-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.env.example
More file actions
222 lines (195 loc) · 8.53 KB
/
.env.example
File metadata and controls
222 lines (195 loc) · 8.53 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
# Heimdall SDR - Environment Configuration Template
# ⚠️ DEVELOPMENT ONLY - DO NOT USE IN PRODUCTION
#
# Copy this file to .env and update values for your environment:
# cp .env.example .env
#
# For detailed information about these credentials and how to use them,
# see: docs/dev-credentials.md
#
# SECURITY WARNING: These are default development credentials.
# Change all passwords before deploying to production!
# ============================================================================
# Global Network Configuration
# ============================================================================
# Host used for external connections (from host machine to containers)
# Default: localhost (for local development)
# For remote deployments: set to your server IP or domain
DOCKER_HOST=localhost
# ============================================================================
# PostgreSQL Database (with TimescaleDB extension)
# ============================================================================
# Default credentials for local development
# Access: localhost:5432
# Connection string: postgresql://heimdall_user:changeme@localhost:5432/heimdall
POSTGRES_DB=heimdall
POSTGRES_USER=heimdall_user
POSTGRES_PASSWORD=changeme
POSTGRES_HOST=localhost
POSTGRES_PORT=5432
# ============================================================================
# pgAdmin - PostgreSQL Web Management UI
# ============================================================================
# Web UI: http://localhost:5050
# Login with these credentials to manage PostgreSQL databases
PGADMIN_EMAIL=admin@pg.com
PGADMIN_PASSWORD=admin
# ============================================================================
# RabbitMQ Message Queue
# ============================================================================
# Default credentials for message queue
# Management UI: http://localhost:15672
# AMQP: amqp://guest:guest@localhost:5672//
RABBITMQ_DEFAULT_USER=guest
RABBITMQ_DEFAULT_PASS=guest
RABBITMQ_HOST=localhost
RABBITMQ_PORT=5672
# ============================================================================
# Redis Cache & Celery Result Backend
# ============================================================================
# Connection: redis://:changeme@localhost:6379/0
# CLI: redis-cli -h localhost -p 6379 -a changeme
REDIS_PASSWORD=changeme
REDIS_HOST=localhost
REDIS_PORT=6379
# ============================================================================
# MinIO Object Storage (S3-compatible)
# ============================================================================
# Console UI: http://localhost:9001
# API: http://localhost:9000
# Buckets: heimdall-raw-iq, heimdall-models, heimdall-mlflow, heimdall-datasets
MINIO_ROOT_USER=minioadmin
MINIO_ROOT_PASSWORD=minioadmin
MINIO_HOST=localhost
MINIO_PORT=9000
# ============================================================================
# MLflow Tracking
# ============================================================================
# Experiment tracking and model registry
MLFLOW_TRACKING_URI=postgresql://heimdall_user:changeme@localhost:5432/mlflow
MLFLOW_ARTIFACT_URI=s3://minio/mlflow
MLFLOW_S3_ENDPOINT_URL=http://localhost:9000
# ============================================================================
# Grafana Dashboards
# ============================================================================
# Web UI: http://localhost:3000
# Default admin credentials (will prompt to change on first login)
GRAFANA_USER=admin
GRAFANA_PASSWORD=admin
GRAFANA_PORT=3000
# ============================================================================
# Prometheus Monitoring
# ============================================================================
# Web UI: http://localhost:9090
# No authentication required in development
PROMETHEUS_PORT=9090
# ============================================================================
# Microservices Ports
# ============================================================================
# API Gateway - Main REST API entry point
# Docs: http://localhost:8000/docs
API_GATEWAY_PORT=8000
API_GATEWAY_URL=http://localhost:8000
# Backend Service - General purpose backend (CRUD, RF acquisition, state management)
# Docs: http://localhost:8001/docs
BACKEND_HOST=backend
