################################################################################ # PyGuardian Docker Environment Configuration # Copy this file to .env and customize for your deployment ################################################################################ # ============================================================================= # GENERAL CONFIGURATION # ============================================================================= # PyGuardian version PYGUARDIAN_VERSION=2.1.0 # Logging level (DEBUG, INFO, WARNING, ERROR, CRITICAL) LOG_LEVEL=INFO # ============================================================================= # TELEGRAM CONFIGURATION # ============================================================================= # Telegram Bot Token (required for notifications) # Get token from @BotFather on Telegram TELEGRAM_BOT_TOKEN=your_telegram_bot_token_here # Telegram Chat ID for notifications (optional) TELEGRAM_CHAT_ID=your_chat_id_here # ============================================================================= # CLUSTER CONFIGURATION # ============================================================================= # Cluster secret for agent authentication (generate with: openssl rand -hex 32) CLUSTER_SECRET=your_cluster_secret_32_bytes_hex # Controller configuration CONTROLLER_HOST=localhost CONTROLLER_PORT=8443 # Agent configuration AGENT_HEARTBEAT_INTERVAL=30 AGENT_TIMEOUT=300 # ============================================================================= # SECURITY CONFIGURATION # ============================================================================= # JWT secret for API authentication (generate with: openssl rand -hex 32) JWT_SECRET=your_jwt_secret_32_bytes_hex # API rate limiting API_RATE_LIMIT=100 API_RATE_WINDOW=60 # SSL/TLS configuration SSL_CERT_PATH=/opt/pyguardian/ssl/cert.pem SSL_KEY_PATH=/opt/pyguardian/ssl/key.pem SSL_ENABLED=false # ============================================================================= # DATABASE CONFIGURATION # ============================================================================= # SQLite database path (default for containers) DATABASE_PATH=/opt/pyguardian/data/pyguardian.db # Database backup settings DATABASE_BACKUP_ENABLED=true DATABASE_BACKUP_INTERVAL=86400 DATABASE_BACKUP_RETENTION=30 # ============================================================================= # MONITORING CONFIGURATION # ============================================================================= # Prometheus metrics PROMETHEUS_ENABLED=true PROMETHEUS_PORT=9090 # Health check intervals HEALTH_CHECK_INTERVAL=30 HEALTH_CHECK_TIMEOUT=10 # System monitoring MONITOR_CPU_THRESHOLD=80 MONITOR_MEMORY_THRESHOLD=85 MONITOR_DISK_THRESHOLD=90 # ============================================================================= # NETWORK CONFIGURATION # ============================================================================= # Firewall settings FIREWALL_ENABLED=true FIREWALL_DEFAULT_POLICY=DROP # Allowed SSH IPs (comma-separated) ALLOWED_SSH_IPS=192.168.1.0/24,10.0.0.0/8 # Intrusion detection IDS_ENABLED=true IDS_SENSITIVITY=medium # ============================================================================= # DEVELOPMENT CONFIGURATION (docker-compose.dev.yml) # ============================================================================= # Development mode settings DEV_MODE=false DEV_HOT_RELOAD=true DEV_DEBUG_MODE=true # Test database TEST_DATABASE_URL=postgresql://pyguardian:test_password@pyguardian-testdb:5432/pyguardian_test # Redis cache REDIS_URL=redis://pyguardian-redis:6379/0 # ============================================================================= # DOCKER CONFIGURATION # ============================================================================= # Container resource limits CONTAINER_MEMORY_LIMIT=512m CONTAINER_CPU_LIMIT=1.0 # Container restart policy RESTART_POLICY=unless-stopped # Docker network DOCKER_NETWORK=pyguardian # ============================================================================= # BACKUP AND RECOVERY # ============================================================================= # Backup configuration BACKUP_ENABLED=true BACKUP_SCHEDULE=0 2 * * * BACKUP_RETENTION_DAYS=30 BACKUP_STORAGE_PATH=/opt/pyguardian/backups # Recovery settings RECOVERY_ENABLED=true RECOVERY_AUTO_RESTORE=false # ============================================================================= # PERFORMANCE TUNING # ============================================================================= # Worker processes WORKER_PROCESSES=auto WORKER_CONNECTIONS=1024 # Connection pooling DB_POOL_SIZE=10 DB_POOL_MAX_OVERFLOW=20 # Cache settings CACHE_TTL=3600 CACHE_MAX_SIZE=100 # ============================================================================= # EXAMPLES FOR COMMON SCENARIOS # ============================================================================= # Production single server: # PYGUARDIAN_MODE=standalone # LOG_LEVEL=INFO # SSL_ENABLED=true # Production cluster controller: # PYGUARDIAN_MODE=controller # LOG_LEVEL=INFO # CLUSTER_SECRET= # Production cluster agent: # PYGUARDIAN_MODE=agent # CONTROLLER_HOST=controller.example.com # CLUSTER_SECRET= # Development: # PYGUARDIAN_MODE=development # LOG_LEVEL=DEBUG # DEV_MODE=true