Add redacted CatCatNya~ production env file.

Also add redaction script.
This commit is contained in:
Jeremy Kescher 2022-06-27 00:11:33 +02:00
parent 97d03110ed
commit 3f0ce80867
No known key found for this signature in database
GPG key ID: 48DFE4BB15BA5940
2 changed files with 70 additions and 0 deletions

43
.env.production.catcatnya Normal file
View file

@ -0,0 +1,43 @@
LOCAL_DOMAIN=catcatnya.com
ALTERNATE_DOMAINS=0.catcatnya.com,1.catcatnya.com,2.catcatnya.com,3.catcatnya.com,4.catcatnya.com,5.catcatnya.com,6.catcatnya.com,7.catcatnya.com,8.catcatnya.com,9.catcatnya.com
SINGLE_USER_MODE=false
SECRET_KEY_BASE=[REDACTED]
OTP_SECRET=[REDACTED]
VAPID_PRIVATE_KEY=[REDACTED]
VAPID_PUBLIC_KEY=[REDACTED]
DB_HOST=[REDACTED]
DB_PORT=[REDACTED]
DB_NAME=[REDACTED]
DB_USER=[REDACTED]
DB_PASS=[REDACTED]
REDIS_HOST=[REDACTED]
REDIS_PORT=[REDACTED]
REDIS_PASSWORD=[REDACTED]
S3_ENABLED=false
PAPERCLIP_ROOT_PATH=[REDACTED]
PAPERCLIP_ROOT_URL=https://cdn.catcatnya.com
SMTP_SERVER=smtp.kescher.at
SMTP_PORT=[REDACTED]
SMTP_LOGIN=[REDACTED]
SMTP_PASSWORD=[REDACTED]
SMTP_AUTH_METHOD=[REDACTED]
SMTP_OPENSSL_VERIFY_MODE=[REDACTED]
SMTP_FROM_ADDRESS='Mastodon <no-reply@catcatnya.com>'
ES_ENABLED=true
ES_HOST=[REDACTED]
ES_PORT=[REDACTED]
ES_PREFIX=[REDACTED]
AUTHORIZED_FETCH=true
RAILS_SERVE_STATIC_FILES=false
RAILS_LOG_LEVEL=warn
MAX_TOOT_CHARS=6942
MAX_DESCRIPTION_CHARS=6942
MAX_BIO_CHARS=6942
MAX_PROFILE_FIELDS=10
MAX_PINNED_TOOTS=10
MAX_DISPLAY_NAME_CHARS=50
MAX_POLL_OPTIONS=20
MAX_SEARCH_RESULTS=1000
MAX_REMOTE_EMOJI_SIZE=1048576
IP_RETENTION_PERIOD=86400

27
redact-env.bash Executable file
View file

@ -0,0 +1,27 @@
#!/usr/bin/env bash
if [[ -f "$1" ]]; then
sed -e '/^#.*$/d' \
-e 's/^SECRET_KEY_BASE=.*/SECRET_KEY_BASE=[REDACTED]/gi' \
-e 's/^OTP_SECRET=.*/OTP_SECRET=[REDACTED]/gi' \
-e 's/^VAPID_PRIVATE_KEY=.*/VAPID_PRIVATE_KEY=[REDACTED]/gi' \
-e 's/^VAPID_PUBLIC_KEY=.*/VAPID_PUBLIC_KEY=[REDACTED]/gi' \
-e 's/^DB_HOST=.*/DB_HOST=[REDACTED]/gi' \
-e 's/^DB_PORT=.*/DB_PORT=[REDACTED]/gi' \
-e 's/^DB_NAME=.*/DB_NAME=[REDACTED]/gi' \
-e 's/^DB_USER=.*/DB_USER=[REDACTED]/gi' \
-e 's/^DB_PASS=.*/DB_PASS=[REDACTED]/gi' \
-e 's/^REDIS_HOST=.*/REDIS_HOST=[REDACTED]/gi' \
-e 's/^REDIS_PORT=.*/REDIS_PORT=[REDACTED]/gi' \
-e 's/^REDIS_PASSWORD=.*/REDIS_PASSWORD=[REDACTED]/gi' \
-e 's/^PAPERCLIP_ROOT_PATH=.*/PAPERCLIP_ROOT_PATH=[REDACTED]/gi' \
-e 's/^SMTP_PORT=.*/SMTP_PORT=[REDACTED]/gi' \
-e 's/^SMTP_LOGIN=.*/SMTP_LOGIN=[REDACTED]/gi' \
-e 's/^SMTP_PASSWORD=.*/SMTP_PASSWORD=[REDACTED]/gi' \
-e 's/^SMTP_AUTH_METHOD=.*/SMTP_AUTH_METHOD=[REDACTED]/gi' \
-e 's/^SMTP_OPENSSL_VERIFY_MODE=.*/SMTP_OPENSSL_VERIFY_MODE=[REDACTED]/gi' \
-e 's/^ES_HOST=.*/ES_HOST=[REDACTED]/gi' \
-e 's/^ES_PORT=.*/ES_PORT=[REDACTED]/gi' \
-e 's/^ES_PREFIX=.*/ES_PREFIX=[REDACTED]/gi' \
"$1"
fi