BACKEND_PORT=8001
BACKEND_URL=http://backend:8001
# Legacy aliases for backward compatibility
RF_ACQUISITION_HOST=backend
RF_ACQUISITION_PORT=8001
RF_ACQUISITION_URL=http://backend:8001
# Training Service - ML model training pipeline
# Docs: http://localhost:8002/docs
TRAINING_HOST=training
TRAINING_PORT=8002
TRAINING_URL=http://training:8002
# Inference Service - Real-time ML inference
# Docs: http://localhost:8003/docs
INFERENCE_HOST=inference
INFERENCE_PORT=8003
INFERENCE_URL=http://inference:8003
# Data Ingestion Web - Data collection UI and API
# Docs: http://localhost:8004/docs
DATA_INGESTION_HOST=data-ingestion-web
DATA_INGESTION_PORT=8004
DATA_INGESTION_URL=http://data-ingestion-web:8004
# ============================================================================
# Keycloak Authentication Provider
# ============================================================================
# Admin Console: http://localhost:8080
# Realm: heimdall
# Default admin credentials (will prompt to change in production)
KEYCLOAK_ADMIN=admin
KEYCLOAK_ADMIN_PASSWORD=admin
KEYCLOAK_REALM=heimdall
KEYCLOAK_URL=http://localhost:8080
# Application user credentials (created automatically on startup)
APP_USER_EMAIL=admin@heimdall.local
APP_USER_PASSWORD=admin
# Keycloak clients for microservices
KEYCLOAK_FRONTEND_CLIENT_ID=heimdall-frontend
VITE_KEYCLOAK_CLIENT_ID=heimdall-frontend
KEYCLOAK_API_GATEWAY_CLIENT_ID=api-gateway
KEYCLOAK_API_GATEWAY_CLIENT_SECRET=api-gateway-secret-change-in-production
KEYCLOAK_BACKEND_CLIENT_ID=backend
KEYCLOAK_BACKEND_CLIENT_SECRET=backend-secret-change-in-production
# Legacy aliases for backward compatibility
KEYCLOAK_RF_ACQUISITION_CLIENT_ID=backend
KEYCLOAK_RF_ACQUISITION_CLIENT_SECRET=backend-secret-change-in-production
KEYCLOAK_TRAINING_CLIENT_ID=training
KEYCLOAK_TRAINING_CLIENT_SECRET=training-secret-change-in-production
KEYCLOAK_INFERENCE_CLIENT_ID=inference
KEYCLOAK_INFERENCE_CLIENT_SECRET=inference-secret-change-in-production
KEYCLOAK_DATA_INGESTION_CLIENT_ID=data-ingestion-web
KEYCLOAK_DATA_INGESTION_CLIENT_SECRET=data-ingestion-secret-change-in-production
# ============================================================================
# Application Settings
# ============================================================================
LOG_LEVEL=INFO
DEBUG=false
# ============================================================================
# WebSDR Configuration
# ============================================================================
WEBSDR_TIMEOUT=10
WEBSDR_RETRY_COUNT=3
WEBSDR_CONCURRENT_LIMIT=10
# ============================================================================
# Frontend Configuration
# ============================================================================
# API Configuration
# Note: API paths are prefixed with /api/v1/{service}
# The base URL should point to the API Gateway root (without /api suffix)
VITE_API_URL=http://localhost:8000
VITE_API_TIMEOUT=10000
# Environment
VITE_ENV=development
# Feature Flags
VITE_ENABLE_ANALYTICS=true
VITE_ENABLE_DEBUG=false
# Keycloak Authentication Configuration (Frontend)
# OAuth2/OIDC authentication provider
VITE_KEYCLOAK_URL=http://localhost:8080
VITE_KEYCLOAK_REALM=heimdall
# Default Development Credentials (E2E tests only)
# ⚠️ DO NOT USE IN PRODUCTION - Change immediately for any non-local deployment
VITE_ADMIN_EMAIL=admin@heimdall.local
VITE_ADMIN_PASSWORD=admin
VITE_AUTH_TOKEN_KEY=heimdall_auth_token
VITE_SESSION_TIMEOUT=3600000
# Endpoints
VITE_SOCKET_URL=ws://localhost:8000/ws
# Mapbox Configuration
# Get your free API token at https://www.mapbox.com/ (50,000 map loads/month free tier)
VITE_MAPBOX_TOKEN=your_mapbox_api_token_here
# ============================================================================
# IMPORTANT SECURITY NOTES
# ============================================================================
# 1. These are DEFAULT DEVELOPMENT credentials - publicly documented
# 2. NEVER use these in production environments
# 3. NEVER commit your .env file to version control (.gitignore is set)
# 4. For production: Use secret management (K8s Secrets, Vault, etc.)
# 5. Change ALL passwords and client secrets immediately for any non-local deployment
# 6. See docs/dev-credentials.md for detailed security guidelines
# 7. Keycloak client secrets MUST be changed in production
# ============================================================================