2.0 KiB
2.0 KiB
Environment Configuration
Copy .env.example files and configure for your environment:
Backend (.env)
# MongoDB
MONGODB_URI=mongodb://admin:password@localhost:27017/noteapp?authSource=admin
# JWT Configuration
JWT_SECRET=your-super-secret-jwt-key-minimum-32-characters
JWT_ISSUER=noteapp
# Encryption (32 bytes = 32 characters)
ENCRYPTION_KEY=00000000000000000000000000000000
# Server
PORT=8080
ENV=development
LOG_LEVEL=info
# CORS (comma-separated for multiple origins)
CORS_ALLOWED_ORIGINS=http://localhost:5173,http://localhost:3000
# Rate Limiting
RATE_LIMIT_REQUESTS=50
RATE_LIMIT_WINDOW=1s
Frontend (.env)
VITE_API_BASE_URL=http://localhost:8080
VITE_ENV=development
Development vs Production
Development (.env.development)
- Less strict security (for easier testing)
- Localhost CORS allowed
- JWT secrets can be simple
- Logging more verbose
Production (.env.production)
- Strict security requirements
- Specific CORS origins only
- Strong random JWT secrets
- Limited logging (performance)
- All environment variables must be set
Generating Secrets
# JWT Secret (32+ characters)
openssl rand -base64 32
# Encryption Key (32 bytes)
openssl rand -hex 16 # outputs 32 characters
# Random token
openssl rand -hex 32
Docker Compose
Environment variables are defined in docker-compose.yml and will override .env files. Update the file for your deployment:
environment:
MONGODB_URI: mongodb://admin:password@mongodb:27017/noteapp?authSource=admin
JWT_SECRET: your-secret-key-change-in-production
# ... other vars
Kubernetes
Use kubectl create secret for sensitive data:
# Create secret from literal values
kubectl create secret generic app-secrets \
--from-literal=mongodb-uri="..." \
--from-literal=jwt-secret="..." \
-n noteapp
# Or use ConfigMap for non-sensitive config
kubectl create configmap app-config \
--from-file=config.yaml \
-n noteapp
IMPORTANT: Never commit .env files or secrets to version control!