Matt
1c96c3a85e
- Apply 3 Prisma schema changes (Pending2FASession, hubApiKeyHash, SecurityVerificationCode attempts) - Add Stripe webhook handler (checkout.session.completed -> User + Subscription + Order) - Add stripe-service, api-key-service, rate-limit middleware - Add security headers (CSP, HSTS, X-Frame-Options) in next.config.ts - Harden auth routes, require ADMIN_API_KEY for orchestrator endpoints - Add Docker auto-migration via startup.sh - Add 7 unit test suites (api-key, dns, config-generator, automation-worker, permission, security-verification, auth-helpers) - Fix Prisma 7 compatibility with adapter-pg mock for vitest Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
35 lines
1.1 KiB
Plaintext
35 lines
1.1 KiB
Plaintext
# LetsBe Hub Configuration
|
|
|
|
# Database
|
|
DATABASE_URL=postgresql://hub:hub@db:5432/hub
|
|
|
|
# Admin API Key (CHANGE IN PRODUCTION!)
|
|
ADMIN_API_KEY=change-me-in-production
|
|
|
|
# Debug mode
|
|
DEBUG=false
|
|
|
|
# Telemetry retention (days)
|
|
TELEMETRY_RETENTION_DAYS=90
|
|
|
|
# =============================================================================
|
|
# Email (Resend)
|
|
# =============================================================================
|
|
# API key from https://resend.com
|
|
# RESEND_API_KEY=re_xxxxxxxxxx
|
|
# Sender email address (must be verified in Resend)
|
|
# RESEND_FROM_EMAIL=noreply@yourdomain.com
|
|
|
|
# =============================================================================
|
|
# Cron / Scheduled Tasks
|
|
# =============================================================================
|
|
# Secret used to authenticate cron job requests
|
|
# Generate with: openssl rand -hex 32
|
|
# CRON_SECRET=
|
|
|
|
# =============================================================================
|
|
# Public API
|
|
# =============================================================================
|
|
# API key exposed to client-side code (non-sensitive, for rate limiting etc.)
|
|
# PUBLIC_API_KEY=
|