# ===================================================== # FARM AUTH SERVICE - ENVIRONMENT CONFIGURATION # ===================================================== # Copy this file to .env and update with your actual values # DO NOT commit .env file to git (it's in .gitignore) # ===================================================== # ===================================================== # DATABASE MODE SWITCH # ===================================================== # Options: 'local' or 'aws' # - 'local': Uses DATABASE_URL for local Docker PostgreSQL # - 'aws': Uses AWS SSM Parameter Store for AWS PostgreSQL # ===================================================== DATABASE_MODE=aws # ===================================================== # LOCAL DATABASE CONFIGURATION # ===================================================== # Only used when DATABASE_MODE=local # Format: postgresql://user:password@host:port/database DATABASE_URL=postgresql://postgres:password123@localhost:5433/farmmarket # ===================================================== # AWS DATABASE CONFIGURATION # ===================================================== # Only used when DATABASE_MODE=aws # These credentials are used ONLY to access AWS SSM Parameter Store # Database credentials are fetched from SSM at runtime - NOT stored here # AWS Region for SSM Parameter Store AWS_REGION=ap-south-1 # AWS Access Key (for SSM access only) AWS_ACCESS_KEY_ID=your_aws_access_key_here # AWS Secret Key (for SSM access only) AWS_SECRET_ACCESS_KEY=your_aws_secret_key_here # Optional: Control which database user to use # false = use read_write_user from /test/livingai/db/app (default for auth service) # true = use read_only_user from /test/livingai/db/app/readonly DB_USE_READONLY=false # Optional: Database connection settings (auto-detected if not set) # DB_HOST=db.livingai.app # DB_PORT=5432 # DB_NAME=livingai_test_db # ===================================================== # JWT Configuration (REQUIRED for both modes) # ===================================================== # These secrets are used to sign and verify JWT tokens # Generate strong random secrets for production JWT_ACCESS_SECRET=add74b258202057143382e8ee9ecc24a1114eddd3da5db79f3d29d24d7083043 JWT_REFRESH_SECRET=94a09772321fa15dc41c6c1e07d3b97a5b50d770e29f2ade47e8de5c571a611d # Optional JWT settings JWT_ACCESS_TTL=15m JWT_REFRESH_TTL=7d # ===================================================== # Redis Configuration (Optional - for rate limiting) # ===================================================== # Redis is optional - if not set, rate limiting uses in-memory storage # For local development with Docker Compose: REDIS_URL=redis://localhost:6379 # OR use separate host/port: # REDIS_HOST=localhost # REDIS_PORT=6379 # REDIS_PASSWORD=your_redis_password # For production (AWS ElastiCache, etc.): # REDIS_URL=redis://your-redis-host:6379 # REDIS_URL=redis://:password@your-redis-host:6379 # ===================================================== # Application Configuration # ===================================================== # Environment: development, production, test NODE_ENV=development # Server port PORT=3000 # ===================================================== # CORS Configuration # ===================================================== # For local development, you can leave empty (allows all origins) # For production, REQUIRED - comma-separated list of allowed origins CORS_ALLOWED_ORIGINS=http://localhost:3000 # Production example: # CORS_ALLOWED_ORIGINS=https://app.example.com,https://api.example.com # ===================================================== # Twilio Configuration (Optional - for SMS OTP) # ===================================================== # Uncomment and fill in if using Twilio for SMS OTP # TWILIO_ACCOUNT_SID=your_twilio_account_sid # TWILIO_AUTH_TOKEN=your_twilio_auth_token # TWILIO_PHONE_NUMBER=+1234567890 # ===================================================== # SECURITY NOTES # ===================================================== # 1. DO NOT commit this file - it's already in .gitignore # 2. For AWS mode: Database credentials are fetched from SSM Parameter Store # SSM Parameter Paths: # - Read-Write User: /test/livingai/db/app # - Read-Only User: /test/livingai/db/app/readonly # # SSM Parameter Format (JSON): # { # "user": "read_write_user", # "password": "secure_password_here", # "host": "db.livingai.app", # "port": "5432", # "database": "livingai_test_db" # } # # 3. For local mode: Use DATABASE_URL with local PostgreSQL # Start PostgreSQL with: docker-compose up -d postgres (from db/farmmarket-db/) # # 4. Replace all placeholder values with your actual credentials # 5. Use strong random secrets for JWT_ACCESS_SECRET and JWT_REFRESH_SECRET