bmc_hub/.env.prod.example

# =====================================================
# PRODUCTION ENVIRONMENT - BMC Hub
# =====================================================
# Kopier denne fil til .env på production serveren
# OG ÆNDR ALLE PASSWORDS OG SECRETS!

# =====================================================
# RELEASE VERSION
# =====================================================
# Tag fra Gitea (f.eks. v1.0.0, v1.2.3)
RELEASE_VERSION=v2.0.6

# =====================================================
# GITEA AUTHENTICATION
# =====================================================
# Gitea server URL (uden trailing slash)
GITEA_URL=https://g.bmcnetworks.dk

# Personal Access Token fra https://g.bmcnetworks.dk/user/settings/applications
GITHUB_TOKEN=your_gitea_token_here
GITHUB_REPO=ct/bmc_hub

# =====================================================
# POSTGRESQL DATABASE - Production
# =====================================================
DATABASE_URL=postgresql://bmc_hub_prod:CHANGE_THIS_PASSWORD@postgres:5432/bmc_hub_prod

# Database credentials (bruges af docker-compose/podman-compose)
POSTGRES_USER=bmc_hub_prod
POSTGRES_PASSWORD=CHANGE_THIS_PASSWORD_TO_STRONG_PASSWORD
POSTGRES_DB=bmc_hub_prod
POSTGRES_PORT=5432

# GitHub/Gitea Personal Access Token (skal have læseadgang til repo)
# Opret token på: https://g.bmcnetworks.dk/user/settings/applications
GITHUB_TOKEN=your_gitea_token_here

# =====================================================
# API CONFIGURATION - Production
# =====================================================
# Stack name used by deployment scripts to name containers
STACK_NAME=prod
API_HOST=0.0.0.0
API_PORT=8000
API_RELOAD=false

# FirmaAPI (CVR company lookup)
FIRMAAPI_BASE_URL=https://firmaapi.dk/api/v1
FIRMAAPI_API_KEY=
FIRMAAPI_TIMEOUT_SECONDS=12

# =====================================================
# SECURITY - Production
# =====================================================
# VIGTIGT: Generer en stærk SECRET_KEY i production!
# Brug: python -c "import secrets; print(secrets.token_urlsafe(32))"
SECRET_KEY=CHANGEME_GENERATE_RANDOM_SECRET_KEY

# Telefoni (Yealink) callbacks security (MUST set at least one)
TELEFONI_SHARED_SECRET=
TELEFONI_IP_WHITELIST=

# CORS origins - IP adresse med port
CORS_ORIGINS=http://172.16.31.183:8001

# =====================================================
# LOGGING - Production
# =====================================================
LOG_LEVEL=INFO
LOG_FILE=logs/app.log

# =====================================================
# e-conomic Integration - Production
# =====================================================
ECONOMIC_API_URL=https://restapi.e-conomic.com
ECONOMIC_APP_SECRET_TOKEN=your_production_token_here
ECONOMIC_AGREEMENT_GRANT_TOKEN=your_production_grant_here

# 🚨 SAFETY SWITCHES
# Start ALTID med begge sat til true i ny production deployment!
# VIGTIGT: Brug kun 'true' eller 'false' uden kommentarer på samme linje
ECONOMIC_READ_ONLY=true
ECONOMIC_DRY_RUN=true

# =====================================================
# Links / Endpoints Module - Production (Optional)
# =====================================================
# Start disabled; enable after migration + validation
LINKS_MODULE_ENABLED=false
LINKS_READ_ONLY=true
LINKS_DRY_RUN=true
LINKS_DEAD_LINK_CHECK_ENABLED=true
LINKS_DEAD_LINK_CHECK_INTERVAL_MINUTES=60
LINKS_CHECK_TIMEOUT_SECONDS=5

# Vaultwarden (Bitwarden-compatible)
VAULTWARDEN_BASE_URL=
VAULTWARDEN_API_TOKEN=