Skip to content

Commit 01ca271

Browse files
carlosplanchoncarlosplanchon
committed
With Claude Code: Files named env should be renamed to .env.example to follow standard conventions. Also add warning headers indicating these are example values that must be changed (current hardcoded values like SECRET_KEY and passwords could be accidentally used in production).
1 parent b8bb72c commit 01ca271

File tree

4 files changed

+51
-7
lines changed

4 files changed

+51
-7
lines changed

README.md

Lines changed: 6 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -37,8 +37,8 @@ cp scripts/local_with_uvicorn/Dockerfile Dockerfile
3737
cp scripts/local_with_uvicorn/docker-compose.yml docker-compose.yml
3838

3939
# Copy and create your environment file
40-
cp scripts/local_with_uvicorn/env src/.env
41-
# If you want, modify the minimal environment variables as described in the docs.
40+
cp scripts/local_with_uvicorn/.env.example src/.env
41+
# For local development, the example values work fine. Modify if needed.
4242

4343
# Run everything using Docker:
4444
docker compose up
@@ -53,7 +53,8 @@ cp scripts/gunicorn_managing_uvicorn_workers/Dockerfile Dockerfile
5353
cp scripts/gunicorn_managing_uvicorn_workers/docker-compose.yml docker-compose.yml
5454

5555
# Copy and create your environment file
56-
cp scripts/gunicorn_managing_uvicorn_workers/env src/.env
56+
cp scripts/gunicorn_managing_uvicorn_workers/.env.example src/.env
57+
# Recommended: Change SECRET_KEY and passwords for staging/testing environments.
5758

5859
# Run everything using Docker:
5960
docker compose up
@@ -66,7 +67,8 @@ cp scripts/production_with_nginx/docker-compose.yml docker-compose.yml
6667
cp default.conf default.conf # nginx configuration (already in root)
6768

6869
# Copy and create your environment file
69-
cp scripts/production_with_nginx/env src/.env
70+
cp scripts/production_with_nginx/.env.example src/.env
71+
# CRITICAL: You MUST change SECRET_KEY, all passwords, and sensitive values before deploying!
7072

7173
# Run everything using Docker:
7274
docker compose up

scripts/gunicorn_managing_uvicorn_workers/env renamed to scripts/gunicorn_managing_uvicorn_workers/.env.example

Lines changed: 15 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,18 @@
1-
# ------------- app settings -------------
1+
# ============================================================================
2+
# WARNING: EXAMPLE CONFIGURATION - DO NOT USE IN PRODUCTION AS-IS
3+
# ============================================================================
4+
# This file contains example values for development/testing purposes only.
5+
#
6+
# SECURITY CRITICAL: Before deploying to production, you MUST:
7+
# 1. Copy this file to src/.env
8+
# 2. Generate a new SECRET_KEY using: openssl rand -hex 32
9+
# 3. Change all passwords (POSTGRES_PASSWORD, ADMIN_PASSWORD, etc.)
10+
# 4. Update all sensitive configuration values
11+
#
12+
# Using these example values in production is a SECURITY RISK.
13+
# ============================================================================
14+
15+
# ------------- app settings -------------
216
APP_NAME="My Project"
317
APP_DESCRIPTION="My Project Description"
418
APP_VERSION="0.1"

scripts/local_with_uvicorn/env renamed to scripts/local_with_uvicorn/.env.example

Lines changed: 15 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,18 @@
1-
# ------------- app settings -------------
1+
# ============================================================================
2+
# WARNING: EXAMPLE CONFIGURATION - DO NOT USE IN PRODUCTION AS-IS
3+
# ============================================================================
4+
# This file contains example values for development/testing purposes only.
5+
#
6+
# SECURITY CRITICAL: Before deploying to production, you MUST:
7+
# 1. Copy this file to src/.env
8+
# 2. Generate a new SECRET_KEY using: openssl rand -hex 32
9+
# 3. Change all passwords (POSTGRES_PASSWORD, ADMIN_PASSWORD, etc.)
10+
# 4. Update all sensitive configuration values
11+
#
12+
# Using these example values in production is a SECURITY RISK.
13+
# ============================================================================
14+
15+
# ------------- app settings -------------
216
APP_NAME="My Project"
317
APP_DESCRIPTION="My Project Description"
418
APP_VERSION="0.1"

scripts/production_with_nginx/env renamed to scripts/production_with_nginx/.env.example

Lines changed: 15 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,18 @@
1-
# ------------- app settings -------------
1+
# ============================================================================
2+
# WARNING: EXAMPLE CONFIGURATION - DO NOT USE IN PRODUCTION AS-IS
3+
# ============================================================================
4+
# This file contains example values for development/testing purposes only.
5+
#
6+
# SECURITY CRITICAL: Before deploying to production, you MUST:
7+
# 1. Copy this file to src/.env
8+
# 2. Generate a new SECRET_KEY using: openssl rand -hex 32
9+
# 3. Change all passwords (POSTGRES_PASSWORD, ADMIN_PASSWORD, etc.)
10+
# 4. Update all sensitive configuration values
11+
#
12+
# Using these example values in production is a SECURITY RISK.
13+
# ============================================================================
14+
15+
# ------------- app settings -------------
216
APP_NAME="My Project"
317
APP_DESCRIPTION="My Project Description"
418
APP_VERSION="0.1"

0 commit comments

Comments
 (0)