From 9cdfa0899d20bb97869bfaa22d424b9ee2271e94 Mon Sep 17 00:00:00 2001 From: MOHAMED RASHED Date: Sun, 28 Jun 2026 13:03:39 +0300 Subject: [PATCH] feat/env-vars --- backend/.env.example | 57 +++++++++++++++++++ .../appsettings.Development.json | 41 +++++++------ .../appsettings.Production.json | 42 +++++++------- .../appsettings.Development.json | 48 ++++++++++------ .../appsettings.Production.json | 45 +++++++++------ .../CCE.Worker/appsettings.Development.json | 9 +-- .../CCE.Worker/appsettings.Production.json | 11 ++-- 7 files changed, 174 insertions(+), 79 deletions(-) create mode 100644 backend/.env.example diff --git a/backend/.env.example b/backend/.env.example new file mode 100644 index 00000000..a9f458a7 --- /dev/null +++ b/backend/.env.example @@ -0,0 +1,57 @@ +# ══════════════════════════════════════════════════════════════════════════════ +# CCE Backend — Environment Variables Template +# Copy this file to .env (local dev) or .env.production and fill in real values. +# ASP.NET Core reads these via double-underscore convention: +# Infrastructure__SqlConnectionString → Infrastructure.SqlConnectionString +# ══════════════════════════════════════════════════════════════════════════════ + +# ── Database (SQL Server) ───────────────────────────────────────────────────── +Infrastructure__SqlConnectionString=Server=;Database=;User Id=;Password=;Encrypt=True;TrustServerCertificate=True;MultipleActiveResultSets=True; + +# ── Redis ───────────────────────────────────────────────────────────────────── +# External API + Worker (dev: localhost, prod: managed Redis URL with password) +Infrastructure__RedisConnectionString=localhost:6379 +# Internal API uses a separate Redis instance in some envs — override per process if needed + +# ── Supabase S3 ─────────────────────────────────────────────────────────────── +Infrastructure__S3AccessKey= +Infrastructure__S3SecretKey= + +# ── Meilisearch ─────────────────────────────────────────────────────────────── +Infrastructure__MeilisearchMasterKey= + +# ── Email (SMTP) ────────────────────────────────────────────────────────────── +Email__Username= +Email__Password= + +# ── OTP HMAC ────────────────────────────────────────────────────────────────── +Otp__HmacSecret= + +# ── LocalAuth JWT Signing Keys ──────────────────────────────────────────────── +LocalAuth__External__SigningKey=<32-char-minimum-random-string> +LocalAuth__Internal__SigningKey=<32-char-minimum-random-string> + +# ── Firebase Admin SDK ──────────────────────────────────────────────────────── +Firebase__ProjectId= +# Compact single-line JSON from the downloaded service account key file +Firebase__ServiceAccountJson={"type":"service_account","project_id":"...","private_key_id":"...","private_key":"-----BEGIN PRIVATE KEY-----\n...\n-----END PRIVATE KEY-----\n","client_email":"...","client_id":"...","auth_uri":"https://accounts.google.com/o/oauth2/auth","token_uri":"https://oauth2.googleapis.com/token","auth_provider_x509_cert_url":"https://www.googleapis.com/oauth2/v1/certs","client_x509_cert_url":"...","universe_domain":"googleapis.com"} + +# ── Microsoft Entra ID ──────────────────────────────────────────────────────── +EntraId__TenantId= +EntraId__ClientId= +EntraId__ClientSecret= +EntraId__GraphTenantId= +EntraId__GraphTenantDomain= + +# ── Keycloak (BFF — External API only) ─────────────────────────────────────── +Bff__KeycloakClientSecret= + +# ── Seq Logging ─────────────────────────────────────────────────────────────── +Seq__ApiKey= + +# ── Anthropic / AI Assistant (if provider = anthropic) ─────────────────────── +Assistant__Anthropic__ApiKey= + +# ── RabbitMQ (production