romfast/roa2web-service-auto
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c5e051ad805fd521fb473ab7a09a0ab6ee85b3be
roa2web-service-auto/backend/.env.example
Marius Mutu c5e051ad80 feat: Migrate to ultrathin monolith architecture 
Consolidate 3 separate applications (reports-app, data-entry-app, telegram-bot) into a unified
architecture with single backend and frontend:

Backend Changes:
- Unified FastAPI backend at backend/ with modular structure
- Modules: reports, data_entry, telegram in backend/modules/
- Centralized config.py and main.py with all routers registered
- Single worker mode (--workers 1) for Telegram bot compatibility
- Shared Oracle connection pool and JWT authentication
- Unified requirements.txt and environment configuration

Frontend Changes:
- Single Vue.js SPA with module-based routing
- Unified frontend at src/ with modules in src/modules/{reports,data-entry}/
- Shared components and stores in src/shared/
- Error boundaries for module isolation
- Dual API proxy in Vite for module communication

Infrastructure:
- New unified startup scripts: start-prod.sh, start-test.sh, start-backend.sh
- Environment templates: .env.dev.example, .env.test.example, .env.prod.example
- Updated deployment scripts for Windows IIS
- Simplified SSH tunnel management

Documentation:
- Comprehensive CLAUDE.md with architecture overview
- Module-specific docs in docs/{data-entry,telegram}/
- Architecture decision records in docs/ARCHITECTURE-DECISIONS.md
- Deployment guides consolidated in deployment/windows/docs/

This migration reduces complexity, improves maintainability, and enables easier
deployment while maintaining all existing functionality.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2025-12-29 23:48:14 +02:00

