This repository was archived by the owner on Apr 17, 2026. It is now read-only.
-
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.env.example
More file actions
333 lines (269 loc) · 9.88 KB
/
.env.example
File metadata and controls
333 lines (269 loc) · 9.88 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
# =============================================================================
# SKY GENESIS ENTERPRISE - ENVIRONMENT CONFIGURATION
# =============================================================================
#
# 📋 INSTRUCTIONS
# • Copy this file to .env and update values for your environment
# • Never commit real secrets, passwords, or tokens to version control
# • Use strong, unique values for all credentials
# • This file contains EXAMPLE values only
#
# 🔒 SECURITY NOTES
# • All sensitive values should use environment-specific secrets in production
# • Consider using secret management systems (AWS Secrets Manager, Azure Key Vault, etc.)
# • Rotate secrets regularly and monitor for unauthorized access
#
# 🚀 DEPLOYMENT ENVIRONMENTS
# • Development: Local development with mock services
# • Staging: Pre-production testing environment
# • Production: Live environment with full security
# =============================================================================
# CORE APPLICATION SETTINGS
# =============================================================================
# Application Environment
NODE_ENV=development
# Application Metadata
APP_NAME=Sky Genesis Enterprise
APP_VERSION=1.0.0
APP_DESCRIPTION=Enterprise API Service for Sky Genesis Platform
# =============================================================================
# DATABASE CONFIGURATION (PRISMA-FIRST)
# =============================================================================
# Primary Database Connection
# Prisma manages all database operations and schema migrations
DATABASE_URL="file:./dev.db"
# Database Settings
DB_POOL_SIZE=10
DB_CONNECTION_TIMEOUT=30
DB_QUERY_TIMEOUT=60
# =============================================================================
# AUTHENTICATION & AUTHORIZATION
# =============================================================================
# Authentication Mode
# Options: local | sso
# local: Use local backend API for authentication
# sso: Use central SSO server (sso.skygenesisenterprise.com)
NEXT_PUBLIC_AUTH_MODE=local
# NextAuth.js Configuration
NEXTAUTH_URL=http://localhost:3000
NEXTAUTH_SECRET=your_nextauth_secret_here_change_in_production
# JWT Configuration
JWT_SECRET=your_jwt_secret_key_here_change_in_production
JWT_EXPIRES_IN=7d
JWT_REFRESH_EXPIRES_IN=30d
# Session Management
SESSION_TTL_SECONDS=604800
SESSION_COOKIE_NAME=sky_genesis_session
SESSION_COOKIE_DOMAIN=skygenesisenterprise.com
SESSION_COOKIE_SECURE=true
SESSION_COOKIE_HTTP_ONLY=true
# =============================================================================
# API SERVER CONFIGURATION
# =============================================================================
# Server Settings
PORT=8080
API_HOST=0.0.0.0
API_VERSION=v1
# Frontend API Configuration
NEXT_PUBLIC_API_BASE_URL=http://localhost:8080/api/v1
# API Security
API_RATE_LIMIT_ENABLED=true
API_RATE_LIMIT_REQUESTS_PER_MINUTE=1000
API_CORS_ENABLED=true
API_CORS_ORIGINS=http://localhost:3000,https://app.skygenesisenterprise.com
