Hartmut/CapaKraken
1
0
Fork 0
Code Issues 10 Pull Requests 1 Actions Packages Projects Releases Wiki Activity
626 Commits 3 Branches 1 Tag
20fb39fd0549bafffe6643de19b881d6e93b4353
Commit Graph

5 Commits

Author SHA1 Message Date
Hartmut 20fb39fd05 fix(security): harden production Docker — bind DB/Redis to localhost, add Redis auth 
- Postgres and Redis ports now bind to 127.0.0.1 only, preventing exposure
  to the network even if the host firewall has a gap
- Redis requires a password (REDIS_PASSWORD) via --requirepass; REDIS_URL in
  app and migrator services updated to include the credential
- Redis healthcheck updated to pass -a flag so it still works with auth enabled
- REDIS_PASSWORD added to .env.example with generation hint

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-09 21:41:15 +02:00
Hartmut 1ec56aac13 docs: expand .env.example with full documented variable reference 
Replaces the minimal 17-line stub with a comprehensive, commented
reference covering all env vars: app/auth, database, Redis, SMTP,
pgAdmin, logging, security/cron, and testing flags. Each section
explains when the var is required and what values are expected.

Co-Authored-By: claude-flow <ruv@ruv.net>
 2026-04-02 21:28:51 +02:00
Hartmut a7362f17bd refactor(config): enforce runtime auth secret policy 2026-03-30 23:40:00 +02:00
Hartmut 4f48afe7b4 feat(planning): ship holiday-aware planning and assistant upgrades 2026-03-28 22:49:28 +01:00
Hartmut dd55d0e78b chore(repo): initialize planarchy workspace 2026-03-14 14:31:09 +01:00