# ACC Server Manager Environment Configuration # Copy this file to .env and update with your actual values # ============================================================================= # CRITICAL SECURITY SETTINGS (REQUIRED) # ============================================================================= # JWT Secret Key - MUST be changed in production # Generate with: openssl rand -base64 64 JWT_SECRET=your-super-secure-jwt-secret-key-minimum-32-chars-long-change-this-in-production # Application Secrets - MUST be changed in production # Generate with: openssl rand -hex 32 APP_SECRET=your-super-secure-app-secret-change-this-in-production APP_SECRET_CODE=your-super-secure-app-secret-code-change-this-in-production # Encryption Key for sensitive data (MUST be exactly 32 characters for AES-256) # Generate with: openssl rand -hex 16 ENCRYPTION_KEY=your-32-character-encryption-key-here # ============================================================================= # CORE APPLICATION SETTINGS # ============================================================================= # Database file name (SQLite) DB_NAME=acc.db # Server port PORT=3000 # CORS allowed origin (use specific domains in production) CORS_ALLOWED_ORIGIN=http://localhost:5173 # Default admin password for initial setup (change after first login) PASSWORD=change-this-default-admin-password # ============================================================================= # INSTRUCTIONS FOR PRODUCTION DEPLOYMENT # ============================================================================= # 1. Generate secure secrets: # - JWT_SECRET: openssl rand -base64 64 # - APP_SECRET: openssl rand -hex 32 # - APP_SECRET_CODE: openssl rand -hex 32 # - ENCRYPTION_KEY: openssl rand -hex 16 # 2. Set appropriate CORS origins for your domain # 3. Change the default PASSWORD immediately after first login # 4. NEVER commit actual secrets to version control! # ============================================================================= # OPTIONAL SETTINGS (These are handled by system config in database) # ============================================================================= # The following settings are managed through the application's system config # and stored in the database. They are listed here for reference only: # # - SteamCMD path (configured via web interface) # - NSSM path (configured via web interface) # - Logging settings (handled by application defaults) # - Rate limiting (handled by application defaults) # - Backup settings (handled by application defaults) # - Monitoring settings (handled by application defaults) # # These can be configured through the web interface after installation.