129 lines
4.7 KiB
Bash
129 lines
4.7 KiB
Bash
# =====================================================
|
|
# FARM AUTH SERVICE - ENVIRONMENT CONFIGURATION
|
|
# =====================================================
|
|
# Copy this file to .env and update with your actual values
|
|
# DO NOT commit .env file to git (it's in .gitignore)
|
|
# =====================================================
|
|
|
|
# =====================================================
|
|
# DATABASE MODE SWITCH
|
|
# =====================================================
|
|
# Options: 'local' or 'aws'
|
|
# - 'local': Uses DATABASE_URL for local Docker PostgreSQL
|
|
# - 'aws': Uses AWS SSM Parameter Store for AWS PostgreSQL
|
|
# =====================================================
|
|
DATABASE_MODE=aws
|
|
|
|
# =====================================================
|
|
# LOCAL DATABASE CONFIGURATION
|
|
# =====================================================
|
|
# Only used when DATABASE_MODE=local
|
|
# Format: postgresql://user:password@host:port/database
|
|
DATABASE_URL=postgresql://postgres:password123@localhost:5433/farmmarket
|
|
|
|
# =====================================================
|
|
# AWS DATABASE CONFIGURATION
|
|
# =====================================================
|
|
# Only used when DATABASE_MODE=aws
|
|
# These credentials are used ONLY to access AWS SSM Parameter Store
|
|
# Database credentials are fetched from SSM at runtime - NOT stored here
|
|
|
|
# AWS Region for SSM Parameter Store
|
|
AWS_REGION=ap-south-1
|
|
|
|
# AWS Access Key (for SSM access only)
|
|
AWS_ACCESS_KEY_ID=your_aws_access_key_here
|
|
|
|
# AWS Secret Key (for SSM access only)
|
|
AWS_SECRET_ACCESS_KEY=your_aws_secret_key_here
|
|
|
|
# Optional: Control which database user to use
|
|
# false = use read_write_user from /test/livingai/db/app (default for auth service)
|
|
# true = use read_only_user from /test/livingai/db/app/readonly
|
|
DB_USE_READONLY=false
|
|
|
|
# Optional: Database connection settings (auto-detected if not set)
|
|
# DB_HOST=db.livingai.app
|
|
# DB_PORT=5432
|
|
# DB_NAME=livingai_test_db
|
|
|
|
# =====================================================
|
|
# JWT Configuration (REQUIRED for both modes)
|
|
# =====================================================
|
|
# These secrets are used to sign and verify JWT tokens
|
|
# Generate strong random secrets for production
|
|
JWT_ACCESS_SECRET=add74b258202057143382e8ee9ecc24a1114eddd3da5db79f3d29d24d7083043
|
|
JWT_REFRESH_SECRET=94a09772321fa15dc41c6c1e07d3b97a5b50d770e29f2ade47e8de5c571a611d
|
|
|
|
# Optional JWT settings
|
|
JWT_ACCESS_TTL=15m
|
|
JWT_REFRESH_TTL=7d
|
|
|
|
# =====================================================
|
|
# Redis Configuration (Optional - for rate limiting)
|
|
# =====================================================
|
|
# Redis is optional - if not set, rate limiting uses in-memory storage
|
|
# For local development with Docker Compose:
|
|
REDIS_URL=redis://localhost:6379
|
|
|
|
# OR use separate host/port:
|
|
# REDIS_HOST=localhost
|
|
# REDIS_PORT=6379
|
|
# REDIS_PASSWORD=your_redis_password
|
|
|
|
# For production (AWS ElastiCache, etc.):
|
|
# REDIS_URL=redis://your-redis-host:6379
|
|
# REDIS_URL=redis://:password@your-redis-host:6379
|
|
|
|
# =====================================================
|
|
# Application Configuration
|
|
# =====================================================
|
|
# Environment: development, production, test
|
|
NODE_ENV=development
|
|
|
|
# Server port
|
|
PORT=3000
|
|
|
|
# =====================================================
|
|
# CORS Configuration
|
|
# =====================================================
|
|
# For local development, you can leave empty (allows all origins)
|
|
# For production, REQUIRED - comma-separated list of allowed origins
|
|
CORS_ALLOWED_ORIGINS=http://localhost:3000
|
|
|
|
# Production example:
|
|
# CORS_ALLOWED_ORIGINS=https://app.example.com,https://api.example.com
|
|
|
|
# =====================================================
|
|
# Twilio Configuration (Optional - for SMS OTP)
|
|
# =====================================================
|
|
# Uncomment and fill in if using Twilio for SMS OTP
|
|
# TWILIO_ACCOUNT_SID=your_twilio_account_sid
|
|
# TWILIO_AUTH_TOKEN=your_twilio_auth_token
|
|
# TWILIO_PHONE_NUMBER=+1234567890
|
|
|
|
# =====================================================
|
|
# SECURITY NOTES
|
|
# =====================================================
|
|
# 1. DO NOT commit this file - it's already in .gitignore
|
|
# 2. For AWS mode: Database credentials are fetched from SSM Parameter Store
|
|
# SSM Parameter Paths:
|
|
# - Read-Write User: /test/livingai/db/app
|
|
# - Read-Only User: /test/livingai/db/app/readonly
|
|
#
|
|
# SSM Parameter Format (JSON):
|
|
# {
|
|
# "user": "read_write_user",
|
|
# "password": "secure_password_here",
|
|
# "host": "db.livingai.app",
|
|
# "port": "5432",
|
|
# "database": "livingai_test_db"
|
|
# }
|
|
#
|
|
# 3. For local mode: Use DATABASE_URL with local PostgreSQL
|
|
# Start PostgreSQL with: docker-compose up -d postgres (from db/farmmarket-db/)
|
|
#
|
|
# 4. Replace all placeholder values with your actual credentials
|
|
# 5. Use strong random secrets for JWT_ACCESS_SECRET and JWT_REFRESH_SECRET
|
|
|