# Warracker Environment Variables Configuration # Copy this file to .env and customize the values for your deployment ### ** Database Configuration** # Database connection settings DB_HOST=warrackerdb DB_NAME=warranty_db DB_USER=warranty_user DB_PASSWORD=warranty_password # Database admin credentials (used for migrations and setup) DB_ADMIN_USER=warracker_admin DB_ADMIN_PASSWORD=change_this_password_in_production # PostgreSQL-specific settings (for the database container) POSTGRES_DB=warranty_db POSTGRES_USER=warranty_user POSTGRES_PASSWORD=warranty_password ### Security Configuration** # Application secret key for JWT tokens and Flask sessions # IMPORTANT: Generate a strong, unique secret key for production! SECRET_KEY=your_very_secret_flask_key_change_me # JWT token expiration time (in hours) JWT_EXPIRATION_HOURS=24 ### Email/SMTP Configuration** # SMTP server settings for sending notifications and password resets SMTP_HOST=smtp.gmail.com SMTP_PORT=587 SMTP_USERNAME=youremail@gmail.com SMTP_PASSWORD=your_email_password # Optional SMTP settings SMTP_USE_TLS=true SMTP_USE_SSL=false SMTP_SENDER_EMAIL=noreply@warracker.com ### **URL Configuration** # Frontend URL (used for redirects and email links) # IMPORTANT: Must match your public-facing URL for OIDC and email links to work FRONTEND_URL=http://localhost:8005 # Application base URL (used for links in emails and redirects) APP_BASE_URL=http://localhost:8005 ### **File Upload Configuration** # Maximum file upload size in megabytes MAX_UPLOAD_MB=32 # Nginx maximum body size (should match or exceed MAX_UPLOAD_MB) NGINX_MAX_BODY_SIZE_VALUE=32M ### **Performance & Memory Configuration** # Memory optimization mode # Options: optimized (default), ultra-light, performance # - optimized: 2 workers, ~60-80MB RAM usage (recommended for most deployments) # - ultra-light: 1 worker, ~40-50MB RAM usage (for very limited resources) # - performance: 4 workers, ~150-200MB RAM usage (for high-traffic deployments) WARRACKER_MEMORY_MODE=optimized ### **OIDC/SSO Configuration (Optional)** # Enable/disable OIDC SSO functionality OIDC_ENABLED=false # OIDC Provider settings # Provider name (affects button branding: google, github, microsoft, keycloak, etc.) OIDC_PROVIDER_NAME=oidc # OIDC client credentials (obtain from your OIDC provider) OIDC_CLIENT_ID= OIDC_CLIENT_SECRET= # OIDC issuer URL (e.g., https://accounts.google.com) OIDC_ISSUER_URL= # OIDC scope (space-separated list of scopes) OIDC_SCOPE=openid email profile # OIDC admin group (optional, requires group scope) OIDC_ADMIN_GROUP= ### **Development/Debugging Configuration (Optional)** # Flask environment (development/production) FLASK_ENV=production # Flask debug mode (true/false) FLASK_DEBUG=false # Flask run port (for development) FLASK_RUN_PORT=5000 # Python unbuffered output (helpful for Docker logs) PYTHONUNBUFFERED=1 ### **Example Configurations** **Gmail SMTP:** ```bash SMTP_HOST=smtp.gmail.com SMTP_PORT=587 SMTP_USERNAME=youremail@gmail.com SMTP_PASSWORD=your_app_password SMTP_USE_TLS=true ``` **Google OIDC:** ```bash OIDC_ENABLED=true OIDC_PROVIDER_NAME=google OIDC_CLIENT_ID=your_google_client_id.apps.googleusercontent.com OIDC_CLIENT_SECRET=your_google_client_secret OIDC_ISSUER_URL=https://accounts.google.com OIDC_SCOPE=openid email profile ``` **Production deployment:** ```bash SECRET_KEY=super_long_random_string_generated_securely DB_PASSWORD=strong_database_password_123 DB_ADMIN_PASSWORD=different_strong_admin_password_456 FRONTEND_URL=https://warracker.yourdomain.com APP_BASE_URL=https://warracker.yourdomain.com SMTP_HOST=smtp.yourdomain.com SMTP_USERNAME=warracker@yourdomain.com MAX_UPLOAD_MB=64 NGINX_MAX_BODY_SIZE_VALUE=64M WARRACKER_MEMORY_MODE=performance ``` ## **How to Use** 1. **Copy this configuration** into a file named `.env` in your Docker folder 2. **Customize the values** according to your specific deployment needs 3. **Generate strong passwords** for production use, especially for `SECRET_KEY`, `DB_PASSWORD`, and `DB_ADMIN_PASSWORD` 4. **Set your domain URLs** correctly for `FRONTEND_URL` and `APP_BASE_URL` if deploying publicly 5. **Configure SMTP** if you want email functionality for password resets and notifications 6. **Set up OIDC/SSO** if you want single sign-on capabilities