stephen/StorageSecurity
1
0
Fork 0
Code Issues Pull Requests Actions Releases Wiki Activity
Files
main
StorageSecurity/Server/.env.example

146 lines
5.6 KiB
Plaintext
Raw Permalink Blame History

# Webhook Service Environment Configuration
# Copy this file to .env and fill in your actual values
# =============================================================================
# FLASK APPLICATION SETTINGS
# =============================================================================
# Flask secret key for session encryption and security
# Generate with: openssl rand -hex 32
FLASK_SECRET_KEY=your-flask-secret-key-generate-with-openssl-rand-hex-32
# Flask environment (development, production)
FLASK_ENV=production
# =============================================================================
# WEBHOOK AUTHENTICATION SECRETS
# =============================================================================
# Secret for HMAC-SHA256 signature verification (generic webhooks)
# Generate with: openssl rand -hex 32
WEBHOOK_SECRET=your-webhook-secret-generate-with-openssl-rand-hex-32
# Secret for Particle.io webhook Bearer token authentication
# Generate with: openssl rand -hex 32
PARTICLE_WEBHOOK_SECRET=your-particle-webhook-secret-generate-with-openssl-rand-hex-32
# =============================================================================
# EMAIL/SMS NOTIFICATION SETTINGS
# =============================================================================
# Gmail account for sending notifications
# IMPORTANT: Use Gmail App Password, NOT your regular password
# Instructions: https://support.google.com/accounts/answer/185833
SMTP_EMAIL=your-email@gmail.com
# Gmail App Password (16 characters, no spaces)
# Generate at: https://myaccount.google.com/apppasswords
# Example format: abcdefghijklmnop
SMTP_PASSWORD=your-gmail-app-password-16-characters-no-spaces
# SMS gateway email address for text notifications
# Format: phone-number@carrier-gateway.com
# Examples:
# Verizon: 5551234567@vtext.com
# AT&T: 5551234567@txt.att.net
# T-Mobile: 5551234567@tmomail.net
# Sprint: 5551234567@messaging.sprintpcs.com
RECIPIENT_EMAIL=your-phone-number@carrier-gateway.com
# =============================================================================
# OPTIONAL: MULTIPLE NOTIFICATION RECIPIENTS
# =============================================================================
# For multiple recipients, use comma-separated values
# RECIPIENT_EMAIL=phone1@vtext.com,phone2@txt.att.net,email@domain.com
# =============================================================================
# OPTIONAL: ADVANCED CONFIGURATION
# =============================================================================
# Rate limiting configuration (requests per minute)
# RATE_LIMIT_PER_MINUTE=10
# RATE_LIMIT_BURST=20
# Request timeout in seconds
# REQUEST_TIMEOUT=30
# Maximum request payload size in bytes
# MAX_PAYLOAD_SIZE=1024
# Logging level (DEBUG, INFO, WARNING, ERROR, CRITICAL)
# LOG_LEVEL=INFO
# =============================================================================
# OPTIONAL: DATABASE CONFIGURATION (Future Enhancement)
# =============================================================================
# Database connection string (when database support is added)
# DATABASE_URL=postgresql://webhook_user:password@localhost:5432/webhook_service
# =============================================================================
# OPTIONAL: REDIS CONFIGURATION (Future Enhancement)
# =============================================================================
# Redis URL for caching and rate limiting
# REDIS_URL=redis://localhost:6379/0
# =============================================================================
# OPTIONAL: MONITORING CONFIGURATION
# =============================================================================
# Prometheus metrics endpoint (true/false)
# ENABLE_METRICS=true
# Metrics server port
# METRICS_PORT=8000
# =============================================================================
# OPTIONAL: NOTIFICATION ENHANCEMENT
# =============================================================================
# Slack webhook URL for notifications
# SLACK_WEBHOOK_URL=https://hooks.slack.com/services/YOUR/SLACK/WEBHOOK
# Discord webhook URL for notifications
# DISCORD_WEBHOOK_URL=https://discord.com/api/webhooks/YOUR_WEBHOOK_ID/YOUR_WEBHOOK_TOKEN
# Telegram bot configuration
# TELEGRAM_BOT_TOKEN=your-bot-token
# TELEGRAM_CHAT_ID=your-chat-id
# =============================================================================
# OPTIONAL: SECURITY ENHANCEMENTS
# =============================================================================
# IP whitelist for additional security (comma-separated)
# ALLOWED_IPS=192.168.1.0/24,10.0.0.0/8
# Enable request source validation
# VALIDATE_REQUEST_SOURCE=true
# =============================================================================
# PRODUCTION DEPLOYMENT NOTES
# =============================================================================
# SECURITY REMINDERS:
# 1. Never commit this file with real values to version control
# 2. Use strong, unique passwords for all accounts
# 3. Enable 2FA on all accounts
# 4. Regularly rotate secrets and passwords
# 5. Use environment-specific configurations
# GMAIL SETUP INSTRUCTIONS:
# 1. Enable 2-Factor Authentication on your Google account
# 2. Go to https://myaccount.google.com/apppasswords
# 3. Select "Other (custom name)" and enter "Webhook Service"
# 4. Copy the generated 16-character password (no spaces)
# 5. Use this password in SMTP_PASSWORD, NOT your regular Gmail password
# SMS GATEWAY SETUP:
# Find your carrier's email-to-SMS gateway:
# - Verizon: number@vtext.com
# - AT&T: number@txt.att.net
# - T-Mobile: number@tmomail.net
# - Sprint: number@messaging.sprintpcs.com
# - US Cellular: number@email.uscc.net
Reference in New Issue View Git Blame Copy Permalink