.google.com/speed/docs/insights/v5/get-started
# Free tier: 25,000 requests/day
GOOGLE_PAGESPEED_API_KEY=your_pagespeed_api_key_here
# Google Places API (for GBP audits - Google Business Profile)
# Get your API key from: https://console.cloud.google.com/apis/credentials
# Enable "Places API" in Google Cloud Console
# Free tier: $200/month credit (covers ~10,000 requests)
GOOGLE_PLACES_API_KEY=your_places_api_key_here
# Email Configuration (for user verification)
MAIL_SERVER=smtp.gmail.com
MAIL_PORT=587
MAIL_USE_TLS=True
MAIL_USERNAME=your_email@gmail.com
MAIL_PASSWORD=your_app_password_here
MAIL_DEFAULT_SENDER=noreply@norda-biznes.info
# Application URLs
APP_URL=http://localhost:5000
VERIFY_EMAIL_URL=http://localhost:5000/verify-email
Reference in New Issue View Git Blame Copy Permalink