Update: 2026-06-16 17:47:17

2026-06-16 17:47:19 +03:00
parent 49899da6b2
commit b516fbc4ed
96 changed files with 6073 additions and 3187 deletions
--- a/backend/.env.example
+++ b/backend/.env.example
@@ -0,0 +1,123 @@
+# =============================================================================
+# 🔐 Siro Project - Secure Environment Configuration
+# =============================================================================
+# ⚠️ CRITICAL: NEVER commit this file to Git!
+# Add .env to .gitignore immediately
+# =============================================================================
+
+# =============================================================================
+# Database Configuration - MAIN DATABASE
+# =============================================================================
+DB_HOST=localhost
+DB_PORT=3306
+DB_NAME=siro_main
+DB_USER=siro_user
+DB_PASS=<CHANGE_ME_STRONG_PASSWORD>
+
+# =============================================================================
+# Encryption Configuration - CRITICAL FOR SECURITY
+# =============================================================================
+# 🔐 Generate 32-character hex key: openssl rand -hex 16
+ENC_KEY=<CHANGE_ME_32_BYTE_HEX_KEY>
+ENCRYPTION_KEY_PATH=/home/siro-api/env/.encryption_key
+
+# =============================================================================
+# JWT Configuration
+# =============================================================================
+JWT_SECRET=<CHANGE_ME_LONG_RANDOM_STRING>
+JWT_ALGORITHM=HS256
+JWT_EXPIRY=3600
+JWT_REFRESH_EXPIRY=86400
+
+# =============================================================================
+# Redis Configuration
+# =============================================================================
+REDIS_HOST=localhost
+REDIS_PORT=6379
+REDIS_AUTH=<CHANGE_ME_REDIS_PASSWORD>
+REDIS_DB=0
+
+# =============================================================================
+# Rate Limiter Configuration
+# =============================================================================
+RATE_LIMIT_LOGIN_ATTEMPTS=5
+RATE_LIMIT_LOGIN_WINDOW=300
+RATE_LIMIT_API_REQUESTS=100
+RATE_LIMIT_API_WINDOW=60
+
+# =============================================================================
+# Wallet Configuration - S2S API
+# =============================================================================
+WALLET_API_URL=https://walletintaleq.intaleq.xyz/v2/main/
+# 🔐 Generate HMAC secret: openssl rand -base64 32
+WALLET_HMAC_SECRET=<CHANGE_ME_LONG_HMAC_SECRET>
+BACKEND_ID=siromove-backend-01
+ALLOWED_BACKEND_IDS=siromove-backend-01,siromove-backend-02
+
+# =============================================================================
+# Socket/Location Server Configuration
+# =============================================================================
+ALLOWED_SOCKET_URLS=https://location.siromove.com,https://socket.siromove.com
+SOCKET_API_TIMEOUT=10
+SOCKET_INTERNAL_KEY=<CHANGE_ME_INTERNAL_KEY>
+
+# =============================================================================
+# CORS Configuration
+# =============================================================================
+CORS_ALLOWED_ORIGINS=https://siromove.com,https://www.siromove.com
+CORS_ALLOWED_METHODS=GET,POST,PUT,DELETE,OPTIONS
+CORS_ALLOWED_HEADERS=Content-Type,Authorization
+
+# =============================================================================
+# Logging Configuration
+# =============================================================================
+LOG_LEVEL=info
+LOG_PATH=/var/log/siro-api/
+SECURITY_LOG_PATH=/var/log/siro-api/security/
+
+# =============================================================================
+# Firebase Configuration
+# =============================================================================
+FIREBASE_PROJECT_ID=siro-project
+FIREBASE_API_KEY=<CHANGE_ME_FIREBASE_KEY>
+
+# =============================================================================
+# SMS Configuration (for OTP)
+# =============================================================================
+SMS_PROVIDER=twilio
+SMS_API_KEY=<CHANGE_ME_SMS_KEY>
+SMS_API_SECRET=<CHANGE_ME_SMS_SECRET>
+
+# =============================================================================
+# Email Configuration
+# =============================================================================
+MAIL_HOST=smtp.gmail.com
+MAIL_PORT=587
+MAIL_USER=<CHANGE_ME_EMAIL>
+MAIL_PASS=<CHANGE_ME_EMAIL_PASSWORD>
+
+# =============================================================================
+# Application Configuration
+# =============================================================================
+APP_ENV=production
+APP_DEBUG=false
+APP_NAME=Siro
+
+# =============================================================================
+# Security Configuration - Fingerprint
+# =============================================================================
+FP_PEPPER=<CHANGE_ME_FINGERPRINT_PEPPER>
+
+# =============================================================================
+# Feature Flags
+# =============================================================================
+FEATURE_MFA_ENABLED=true
+FEATURE_S2S_WALLET_ENABLED=true
+FEATURE_CERTIFICATE_PINNING=true
+
+# =============================================================================
+# SECRETS - DO NOT EDIT OR COMMIT!
+# =============================================================================
+# This file contains secrets. Keep it secure!
+# Permissions: chmod 600 .env
+# Owner: www-data (or your web server user)