-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.env.example
More file actions
50 lines (44 loc) · 2.46 KB
/
.env.example
File metadata and controls
50 lines (44 loc) · 2.46 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
# =============================================================================
# SME Environment Configuration
# =============================================================================
# Copy this file to .env and fill in real values BEFORE running docker-compose.
# NEVER commit .env to version control — it is listed in .gitignore.
#
# Usage:
# cp .env.example .env
# # edit .env with your values
# docker-compose up --build
# =============================================================================
# -----------------------------------------------------------------------------
# Gateway / JWT Security
# REQUIRED — no safe default exists. Generate with:
# python -c "import secrets; print(secrets.token_hex(32))"
# -----------------------------------------------------------------------------
SME_GATEWAY_SECRET=CHANGE_ME_generate_a_64_char_hex_string
# -----------------------------------------------------------------------------
# Admin password for the /login endpoint
# REQUIRED — default "admin" is blocked with a CRITICAL log warning.
# -----------------------------------------------------------------------------
SME_ADMIN_PASSWORD=CHANGE_ME_strong_password
# -----------------------------------------------------------------------------
# HSM (Hardware Security Module) signing seed
# REQUIRED — used to anchor evidence integrity signatures.
# -----------------------------------------------------------------------------
SME_HSM_SECRET=CHANGE_ME_hsm_seed_string
# -----------------------------------------------------------------------------
# CORS allowed origins (comma-separated, no trailing slashes)
# Default covers the nginx-served frontend (port 80) and Vite dev server (5173)
# -----------------------------------------------------------------------------
SME_CORS_ORIGINS=http://localhost:80,http://localhost:5173
# -----------------------------------------------------------------------------
# Data directory inside the containers
# Default is /app/data — change only if you remap the volume mount
# -----------------------------------------------------------------------------
SME_DATA_DIR=/app/data
# -----------------------------------------------------------------------------
# PostgreSQL credentials
# These must match the values used when the postgres volume was first created.
# -----------------------------------------------------------------------------
POSTGRES_USER=sme_user
POSTGRES_PASSWORD=CHANGE_ME_postgres_password
POSTGRES_DB=sme_nexus