From 5b074b850836fde37ac036ca1e638a712b474dfb Mon Sep 17 00:00:00 2001 From: Deeman Date: Mon, 23 Feb 2026 17:18:39 +0100 Subject: [PATCH] chore: delete .env.example, clarify .gitignore for sops files .env.example replaced by .env.dev.sops. Added comment explaining that .env.*.sops files are encrypted and committed, while .env is a decrypted artifact that stays gitignored. Co-Authored-By: Claude Opus 4.6 --- .env.example | 66 ---------------------------------------------------- .gitignore | 3 ++- 2 files changed, 2 insertions(+), 67 deletions(-) delete mode 100644 .env.example diff --git a/.env.example b/.env.example deleted file mode 100644 index 3c11b7d..0000000 --- a/.env.example +++ /dev/null @@ -1,66 +0,0 @@ -# App -APP_NAME=Padelnomics -SECRET_KEY=change-me-generate-a-real-secret -BASE_URL=http://localhost:5000 -DEBUG=true - -# Admin access — comma-separated emails that get the admin role on login -ADMIN_EMAILS=dev@localhost - -# Database -DATABASE_PATH=data/app.db - -# Auth -MAGIC_LINK_EXPIRY_MINUTES=15 -SESSION_LIFETIME_DAYS=30 - -# Email (Resend) -# Leave blank for dev — emails print to console (no Resend account needed). -# -# Resend test addresses (work with any valid API key, no verified domain needed): -# delivered@resend.dev — accepted, simulates successful delivery -# bounced@resend.dev — simulates a hard bounce -# complained@resend.dev — simulates a spam complaint -# suppressed@resend.dev — simulates a suppressed recipient -# These support +label syntax: delivered+test1@resend.dev -# You can also send FROM onboarding@resend.dev without a verified domain. -# -# Dev login shortcut (no email needed): /auth/dev-login?email=dev@localhost -RESEND_API_KEY= -EMAIL_FROM=hello@padelnomics.io -LEADS_EMAIL=leads@padelnomics.io - -# Waitlist mode — set to true to gate routes and capture emails before launch. -# Resend audiences are created automatically per blueprint (waitlist-auth, -# waitlist-suppliers, etc.) on first signup — no audience IDs needed. -WAITLIST_MODE=false -# Optional: Resend audience ID for the planner/export waitlist (legacy, manual) -RESEND_AUDIENCE_PLANNER= - -# Paddle — leave blank to skip checkout (overlay won't initialize) -# Run `uv run python -m padelnomics.scripts.setup_paddle` to create products -# and a webhook notification destination. It writes PADDLE_WEBHOOK_SECRET and -# PADDLE_NOTIFICATION_SETTING_ID here automatically. -PADDLE_API_KEY= -PADDLE_CLIENT_TOKEN= -PADDLE_WEBHOOK_SECRET= -PADDLE_NOTIFICATION_SETTING_ID= -PADDLE_ENVIRONMENT=sandbox - -# Umami — leave blank for dev (analytics tracking disabled) -UMAMI_API_URL=https://umami.padelnomics.io -UMAMI_API_TOKEN= - -# Rate limiting -RATE_LIMIT_REQUESTS=100 -RATE_LIMIT_WINDOW=60 - -# Litestream R2 backup — leave blank to skip R2 replication (local-only backup) -LITESTREAM_R2_BUCKET= -LITESTREAM_R2_ACCESS_KEY_ID= -LITESTREAM_R2_SECRET_ACCESS_KEY= -LITESTREAM_R2_ENDPOINT= - -# DaaS analytics -DUCKDB_PATH=data/lakehouse.duckdb -LANDING_DIR=data/landing diff --git a/.gitignore b/.gitignore index 43ff7f2..24fcb96 100644 --- a/.gitignore +++ b/.gitignore @@ -15,7 +15,8 @@ __pycache__/ venv/ .uv/ -# Environment +# Environment — .env is a decrypted artifact (gitignored) +# .env.*.sops files are encrypted and committed intentionally .env .env.local