808fbf5c7c
<message>Update the _set_golden_from_path function to improve the handling of existing golden image files. Replace the existing unlink logic with a more robust method that safely removes files or broken symlinks using the missing_ok parameter. This change enhances the reliability of the backup upload process by ensuring that stale references are properly cleared before setting a new golden image path.
104 lines
4.2 KiB
Plaintext
104 lines
4.2 KiB
Plaintext
# =============================================================================
|
|
# GNSS Guard Server Configuration
|
|
# =============================================================================
|
|
# Copy this file to .env.prod and configure for your environment
|
|
# Example: cp env.example .env.prod
|
|
|
|
# =============================================================================
|
|
# SERVER SETTINGS
|
|
# =============================================================================
|
|
|
|
# Host to bind to (127.0.0.1 when behind Nginx proxy)
|
|
GNSS_SERVER_HOST=127.0.0.1
|
|
|
|
# Port to bind to
|
|
GNSS_SERVER_PORT=8000
|
|
|
|
# Enable debug mode (set to false in production)
|
|
GNSS_SERVER_DEBUG=false
|
|
|
|
# =============================================================================
|
|
# DATABASE (PostgreSQL RDS) - REQUIRED!
|
|
# =============================================================================
|
|
# The server will NOT start without a valid database URL!
|
|
|
|
# Full database connection URL
|
|
# Format: postgresql://USER:PASSWORD@HOST:PORT/DATABASE
|
|
GNSS_SERVER_DATABASE_URL=postgresql://gnss_admin:your-password@your-rds-endpoint.rds.amazonaws.com:5432/gnss_guard
|
|
|
|
# =============================================================================
|
|
# SECURITY
|
|
# =============================================================================
|
|
|
|
# Secret key for session encryption (generate with: python -c "import secrets; print(secrets.token_urlsafe(32))")
|
|
GNSS_SERVER_SECRET_KEY=change-this-to-a-random-secret-key
|
|
|
|
# Session expiration in minutes (default: 24 hours)
|
|
GNSS_SERVER_SESSION_EXPIRE_MINUTES=1440
|
|
|
|
# =============================================================================
|
|
# WEB UI AUTHENTICATION (REQUIRED - no defaults!)
|
|
# =============================================================================
|
|
# These credentials are used to login to the web dashboard.
|
|
# The server will NOT start without these being set!
|
|
|
|
# Username for web dashboard login (REQUIRED)
|
|
GNSS_SERVER_WEB_USERNAME=your_username_here
|
|
|
|
# Password for web dashboard login (REQUIRED)
|
|
# Requirements:
|
|
# - At least 12 characters long
|
|
# - Cannot be common passwords like 'password', 'admin', 'test'
|
|
# Generate a secure password: python -c "import secrets; print(secrets.token_urlsafe(16))"
|
|
GNSS_SERVER_WEB_PASSWORD=your_secure_password_here
|
|
|
|
# =============================================================================
|
|
# DOMAIN (for SSL/HTTPS)
|
|
# =============================================================================
|
|
|
|
# Server domain name (for Let's Encrypt SSL)
|
|
GNSS_SERVER_DOMAIN=gnss.yourdomain.com
|
|
|
|
# =============================================================================
|
|
# VALIDATION
|
|
# =============================================================================
|
|
|
|
# Staleness threshold in seconds (data older than this is considered stale)
|
|
GNSS_SERVER_STALE_THRESHOLD_SECONDS=60
|
|
|
|
# =============================================================================
|
|
# ASSET OFFLINE DETECTION
|
|
# =============================================================================
|
|
|
|
# Seconds without updates before an asset is considered offline (default: 120)
|
|
# Triggers Telegram notification when asset goes offline/online
|
|
GNSS_SERVER_ASSET_OFFLINE_SECONDS=120
|
|
|
|
# =============================================================================
|
|
# DATA RETENTION
|
|
# =============================================================================
|
|
|
|
# Days to keep validation history (default: 90)
|
|
GNSS_SERVER_VALIDATION_HISTORY_DAYS=90
|
|
|
|
# =============================================================================
|
|
# TELEGRAM NOTIFICATIONS (Optional)
|
|
# =============================================================================
|
|
# Server-side Telegram notifications for all assets.
|
|
# Each asset can override the chat_id to send to a different chat/group.
|
|
|
|
# Telegram bot token (from @BotFather)
|
|
GNSS_SERVER_TELEGRAM_BOT_TOKEN=
|
|
|
|
# Default Telegram chat ID (negative for groups)
|
|
# Individual assets can override this in the database
|
|
GNSS_SERVER_TELEGRAM_CHAT_ID=
|
|
|
|
# =============================================================================
|
|
# SSL (for Docker deployment with Traefik)
|
|
# =============================================================================
|
|
|
|
# Email for Let's Encrypt certificate notifications
|
|
LETSENCRYPT_EMAIL=admin@yourdomain.com
|
|
|