FileDuck/.env.example at main · cybe4sent1nel/FileDuck · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
# ===== FileDuck Environment Configuration =====
# Copy this file to .env and fill in your actual values
# Instructions: https://github.com/yourusername/filequack#configuration

# ===== Environment =====
NODE_ENV=development
# For production deployments (Vercel/Render):
# NODE_ENV=production

# ===== Storage Backend Selection =====
# Choose ONE storage backend: GitHub (recommended) or S3/MinIO
USE_GITHUB_STORAGE=true
USE_CDN=false

# ----- GitHub Releases Storage (FREE, Unlimited - RECOMMENDED) -----
# Create a GitHub Personal Access Token with 'repo' scope at:
# https://github.com/settings/tokens/new?scopes=repo&description=FileDuck%20Storage
GITHUB_TOKEN=ghp_your_github_personal_access_token_here
GITHUB_STORAGE_OWNER=your-github-username
GITHUB_STORAGE_REPO=fileduck-storage
GITHUB_CHUNK_SIZE=8388608
GITHUB_ENABLE_COMPRESSION=true
GITHUB_MAX_RELEASES_PER_HOUR=10

# ----- S3/MinIO Storage (Alternative - Local Dev with Docker) -----
# For local development: docker-compose up minio
# MinIO Console: http://localhost:9001 (minioadmin/minioadmin123)
AWS_REGION=us-east-1
AWS_ACCESS_KEY_ID=minioadmin
AWS_SECRET_ACCESS_KEY=minioadmin123
AWS_ENDPOINT=http://localhost:9000
S3_BUCKET_QUARANTINE=fileduck-quarantine
S3_BUCKET_PUBLIC=fileduck-public

# MinIO License (optional, for enterprise features)
MINIO_LICENSE=your-minio-license-key-here

# ===== Redis Cache (Upstash - FREE: 10K commands/day) =====
# Sign up at: https://upstash.com/ and create a Redis database
# Use REST API for serverless environments (Vercel)
UPSTASH_REDIS_REST_URL=https://your-redis-xxxxx.upstash.io
UPSTASH_REDIS_REST_TOKEN=your-upstash-rest-token-here

# Legacy Redis connection (for traditional deployments)
UPSTASH_REDIS_URL=https://your-redis-xxxxx.upstash.io
UPSTASH_REDIS_TOKEN=your-upstash-token-here

# ===== CDN - Cloudflare (Optional - FREE tier available) =====
# For production: Enable Cloudflare for global edge caching
# Sign up: https://dash.cloudflare.com/sign-up
USE_CDN=false
CLOUDFLARE_DOMAIN=cdn.yourdomain.com
CLOUDFLARE_TOKEN=your-cloudflare-api-token-here
CLOUDFLARE_SIGNING_KEY=your-32-char-url-signing-secret

# ===== Malware Scanning =====
# ClamAV (FREE - Local with Docker)
# Start with: docker-compose up clamav
CLAMAV_HOST=localhost
CLAMAV_PORT=3310

# VirusTotal (FREE: 500 API requests/day)
# Get API key: https://www.virustotal.com/
VIRUSTOTAL_API_KEY=your-virustotal-api-key-here

# ===== Security & Authentication =====
# JWT Secret for token signing (generate a secure random string)
# Generate: node -e "console.log(require('crypto').randomBytes(32).toString('hex'))"
JWT_SECRET=your-64-character-hex-secret-key-here-replace-this

# Cloudflare Turnstile CAPTCHA (FREE: Unlimited requests)
# Get keys: https://dash.cloudflare.com/
VITE_TURNSTILE_SITE_KEY=0x4AAAAAAAA_your_site_key_here
RECAPTCHA_SECRET_KEY=0x4AAAAAAAA_your_secret_key_here

# Cron job authentication (for automated cleanup tasks)
CRON_SECRET=your-random-bearer-token-for-cron-jobs

# ===== Rate Limiting =====
RATE_LIMIT_WINDOW_MS=60000
RATE_LIMIT_MAX_REQUESTS=10

# ===== Service Ports =====
API_PORT=3001
SCANNER_PORT=4000

# ===== Frontend Configuration (Vite) =====
# For local development:
VITE_API_URL=/api
VITE_SCANNER_URL=http://localhost:4000

# For production (update with your actual domain):
# VITE_API_URL=https://yourdomain.com/api
# VITE_SCANNER_URL=https://scanner.yourdomain.com
# VITE_TURNSTILE_SITE_KEY=0x4AAAAAAAA_your_site_key_here

# ===== Deployment-Specific (Vercel/Render) =====
# These are automatically set by the platform
# VERCEL=1
# RAILWAY_ENVIRONMENT=production