-
Notifications
You must be signed in to change notification settings - Fork 22
Expand file tree
/
Copy path.env.example
More file actions
72 lines (62 loc) · 2.01 KB
/
.env.example
File metadata and controls
72 lines (62 loc) · 2.01 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
# Application Configuration
NODE_ENV=development
PORT=3000
API_VERSION=v1
# Database Configuration - HIPAA Compliant PostgreSQL
DB_HOST=localhost
DB_PORT=5432
DB_USERNAME=healthchain_user
DB_PASSWORD=your-super-secure-password-32-chars-min
DB_NAME=healthchain_hipaa_db
DB_AUDIT_NAME=healthchain_hipaa_audit_db
# Database SSL Configuration (Required for Production)
DB_SSL_ENABLED=true
DB_SSL_REJECT_UNAUTHORIZED=true
DB_SSL_CA_PATH=./ssl/ca-cert.pem
DB_SSL_CERT_PATH=./ssl/client-cert.pem
DB_SSL_KEY_PATH=./ssl/client-key.pem
# Encryption Configuration (Generate with: node -e "console.log(require('crypto').randomBytes(32).toString('hex'))")
ENCRYPTION_KEY=your-32-character-encryption-key-here-change-this
ENCRYPTION_ALGORITHM=aes-256-gcm
FIELD_ENCRYPTION_KEY=your-field-level-encryption-key-32-chars
PHI_ENCRYPTION_KEY=your-phi-specific-encryption-key-here
# JWT Configuration
JWT_SECRET=your-jwt-secret-key-minimum-32-characters
JWT_EXPIRATION_TIME=3600s
JWT_REFRESH_SECRET=your-jwt-refresh-secret-key-minimum-32-characters
JWT_REFRESH_EXPIRATION_TIME=7d
# Security Configuration
BCRYPT_SALT_ROUNDS=12
RATE_LIMIT_TTL=60
RATE_LIMIT_LIMIT=100
THROTTLE_TTL=60
THROTTLE_LIMIT=10
# Audit Logging Configuration
AUDIT_LOG_ENABLED=true
AUDIT_LOG_LEVEL=info
AUDIT_LOG_RETENTION_DAYS=2555 # 7 years for HIPAA compliance
AUDIT_LOG_MAX_FILES=100
AUDIT_LOG_MAX_SIZE=20m
# HIPAA Compliance Settings
HIPAA_COMPLIANCE_MODE=true
DATA_RETENTION_DAYS=2555 # 7 years
BACKUP_ENCRYPTION_ENABLED=true
SESSION_TIMEOUT_MINUTES=30
AUTOMATIC_LOGOUT_ENABLED=true
PASSWORD_COMPLEXITY_ENABLED=true
# Monitoring and Alerting
MONITORING_ENABLED=true
SECURITY_ALERTS_ENABLED=true
FAILED_LOGIN_THRESHOLD=5
ACCOUNT_LOCKOUT_DURATION_MINUTES=30
# Backup Configuration
BACKUP_ENABLED=true
BACKUP_SCHEDULE=0 2 * * * # Daily at 2 AM
BACKUP_RETENTION_DAYS=90
BACKUP_ENCRYPTION_KEY=your-backup-encryption-key-32-chars
# Disaster Recovery
DR_ENABLED=true
DR_REPLICATION_ENABLED=true
DR_BACKUP_LOCATION=./backups
DR_RECOVERY_POINT_OBJECTIVE_HOURS=1
DR_RECOVERY_TIME_OBJECTIVE_HOURS=4