CodePark/.env.staging at main · skanda890/CodePark · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
# CodePark v2.0.0 - Staging Environment Configuration
# Date: December 20, 2025
# SECURITY: Secrets are injected via environment variables or secrets manager
# DO NOT add actual secrets here

# Application
NODE_ENV=staging
PORT=3000
HOST=0.0.0.0

# Logging
LOG_LEVEL=info
LOG_BUFFER_SIZE=1000
LOG_FILE=/var/log/codepark/app.log
LOG_FILE_MAX_SIZE=10485760
LOG_FILE_MAX_FILES=10
LOG_HTTP_ENDPOINT=https://logs-staging.example.com/api/logs
LOG_HTTP_HEADERS={"Authorization":"Bearer ${LOG_HTTP_API_KEY}"}

# CORS Configuration
CORS_ORIGINS=https://staging.example.com,https://app-staging.example.com,https://dashboard-staging.example.com
ADDITIONAL_CORS_ORIGINS=https://test.example.com

# Database
# Injected via secrets manager (GitHub Secrets, Kubernetes Secrets, etc.)
# Format in secrets manager: MONGODB_URI=mongodb+srv://USER:PASSWORD@host/db
MONGODB_URI=${MONGODB_URI}

# Redis
REDIS_HOST=redis-staging.example.com
REDIS_PORT=6379
REDIS_PASSWORD=${REDIS_PASSWORD}
REDIS_DB=0

# IP Whitelisting
IP_WHITELIST_MODE=whitelist
IP_WHITELIST=10.0.0.0/8,192.168.0.0/16,203.0.113.0/24
MAX_REQUESTS_PER_IP=5000

# Caching
CACHE_TTL=300000
CACHE_MAX_SIZE=10000
CACHE_BACKEND=memory

# Compression
COMPRESSION_LEVEL=6
COMPRESSION_MIN_SIZE=1024

# Health Check
HEALTH_CHECK_TIMEOUT=5000
HEALTH_CHECK_THRESHOLD=3

# API Keys (Injected via secrets manager)
API_KEY_STAGING=${API_KEY_STAGING}

# Feature Flags
FEATURE_RATE_LIMITING=true
FEATURE_CACHING=true
FEATURE_COMPRESSION=true
FEATURE_HEALTH_CHECKS=true

# Debug
DEBUG=codepark:*

# ================================
# HOW TO SET SECRETS
# ================================
# GitHub Actions:
#   1. Go to: Settings → Secrets and Variables → Actions
#   2. Add: STAGING_DB_USER, STAGING_DB_PASSWORD, STAGING_REDIS_PASSWORD, etc.
#   3. In workflow, create .env.staging with secrets:
#      MONGODB_URI=mongodb+srv://${{ secrets.STAGING_DB_USER }}:${{ secrets.STAGING_DB_PASSWORD }}@host/db
#
# Kubernetes:
#   1. Create secret: kubectl create secret generic codepark-secrets --from-literal=MONGODB_URI=...
#   2. Reference in deployment: envFrom:
#        - secretRef:
#            name: codepark-secrets
#
# Local Development:
#   1. Copy to .env.staging.local
#   2. Fill in actual values
#   3. .env.staging.local is in .gitignore (never committed)