-
Notifications
You must be signed in to change notification settings - Fork 9
Expand file tree
/
Copy path.env.example
More file actions
75 lines (50 loc) · 3.99 KB
/
.env.example
File metadata and controls
75 lines (50 loc) · 3.99 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
# ─────────────────────────────────────────────────────────────────────────────
# Gridwolf — Environment Configuration
# Copy this file to .env and fill in every value marked REQUIRED.
#
# cp .env.example .env
#
# Generate secure random values:
# python -c "import secrets; print(secrets.token_urlsafe(64))" # SECRET_KEY
# openssl rand -hex 32 # POSTGRES_PASSWORD
# ─────────────────────────────────────────────────────────────────────────────
# ── Application ──────────────────────────────────────────────────────────────
# REQUIRED — JWT signing key. Min 32 chars. Rotate to invalidate all sessions.
GRIDWOLF_SECRET_KEY=REPLACE_WITH_GENERATED_SECRET_KEY
# Set to "true" only on developer workstations — enables auto-key generation
# and verbose error responses. NEVER true in production.
GRIDWOLF_DEBUG=false
# Token lifetime in minutes (default 12 h)
GRIDWOLF_ACCESS_TOKEN_EXPIRE_MINUTES=720
# ── Database ─────────────────────────────────────────────────────────────────
# SQLite (default — fine for single-node OVA / Docker eval):
GRIDWOLF_DATABASE_URL=sqlite+aiosqlite:////data/gridwolf.db
# PostgreSQL (recommended for production / multi-user):
# GRIDWOLF_DATABASE_URL=postgresql+asyncpg://gridwolf:${POSTGRES_PASSWORD}@postgres:5432/gridwolf
# REQUIRED when using PostgreSQL compose profiles
# Generate: openssl rand -hex 32
POSTGRES_PASSWORD=REPLACE_WITH_STRONG_POSTGRES_PASSWORD
# ── Redis (required for Celery background tasks) ──────────────────────────────
GRIDWOLF_REDIS_URL=redis://redis:6379/0
# ── Network ───────────────────────────────────────────────────────────────────
# Comma-separated list of allowed CORS origins (no trailing slash)
# For OVA / cloud VM replace with your actual IP or hostname
GRIDWOLF_CORS_ORIGINS=["http://localhost","http://localhost:3000"]
# Port the frontend container binds to on the host
FRONTEND_PORT=80
# ── Storage ───────────────────────────────────────────────────────────────────
GRIDWOLF_UPLOAD_DIR=/app/uploads
GRIDWOLF_REPORTS_DIR=/app/reports
# ── First-run admin account ───────────────────────────────────────────────────
# Created automatically on first startup if no users exist.
# If GRIDWOLF_ADMIN_PASSWORD is blank, a random password is printed to stdout.
GRIDWOLF_ADMIN_USERNAME=admin
GRIDWOLF_ADMIN_EMAIL=admin@gridwolf.local
GRIDWOLF_ADMIN_PASSWORD=
# ── Optional integrations ─────────────────────────────────────────────────────
# NVD API key — speeds up CVE lookups (free at https://nvd.nist.gov/developers/request-an-api-key)
GRIDWOLF_NVD_API_KEY=
# ── Container image tags (used by docker-compose.hub.yml) ───────────────────
# Published to GitHub Container Registry (ghcr.io). No login required for pulls.
GRIDWOLF_IMAGE=ghcr.io/valinorintelligence/gridwolf-backend:latest
GRIDWOLF_FRONTEND_IMAGE=ghcr.io/valinorintelligence/gridwolf-frontend:latest