rendiffdev
diff --git a/‎.env.example
Lines changed: 38 additions & 10 deletions b/‎.env.example
Lines changed: 38 additions & 10 deletions
diff --git a/‎.gitignore
Lines changed: 43 additions & 0 deletions b/‎.gitignore
Lines changed: 43 additions & 0 deletions
diff --git a/‎AUDIT_SUMMARY.md
Lines changed: 0 additions & 142 deletions b/‎AUDIT_SUMMARY.md
Lines changed: 0 additions & 142 deletions
diff --git a/‎Dockerfile.genai
Lines changed: 9 additions & 2 deletions b/‎Dockerfile.genai
Lines changed: 9 additions & 2 deletions
@@ -1,23 +1,51 @@
 # Copy this file to .env and update with your values
 
-# Database
+# Database Configuration
 POSTGRES_PASSWORD=your_secure_password_here
 POSTGRES_USER=ffmpeg_user
 POSTGRES_DB=ffmpeg_api
+DATABASE_URL=postgresql://ffmpeg_user:your_secure_password_here@postgres:5432/ffmpeg_api
 
-# Monitoring
-GRAFANA_PASSWORD=your_grafana_password_here
-
-# Storage
-STORAGE_PATH=./storage
+# Redis/Queue Configuration
+REDIS_URL=redis://redis:6379/0
 
 # API Configuration
-LOG_LEVEL=info
+API_HOST=0.0.0.0
+API_PORT=8000
 API_WORKERS=4
+LOG_LEVEL=info
+DEBUG=false
 
 # Worker Configuration
 WORKER_CONCURRENCY=4
+CPU_WORKERS=2
+GPU_WORKERS=0
+
+# Storage Configuration
+STORAGE_PATH=./storage
+STORAGE_CONFIG=/app/config/storage.yml
+
+# Security Configuration
+ADMIN_API_KEYS=your_admin_key_1,your_admin_key_2
+RENDIFF_API_KEYS=your_client_key_1,your_client_key_2,your_client_key_3
+ENABLE_API_KEYS=true
+CORS_ORIGINS=*
+
+# SSL/HTTPS Configuration (for production)
+DOMAIN_NAME=localhost
+CERTBOT_EMAIL=[email protected]
+CERT_RESOLVER=letsencrypt
+LETSENCRYPT_STAGING=false
+
+# Monitoring Configuration
+GRAFANA_PASSWORD=your_grafana_password_here
+PROMETHEUS_AUTH=admin:your_prometheus_password_here
+TRAEFIK_AUTH=admin:your_traefik_password_here
+
+# Resource Limits
+MAX_UPLOAD_SIZE=10737418240
+MAX_CONCURRENT_JOBS_PER_KEY=10
+MAX_JOB_DURATION=21600
 
-# Security - Admin Access
-# Generate secure admin keys and add them here (comma-separated)
-ADMIN_API_KEYS=your_admin_key_1,your_admin_key_2
+# External URLs
+EXTERNAL_URL=http://localhost:8080
@@ -3,5 +3,48 @@ __pycache__/
 .env
 .DS_Store
 /tmp
+
+# Database files
 *.db
+*.db-shm
+*.db-wal
 /data/
+
+# Backup files
+*.backup*
+*.bak
+*~
+.env_backups/
+
+# Log files
+*.log
+/logs/
+
+# Temporary files
+.tmp/
+temp/
+
+# IDE files
+.vscode/
+.idea/
+*.swp
+*.swo
+
+# OS files
+Thumbs.db
+.DS_Store
+
+# Generated documentation and reports
+CLEANUP_SUMMARY.md
+*REPORT*.md
+*AUDIT*.md
+*STATUS*.md
+*SUMMARY*.md
+*ANALYSIS*.md
+*_REPORT.md
+*_AUDIT.md
+*_STATUS.md
+
+# Storage and uploads
+/storage/
+/uploads/
@@ -44,11 +44,18 @@ RUN pip3 install --no-cache-dir torch torchvision torchaudio --index-url https:/
 # Copy application code
 COPY . .
 
+# Create user for security
+RUN groupadd -r rendiff && useradd -r -g rendiff -u 1000 rendiff
+
 # Create necessary directories
 RUN mkdir -p /app/storage /app/models/genai /tmp/ffmpeg
 
-# Set permissions
-RUN chmod +x /app/entrypoint.sh
+# Set permissions and ownership
+RUN chmod +x /app/entrypoint.sh && \
+    chown -R rendiff:rendiff /app /tmp/ffmpeg
+
+# Switch to non-root user
+USER rendiff
 
 # Expose ports
 EXPOSE 8000 9000