security(env): remove credentials from nodemon.json

All secrets (DB passwords, API keys, JWT secret) are now sourced
exclusively from config/env/.env.local, which is gitignored.
Nodemon only sets APP_ENV=local so that app.js's dotenv loader
picks up the right env file at boot.

Note: the previously committed values are still in git history.
They must be rotated out-of-band (rotation list tracked separately).
This commit is contained in:
2026-04-25 17:36:06 +02:00
parent 7dd2a077e5
commit 6acc16c0b9
+2 -26
View File
@@ -1,29 +1,5 @@
{ {
"env" : { "env": {
"APP_ENV": "local", "APP_ENV": "local"
"NODE_ENV" : "development",
"DEBUG": false,
"SERVER_PORT": 3201,
"SECRET": "$2b$10$aEsAUG7Dy8dcTORi1vaQle",
"SESSION_LIFETIME": 3600,
"MONGODB_URI": "mongodb://localhost:27017/adastradb",
"SENDGRID_API_KEY": "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",
"SENDGRID_FROM_MAIL": "contact@rampeur.fr",
"SENDGRID_TO_MAIL": "rampeur@gmail.com",
"AUTHORIZATION_PREFIX": "Api-Key",
"COUCHDB_URL": "http://couchdb.unespace.com",
"COUCHDB_DATABASE": "headupdb",
"COUCHDB_DESIGN": "headup_app",
"COUCHDB_CREDENTIAL": "cmFtcGV1cjpES3hwMjRQUw==",
"SKYDIVERID_API_URL": "https://skydiver.id/api",
"SKYDIVERID_API_TOKEN": "xmqzgnGYMD.OJgFw1pCXCpJFGmZfSjmWK8lrpqAQNnu",
"MYSQL_DBNAME": "c4adastracomdb3",
"MYSQL_DBUSER": "c4adastracomu1",
"MYSQL_DBPASS": "kbrnrt5jPK12",
"MYSQL_DBHOST": "ns388640.ip-176-31-255.eu",
"MYSQL_DBPORT": 3306,
"MYSQL_DBTYPE": "mysql",
"MYSQL_DATABASE_URL": "mysql://c4adastracomu1:kbrnrt5jPK12@ns388640.ip-176-31-255.eu:3306/c4adastracomdb3",
"MYSQL_DATABASE_URL_DEV": "mysql://c4adastracomu1:kbrnrt5jPK12@ns388640.ip-176-31-255.eu:3306/c4adastracomdb3"
} }
} }