5da165f739
- README : section Variables d'environnement (ENCRYPTION_KEY, LOCK_DSN) + section Déploiement passée au flow Docker (deploy.sh) - mail-cron-setup : sépare dev (make, php-lesstime-fpm) et prod (lesstime-app, docker compose exec), cron prod réel - infra/prod/.env.example : ajoute ENCRYPTION_KEY et LOCK_DSN (manquaient, requis pour la sync mail) Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
30 lines
887 B
Plaintext
30 lines
887 B
Plaintext
# Symfony
|
|
APP_ENV=prod
|
|
APP_DEBUG=0
|
|
APP_SECRET=change-me
|
|
|
|
# Database (use host.docker.internal to reach bare-metal PostgreSQL)
|
|
DATABASE_URL="postgresql://lesstime_user:password@host.docker.internal:5432/lesstime_prod?serverVersion=16&charset=utf8"
|
|
|
|
# JWT
|
|
JWT_SECRET_KEY=%kernel.project_dir%/config/jwt/private.pem
|
|
JWT_PUBLIC_KEY=%kernel.project_dir%/config/jwt/public.pem
|
|
JWT_PASSPHRASE=change-me
|
|
JWT_COOKIE_SECURE=1
|
|
JWT_COOKIE_SAMESITE=lax
|
|
JWT_TOKEN_TTL=86400
|
|
JWT_COOKIE_TTL=86400
|
|
|
|
# Mail (intégration IMAP/SMTP)
|
|
# Clé hex 32 bytes chiffrant les credentials mail stockés en base.
|
|
# Générer : php -r "echo bin2hex(random_bytes(32));" — doit rester STABLE.
|
|
ENCRYPTION_KEY=change-me
|
|
# Store de verrous Symfony pour la sync mail (anti-chevauchement du cron).
|
|
LOCK_DSN=flock
|
|
|
|
# CORS
|
|
CORS_ALLOW_ORIGIN='^https?://project\.malio-dev\.fr$'
|
|
|
|
# App
|
|
DEFAULT_URI=https://project.malio-dev.fr
|