only, if Transport = RabbitMQ) ────────────────────── +Messaging__RabbitMqUsername= +Messaging__RabbitMqPassword= diff --git a/backend/src/CCE.Api.External/appsettings.Development.json b/backend/src/CCE.Api.External/appsettings.Development.json index f012d5f7..5c01e1e0 100644 --- a/backend/src/CCE.Api.External/appsettings.Development.json +++ b/backend/src/CCE.Api.External/appsettings.Development.json @@ -6,15 +6,15 @@ } }, "Infrastructure": { - "SqlConnectionString": "Server=db52197.public.databaseasp.net; Database=db52197; User Id=db52197; Password=CHANGE-ME; Encrypt=True; TrustServerCertificate=True; MultipleActiveResultSets=True;", + "SqlConnectionString": "", "RedisConnectionString": "localhost:6379", "S3EndpointUrl": "https://pocikalapsyczhfbuhzf.storage.supabase.co/storage/v1/s3", "S3PublicBaseUrl": "https://pocikalapsyczhfbuhzf.supabase.co/storage/v1/object/public", - "S3AccessKey": "CHANGE-ME-S3-ACCESS-KEY", - "S3SecretKey": "CHANGE-ME-S3-SECRET-KEY", + "S3AccessKey": "", + "S3SecretKey": "", "S3BucketName": "uploads", - "MeilisearchUrl": "http://localhost:7700", - "MeilisearchMasterKey": "dev-meili-master-key-change-me", + "MeilisearchUrl": "https://ms-9c99ed0d8a5b-50601.lon.meilisearch.io", + "MeilisearchMasterKey": "", "OutputCacheTtlSeconds": 60, "CelebrityFollowerThreshold": 10000 }, @@ -26,7 +26,7 @@ "Bff": { "KeycloakRealm": "cce-public", "KeycloakClientId": "cce-public-portal", - "KeycloakClientSecret": "dev-public-secret-change-me", + "KeycloakClientSecret": "", "CookieDomain": "localhost", "SessionLifetimeMinutes": 30, "KeycloakBaseUrl": "http://localhost:8080" @@ -45,12 +45,12 @@ }, "EntraId": { "Instance": "https://login.microsoftonline.com/", - "TenantId": "common", - "ClientId": "00000000-0000-0000-0000-000000000000", - "ClientSecret": "dev-entra-secret-change-me", - "Audience": "api://00000000-0000-0000-0000-000000000000", - "GraphTenantId": "00000000-0000-0000-0000-000000000000", - "GraphTenantDomain": "cce.local", + "TenantId": "", + "ClientId": "", + "ClientSecret": "", + "Audience": "", + "GraphTenantId": "", + "GraphTenantDomain": "", "CallbackPath": "/signin-oidc" }, "Messaging": { @@ -62,12 +62,12 @@ "External": { "Issuer": "cce-api-external-dev", "Audience": "cce-public-dev", - "SigningKey": "dev-external-local-auth-signing-key-change-me-12345" + "SigningKey": "" }, "Internal": { "Issuer": "cce-api-internal-dev", "Audience": "cce-admin-dev", - "SigningKey": "dev-internal-local-auth-signing-key-change-me-12345" + "SigningKey": "" }, "AccessTokenMinutes": 10, "RefreshTokenDays": 30, @@ -80,8 +80,8 @@ "Port": 587, "FromAddress": "ccetest15@gmail.com", "FromName": "CCE Knowledge Center", - "Username": "ccetest15@gmail.com", - "Password": "CHANGE-ME-SMTP-APP-PASSWORD", + "Username": "", + "Password": "", "EnableSsl": true }, "ExternalApis": { @@ -102,12 +102,17 @@ "BaseUrl": "https://cce-external-api.runasp.net/media/" }, "Seq": { - "ServerUrl": "http://localhost:5341" + "ServerUrl": "http://localhost:5341", + "ApiKey": "" }, "Otp": { - "HmacSecret": "CHANGE-ME-OTP-HMAC-SECRET" + "HmacSecret": "" }, "Frontend": { "PasswordResetUrl": "http://localhost:4200" + }, + "Firebase": { + "ProjectId": "", + "ServiceAccountJson": "" } } diff --git a/backend/src/CCE.Api.External/appsettings.Production.json b/backend/src/CCE.Api.External/appsettings.Production.json index c14e22ef..a479e4e9 100644 --- a/backend/src/CCE.Api.External/appsettings.Production.json +++ b/backend/src/CCE.Api.External/appsettings.Production.json @@ -1,21 +1,21 @@ { "Logging": { "LogLevel": { - "Default": "Debug", - "Microsoft.AspNetCore": "Information" + "Default": "Information", + "Microsoft.AspNetCore": "Warning" } }, "Infrastructure": { - "SqlConnectionString": "Server=db52197.public.databaseasp.net; Database=db52197; User