security(env): remove credentials from nodemon.json
All secrets (DB passwords, API keys, JWT secret) are now sourced exclusively from config/env/.env.local, which is gitignored. Nodemon only sets APP_ENV=local so that app.js's dotenv loader picks up the right env file at boot. Note: the previously committed values are still in git history. They must be rotated out-of-band (rotation list tracked separately).
This commit is contained in:
+2
-26
@@ -1,29 +1,5 @@
|
|||||||
{
|
{
|
||||||
"env" : {
|
"env": {
|
||||||
"APP_ENV": "local",
|
"APP_ENV": "local"
|
||||||
"NODE_ENV" : "development",
|
|
||||||
"DEBUG": false,
|
|
||||||
"SERVER_PORT": 3201,
|
|
||||||
"SECRET": "$2b$10$aEsAUG7Dy8dcTORi1vaQle",
|
|
||||||
"SESSION_LIFETIME": 3600,
|
|
||||||
"MONGODB_URI": "mongodb://localhost:27017/adastradb",
|
|
||||||
"SENDGRID_API_KEY": "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",
|
|
||||||
"SENDGRID_FROM_MAIL": "contact@rampeur.fr",
|
|
||||||
"SENDGRID_TO_MAIL": "rampeur@gmail.com",
|
|
||||||
"AUTHORIZATION_PREFIX": "Api-Key",
|
|
||||||
"COUCHDB_URL": "http://couchdb.unespace.com",
|
|
||||||
"COUCHDB_DATABASE": "headupdb",
|
|
||||||
"COUCHDB_DESIGN": "headup_app",
|
|
||||||
"COUCHDB_CREDENTIAL": "cmFtcGV1cjpES3hwMjRQUw==",
|
|
||||||
"SKYDIVERID_API_URL": "https://skydiver.id/api",
|
|
||||||
"SKYDIVERID_API_TOKEN": "xmqzgnGYMD.OJgFw1pCXCpJFGmZfSjmWK8lrpqAQNnu",
|
|
||||||
"MYSQL_DBNAME": "c4adastracomdb3",
|
|
||||||
"MYSQL_DBUSER": "c4adastracomu1",
|
|
||||||
"MYSQL_DBPASS": "kbrnrt5jPK12",
|
|
||||||
"MYSQL_DBHOST": "ns388640.ip-176-31-255.eu",
|
|
||||||
"MYSQL_DBPORT": 3306,
|
|
||||||
"MYSQL_DBTYPE": "mysql",
|
|
||||||
"MYSQL_DATABASE_URL": "mysql://c4adastracomu1:kbrnrt5jPK12@ns388640.ip-176-31-255.eu:3306/c4adastracomdb3",
|
|
||||||
"MYSQL_DATABASE_URL_DEV": "mysql://c4adastracomu1:kbrnrt5jPK12@ns388640.ip-176-31-255.eu:3306/c4adastracomdb3"
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user