chore: Remove .env.production file and update documentation for environment file security

2025-09-06 10:52:45 -07:00
parent fb26939a9a
commit 75d0f772e9
4 changed files with 19 additions and 43 deletions
--- a/.env.production
+++ b/.env.production
@@ -1,38 +0,0 @@
-# Production environment configuration
-# Application Name (used in Kubernetes labels and branding)
-APP_NAME=rxminder
-
-# Docker Image Configuration
-# Use a specific tag for production (not :latest)
-DOCKER_IMAGE=gitea-http.taildb3494.ts.net/will/meds:v1.2.0
-
-# CouchDB Configuration
-COUCHDB_USER=admin
-COUCHDB_PASSWORD=change-this-secure-password
-VITE_COUCHDB_URL=http://localhost:5984
-VITE_COUCHDB_USER=admin
-VITE_COUCHDB_PASSWORD=change-this-secure-password
-
-# Application configuration
-APP_BASE_URL=https://your-production-domain.com
-
-# Kubernetes Ingress Configuration
-INGRESS_HOST=meds.your-production-domain.com
-
-# Kubernetes Storage Configuration
-# Production storage class (adjust for your cluster)
-STORAGE_CLASS=fast-ssd
-# Production storage size (larger for production data)
-STORAGE_SIZE=20Gi
-
-# Mailgun configuration for production
-MAILGUN_API_KEY=your-production-mailgun-api-key-here
-MAILGUN_DOMAIN=your-production-domain.com
-MAILGUN_FROM_EMAIL=noreply@your-production-domain.com
-
-# Production-specific settings
-NODE_ENV=production
-
-# OAuth Configuration (Optional)
-VITE_GOOGLE_CLIENT_ID=your_google_client_id_here
-VITE_GITHUB_CLIENT_ID=your_github_client_id_here
--- a/.gitignore
+++ b/.gitignore
@@ -26,7 +26,7 @@ dist-ssr
 # Environment files (contain sensitive data)
 .env
 .env.local
-# .env.production - committed with placeholder values for deployment
+.env.production
 .env.staging

 # Database data
--- a/docs/development/APPLICATION_SECURITY.md
+++ b/docs/development/APPLICATION_SECURITY.md
@@ -45,10 +45,17 @@

 #### **Environment Variables**

- Never commit `.env` files to version control
- Use separate environment files for different deployments
- Rotate credentials regularly
- Use strong, unique passwords for each environment
+- Never commit `.env` files to version control, especially `.env.production` which contains production credentials
+- Use `.env.example` as a template for creating new environment files
+- Create separate environment files for different deployment environments:
+  - `.env` - Local development
+  - `.env.staging` - Staging environment
+  - `.env.production` - Production environment
+- Always add all `.env` files to `.gitignore` to prevent accidental commits
+- Use environment variables for configuration to maintain security and flexibility
+- Rotate credentials regularly and use strong, unique passwords for each environment
+- Consider using a secrets management system for production environments
+- Never hardcode sensitive information in source code

 #### **Docker Security**

--- a/docs/setup/SETUP_COMPLETE.md
+++ b/docs/setup/SETUP_COMPLETE.md
@@ -16,6 +16,13 @@ Your project now has comprehensive code quality tools configured:
 - **detect-secrets** - Security scanning to prevent secret commits
 - **EditorConfig** - Consistent coding styles across editors

+### 🛡️ Environment File Security
+
+- **Never commit .env files** to version control, especially .env.production
+- Use .env.example as a template for new environment files
+- Add all .env files to .gitignore to prevent accidental commits
+- Use environment variables for configuration to maintain security and flexibility
+
 ### 📁 Configuration Files Created

 - `.pre-commit-config.yaml` - Comprehensive pre-commit hooks configuration