diff --git a/.env.example b/.env.example index d58eee8..0b0e063 100644 --- a/.env.example +++ b/.env.example @@ -1,5 +1,15 @@ # L1 Server Configuration +# PostgreSQL password (REQUIRED - no default) +POSTGRES_PASSWORD=changeme-generate-with-openssl-rand-hex-16 + +# Admin token for purge operations (REQUIRED - no default) +# Generate with: openssl rand -hex 32 +ADMIN_TOKEN=changeme-generate-with-openssl-rand-hex-32 + +# L1 host IP/hostname for GPU worker cross-VPC access +L1_HOST=your-l1-server-ip + # This L1 server's public URL (sent to L2 when publishing) L1_PUBLIC_URL=https://l1.artdag.rose-ash.com diff --git a/README.md b/README.md index c6ab6f6..d387437 100644 --- a/README.md +++ b/README.md @@ -60,7 +60,7 @@ The stack includes: | `HOST` | `0.0.0.0` | Server bind address | | `PORT` | `8000` | Server port | | `REDIS_URL` | `redis://localhost:6379/5` | Redis connection | -| `DATABASE_URL` | `postgresql://artdag:artdag@localhost:5432/artdag` | PostgreSQL connection | +| `DATABASE_URL` | **(required)** | PostgreSQL connection | | `CACHE_DIR` | `~/.artdag/cache` | Local cache directory | | `IPFS_API` | `/dns/localhost/tcp/5001` | IPFS API multiaddr | | `IPFS_GATEWAY_URL` | `https://ipfs.io/ipfs` | Public IPFS gateway | diff --git a/app/config.py b/app/config.py index 90f7540..bec2032 100644 --- a/app/config.py +++ b/app/config.py @@ -33,9 +33,7 @@ class Settings: # Database database_url: str = field( - default_factory=lambda: os.environ.get( - "DATABASE_URL", "postgresql://artdag:artdag@localhost:5432/artdag" - ) + default_factory=lambda: os.environ.get("DATABASE_URL", "") ) # IPFS diff --git a/database.py b/database.py index 4e58f42..70187db 100644 --- a/database.py +++ b/database.py @@ -11,7 +11,9 @@ from typing import List, Optional import asyncpg -DATABASE_URL = os.getenv("DATABASE_URL", "postgresql://artdag:artdag@localhost:5432/artdag") +DATABASE_URL = os.getenv("DATABASE_URL") +if not DATABASE_URL: + raise RuntimeError("DATABASE_URL environment variable is required") pool: Optional[asyncpg.Pool] = None diff --git a/docker-compose.yml b/docker-compose.yml index e791323..a6a64b9 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -23,7 +23,7 @@ services: image: postgres:16-alpine environment: - POSTGRES_USER=artdag - - POSTGRES_PASSWORD=artdag + - POSTGRES_PASSWORD=${POSTGRES_PASSWORD} - POSTGRES_DB=artdag ports: - target: 5432 @@ -69,8 +69,8 @@ services: - .env environment: - REDIS_URL=redis://redis:6379/5 - - DATABASE_URL=postgresql://artdag:artdag@postgres:5432/artdag - - ADMIN_TOKEN=artdag-admin-purge-token-2026 + - DATABASE_URL=postgresql://artdag:${POSTGRES_PASSWORD}@postgres:5432/artdag + - ADMIN_TOKEN=${ADMIN_TOKEN} # IPFS_API multiaddr - used for all IPFS operations (add, cat, pin) - IPFS_API=/dns/ipfs/tcp/5001 - CACHE_DIR=/data/cache @@ -102,7 +102,7 @@ services: command: sh -c "find /app -type d -name __pycache__ -exec rm -rf {} + 2>/dev/null; celery -A celery_app worker --loglevel=info -E" environment: - REDIS_URL=redis://redis:6379/5 - - DATABASE_URL=postgresql://artdag:artdag@postgres:5432/artdag + - DATABASE_URL=postgresql://artdag:${POSTGRES_PASSWORD}@postgres:5432/artdag # IPFS_API multiaddr - used for all IPFS operations (add, cat, pin) - IPFS_API=/dns/ipfs/tcp/5001 - CACHE_DIR=/data/cache @@ -156,10 +156,10 @@ services: command: sh -c "cd /app && celery -A celery_app worker --loglevel=info -E -Q gpu,celery" environment: # GPU node is on different VPC - use public IPs for cross-node communication - - REDIS_URL=redis://138.68.142.139:16379/5 - - DATABASE_URL=postgresql://artdag:artdag@138.68.142.139:15432/artdag + - REDIS_URL=redis://${L1_HOST}:16379/5 + - DATABASE_URL=postgresql://artdag:${POSTGRES_PASSWORD}@${L1_HOST}:15432/artdag # Connect to shared IPFS node on CPU (via public IP) - - IPFS_API=/ip4/138.68.142.139/tcp/15001 + - IPFS_API=/ip4/${L1_HOST}/tcp/15001 # Gateway fallback for resilience - IPFS_GATEWAYS=https://ipfs.io,https://cloudflare-ipfs.com,https://dweb.link # Local cache is ephemeral (tmpfs or local volume)