Id=db52197; Password=CHANGE-ME; Encrypt=True; TrustServerCertificate=True; MultipleActiveResultSets=True;", - "RedisConnectionString": "spot-activity-quarter-93466.db.redis.io:18280,password=CHANGE-ME-REDIS-PASSWORD,user=default", + "SqlConnectionString": "", + "RedisConnectionString": "", "S3EndpointUrl": "https://pocikalapsyczhfbuhzf.storage.supabase.co/storage/v1/s3", "S3PublicBaseUrl": "https://pocikalapsyczhfbuhzf.supabase.co/storage/v1/object/public", - "S3AccessKey": "CHANGE-ME-S3-ACCESS-KEY", - "S3SecretKey": "CHANGE-ME-S3-SECRET-KEY", + "S3AccessKey": "", + "S3SecretKey": "", "S3BucketName": "uploads", "MediaUploadsRoot": "./wwwroot/media/", - "MeilisearchUrl": "http://localhost:7700", - "MeilisearchMasterKey": "dev-meili-master-key-change-me", + "MeilisearchUrl": "https://ms-9c99ed0d8a5b-50601.lon.meilisearch.io", + "MeilisearchMasterKey": "", "OutputCacheTtlSeconds": 60, "CelebrityFollowerThreshold": 10000 }, @@ -27,7 +27,7 @@ "Bff": { "KeycloakRealm": "cce-public", "KeycloakClientId": "cce-public-portal", - "KeycloakClientSecret": "dev-public-secret-change-me", + "KeycloakClientSecret": "", "CookieDomain": "localhost", "SessionLifetimeMinutes": 30, "KeycloakBaseUrl": "http://localhost:8080" @@ -46,12 +46,12 @@ }, "EntraId": { "Instance": "https://login.microsoftonline.com/", - "TenantId": "common", - "ClientId": "00000000-0000-0000-0000-000000000000", - "ClientSecret": "dev-entra-secret-change-me", - "Audience": "api://00000000-0000-0000-0000-000000000000", - "GraphTenantId": "00000000-0000-0000-0000-000000000000", - "GraphTenantDomain": "cce.local", + "TenantId": "", + "ClientId": "", + "ClientSecret": "", + "Audience": "", + "GraphTenantId": "", + "GraphTenantDomain": "", "CallbackPath": "/signin-oidc" }, "Messaging": { @@ -65,12 +65,12 @@ "External": { "Issuer": "cce-api-external-dev", "Audience": "cce-public-dev", - "SigningKey": "dev-external-local-auth-signing-key-change-me-12345" + "SigningKey": "" }, "Internal": { "Issuer": "cce-api-internal-dev", "Audience": "cce-admin-dev", - "SigningKey": "dev-internal-local-auth-signing-key-change-me-12345" + "SigningKey": "" }, "AccessTokenMinutes": 10, "RefreshTokenDays": 30, @@ -83,8 +83,8 @@ "Port": 587, "FromAddress": "ccetest15@gmail.com", "FromName": "CCE Knowledge Center", - "Username": "ccetest15@gmail.com", - "Password": "CHANGE-ME-SMTP-APP-PASSWORD", + "Username": "", + "Password": "", "EnableSsl": true }, "ExternalApis": { @@ -103,5 +103,9 @@ }, "Frontend": { "PasswordResetUrl": "http://localhost:4200" + }, + "Firebase": { + "ProjectId": "", + "ServiceAccountJson": "" } } diff --git a/backend/src/CCE.Api.Internal/appsettings.Development.json b/backend/src/CCE.Api.Internal/appsettings.Development.json index 0a8ba8f7..e7a3efb8 100644 --- a/backend/src/CCE.Api.Internal/appsettings.Development.json +++ b/backend/src/CCE.Api.Internal/appsettings.Development.json @@ -6,11 +6,19 @@ } }, "Infrastructure": { - "SqlConnectionString": "Server=db52197.public.databaseasp.net; Database=db52197; User Id=db52197; Password=3Mm!x5#Y?rR9; Encrypt=True; TrustServerCertificate=True; MultipleActiveResultSets=True;", - "RedisConnectionString": "rediss://default:gQAAAAAAAYY8AAIgcDIwYmNkMjFmM2Q0NDk0MGRiOWZhZjczNDE1NmMwZjFlMw@game-elk-99900.upstash.io:6379", + "SqlConnectionString": "", + "RedisConnectionString": "localhost:6379", + "S3EndpointUrl": "https://pocikalapsyczhfbuhzf.storage.supabase.co/storage/v1/s3", + "S3PublicBaseUrl": "https://pocikalapsyczhfbuhzf.supabase.co/storage/v1/object/public", + "S3AccessKey": "", + "S3SecretKey": "", + "S3BucketName": "uploads", "LocalUploadsRoot": "./backend/", "ClamAvHost": "localhost", - "ClamAvPort": 