will/unitforge
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
e44234805c5a48992b8b59f5086a7c0ccf14e8da
unitforge/.env.example.new
William Valentin 03fa856199 feat: Add CI/CD secrets configuration and documentation 
- Add comprehensive CI/CD secrets section to .env.example
- Create detailed CI-CD-SECRETS.md guide with:
  - Step-by-step secret setup instructions
  - Container registry authentication examples
  - PyPI token configuration
  - GitHub integration setup
  - Security best practices
  - Troubleshooting guide
  - Workflow-specific requirements

Includes support for:
- Docker Hub, GitLab, GitHub container registries
- Automated PyPI publishing
- Slack/Discord notifications
- Kubernetes deployment secrets
- Security scanning integration

Updated .env template with placeholder values and detailed comments.
2025-09-15 02:26:02 -07:00

363 lines
13 KiB
Plaintext
Raw Blame History

# UnitForge Environment Configuration
# Copy this file to .env and modify the values as needed
# =============================================================================
# APPLICATION INFORMATION
# =============================================================================
APP_NAME=UnitForge
APP_VERSION=1.0.0
APP_DESCRIPTION="Create, validate, and manage systemd unit files"
# =============================================================================
# EXTERNAL LINKS
# =============================================================================
GITHUB_URL=https://github.com/will666/unitforge
DOCUMENTATION_URL=https://unitforge.readthedocs.io/
BUG_REPORTS_URL=https://github.com/will666/unitforge/issues
# =============================================================================
# CONTACT INFORMATION
# =============================================================================
CONTACT_EMAIL=contact@unitforge.dev
# =============================================================================
# APPLICATION SETTINGS
# =============================================================================
DEBUG=false
ENVIRONMENT=production
LOG_LEVEL=info
# =============================================================================
# SERVER CONFIGURATION
# =============================================================================
HOST=0.0.0.0
PORT=8000
RELOAD=false
WORKERS=4
# =============================================================================
# API CONFIGURATION
# =============================================================================
API_TITLE="${APP_NAME}"
API_VERSION="${APP_VERSION}"
API_DESCRIPTION=${APP_DESCRIPTION}
DOCS_URL="/api/docs"
REDOC_URL="/api/redoc"
# =============================================================================
# SECURITY SETTINGS
# =============================================================================
# IMPORTANT: Generate a secure secret key for production
SECRET_KEY=your-secret-key-change-in-production
ALLOWED_HOSTS=["*"]
# =============================================================================
# CORS CONFIGURATION
# =============================================================================
# Use "*" for all origins or comma-separated list of allowed origins
# Examples:
# CORS_ORIGINS=*
# CORS_ORIGINS=["https://yourdomain.com", "https://www.yourdomain.com"]
CORS_ORIGINS=*
# =============================================================================
# DATABASE (Future Use)
# =============================================================================
# DATABASE_URL="sqlite:///./unitforge.db"
# =============================================================================
# FILE UPLOAD SETTINGS
# =============================================================================
# Maximum file upload size in bytes (1MB)
MAX_UPLOAD_SIZE=1048576
ALLOWED_EXTENSIONS=[".service", ".timer", ".socket", ".mount", ".target", ".path"]
# =============================================================================
# TEMPLATE SETTINGS
# =============================================================================
# Template cache time-to-live in seconds (5 minutes)
TEMPLATE_CACHE_TTL=300
# Validation cache time-to-live in seconds (1 minute)
VALIDATION_CACHE_TTL=60
# =============================================================================
# DEVELOPMENT TOOLS (Override for Development)
# =============================================================================
# Test options (development only)
# PYTEST_ADDOPTS="-v --tb=short --strict-markers"
# COVERAGE_REPORT_DIR="htmlcov"
# MYPY_CONFIG_FILE="pyproject.toml"
# =============================================================================
# UV PACKAGE MANAGER SETTINGS
# =============================================================================
# UV package manager cache directory
# UV_CACHE_DIR=".uv-cache"
# UV_PYTHON="python3"
# =============================================================================
# DOCKER SETTINGS
# =============================================================================
# Docker build settings
# DOCKER_BUILDKIT=1
# COMPOSE_DOCKER_CLI_BUILD=1
# =============================================================================
# CONTAINER REGISTRY CONFIGURATION
# =============================================================================
# Container registry URL for image publishing
CONTAINER_REGISTRY_URL=https://your-registry.example.com/your-namespace/unitforge
