From 54dd30a2d6e597bc1adb31fd08f50c99837efcf8 Mon Sep 17 00:00:00 2001 From: cclohmar Date: Thu, 23 Apr 2026 19:57:44 +0000 Subject: [PATCH] Add .env.example as single source of truth for secrets documentation Anyone cloning the repo can now see exactly which environment variables are required by reading .env.example at the repo root. install.sh updated to copy .env.example during deployment (rather than duplicating the template inline), keeping the two in sync. --- .env.example | 25 +++++++++++++++++++++++++ install.sh | 14 ++++++++++---- 2 files changed, 35 insertions(+), 4 deletions(-) create mode 100644 .env.example diff --git a/.env.example b/.env.example new file mode 100644 index 0000000..cf2ebfb --- /dev/null +++ b/.env.example @@ -0,0 +1,25 @@ +# ─────────────────────────────────────────────────────── +# inBOXER – Environment Configuration +# ─────────────────────────────────────────────────────── +# Copy this file to .env and fill in your credentials: +# cp .env.example .env +# nano .env +# +# The application also reads these variables from the +# systemd EnvironmentFile (if deployed via install.sh). +# ─────────────────────────────────────────────────────── + +# DeepSeek API key – for AI-based email classification +# Sign up at https://platform.deepseek.com/ to get one. +DEEPSEEK_API_KEY=your_deepseek_api_key_here + +# SMTP credentials – used to send one-time passwords (OTP) +# for user login. Supports STARTTLS on port 587. +SMTP_HOST=your.smtp.host.example.com +SMTP_PORT=587 +SMTP_USER=your-email@example.com +SMTP_PASS=your-smtp-password + +# (Optional) Override the session_secret from bin/config.yaml. +# Leave commented out to use the value in config.yaml. +# APP_SECRET=change-me-in-production diff --git a/install.sh b/install.sh index 72c5943..2c8dee5 100755 --- a/install.sh +++ b/install.sh @@ -113,11 +113,16 @@ sed -i 's|file: "bin/inboxer.log"|file: "'"${LOGS_DIR}"'/inboxer.log"|' "${BIN_D # prompt_file: "bin/prompt.txt" works as-is relative to the working directory, # since WorkingDirectory=/opt/inboxer resolves it to /opt/inboxer/bin/prompt.txt -# ─── Create .env template ──────────────────────────────────────────────────── +# ─── Create .env from template ────────────────────────────────────────────── ENV_FILE="${INSTALL_DIR}/.env" if [[ ! -f "${ENV_FILE}" ]]; then - info "Creating .env template at ${ENV_FILE} ..." - cat > "${ENV_FILE}" << 'ENVEOF' + # Prefer .env.example from repo (single source of truth) + if [[ -f "${REPO_DIR}/.env.example" ]]; then + info "Copying .env.example from repository to ${ENV_FILE} ..." + cp "${REPO_DIR}/.env.example" "${ENV_FILE}" + else + info "Creating .env template at ${ENV_FILE} ..." + cat > "${ENV_FILE}" << 'ENVEOF' # inBOXER Environment Configuration # ==================================== # Set your credentials below. The service reads these variables on startup. @@ -136,7 +141,8 @@ SMTP_PASS=your-smtp-password # (Optional) Override the session_secret from config.yaml. # APP_SECRET=change-me-in-production ENVEOF - info ".env template created." + fi + info ".env file created." else info ".env already exists, keeping existing file." fi