# ============================================================================= # realms.india Environment Configuration Template # ============================================================================= # Copy this file to .env and fill in your actual values # IMPORTANT: Never commit the .env file to version control! # ============================================================================= # Database Configuration # ============================================================================= # PostgreSQL password for user 'streamuser' # SECURITY: Generate a strong password (16+ characters, mixed case, numbers, symbols) DB_PASSWORD=CHANGE_ME_generate_strong_password_here # ============================================================================= # JWT Authentication # ============================================================================= # Secret key for signing JWT tokens # SECURITY: Must be a cryptographically secure random string (32+ characters) # Generate with: openssl rand -base64 32 JWT_SECRET=CHANGE_ME_generate_with_openssl_rand_base64_32 # ============================================================================= # OvenMediaEngine API # ============================================================================= # API token for OvenMediaEngine management # Generate a random token for authentication OME_API_TOKEN=CHANGE_ME_generate_random_token_here # ============================================================================= # Application Environment # ============================================================================= # Environment mode: development | production APP_ENV=production # ============================================================================= # Optional: Advanced Configuration # ============================================================================= # Uncomment and configure if needed # Database settings (defaults shown) # DB_HOST=postgres # DB_NAME=streaming # DB_USER=streamuser # DB_PORT=5432 # Redis settings # SECURITY: Generate a strong password for Redis authentication REDIS_PASSWORD=CHANGE_ME_generate_strong_password_here # REDIS_HOST=redis # REDIS_PORT=6379 # REDIS_DB=0 # Chat Redis database (defaults shown) # CHAT_REDIS_DB=1 # ============================================================================= # Nakama Game Server # ============================================================================= # Server key for client authentication # Generate with: openssl rand -hex 16 NAKAMA_SERVER_KEY=CHANGE_ME_generate_with_openssl_rand_hex_16 # Console admin password # SECURITY: Use a strong password for the Nakama admin console NAKAMA_CONSOLE_PASSWORD=CHANGE_ME_nakama_admin_password # Frontend Nakama configuration # These are passed to the SvelteKit frontend VITE_NAKAMA_SERVER_KEY=CHANGE_ME_must_match_NAKAMA_SERVER_KEY VITE_NAKAMA_HOST=localhost VITE_NAKAMA_PORT=80 VITE_NAKAMA_USE_SSL=false # ============================================================================= # Security Notes: # ============================================================================= # 1. Generate DB_PASSWORD: Use a password manager or: # openssl rand -base64 24 # # 2. Generate JWT_SECRET: MUST be cryptographically secure: # openssl rand -base64 32 # # 3. Generate OME_API_TOKEN: # openssl rand -hex 32 # # 4. Generate NAKAMA_SERVER_KEY: # openssl rand -hex 16 # # 5. Never use default/example values in production # 6. Restrict .env file permissions: chmod 600 .env # 7. Rotate secrets regularly (every 90 days recommended) # =============================================================================