a78d878865
CRITICAL: The .env file containing real database credentials was tracked in git. This commit: - Removes backend/.env from git tracking (file kept locally) - Adds .env patterns to .gitignore to prevent future commits - Updates .env.example with placeholder values only ACTION REQUIRED: Rotate all credentials that were exposed: - MySQL password - JWT secret key - Any other secrets in the .env file Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
34 lines
959 B
Plaintext
34 lines
959 B
Plaintext
# Database
|
|
MYSQL_HOST=your-mysql-host
|
|
MYSQL_PORT=3306
|
|
MYSQL_USER=your-username
|
|
MYSQL_PASSWORD=your-password-here
|
|
MYSQL_DATABASE=your-database
|
|
|
|
# Redis
|
|
REDIS_HOST=localhost
|
|
REDIS_PORT=6379
|
|
REDIS_DB=0
|
|
|
|
# JWT
|
|
JWT_SECRET_KEY=generate-a-random-secret-key-here
|
|
JWT_ALGORITHM=HS256
|
|
JWT_EXPIRE_MINUTES=60
|
|
|
|
# External Auth API
|
|
AUTH_API_URL=https://your-auth-api-url
|
|
|
|
# System Admin
|
|
SYSTEM_ADMIN_EMAIL=admin@example.com
|
|
|
|
# File Encryption (AES-256)
|
|
# Master key for encrypting file encryption keys (optional - if not set, file encryption is disabled)
|
|
# Generate a new key with:
|
|
# python -c "import secrets, base64; print(base64.urlsafe_b64encode(secrets.token_bytes(32)).decode())"
|
|
#
|
|
# IMPORTANT:
|
|
# - Keep this key secure and back it up! If lost, encrypted files cannot be decrypted.
|
|
# - Store backup in a secure location separate from the database backup.
|
|
# - Do NOT change this key after files have been encrypted (use key rotation instead).
|
|
ENCRYPTION_MASTER_KEY=
|