mirror of
https://github.com/johndoe6345789/metabuilder.git
synced 2026-04-25 22:34:56 +00:00
- Add comprehensive GitHub Actions workflow for WorkflowUI builds and deployments * Quality checks: TypeScript type-check, lint, build, tests * Security scanning: npm audit and Trivy vulnerability scanning * Docker build: Multi-architecture (amd64, arm64) with SBOM generation * Test deployment: Validates docker-compose and health checks * PR notifications with build status - Create Docker deployment guide (DOCKER.md) covering: * Quick start and configuration * Building and pushing to registries * Persistent data and backup strategies * Performance tuning and monitoring * Production security checklist * Nginx reverse proxy configuration * Troubleshooting procedures - Add production docker-compose override (docker-compose.prod.yml): * Resource limits (2GB memory, 2 CPU) * Security hardening (capabilities, read-only filesystems, non-root user) * Secrets management for NEXTAUTH_SECRET * Enhanced health checks with proper timeouts * JSON logging with rotation - Add environment configuration template (.env.example): * All configurable variables documented * NextAuth, Flask, database, SMTP, security settings * Development and feature flag options * Example values for common configurations Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
168 lines
4.0 KiB
Plaintext
168 lines
4.0 KiB
Plaintext
# WorkflowUI Environment Configuration
|
|
# Copy this file to .env and update with your values
|
|
|
|
# ============================================
|
|
# NextAuth Configuration
|
|
# ============================================
|
|
|
|
# JWT secret for NextAuth - REQUIRED for production
|
|
# Generate with: openssl rand -base64 32
|
|
NEXTAUTH_SECRET=your-secret-key-here-change-this-in-production
|
|
|
|
# Frontend URL - REQUIRED for production
|
|
# Must match the URL users access the app from
|
|
NEXTAUTH_URL=http://localhost:3000
|
|
|
|
# NextAuth callback URL (optional, defaults to NEXTAUTH_URL)
|
|
# NEXTAUTH_CALLBACK_URL=http://localhost:3000/api/auth/callback
|
|
|
|
# ============================================
|
|
# Node.js / Next.js Configuration
|
|
# ============================================
|
|
|
|
# Environment mode
|
|
NODE_ENV=production
|
|
|
|
# Debug mode (not recommended for production)
|
|
# DEBUG=workflowui:*
|
|
|
|
# ============================================
|
|
# Python / Flask Configuration
|
|
# ============================================
|
|
|
|
# Flask environment
|
|
FLASK_ENV=production
|
|
|
|
# Flask app module
|
|
FLASK_APP=backend/server_sqlalchemy.py
|
|
|
|
# Debug mode (NEVER enable in production)
|
|
FLASK_DEBUG=0
|
|
|
|
# ============================================
|
|
# Database Configuration
|
|
# ============================================
|
|
|
|
# SQLite database path
|
|
# File path inside container - will be persisted in Docker volume
|
|
DATABASE_URL=file:/app/data/workflows.db
|
|
|
|
# Alternative: PostgreSQL
|
|
# Uncomment below to use PostgreSQL instead of SQLite
|
|
# DATABASE_URL=postgresql://user:password@db-host:5432/workflowui_db
|
|
|
|
# Python unbuffered output
|
|
PYTHONUNBUFFERED=1
|
|
|
|
# ============================================
|
|
# SMTP Relay Configuration (Optional)
|
|
# ============================================
|
|
|
|
# SMTP relay hostname
|
|
# Use 'smtp-relay' for Docker Compose setup
|
|
SMTP_RELAY_HOST=smtp-relay
|
|
|
|
# SMTP relay port
|
|
SMTP_RELAY_PORT=2525
|
|
|
|
# Sender email address
|
|
SMTP_FROM_ADDRESS=noreply@metabuilder.local
|
|
|
|
# ============================================
|
|
# Email Gateway Configuration (Optional)
|
|
# ============================================
|
|
|
|
# Gmail configuration for forwarding emails
|
|
# 1. Enable 2FA on your Gmail account
|
|
# 2. Generate app password: https://myaccount.google.com/apppasswords
|
|
# 3. Set these variables:
|
|
|
|
# Gmail username
|
|
# GMAIL_USERNAME=your-email@gmail.com
|
|
|
|
# Gmail app password (16 characters)
|
|
# GMAIL_APP_PASSWORD=xxxx xxxx xxxx xxxx
|
|
|
|
# Recipient email address
|
|
# FORWARD_TO=recipient@example.com
|
|
|
|
# Allow any recipient address (not recommended for production)
|
|
# ALLOW_ANY_RCPT=false
|
|
|
|
# ============================================
|
|
# Logging Configuration
|
|
# ============================================
|
|
|
|
# Log level for Flask
|
|
# Choices: DEBUG, INFO, WARNING, ERROR, CRITICAL
|
|
LOG_LEVEL=INFO
|
|
|
|
# Log directory (inside container)
|
|
LOG_DIR=/app/logs
|
|
|
|
# ============================================
|
|
# API Configuration
|
|
# ============================================
|
|
|
|
# API host binding
|
|
API_HOST=0.0.0.0
|
|
|
|
# API port
|
|
API_PORT=5000
|
|
|
|
# CORS allowed origins
|
|
# Comma-separated list or * for all
|
|
CORS_ORIGINS=http://localhost:3000
|
|
|
|
# ============================================
|
|
# Security Configuration
|
|
# ============================================
|
|
|
|
# HTTPS only (set to true in production)
|
|
HTTPS_ONLY=false
|
|
|
|
# Secure cookies
|
|
SECURE_COOKIES=false
|
|
|
|
# CORS credentials
|
|
CORS_CREDENTIALS=true
|
|
|
|
# ============================================
|
|
# Feature Flags
|
|
# ============================================
|
|
|
|
# Enable real-time collaboration
|
|
ENABLE_REALTIME_COLLAB=true
|
|
|
|
# Enable workflow versioning
|
|
ENABLE_VERSIONING=true
|
|
|
|
# Enable audit logging
|
|
ENABLE_AUDIT_LOG=true
|
|
|
|
# ============================================
|
|
# Development Only
|
|
# ============================================
|
|
|
|
# Run migrations on startup
|
|
RUN_MIGRATIONS=true
|
|
|
|
# Seed database with demo data
|
|
SEED_DEMO_DATA=false
|
|
|
|
# Hot reload for development
|
|
HOT_RELOAD=false
|
|
|
|
# ============================================
|
|
# Docker / Container Configuration
|
|
# ============================================
|
|
|
|
# Docker restart policy
|
|
RESTART_POLICY=unless-stopped
|
|
|
|
# Container memory limit (in MB)
|
|
# MEMORY_LIMIT=2048
|
|
|
|
# Container CPU limit (fractional CPUs)
|
|
# CPU_LIMIT=2.0
|