Refactor environment configuration templates with comprehensive documentation

Updates .env.example files for both backend and telegram-bot with:
- Complete variable coverage matching actual code usage
- Clear section-based organization (Oracle, JWT, SMTP, Cache, etc.)
- Detailed comments explaining purpose and usage location for each variable
- Added missing critical variables (AUTH_SESSION_SECRET, CACHE_*, token expiration settings)
- Removed unused/dead variables (CLAUDE_API_KEY, DEBUG, API_HOST, SQLITE_DB_PATH, etc.)
- Consistent formatting and structure across development and production templates

Critical additions:
- AUTH_SESSION_SECRET for email 2FA flow (must match between backend and telegram-bot)
- Full cache configuration variables (17 vars for hybrid L1/L2 cache system)
- Token expiration settings (ACCESS_TOKEN_EXPIRE_MINUTES, REFRESH_TOKEN_EXPIRE_DAYS)
- SMTP email retry settings for telegram bot

Ensures all .env.example files accurately reflect required and optional environment
variables used in the codebase, making deployment and configuration easier.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
2025-11-11 12:30:44 +02:00
parent 706062dc0f
commit 830c5c8181
2 changed files with 100 additions and 92 deletions

View File

@@ -1,51 +1,33 @@
# ============================================================================
# ROA2WEB Telegram Bot - Environment Configuration
# ROA2WEB Telegram Bot - Environment Configuration Template
# ============================================================================
# Copy this file to .env and fill in your actual values
# IMPORTANT: Never commit .env file to git!
# ============================================================================
# REQUIRED CONFIGURATION
# TELEGRAM BOT CONFIGURATION (REQUIRED)
# ============================================================================
# Obtain bot token from @BotFather on Telegram
# Used by app/main.py to authenticate the bot
# Telegram Bot Configuration
# Obtain from @BotFather on Telegram
TELEGRAM_BOT_TOKEN=your_bot_token_here
# Claude Authentication Configuration
# ============================================================================
# You have TWO options for Claude authentication:
#
# OPTION 1: API Key (pay per token - requires API credits)
# - Get API key from: https://console.anthropic.com/
# - Set CLAUDE_API_KEY below
# - You will be charged per API usage (separate from Claude subscription)
#
# OPTION 2: Claude Pro/Max Subscription (RECOMMENDED if you have subscription)
# - If you have Claude Pro or Claude Max subscription
# - Run: claude-code login (one-time setup)
# - Leave CLAUDE_API_KEY empty or commented out
# - You won't pay extra API credits (uses your existing subscription)
#
# For development/local usage: Use Option 2 if you have subscription
# For Docker/production: Use Option 1 (API key is simpler in containers)
# BACKEND API CONFIGURATION (REQUIRED)
# ============================================================================
# OPTION 1: Set this if using API key
CLAUDE_API_KEY=
# OPTION 2: Leave empty and run "claude-code login" before starting bot
# Backend API URL
# Backend API URL for data retrieval
# Used by app/api/client.py and app/main.py
# Development: http://localhost:8001
# Docker: http://roa-backend:8000
BACKEND_URL=http://roa-backend:8000
BACKEND_URL=http://localhost:8001
# ============================================================================
# EMAIL AUTHENTICATION (SMTP) CONFIGURATION
# EMAIL AUTHENTICATION (SMTP) CONFIGURATION (REQUIRED for email 2FA)
# ============================================================================
# Required for email-based 2FA authentication flow
# Users can login with email + password instead of web app linking
# Used by app/utils/email_service.py
# SMTP Server Configuration
SMTP_HOST=mail.romfast.ro
@@ -56,47 +38,36 @@ SMTP_FROM_EMAIL=ups@romfast.ro
SMTP_FROM_NAME=ROA2WEB
SMTP_USE_TLS=true
# Email Sending Settings
# Email Retry Settings (used by app/utils/email_service.py)
EMAIL_MAX_RETRIES=3
EMAIL_RETRY_DELAY=2.0
EMAIL_CODE_EXPIRY_MINUTES=5
EMAIL_CODE_LENGTH=6
MAX_EMAIL_ATTEMPTS_PER_HOUR=3
# Session Security (must match backend AUTH_SESSION_SECRET)
# ============================================================================
# SESSION SECURITY (REQUIRED)
# ============================================================================
# Must match backend AUTH_SESSION_SECRET for email login flow
# Used by app/auth/email_auth.py for session token validation
# Generate with: python3 -c "import secrets; print(secrets.token_urlsafe(32))"
AUTH_SESSION_SECRET=your-secure-random-secret-here-min-32-chars
# ============================================================================
# DATABASE CONFIGURATION
# INTERNAL API CONFIGURATION (OPTIONAL - has defaults)
# ============================================================================
# Internal API port for backend to call telegram-bot (save auth codes)
# Used by app/main.py to start internal FastAPI server
# Default: 8002
# SQLite Database Path (STANDALONE)
# This is where user data, auth codes, and sessions are stored
# Development: ./data/telegram_bot.db
# Docker: /app/data/telegram_bot.db
SQLITE_DB_PATH=/app/data/telegram_bot.db
# ============================================================================
# NETWORKING CONFIGURATION
# ============================================================================
# Internal API Port (for backend to call telegram-bot)
# This port is used by the backend to save auth codes
INTERNAL_API_PORT=8002
# ============================================================================
# OPTIONAL CONFIGURATION
# ============================================================================
# Enable internal API documentation (development only)
# Used by app/internal_api.py
# Default: false
# Logging Level
# Options: DEBUG, INFO, WARNING, ERROR, CRITICAL
LOG_LEVEL=INFO
ENABLE_DOCS=false
# Sentry DSN for error monitoring (optional)
# Get from: https://sentry.io/
SENTRY_DSN=
# Show detailed error messages in API responses (development only)
# Used by app/internal_api.py
# Default: false
# Environment
# Options: development, production
ENVIRONMENT=production
DEBUG=false