3310 + "ClamAvPort": 3310, + "CelebrityFollowerThreshold": 10000, + "MeilisearchUrl": "https://ms-9c99ed0d8a5b-50601.lon.meilisearch.io", + "MeilisearchMasterKey": "" }, "Keycloak": { "Authority": "http://localhost:8080/realms/cce-internal", @@ -26,12 +34,12 @@ }, "EntraId": { "Instance": "https://login.microsoftonline.com/", - "TenantId": "common", - "ClientId": "00000000-0000-0000-0000-000000000000", - "ClientSecret": "dev-entra-secret-change-me", - "Audience": "api://00000000-0000-0000-0000-000000000000", - "GraphTenantId": "00000000-0000-0000-0000-000000000000", - "GraphTenantDomain": "cce.local", + "TenantId": "", + "ClientId": "", + "ClientSecret": "", + "Audience": "", + "GraphTenantId": "", + "GraphTenantDomain": "", "CallbackPath": "/signin-oidc" }, "Messaging": { @@ -43,12 +51,12 @@ "External": { "Issuer": "cce-api-external-dev", "Audience": "cce-public-dev", - "SigningKey": "dev-external-local-auth-signing-key-change-me-12345" + "SigningKey": "" }, "Internal": { "Issuer": "cce-api-internal-dev", "Audience": "cce-admin-dev", - "SigningKey": "dev-internal-local-auth-signing-key-change-me-12345" + "SigningKey": "" }, "AccessTokenMinutes": 10, "RefreshTokenDays": 30, @@ -57,13 +65,13 @@ }, "Email": { "Provider": "smtp", - "Host": "localhost", - "Port": 1025, - "FromAddress": "no-reply@cce.local", + "Host": "smtp.gmail.com", + "Port": 587, + "FromAddress": "ccetest15@gmail.com", "FromName": "CCE Knowledge Center", "Username": "", "Password": "", - "EnableSsl": false + "EnableSsl": true }, "ExternalApis": { "CommunicationGateway": { @@ -83,12 +91,18 @@ "BaseUrl": "https://cce-internal-api.runasp.net/media/" }, "Seq": { - "ServerUrl": "http://localhost:5341" + "ServerUrl": "http://localhost:5341", + "ApiKey": "" }, "Otp": { - "HmacSecret": "3ahs3DvW/rdx+InzjOCpqSUDSFuvyF59sPjziVdeIhE=" + "HmacSecret": "" }, "Frontend": { + "BaseUrl": "http://localhost:4201", "PasswordResetUrl": "http://localhost:4201" + }, + "Firebase": { + "ProjectId": "", + "ServiceAccountJson": "" } } diff --git a/backend/src/CCE.Api.Internal/appsettings.Production.json b/backend/src/CCE.Api.Internal/appsettings.Production.json index f869a762..36cbe5bc 100644 --- a/backend/src/CCE.Api.Internal/appsettings.Production.json +++ b/backend/src/CCE.Api.Internal/appsettings.Production.json @@ -1,13 +1,21 @@ { "Logging": { "LogLevel": { - "Default": "Debug", - "Microsoft.AspNetCore": "Information" + "Default": "Information", + "Microsoft.AspNetCore": "Warning" } }, "Infrastructure": { - "SqlConnectionString": "Server=db52197.public.databaseasp.net; Database=db52197; User Id=db52197; Password=3Mm!x5#Y?rR9; Encrypt=True; TrustServerCertificate=True; MultipleActiveResultSets=True;", - "RedisConnectionString": "spot-activity-quarter-93466.db.redis.io:18280,password=oN1DkNqg1HT7bI3Toj0WLSyyOVG8QFP7,user=default", + "SqlConnectionString": "", + "RedisConnectionString": "", + "S3EndpointUrl": "https://pocikalapsyczhfbuhzf.storage.supabase.co/storage/v1/s3", + "S3PublicBaseUrl": "https://pocikalapsyczhfbuhzf.supabase.co/storage/v1/object/public", + "S3AccessKey": "", + "S3SecretKey": "", + "S3BucketName": "uploads", + "MeilisearchUrl": "https://ms-9c99ed0d8a5b-50601.lon.meilisearch.io", + "MeilisearchMasterKey": "", + "CelebrityFollowerThreshold": 10000, "LocalUploadsRoot": "./backend/", "MediaUploadsRoot": "./wwwroot/media/", "ClamAvHost": "localhost", @@ -27,12 +35,12 @@ }, "EntraId": { "Instance": "https://login.microsoftonline.com/", - "TenantId": "common", - "ClientId": "00000000-0000-0000-0000-000000000000", - "ClientSecret": "dev-entra-secret-change-me", - "Audience": "api://00000000-0000-0000-0000-000000000000", - "GraphTenantId": "00000000-0000-0000-0000-000000000000", - "GraphTenantDomain": "cce.local", + "TenantId": "", + "ClientId": "", + "ClientSecret": "", + "Audience": "", + "GraphTenantId": "", + "GraphTenantDomain": "", "CallbackPath": "/signin-oidc" }, "Messaging": { @@ -40,18 +48,18 @@ "RabbitMqHost": "rabbitmq", "RabbitMqVirtualHost": "/cce-prod", "UseAsyncDispatcher": true, - "FallbackToInMemoryIfUnavailable": false + "FallbackToInMemoryIfUnavailable": true }, "LocalAuth": { "External": { "Issuer": "cce-api-external-dev", "Audience": "cce-public-dev", - "SigningKey": "dev-external-local-auth-signing-key-change-me-12345" + "SigningKey": "" }, "Internal": { "Issuer": "cce-api-internal-dev", "Audience": "cce-admin-dev", - "SigningKey": "dev-internal-local-auth-signing-key-change-me-12345" + "SigningKey": "" }, "AccessTokenMinutes": 10, "RefreshTokenDays": 30, @@ -62,10 +70,10 @@ "Provider": "smtp", "Host": "smtp.gmail.com", "Port": 587, - "FromAddress": "ccetest89@gmail.com", + "FromAddress": "ccetest15@gmail.com", "FromName": "CCE Knowledge Center", - "Username": "ccetest89@gmail.com", - "Password": "kinb pvcm vrkx bxls", + "Username": "", + "Password": "", "EnableSsl": true }, "ExternalApis": { @@ -83,6 +91,11 @@ } }, "Frontend": { + "BaseUrl": "https://cce-mock.bonto.run", "PasswordResetUrl": "http://localhost:4201" + }, + "Firebase": { + "ProjectId": "", + "ServiceAccountJson": "" } } diff --git a/backend/src/CCE.Worker/appsettings.Development.json b/backend/src/CCE.Worker/appsettings.Development.json index 93bad94e..66a925df 100644 --- a/backend/src/CCE.Worker/appsettings.Development.json +++ b/backend/src/CCE.Worker/appsettings.Development.json @@ -6,7 +6,7 @@ } }, "Infrastructure": { - "SqlConnectionString": "Server=db52197.public.databaseasp.net; Database=db52197; User Id=db52197; Password=3Mm!x5#Y?rR9; Encrypt=True; TrustServerCertificate=True; MultipleActiveResultSets=True;", + "SqlConnectionString": "", "RedisConnectionString": "localhost:6379" }, "Email": { @@ -15,8 +15,8 @@ "Port": 587, "FromAddress": "ccetest15@gmail.com", "FromName": "CCE Knowledge Center", - "Username": "ccetest15@gmail.com", - "Password": "ykjy wzlr fhfu wpxk", + "Username": "", + "Password": "", "EnableSsl": true }, "Messaging": { @@ -25,6 +25,7 @@ "FallbackToInMemoryIfUnavailable": true }, "Seq": { - "ServerUrl": "http://localhost:5341" + "ServerUrl": "http://localhost:5341", + "ApiKey": "" } } diff --git a/backend/src/CCE.Worker/appsettings.Production.json b/backend/src/CCE.Worker/appsettings.Production.json index bb9013a9..6dd835dd 100644 --- a/backend/src/CCE.Worker/appsettings.Production.json +++ b/backend/src/CCE.Worker/appsettings.Production.json @@ -6,8 +6,8 @@ } }, "Infrastructure": { - "SqlConnectionString": "Server=db52197.public.databaseasp.net; Database=db52197; User Id=db52197; Password=3Mm!x5#Y?rR9; Encrypt=True; TrustServerCertificate=True; MultipleActiveResultSets=True;", - "RedisConnectionString": "spot-activity-quarter-93466.db.redis.io:18280,password=oN1DkNqg1HT7bI3Toj0WLSyyOVG8QFP7,user=default" + "SqlConnectionString": "", + "RedisConnectionString": "" }, "Email": { "Provider": "smtp", @@ -15,8 +15,8 @@ "Port": 587, "FromAddress": "ccetest15@gmail.com", "FromName": "CCE Knowledge Center", - "Username": "ccetest15@gmail.com", - "Password": "ykjy wzlr fhfu wpxk", + "Username": "", + "Password": "", "EnableSsl": true }, "Messaging": { @@ -27,6 +27,7 @@ "FallbackToInMemoryIfUnavailable": false }, "Seq": { - "ServerUrl": "" + "ServerUrl": "", + "ApiKey": "" } }