-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.env.example
More file actions
101 lines (84 loc) · 3.79 KB
/
.env.example
File metadata and controls
101 lines (84 loc) · 3.79 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
# Data Forge Middleware - Environment Variables Example
# Copy this file to .env and update with your actual values
# ============================================
# Database Configuration
# ============================================
POSTGRES_PASSWORD=your_secure_postgres_password_here
DFM_DB_PASSWORD=your_secure_dfm_password_here
REDIS_PASSWORD=your_secure_redis_password_here
# ============================================
# Auth0 Configuration (replaces Keycloak)
# ============================================
# Auth0 Tenant Domain (e.g., your-tenant.us.auth0.com)
AUTH0_DOMAIN=your-tenant.auth0.com
# Auth0 Management API Credentials
AUTH0_MGMT_CLIENT_ID=your_management_api_client_id
AUTH0_MGMT_CLIENT_SECRET=your_management_api_client_secret
AUTH0_MGMT_AUDIENCE=https://your-tenant.us.auth0.com/api/v2/
# Auth0 API Audience (identifier for your API)
AUTH0_AUDIENCE=https://api.dataforge.com
# Auth0 Issuer (used by backend JWT validation)
# Usually: https://<AUTH0_DOMAIN>/
AUTH0_ISSUER=https://your-tenant.us.auth0.com/
# Auth0 Custom Claims Namespace (prefix for custom claims like roles, accountId)
# This must match the namespace used in your Auth0 Post-Login Action
AUTH0_CLAIMS_NAMESPACE=https://api.dataforge.com
# Auth0 Database Connection Name (default: Username-Password-Authentication)
AUTH0_DATABASE_CONNECTION=Username-Password-Authentication
# Auth0 SPA Client ID (for frontend)
AUTH0_CLIENT_ID=your_spa_client_id
# ============================================
# JWT Configuration
# ============================================
# Must be at least 256 bits (32 characters) for HS256
JWT_SECRET=your_256_bit_secret_key_here_minimum_32_characters_required_for_production
JWT_EXPIRATION=86400
# ============================================
# AWS S3 Configuration (Production)
# ============================================
AWS_S3_ENDPOINT=
AWS_S3_REGION=us-east-1
AWS_ACCESS_KEY_ID=your_aws_access_key_id
AWS_SECRET_ACCESS_KEY=your_aws_secret_access_key
AWS_S3_BUCKET_NAME=dfm-prod-uploads
# ============================================
# Docker Compose Local Configuration
# ============================================
# GitHub Container Registry repository path (e.g., bit-bi/data-forge-middleware)
GITHUB_REPOSITORY=your-org/your-repo
# Docker image tag to use (branch name, version, or 'latest')
IMAGE_TAG=develop
# ============================================
# Application Configuration
# ============================================
SPRING_PROFILES_ACTIVE=dev
SERVER_PORT=8080
# Frontend API Base URL (for local development)
VITE_API_BASE_URL=http://localhost:8080
# ============================================
# Logging Configuration
# ============================================
LOGGING_LEVEL_ROOT=INFO
LOGGING_LEVEL_COM_BITBI_DFM=DEBUG
# ============================================
# CORS Configuration (for UI)
# ============================================
CORS_ALLOWED_ORIGINS=https://yourdomain.com,https://www.yourdomain.com
# ============================================
# Notes
# ============================================
# 1. NEVER commit .env file to version control
# 2. Use strong, randomly generated passwords
# 3. Update JWT_SECRET with a secure 256-bit key
# 4. Configure proper AWS credentials for production
# 5. Set appropriate CORS origins for your domain
# 6. Auth0 has replaced Keycloak for authentication
# 7. For docker-compose-local.yaml:
# - Set GITHUB_REPOSITORY to your GitHub repo path
# - Login to GHCR: echo $GITHUB_TOKEN | docker login ghcr.io -u USERNAME --password-stdin
# - Pull images: docker-compose -f docker-compose-local.yaml pull
# 8. Auth0 Setup:
# - Create Auth0 tenant at https://auth0.com
# - Create Management API application (Machine-to-Machine)
# - Create SPA application for frontend
# - Configure custom claims in Auth0 Actions (see CLAUDE.md Spec 011)