-
Notifications
You must be signed in to change notification settings - Fork 4
Expand file tree
/
Copy pathconfig.env.example
More file actions
91 lines (83 loc) · 4.46 KB
/
config.env.example
File metadata and controls
91 lines (83 loc) · 4.46 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
# Copy to `config.env` and adjust values as needed.
#
# Docker (postgres container)
# The database superuser is POSTGRES_USER (default pos), not the conventional name "postgres".
# Tools that default to user "postgres" (psql, IDE DB plugins) will log FATAL: role "postgres" does not exist — use POSTGRES_USER / DB_USER from this file.
POSTGRES_DB=pos
POSTGRES_USER=pos
POSTGRES_PASSWORD=pos
POSTGRES_PORT=5433
#
# FastAPI Backend
# When running in Docker: use service name 'db' and internal port 5432
# When running the backend on your host: use 'localhost' and POSTGRES_PORT
DB_HOST=db
DB_PORT=5432
DB_USER=pos
DB_PASSWORD=pos
DB_NAME=pos
# Security
SECRET_KEY=CHANGE_THIS_TO_A_RANDOM_SECRET_KEY_IN_PRODUCTION
# Refresh token secret (must be DIFFERENT from SECRET_KEY for security)
REFRESH_SECRET_KEY=CHANGE_THIS_TO_ANOTHER_RANDOM_SECRET_IN_PRODUCTION
# Token expiration settings
ACCESS_TOKEN_EXPIRE_MINUTES=30
REFRESH_TOKEN_EXPIRE_DAYS=7
# CORS origins (comma-separated list of allowed origins)
# Default * allows any host (e.g. IP or domain); restrict in production if desired.
# Examples: CORS_ORIGINS=https://satisfecho.de | CORS_ORIGINS=http://192.168.1.100,https://app.yourdomain.com
CORS_ORIGINS=*
# Optional — Docker dev landing footer git short hash (front volume has no .git).
# ./run.sh sets this from the repo when unset. If you use plain `docker compose` from the repo root:
# export COMMIT_HASH=$(git rev-parse --short HEAD)
# COMMIT_HASH=
# Frontend URLs (used by Angular app; injected at container start)
# Production (single host): use relative URLs so registration and API work from any host (IP or domain).
# Development (separate front): use absolute URLs, e.g. API_URL=http://localhost:4202/api
API_URL=/api
WS_URL=
# Stripe (payment processing)
# Note: Stripe keys are now stored per-tenant in the database (configured in Settings)
# STRIPE_CURRENCY is used as a fallback if tenant has not configured a currency
STRIPE_CURRENCY=usd
# Revolut Merchant API — for testing/demo tenants only (system-wide fallback when tenant has no key)
# Production tenants must set their own Revolut Merchant API secret in Settings (per-tenant).
# Get the secret from Revolut Business Sandbox → API / Merchant API.
# REVOLUT_MERCHANT_SECRET=sk_...
# Base URL of the public app (for links in emails and Revolut payment redirects).
# When set: reservation emails include view/cancel links; Revolut checkout redirects back to this origin.
# Required for password-reset emails: staff/provider "Forgot password" returns HTTP 503 until this is set
# (and SMTP must be configured globally or per-tenant). Examples: https://satisfecho.de or http://127.0.0.1:4202
# PUBLIC_APP_BASE_URL=https://satisfecho.de
#
# Optional — legal document URLs for the whole deployment (landing, login, register).
# Tenants can override in Settings → Data & privacy (contact section). Use https://…
# If unset but PUBLIC_APP_BASE_URL is set, the API falls back to {PUBLIC_APP_BASE_URL}/terms and /privacy (same SPA).
# PUBLIC_TERMS_OF_SERVICE_URL=https://satisfecho.de/terms
# PUBLIC_PRIVACY_POLICY_URL=https://satisfecho.de/privacy
#
# Password reset emails link to {PUBLIC_APP_BASE_URL}/reset-password?token=… (staff + provider).
# Without PUBLIC_APP_BASE_URL, POST /password-reset/request responds with 503 (password_reset_not_configured).
# Optional: token lifetime (minutes, default 60).
# PASSWORD_RESET_TOKEN_EXPIRE_MINUTES=60
# Optional: max reset-email requests per client IP per hour (default 5; higher in non-production).
# RATE_LIMIT_PASSWORD_RESET_PER_HOUR=5
# Email (SMTP) – used for sending transactional emails (e.g. reservation confirmations)
# For Gmail: use an App Password (not your normal password). See docs/0018-gmail-setup.md
# SMTP_HOST=smtp.gmail.com
# SMTP_PORT=587
# SMTP_USE_TLS=true
# SMTP_USER=your-email@gmail.com
# SMTP_PASSWORD=your-16-char-app-password
# EMAIL_FROM=your-email@gmail.com
# If unset, the backend default is noreply@satisfecho.de (see back/app/settings.py); set explicitly in production.
# EMAIL_FROM_NAME=Your Restaurant Name
# WhatsApp (Twilio) – optional; when set, reservation reminders can be sent via WhatsApp when customer_phone is present
# TWILIO_ACCOUNT_SID=AC...
# TWILIO_AUTH_TOKEN=...
# TWILIO_WHATSAPP_FROM=+14155238886
# Default country code for normalizing phone numbers (ISO 3166-1 alpha-2, e.g. ES, DE, US)
# DEFAULT_PHONE_COUNTRY=ES
#
# Rate limit: public guest feedback form submissions per client IP per hour (default 15; higher in non-production)
# RATE_LIMIT_GUEST_FEEDBACK_PER_HOUR=15