# Image tag for container builds
CONTAINER_TAG=latest
# =============================================================================
# CI/CD SECRETS CONFIGURATION
# =============================================================================
#
# These secrets are required for the Gitea CI/CD workflows to function properly.
# Set these in your Gitea repository secrets settings:
# Repository Settings > Secrets and Variables > Actions
#
# SECURITY WARNING: Never commit real secrets to version control!
# Use this file as a template and set actual values in your CI/CD environment.
# Container Registry Authentication
# Required for: build-container.yml, release.yml, nightly.yml
# Purpose: Push multi-arch container images to your registry
# Format: Username for your container registry (Docker Hub, GitLab, etc.)
CONTAINER_REGISTRY_USERNAME=your-registry-username-here
# Format: Password or access token for your container registry
CONTAINER_REGISTRY_PASSWORD=your-registry-password-here
# PyPI Publishing (for releases)
# Required for: release.yml (stable releases only)
# Purpose: Automatically publish Python packages to PyPI
# How to get: https://pypi.org/manage/account/token/
# Format: pypi-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
PYPI_API_TOKEN=pypi-your-api-token-here
# GitHub Integration (optional)
# Required for: release.yml (GitHub releases)
# Purpose: Create GitHub releases with artifacts and changelog
# How to get: GitHub Settings > Developer settings > Personal access tokens
# Permissions needed: repo, write:packages
# Format: ghp_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
GITHUB_TOKEN=ghp_your-github-token-here
# Security Scanning (optional)
# Required for: Enhanced security scanning features
# Purpose: Access premium security scanning APIs (Snyk, etc.)
# Format: API token from your security scanning service
SECURITY_SCAN_TOKEN=your-security-scan-token-here
# Notification Services (optional)
# Purpose: Send build notifications to team communication channels
# Slack webhook: Slack App > Incoming Webhooks
SLACK_WEBHOOK_URL=https://hooks.slack.com/services/YOUR/WEBHOOK/URL
# Discord webhook: Server Settings > Integrations > Webhooks
DISCORD_WEBHOOK_URL=https://discord.com/api/webhooks/YOUR/WEBHOOK/URL
# Email notifications
EMAIL_NOTIFICATION_ADDRESS=notifications@yourdomain.com
# Deployment Secrets (optional)
# Purpose: Deploy to production/staging environments
# SSH key for server deployments (base64 encoded private key)
DEPLOYMENT_SSH_KEY=your-base64-encoded-ssh-key-here
# Kubernetes service account token for cluster deployments
KUBERNETES_TOKEN=your-kubernetes-service-account-token-here
# API key for production environment access
PRODUCTION_API_KEY=your-production-api-key-here
# Additional CI/CD Configuration
# Build cache settings (optional)
BUILDX_CACHE_FROM=type=gha
BUILDX_CACHE_TO=type=gha,mode=max
# Container platforms to build for
DOCKER_PLATFORMS=linux/amd64,linux/arm64
# Registry push timeout (seconds)
REGISTRY_TIMEOUT=300
# =============================================================================
# KUBERNETES INGRESS CONFIGURATION
# =============================================================================
# Ingress host for Kubernetes deployment (use nip.io for dynamic IP)
# Replace 192.168.153.243 with your actual cluster/node IP
INGRESS_HOST=app.unitforge.YOUR-IP.nip.io
# Alternative ingress hosts (comma-separated)
INGRESS_HOSTS_ADDITIONAL=unitforge.local,unitforge.pi
# =============================================================================
# PATHS
# =============================================================================
FRONTEND_DIR="frontend"
BACKEND_DIR="backend"
STATIC_DIR="frontend/static"
TEMPLATES_DIR="frontend/templates"
# =============================================================================
# FEATURE FLAGS
# =============================================================================
ENABLE_API_METRICS=false
ENABLE_REQUEST_LOGGING=true
ENABLE_TEMPLATE_CACHING=true
ENABLE_VALIDATION_CACHING=true
# =============================================================================
# PERFORMANCE SETTINGS
# =============================================================================
REQUEST_TIMEOUT=30
KEEPALIVE_TIMEOUT=5
