From 23d06cd3fd86e8fca6f66d3dbbcf0744e5224434 Mon Sep 17 00:00:00 2001 From: Bailey Taylor Date: Fri, 10 Oct 2025 09:17:10 +0800 Subject: [PATCH] =?UTF-8?q?What=20was=20done:=20Removed=20.env.local=20fro?= =?UTF-8?q?m=20the=20development=20directory=20Created=20shared=20group=20?= =?UTF-8?q?frontend-devs=20with=20both=20sonder=20and=20deploy=20as=20memb?= =?UTF-8?q?ers=20Updated=20permissions=20on=20/etc/frontend/*.env=20files?= =?UTF-8?q?=20to=20660=20with=20group=20frontend-devs=20Created=20symlinks?= =?UTF-8?q?=20in=20your=20development=20directory:=20.env.dev=20=E2=86=92?= =?UTF-8?q?=20/etc/frontend/dev.env=20.env.prod=20=E2=86=92=20/etc/fronten?= =?UTF-8?q?d/prod.env=20Updated=20.gitignore=20to=20exclude=20the=20symlin?= =?UTF-8?q?ks=20Created=20ENV=5FFILES.md=20documentation?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .gitignore | 2 ++ ENV_FILES.md | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 53 insertions(+) create mode 100644 ENV_FILES.md diff --git a/.gitignore b/.gitignore index 7205851..2901d22 100644 --- a/.gitignore +++ b/.gitignore @@ -40,3 +40,5 @@ yarn-error.log* *.tsbuildinfo next-env.d.ts certificate (5).zip +.env.dev +.env.prod diff --git a/ENV_FILES.md b/ENV_FILES.md new file mode 100644 index 0000000..e530f49 --- /dev/null +++ b/ENV_FILES.md @@ -0,0 +1,51 @@ +# Environment Files Setup + +## Overview +Environment variables are stored securely in `/etc/frontend/` and accessed via symlinks in this directory. + +## File Structure +``` +/etc/frontend/ +├── dev.env (systemd environment for dev) +└── prod.env (systemd environment for prod) + +/home/sonder/ld-sysinfo-react-frontend/ +├── .env.dev -> /etc/frontend/dev.env (symlink) +└── .env.prod -> /etc/frontend/prod.env (symlink) +``` + +## Editing Environment Variables + +You can edit these files directly from VSCode: +- `.env.dev` - Development environment (port 3002) +- `.env.prod` - Production environment (port 3001) + +**Note:** You need to be in the `frontend-devs` group to edit these files. Both `sonder` and `deploy` users are members. + +## After Editing + +After making changes to environment files, restart the relevant service: + +```bash +# For development +sudo systemctl restart frontend@dev + +# For production +sudo systemctl restart frontend@prod +``` + +## Environment Variables + +Both files contain: +- `PORT` - Server port (3002 for dev, 3001 for prod) +- `API_BASE_URL` - Server-side API endpoint +- `NEXT_PUBLIC_API_BASE_URL` - Client-side API endpoint +- `DB_HOST`, `DB_USER`, `DB_PASSWORD`, `DB_NAME` - Database credentials +- `NVD_API_KEY` - API key for CVE data + +## Security Notes + +- Files are stored in `/etc/frontend/` with `660` permissions (owner: root, group: frontend-devs) +- Only root and members of `frontend-devs` group can read/write +- Files are **not** committed to git (listed in `.gitignore`) +- Symlinks are safe to commit as they don't contain sensitive data