# Webhook Service Environment Configuration # Copy this file to .env and fill in your actual values # ============================================================================= # FLASK APPLICATION SETTINGS # ============================================================================= # Flask secret key for session encryption and security # Generate with: openssl rand -hex 32 FLASK_SECRET_KEY=your-flask-secret-key-generate-with-openssl-rand-hex-32 # Flask environment (development, production) FLASK_ENV=production # ============================================================================= # WEBHOOK AUTHENTICATION SECRETS # ============================================================================= # Secret for HMAC-SHA256 signature verification (generic webhooks) # Generate with: openssl rand -hex 32 WEBHOOK_SECRET=your-webhook-secret-generate-with-openssl-rand-hex-32 # Secret for Particle.io webhook Bearer token authentication # Generate with: openssl rand -hex 32 PARTICLE_WEBHOOK_SECRET=your-particle-webhook-secret-generate-with-openssl-rand-hex-32 # ============================================================================= # EMAIL/SMS NOTIFICATION SETTINGS # ============================================================================= # Gmail account for sending notifications # IMPORTANT: Use Gmail App Password, NOT your regular password # Instructions: https://support.google.com/accounts/answer/185833 SMTP_EMAIL=your-email@gmail.com # Gmail App Password (16 characters, no spaces) # Generate at: https://myaccount.google.com/apppasswords # Example format: abcdefghijklmnop SMTP_PASSWORD=your-gmail-app-password-16-characters-no-spaces # SMS gateway email address for text notifications # Format: phone-number@carrier-gateway.com # Examples: # Verizon: 5551234567@vtext.com # AT&T: 5551234567@txt.att.net # T-Mobile: 5551234567@tmomail.net # Sprint: 5551234567@messaging.sprintpcs.com RECIPIENT_EMAIL=your-phone-number@carrier-gateway.com # ============================================================================= # OPTIONAL: MULTIPLE NOTIFICATION RECIPIENTS # ============================================================================= # For multiple recipients, use comma-separated values # RECIPIENT_EMAIL=phone1@vtext.com,phone2@txt.att.net,email@domain.com # ============================================================================= # OPTIONAL: ADVANCED CONFIGURATION # ============================================================================= # Rate limiting configuration (requests per minute) # RATE_LIMIT_PER_MINUTE=10 # RATE_LIMIT_BURST=20 # Request timeout in seconds # REQUEST_TIMEOUT=30 # Maximum request payload size in bytes # MAX_PAYLOAD_SIZE=1024 # Logging level (DEBUG, INFO, WARNING, ERROR, CRITICAL) # LOG_LEVEL=INFO # ============================================================================= # OPTIONAL: DATABASE CONFIGURATION (Future Enhancement) # ============================================================================= # Database connection string (when database support is added) # DATABASE_URL=postgresql://webhook_user:password@localhost:5432/webhook_service # ============================================================================= # OPTIONAL: REDIS CONFIGURATION (Future Enhancement) # ============================================================================= # Redis URL for caching and rate limiting # REDIS_URL=redis://localhost:6379/0 # ============================================================================= # OPTIONAL: MONITORING CONFIGURATION # ============================================================================= # Prometheus metrics endpoint (true/false) # ENABLE_METRICS=true # Metrics server port # METRICS_PORT=8000 # ============================================================================= # OPTIONAL: NOTIFICATION ENHANCEMENT # ============================================================================= # Slack webhook URL for notifications # SLACK_WEBHOOK_URL=https://hooks.slack.com/services/YOUR/SLACK/WEBHOOK # Discord webhook URL for notifications # DISCORD_WEBHOOK_URL=https://discord.com/api/webhooks/YOUR_WEBHOOK_ID/YOUR_WEBHOOK_TOKEN # Telegram bot configuration # TELEGRAM_BOT_TOKEN=your-bot-token # TELEGRAM_CHAT_ID=your-chat-id # ============================================================================= # OPTIONAL: SECURITY ENHANCEMENTS # ============================================================================= # IP whitelist for additional security (comma-separated) # ALLOWED_IPS=192.168.1.0/24,10.0.0.0/8 # Enable request source validation # VALIDATE_REQUEST_SOURCE=true # ============================================================================= # PRODUCTION DEPLOYMENT NOTES # ============================================================================= # SECURITY REMINDERS: # 1. Never commit this file with real values to version control # 2. Use strong, unique passwords for all accounts # 3. Enable 2FA on all accounts # 4. Regularly rotate secrets and passwords # 5. Use environment-specific configurations # GMAIL SETUP INSTRUCTIONS: # 1. Enable 2-Factor Authentication on your Google account # 2. Go to https://myaccount.google.com/apppasswords # 3. Select "Other (custom name)" and enter "Webhook Service" # 4. Copy the generated 16-character password (no spaces) # 5. Use this password in SMTP_PASSWORD, NOT your regular Gmail password # SMS GATEWAY SETUP: # Find your carrier's email-to-SMS gateway: # - Verizon: number@vtext.com # - AT&T: number@txt.att.net # - T-Mobile: number@tmomail.net # - Sprint: number@messaging.sprintpcs.com # - US Cellular: number@email.uscc.net