-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathconfig.env.example
More file actions
118 lines (109 loc) · 5.99 KB
/
Copy pathconfig.env.example
File metadata and controls
118 lines (109 loc) · 5.99 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
# Copy to `config.env` and adjust values as needed.
#
# Docker (postgres container)
# The database superuser is POSTGRES_USER (default pos), not the conventional name "postgres".
# Tools that default to user "postgres" (psql, IDE DB plugins) will log FATAL: role "postgres" does not exist — use POSTGRES_USER / DB_USER from this file.
POSTGRES_DB=pos
POSTGRES_USER=pos
POSTGRES_PASSWORD=pos
POSTGRES_PORT=5433
#
# FastAPI Backend
# When running in Docker: use service name 'db' and internal port 5432
# When running the backend on your host: use 'localhost' and POSTGRES_PORT
DB_HOST=db
DB_PORT=5432
DB_USER=pos
DB_PASSWORD=pos
DB_NAME=pos
# Security
SECRET_KEY=CHANGE_THIS_TO_A_RANDOM_SECRET_KEY_IN_PRODUCTION
# Refresh token secret (must be DIFFERENT from SECRET_KEY for security)
REFRESH_SECRET_KEY=CHANGE_THIS_TO_ANOTHER_RANDOM_SECRET_IN_PRODUCTION
# Token expiration settings
ACCESS_TOKEN_EXPIRE_MINUTES=30
REFRESH_TOKEN_EXPIRE_DAYS=7
# CORS origins (comma-separated list of allowed origins)
# Default * allows any host (e.g. IP or domain); restrict in production if desired.
# Examples: CORS_ORIGINS=https://satisfecho.de | CORS_ORIGINS=http://192.168.1.100,https://app.yourdomain.com
CORS_ORIGINS=*
# Optional — Docker dev landing footer git short hash (front volume has no .git).
# ./run.sh sets this from the repo when unset. If you use plain `docker compose` from the repo root:
# export COMMIT_HASH=$(git rev-parse --short HEAD)
# COMMIT_HASH=
# Frontend URLs (used by Angular app; injected at container start)
# Production (single host): use relative URLs so registration and API work from any host (IP or domain).
# Development (separate front): use absolute URLs, e.g. API_URL=http://localhost:4202/api
API_URL=/api
WS_URL=
# Stripe (payment processing)
# Note: Stripe keys are now stored per-tenant in the database (configured in Settings)
# STRIPE_CURRENCY is used as a fallback if tenant has not configured a currency
STRIPE_CURRENCY=usd
# Revolut Merchant API — for testing/demo tenants only (system-wide fallback when tenant has no key)
# Production tenants must set their own Revolut Merchant API secret in Settings (per-tenant).
# Get the secret from Revolut Business Sandbox → API / Merchant API.
# REVOLUT_MERCHANT_SECRET=sk_...
# Base URL of the public app (for links in emails and Revolut payment redirects).
# When set: reservation emails include view/cancel links; Revolut checkout redirects back to this origin.
# Required for password-reset emails: staff/provider "Forgot password" returns HTTP 503 until this is set
# (and SMTP must be configured globally or per-tenant). Examples: https://satisfecho.de or http://127.0.0.1:4202
# PUBLIC_APP_BASE_URL=https://satisfecho.de
#
# Meta (Facebook Page / Instagram Business) — Settings → Social posts OAuth + publishing.
# Register an app at developers.facebook.com; set OAuth redirect to your API callback, e.g.
# https://your-host/api/tenant/social/oauth/meta/callback when ROOT_PATH=/api (or set META_OAUTH_REDIRECT_URI explicitly).
# Instagram publishing needs PUBLIC_APP_BASE_URL so Graph API can fetch /uploads/{tenant}/social/… image URLs.
# META_APP_ID=
# META_APP_SECRET=
# META_GRAPH_VERSION=v21.0
# META_OAUTH_REDIRECT_URI=
#
# Optional — legal document URLs for the whole deployment (landing, login, register).
# Tenants can override in Settings → Data & privacy (contact section). Use https://…
# If unset but PUBLIC_APP_BASE_URL is set, the API falls back to {PUBLIC_APP_BASE_URL}/terms and /privacy (same SPA).
# PUBLIC_TERMS_OF_SERVICE_URL=https://satisfecho.de/terms
# PUBLIC_PRIVACY_POLICY_URL=https://satisfecho.de/privacy
#
# Password reset emails link to {PUBLIC_APP_BASE_URL}/reset-password?token=… (staff + provider).
# Without PUBLIC_APP_BASE_URL, POST /password-reset/request responds with 503 (password_reset_not_configured).
# Optional: token lifetime (minutes, default 60).
# PASSWORD_RESET_TOKEN_EXPIRE_MINUTES=60
# Optional: max reset-email requests per client IP per hour (default 5; higher in non-production).
# RATE_LIMIT_PASSWORD_RESET_PER_HOUR=5
# Email (SMTP) – used for sending transactional emails (e.g. reservation confirmations)
# For Gmail: use an App Password (not your normal password). See docs/0018-gmail-setup.md
# SMTP_HOST=smtp.gmail.com
# SMTP_PORT=587
# SMTP_USE_TLS=true
# SMTP_USER=your-email@gmail.com
# SMTP_PASSWORD=your-16-char-app-password
# EMAIL_FROM=your-email@gmail.com
# If unset, the backend default is noreply@satisfecho.de (see back/app/settings.py); set explicitly in production.
# EMAIL_FROM_NAME=Your Restaurant Name
# WhatsApp (Twilio) – optional; when set, reservation reminders can be sent via WhatsApp when customer_phone is present
# TWILIO_ACCOUNT_SID=AC...
# TWILIO_AUTH_TOKEN=...
# TWILIO_WHATSAPP_FROM=+14155238886
# Default country code for normalizing phone numbers (ISO 3166-1 alpha-2, e.g. ES, DE, US)
# DEFAULT_PHONE_COUNTRY=ES
#
# Optional — Products bulk import: menu photo → vision API extracts dishes/prices (image not stored).
# When unset, staff can still import from JSON; the menu-photo tab stays disabled.
# PRODUCT_VISION_API_KEY=
# PRODUCT_VISION_API_URL=https://api.openai.com/v1/chat/completions
# PRODUCT_VISION_MODEL=gpt-4o-mini
#
# Rate limit: public guest feedback form submissions per client IP per hour (default 15; higher in non-production)
# RATE_LIMIT_GUEST_FEEDBACK_PER_HOUR=15
# Marketing sites at /<slug>/ (see config/marketing-sites.json) — optional sync when pos-front starts (Docker dev).
# PAT with **Actions: read** for **every** marketing repo in the manifest (e.g. 010_antillana, 020_…, 040_gustazo). A
# token limited to 040_gustazo only will leave other slugs on the committed placeholder in production.
# MARKETING_ARTIFACT_TOKEN=
# GUSTAZO_ARTIFACT_TOKEN=
# Optional: rebuild from a sibling checkout when no token or artifact fails (path inside container if using a bind mount):
# GUSTAZO_LOCAL_REPO=/gustazo-src
# SYNC_GUSTAZO_ON_START=1
# Set to 1 to re-fetch/re-build on every start (default only replaces placeholder bundle):
# GUSTAZO_REFRESH_EVERY_START=0
# GUSTAZO_NG_CONFIGURATION=production