Adolfo Delorenzo
d010ae9b74
- Remove hardcoded TTS API key from app.py (major security vulnerability) - Add python-dotenv support for secure environment variable management - Create .env.example with configuration template - Add comprehensive SECURITY.md documentation - Update README with security configuration instructions - Add warning when TTS_API_KEY is not configured - Enhance .gitignore to prevent accidental commits of .env files BREAKING CHANGE: TTS_API_KEY must now be set via environment variable or .env file Security measures: - API keys must be provided via environment variables - Added dotenv support for local development - Clear documentation on secure deployment practices - Multiple .env file patterns in .gitignore 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
22 lines
641 B
Plaintext
22 lines
641 B
Plaintext
# Example environment configuration for Talk2Me
|
|
# Copy this file to .env and update with your actual values
|
|
|
|
# Flask Configuration
|
|
SECRET_KEY=your-secret-key-here-change-this
|
|
|
|
# Upload Configuration
|
|
UPLOAD_FOLDER=/path/to/secure/upload/folder
|
|
|
|
# TTS Server Configuration
|
|
TTS_SERVER_URL=http://localhost:5050/v1/audio/speech
|
|
TTS_API_KEY=your-tts-api-key-here
|
|
|
|
# CORS Configuration (for production)
|
|
CORS_ORIGINS=https://yourdomain.com,https://app.yourdomain.com
|
|
ADMIN_CORS_ORIGINS=https://admin.yourdomain.com
|
|
|
|
# Admin Token (for admin endpoints)
|
|
ADMIN_TOKEN=your-secure-admin-token-here
|
|
|
|
# Optional: GPU Configuration
|
|
# CUDA_VISIBLE_DEVICES=0 |