# =============================================================================
# IDENTITY PROVIDER CONFIGURATION
# =============================================================================
# Keycloak Settings (Local Mode)
KEYCLOAK_URL=http://localhost:8080
KEYCLOAK_REALM=skygenesisenterprise
KEYCLOAK_CLIENT_ID=api-client
KEYCLOAK_CLIENT_SECRET=your_keycloak_client_secret
# SSO Configuration (Remote Mode)
SSO_BASE_URL=https://sso.skygenesisenterprise.com
SSO_REALM=skygenesisenterprise
SSO_CLIENT_ID=api-client
SSO_CLIENT_SECRET=your_sso_client_secret
# =============================================================================
# COMMUNICATION SERVICES
# =============================================================================
# Mail Service Configuration
MAIL_ENABLED=true
MAIL_PROVIDER=stalwart
MAIL_DEFAULT_FROM=noreply@skygenesisenterprise.com
# Stalwart Mail Server
STALWART_ROUTING_MODE=official
STALWART_URL=https://stalwart.skygenesisenterprise.com
STALWART_JMAP_PATH=/jmap
STALWART_TIMEOUT_SECONDS=30
# Mail Performance Settings
STALWART_MAX_CONNECTIONS=100
STALWART_CONNECT_TIMEOUT=5
STALWART_REQUEST_TIMEOUT=30
# Mail Policies
MAIL_RATE_LIMIT=100/minute
MAIL_ATTACHMENT_MAX_SIZE=10MB
MAIL_RETENTION_DAYS=365
# mTLS Certificate Configuration
STALWART_CLIENT_CERT=/etc/sge/certs/stalwart.crt
STALWART_CLIENT_KEY=/etc/sge/certs/stalwart.key
STALWART_CA_CERT=/etc/sge/certs/ca.crt
# =============================================================================
# MULTI-FACTOR AUTHENTICATION
# =============================================================================
# TOTP Configuration
TOTP_ISSUER=Sky Genesis Enterprise
TOTP_TIME_STEP=30
VERIFICATION_CODE_LENGTH=6
RECOVERY_CODES_COUNT=10
# Application 2FA Requirements
AETHER_MAIL_REQUIRES_2FA=true
AETHER_DRIVE_REQUIRES_2FA=true
AETHER_CALENDAR_REQUIRES_2FA=false
# SMS Provider (Optional)
SMS_PROVIDER=twilio
SMS_ACCOUNT_SID=your_twilio_account_sid
SMS_AUTH_TOKEN=your_twilio_auth_token
SMS_FROM_NUMBER=+1234567890
# Email Provider (Alternative)
EMAIL_PROVIDER=sendgrid
EMAIL_API_KEY=your_sendgrid_api_key
EMAIL_FROM=noreply@skygenesisenterprise.com
# =============================================================================
# APPLICATION ECOSYSTEM (AETHER SERVICES)
# =============================================================================
# Aether Search Service
AETHER_SEARCH_URL=https://search.skygenesisenterprise.com
AETHER_SEARCH_PERMISSIONS=search:read
# Aether Mail Service
AETHER_MAIL_URL=https://mail.skygenesisenterprise.com
AETHER_MAIL_PERMISSIONS=mail:read,mail:write
# Aether Drive Service
AETHER_DRIVE_URL=https://drive.skygenesisenterprise.com
AETHER_DRIVE_PERMISSIONS=drive:read,drive:write
# Aether Calendar Service
AETHER_CALENDAR_URL=https://calendar.skygenesisenterprise.com
AETHER_CALENDAR_PERMISSIONS=calendar:read,calendar:write
# =============================================================================
# NETWORK & INFRASTRUCTURE
# =============================================================================
# SSH Service Configuration
SSH_ENABLED=true
SSH_HOST=0.0.0.0
SSH_PORT=2222
SSH_MAX_CONNECTIONS=50
SSH_DOMAIN=skygenesisenterprise.com
# Navigation Mode
# Options: development | production
# development: Free navigation without authentication
# production: Authentication required for protected routes
NEXT_PUBLIC_NAVIGATION_MODE=development
# =============================================================================
# DEVELOPMENT & TESTING
# =============================================================================
# Development Mode
DEV_MODE_ENABLED=false
