forked from INDIGOAZUL/la-tanda-web
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.env.example
More file actions
153 lines (121 loc) · 4.16 KB
/
.env.example
File metadata and controls
153 lines (121 loc) · 4.16 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
# La Tanda Web - Environment Variables Template
# Copy this file to .env and fill in your actual values
# NEVER commit .env to version control!
# ============================================
# CRITICAL - Required for application to start
# ============================================
# JWT Secret Key (REQUIRED)
# Generate with: openssl rand -base64 48
# This is used to sign authentication tokens
JWT_SECRET=your-secure-random-string-here-min-48-chars
# ============================================
# Database Configuration (PostgreSQL)
# ============================================
DB_HOST=localhost
DB_PORT=5432
DB_NAME=latanda_production
DB_USER=latanda_user
DB_PASSWORD=your-database-password-here
# Database pool configuration
DB_POOL_MIN=2
DB_POOL_MAX=10
# ============================================
# Node Environment
# ============================================
NODE_ENV=production
PORT=3000
# ============================================
# SMTP / Email Configuration
# ============================================
# Gmail App Password (for 2FA codes, notifications)
# Generate at: https://myaccount.google.com/apppasswords
SMTP_HOST=smtp.gmail.com
SMTP_PORT=587
SMTP_USER=your-email@gmail.com
SMTP_PASS=your-gmail-app-password
SMTP_FROM=noreply@latanda.online
# ============================================
# Blockchain / Web3 Configuration
# ============================================
# Treasury Wallet Private Key (for withdrawals)
# KEEP THIS SECRET! Never commit or share
TREASURY_PRIVATE_KEY=0xYourPrivateKeyHere64CharactersHex
# Blockchain Network URLs
RPC_URL_POLYGON=https://polygon-rpc.com
RPC_URL_AMOY=https://rpc-amoy.polygon.technology
# Contract Addresses (Polygon Amoy Testnet)
CONTRACT_LTD_TOKEN=0x8633212865B90FC0E44F1c41Fe97a3d2907d9cFc
CONTRACT_VESTING=0x7F21EC0A4B3Ec076eB4bc2924397C85B44a5082F
CONTRACT_FUTURE_RESERVE=0xF136C790da0D76d75d36207d954A6E114A9c0bA2
# ============================================
# API Keys (Optional)
# ============================================
# Etherscan API Key (for contract verification)
# Get at: https://etherscan.io/myapikey
ETHERSCAN_API_KEY=your-etherscan-api-key
# PolygonScan API Key
POLYGONSCAN_API_KEY=your-polygonscan-api-key
# ============================================
# Redis Configuration (Optional)
# ============================================
REDIS_HOST=localhost
REDIS_PORT=6379
REDIS_PASSWORD=
REDIS_DB=0
# ============================================
# Security Configuration
# ============================================
# Rate Limiting
RATE_LIMIT_WINDOW_MS=900000
RATE_LIMIT_MAX_REQUESTS=100
# Session Configuration
SESSION_SECRET=your-session-secret-here
SESSION_TIMEOUT=28800000
# CORS Configuration
CORS_ORIGIN=https://latanda.online,https://api.latanda.online
# ============================================
# Feature Flags
# ============================================
ENABLE_2FA=true
ENABLE_KYC=true
ENABLE_NOTIFICATIONS=true
ENABLE_ANALYTICS=true
# ============================================
# Logging
# ============================================
LOG_LEVEL=info
LOG_FILE=logs/combined.log
LOG_ERROR_FILE=logs/error.log
# ============================================
# Payment Gateway (Optional)
# ============================================
# Stripe (if using)
STRIPE_PUBLIC_KEY=pk_test_your_key_here
STRIPE_SECRET_KEY=sk_test_your_key_here
# PayPal (if using)
PAYPAL_CLIENT_ID=your-paypal-client-id
PAYPAL_CLIENT_SECRET=your-paypal-client-secret
# ============================================
# Development / Testing
# ============================================
# Only set in development
# DEBUG=true
# MOCK_BLOCKCHAIN=true
# SKIP_EMAIL=true
# ============================================
# DO NOT COMMIT THIS FILE WITH REAL VALUES!
# ============================================
#
# Quick Start:
# 1. Copy: cp .env.example .env
# 2. Generate secrets: openssl rand -base64 48
# 3. Fill in your actual values in .env
# 4. Verify .env is in .gitignore
# 5. Test: npm start
#
# Security Notes:
# - Never commit .env to git
# - Use different values for dev/staging/production
# - Rotate secrets regularly (every 90 days)
# - Use a password manager for team sharing
# - Set restrictive file permissions: chmod 600 .env