147 lines
5.6 KiB
Plaintext
Raw Blame History

# ============================================================================
# ROA2WEB Unified Backend - Environment Configuration Template
# ============================================================================
# Single backend process serving Reports, Data Entry, and Telegram modules
#
# SETUP INSTRUCTIONS:
# 1. Copy this template: cp .env.example .env.dev
# 2. Fill in your actual values in .env.dev
# 3. Run: ./start-dev.sh (auto-copies .env.dev to .env)
#
# ENVIRONMENT FILES:
# - .env.dev → Development config (committed to git with real values)
# - .env.test → Test config (committed to git)
# - .env.prod → Production config template (committed, use placeholders!)
# - .env → Active config (auto-generated, NOT committed)
#
# IMPORTANT: Never manually edit .env - edit .env.dev instead!
# ============================================================================
# ORACLE DATABASE CONFIGURATION (REQUIRED - Shared by all modules)
# ============================================================================
# Connection to CONTAFIN_ORACLE schema for authentication and user management
# Each company is a separate schema in Oracle Database
# Development: Through SSH tunnel (localhost:1526)
# Windows Production: Direct connection to Oracle server
ORACLE_USER=CONTAFIN_ORACLE
ORACLE_PASSWORD=SET_IN_PRODUCTION_ENV
ORACLE_HOST=localhost
ORACLE_PORT=1526
ORACLE_SID=ROA
# Development Only: Start SSH tunnel before running backend
# ./ssh_tunnel.sh start
# ./ssh_tunnel.sh status
# ============================================================================
# JWT AUTHENTICATION (REQUIRED - Shared by all modules)
# ============================================================================
# Used for JWT token generation and validation (shared/auth/jwt_handler.py)
# Generate strong secret: python3 -c "import secrets; print(secrets.token_urlsafe(32))"
JWT_SECRET_KEY=GENERATE_STRONG_SECRET_IN_PRODUCTION
JWT_ALGORITHM=HS256
# Token expiration settings (used by shared/auth/jwt_handler.py)
ACCESS_TOKEN_EXPIRE_MINUTES=30
REFRESH_TOKEN_EXPIRE_DAYS=7
# ============================================================================
# SESSION SECURITY - EMAIL 2FA (REQUIRED for Telegram email login)
# ============================================================================
# Used by Telegram module for session token validation
# Generate with: python3 -c "import secrets; print(secrets.token_urlsafe(32))"
AUTH_SESSION_SECRET=your-secure-random-secret-here-min-32-chars
# ============================================================================
# SERVER CONFIGURATION
# ============================================================================
# Unified backend server settings
API_HOST=0.0.0.0
API_PORT=8000
DEBUG=false
# CORS Origins (comma-separated)
CORS_ORIGINS=http://localhost:3000,http://localhost:5173
# ============================================================================
# REPORTS MODULE - CACHE CONFIGURATION (OPTIONAL - defaults provided)
# ============================================================================
# Two-tier hybrid cache system (L1: in-memory LRU, L2: SQLite persistent)
# Used by backend/modules/reports/cache/config.py
# Core Settings
REPORTS_CACHE_ENABLED=True
REPORTS_CACHE_TYPE=hybrid
REPORTS_CACHE_SQLITE_PATH=./data/cache/roa2web_cache.db
REPORTS_CACHE_MEMORY_MAX_SIZE=1000
REPORTS_CACHE_DEFAULT_TTL=900
# TTL per Cache Type (seconds)
REPORTS_CACHE_TTL_SCHEMA=86400
REPORTS_CACHE_TTL_COMPANIES=1800
REPORTS_CACHE_TTL_DASHBOARD_SUMMARY=1800
REPORTS_CACHE_TTL_DASHBOARD_TRENDS=1800
REPORTS_CACHE_TTL_INVOICES=600
REPORTS_CACHE_TTL_INVOICES_SUMMARY=900
REPORTS_CACHE_TTL_TREASURY=600
# Maintenance
REPORTS_CACHE_CLEANUP_INTERVAL=3600
# Event-Based Invalidation (experimental)
REPORTS_CACHE_AUTO_INVALIDATE=False
REPORTS_CACHE_CHECK_INTERVAL=300
# Performance Tracking
REPORTS_CACHE_TRACK_PERFORMANCE=True
REPORTS_CACHE_BENCHMARK_ON_STARTUP=False
# ============================================================================
# DATA ENTRY MODULE - CONFIGURATION
# ============================================================================
# Data Entry module settings (receipts, OCR, etc.)
# SQLite Database
DATA_ENTRY_SQLITE_DATABASE_PATH=data/receipts/receipts.db
# File uploads
DATA_ENTRY_UPLOAD_PATH=data/receipts/uploads
DATA_ENTRY_MAX_UPLOAD_SIZE_MB=10
# ============================================================================
# TELEGRAM MODULE - BOT CONFIGURATION (REQUIRED for Telegram features)
# ============================================================================
# Obtain bot token from @BotFather on Telegram
TELEGRAM_BOT_TOKEN=your_bot_token_here
# ============================================================================
# TELEGRAM MODULE - EMAIL AUTHENTICATION (SMTP) (REQUIRED for email 2FA)
# ============================================================================
# Required for email-based 2FA authentication flow
# Users can login with email + password instead of web app linking
# SMTP Server Configuration
TELEGRAM_SMTP_HOST=mail.romfast.ro
TELEGRAM_SMTP_PORT=587
TELEGRAM_SMTP_USER=ups@romfast.ro
TELEGRAM_SMTP_PASSWORD=your_smtp_password_here
TELEGRAM_SMTP_FROM_EMAIL=ups@romfast.ro
TELEGRAM_SMTP_FROM_NAME=ROA2WEB
TELEGRAM_SMTP_USE_TLS=true
# Email Retry Settings
TELEGRAM_EMAIL_MAX_RETRIES=3
TELEGRAM_EMAIL_RETRY_DELAY=2.0
# ============================================================================
# TELEGRAM MODULE - DATABASE (SQLite for bot data)
# ============================================================================
# Separate SQLite database for Telegram bot auth codes and sessions
TELEGRAM_SQLITE_DATABASE_PATH=data/telegram/telegram.db
Reference in New Issue View Git Blame Copy Permalink