MOCK_SERVICES_ENABLED=false
# Logging Configuration
LOG_LEVEL=info
LOG_FORMAT=json
LOG_REQUEST_ENABLED=false
LOG_RESPONSE_ENABLED=false
# Test Configuration
TEST_USER_EMAIL=test@example.com
TEST_USER_PASSWORD=testpassword
TEST_DATABASE_URL="file:./test.db"
# =============================================================================
# SECURITY & COMPLIANCE
# =============================================================================
# Security Headers
SECURITY_HEADERS_ENABLED=true
SECURITY_CONTENT_SECURITY_POLICY=default-src 'self'
SECURITY_HSTS_MAX_AGE=31536000
# Data Protection
DATA_ENCRYPTION_ENABLED=true
DATA_RETENTION_DAYS=2555
GDPR_MODE_ENABLED=true
# Audit & Compliance
AUDIT_LOG_ENABLED=true
AUDIT_LOG_LEVEL=detailed
AUDIT_RETENTION_DAYS=2555
# =============================================================================
# MONITORING & OBSERVABILITY
# =============================================================================
# Health Checks
HEALTH_CHECK_ENABLED=true
HEALTH_CHECK_ENDPOINT=/health
HEALTH_CHECK_INTERVAL=30
# Metrics Collection
METRICS_ENABLED=true
METRICS_ENDPOINT=/metrics
METRICS_PORT=9090
# Distributed Tracing
TRACING_ENABLED=false
TRACING_JAEGER_ENDPOINT=http://jaeger:14268/api/traces
TRACING_SAMPLE_RATE=0.1
# Log Aggregation
LOG_AGGREGATION_ENABLED=false
LOG_AGGREGATION_ENDPOINT=http://logstash:5044
LOG_AGGREGATION_FORMAT=json
# =============================================================================
# PERFORMANCE & SCALABILITY
# =============================================================================
# Cache Configuration
CACHE_ENABLED=true
CACHE_TTL=3600
CACHE_MAX_SIZE=1000
# Connection Pooling
DB_POOL_MIN=2
DB_POOL_MAX=20
DB_POOL_IDLE_TIMEOUT=30000
# Rate Limiting
RATE_LIMIT_GLOBAL=10000/minute
RATE_LIMIT_PER_USER=100/minute
RATE_LIMIT_PER_IP=1000/minute
# =============================================================================
# DEPLOYMENT CONFIGURATIONS
# =============================================================================
# Environment-Specific Settings
# Uncomment and modify for your deployment environment
# Development Environment
# NODE_ENV=development
# DEV_MODE_ENABLED=true
# MOCK_SERVICES_ENABLED=true
# LOG_LEVEL=debug
# Staging Environment
# NODE_ENV=staging
# DEV_MODE_ENABLED=false
# MOCK_SERVICES_ENABLED=false
# LOG_LEVEL=info
# AUDIT_LOG_ENABLED=true
# Production Environment
# NODE_ENV=production
# DEV_MODE_ENABLED=false
# MOCK_SERVICES_ENABLED=false
# LOG_LEVEL=warn
# SECURITY_HEADERS_ENABLED=true
# DATA_ENCRYPTION_ENABLED=true
# AUDIT_LOG_ENABLED=true
# METRICS_ENABLED=true
# TRACING_ENABLED=true
# =============================================================================
# ADVANCED CONFIGURATION
# =============================================================================
# Feature Flags
FEATURE_MULTI_TENANT=false
FEATURE_GEOGRAPHIC_ROUTING=false
FEATURE_ADVANCED_ANALYTICS=false
FEATURE_REAL_TIME_COLLABORATION=false
# Experimental Features
EXPERIMENTAL_AI_FEATURES=false
EXPERIMENTAL_BLOCKCHAIN_INTEGRATION=false
EXPERIMENTAL_QUANTUM_CRYPTOGRAPHY=false
# =============================================================================
# END OF CONFIGURATION
# =============================================================================
# 📝 LAST UPDATED: 2025-11-03
# 🔄 VERSION: 2.0.0
# 👤 MAINTAINER: Sky Genesis Enterprise Team
# 📧 CONTACT: support@skygenesisenterprise.com