MAX_CONNECTIONS=100
# =============================================================================
# LOGGING CONFIGURATION
# =============================================================================
LOG_FORMAT="%(asctime)s - %(name)s - %(levelname)s - %(message)s"
LOG_DATE_FORMAT="%Y-%m-%d %H:%M:%S"
ACCESS_LOG=true
# =============================================================================
# DEVELOPMENT SERVER OPTIONS (Development Only)
# =============================================================================
# Development server auto-reload settings
# AUTO_RELOAD=false
# RELOAD_DIRS=["backend", "frontend"]
# RELOAD_DELAY=0.25
# =============================================================================
# TESTING CONFIGURATION
# =============================================================================
# Testing configuration
# TEST_DATABASE_URL="sqlite:///:memory:"
# TEST_PARALLEL=true
# TEST_COVERAGE_THRESHOLD=80
# =============================================================================
# CLI CONFIGURATION
# =============================================================================
CLI_VERBOSE=false
CLI_COLOR=true
CLI_PROGRESS=true
# =============================================================================
# VALIDATION SETTINGS
# =============================================================================
STRICT_VALIDATION=false
SHOW_WARNINGS=true
MAX_VALIDATION_ERRORS=50
# =============================================================================
# TEMPLATE GENERATION DEFAULTS
# =============================================================================
DEFAULT_USER="www-data"
DEFAULT_GROUP="www-data"
DEFAULT_RESTART_POLICY="on-failure"
DEFAULT_WANTED_BY="multi-user.target"
# =============================================================================
# SECURITY HEADERS
# =============================================================================
SECURITY_HEADERS=true
# HSTS max age in seconds (1 year)
HSTS_MAX_AGE=31536000
CSP_ENABLED=true
# =============================================================================
# MONITORING
# =============================================================================
HEALTH_CHECK_ENABLED=true
METRICS_ENABLED=false
TRACING_ENABLED=false
# =============================================================================
# ASSET OPTIMIZATION
# =============================================================================
HOT_RELOAD=false
SOURCE_MAPS=false
MINIFY_ASSETS=true
COMPRESS_RESPONSES=true
# =============================================================================
# DEVELOPMENT TOOLS (Development Only)
# =============================================================================
# Development editor and browser
# EDITOR="code"
# BROWSER="firefox"
# =============================================================================
# GIT HOOKS (Development Only)
# =============================================================================
# Git hooks configuration
# PRE_COMMIT_ENABLED=true
# AUTO_FORMAT=true
# AUTO_LINT=true
# =============================================================================
# DOCUMENTATION
# =============================================================================
DOCS_AUTO_RELOAD=false
API_DOCS_ENABLED=true
SWAGGER_UI_ENABLED=true
REDOC_ENABLED=true
# =============================================================================
# DEVELOPMENT OVERRIDES
# =============================================================================
# Uncomment the following lines for development:
# DEBUG=true
# ENVIRONMENT=development
# LOG_LEVEL=debug
# HOST=127.0.0.1
# RELOAD=true
# WORKERS=1
# API_TITLE="${APP_NAME} Development"
# API_VERSION="${APP_VERSION}-dev"
# SECRET_KEY="dev-secret-key-change-in-production"
# ALLOWED_HOSTS=["localhost", "127.0.0.1", "0.0.0.0", "::1"]
# CORS_ORIGINS=["http://localhost:3000", "http://localhost:8000", "http://127.0.0.1:8000"]
# ENABLE_API_METRICS=true
# AUTO_RELOAD=true
# RELOAD_DIRS=["backend", "frontend"]
# RELOAD_DELAY=0.25
# HOT_RELOAD=true
# SOURCE_MAPS=true
# MINIFY_ASSETS=false
# COMPRESS_RESPONSES=false
# SECURITY_HEADERS=false
# HSTS_MAX_AGE=0
# CSP_ENABLED=false
# DOCS_AUTO_RELOAD=true
Reference in New Issue View Git Blame Copy Permalink