# ============================================================================= # PRODUCTION ENVIRONMENT VARIABLES TEMPLATE # ============================================================================= # ⚠️ THIS IS A TEMPLATE ONLY - DO NOT PUT REAL SECRETS HERE! # # SETUP INSTRUCTIONS: # 1. SSH into production server: ssh user@your-server-ip # 2. Navigate to stiftung directory: cd /opt/stiftung # 3. Copy this template: cp env-production.template .env # 4. Edit with REAL values: nano .env # 5. Set secure permissions: chmod 600 .env # # 🔒 SECURITY: # - The real .env file stays ONLY on the production server # - This template is safe to commit to Git (no real secrets) # - Git deployments will NEVER overwrite your real .env file # ============================================================================= # DATABASE CONFIGURATION POSTGRES_DB=stiftung POSTGRES_USER=stiftung POSTGRES_PASSWORD=your_secure_database_password_here DB_HOST=db DB_PORT=5432 # DJANGO CONFIGURATION DJANGO_SECRET_KEY=your_50_character_secret_key_here DJANGO_DEBUG=False DJANGO_ALLOWED_HOSTS=www.vhtv-stiftung.de,vhtv-stiftung.de LANGUAGE_CODE=de-de TIME_ZONE=Europe/Berlin # SESSION CONFIGURATION (prevents conflicts between apps) SESSION_COOKIE_NAME=stiftung_sessionid CSRF_COOKIE_NAME=stiftung_csrftoken # REDIS CONFIGURATION REDIS_URL=redis://redis:6379/0 # PAPERLESS CONFIGURATION PAPERLESS_API_URL=http://paperless:8000/api PAPERLESS_API_TOKEN=your_paperless_api_token_here PAPERLESS_SECRET_KEY=your_paperless_secret_key_here PAPERLESS_ADMIN_USER=admin PAPERLESS_ADMIN_PASSWORD=your_paperless_admin_password_here PAPERLESS_ADMIN_MAIL=admin@vhtv-stiftung.de # Paperless URL configuration for reverse proxy PAPERLESS_URL=https://vhtv-stiftung.de/paperless PAPERLESS_FORCE_SCRIPT_NAME=/paperless PAPERLESS_DESTINATAERE_TAG_ID= # IMAP-KONFIGURATION (E-Mail-Eingang) IMAP_HOST=mail.vhtv-stiftung.de IMAP_PORT=993 IMAP_USER=paperless@vhtv-stiftung.de IMAP_PASSWORD=your_imap_password_here IMAP_FOLDER=INBOX IMAP_USE_SSL=true # GRAMPS WEB CONFIGURATION GRAMPSWEB_SECRET_KEY=your_grampsweb_secret_key_here GRAMPSWEB_ADMIN_EMAIL=admin@vhtv-stiftung.de GRAMPSWEB_ADMIN_PASSWORD=your_grampsweb_admin_password_here # GRAMPS API CONNECTION (for Django integration) GRAMPS_URL=http://grampsweb:5000 GRAMPS_USERNAME=admin@vhtv-stiftung.de GRAMPS_PASSWORD=your_grampsweb_admin_password_here GRAMPS_API_TOKEN=your_gramps_api_token_if_needed # ============================================================================= # GENERATE SECRET KEYS: # ============================================================================= # Django Secret Key: python -c "from django.core.management.utils import get_random_secret_key; print(get_random_secret_key())" # Paperless Secret: openssl rand -base64 32 # GrampsWeb Secret: openssl rand -base64 32