# =========================================== # Whisper Money - Production Environment # =========================================== # Copy this file to .env and configure for your production environment # Application APP_NAME="Whisper Money" APP_ENV=production APP_DEBUG=false APP_URL=https://your-domain.com APP_KEY= # Auto-generated on first startup if empty APP_LOCALE=en APP_FALLBACK_LOCALE=en APP_FAKER_LOCALE=en_US # Trusted Proxies # Comma-separated proxy IPs/CIDRs Laravel trusts for X-Forwarded-* headers (no spaces). # When unset the app trusts all proxies (*), which keeps small private self-hosted # setups working behind any proxy out of the box. On a publicly exposed deployment set # this to the actual proxy range: otherwise clients can spoof X-Forwarded-For to forge # their IP (defeating per-IP rate limiting and poisoning logs). The private ranges below # cover the Docker network Coolify/Traefik connects from. TRUSTED_PROXIES=10.0.0.0/8,172.16.0.0/12,192.168.0.0/16 # Logging LOG_CHANNEL=stack LOG_STACK=single,sentry_logs LOG_LEVEL=error # Database (MySQL) DB_CONNECTION=mysql DB_HOST=mysql DB_PORT=3306 DB_DATABASE=whisper_money DB_USERNAME=whisper_money DB_PASSWORD=your-secure-password # Cache & Sessions (Redis runs inside the container) CACHE_STORE=redis SESSION_DRIVER=redis SESSION_LIFETIME=120 SESSION_ENCRYPT=true # Queue QUEUE_CONNECTION=database # Sentry Error Tracking SENTRY_LARAVEL_DSN= # SENTRY_RELEASE is injected by CI as whisper-money@ during production builds. SENTRY_TRACES_SAMPLE_RATE=1.0 SENTRY_PROFILES_SAMPLE_RATE=1.0 SENTRY_ENABLE_LOGS=true # Redis (internal to container - no configuration needed) REDIS_HOST=127.0.0.1 REDIS_PORT=6379 # Email - Resend (Recommended for production) MAIL_MAILER=resend RESEND_API_KEY=your-resend-api-key RESEND_LEADS_SEGMENT_ID=your-segment-id MAIL_FROM_ADDRESS=no-reply@your-domain.com MAIL_FROM_NAME="Whisper Money" MAIL_DRIP_FROM_ADDRESS=hi@your-domain.com MAIL_DRIP_FROM_NAME="Álvaro and Víctor" # Stripe (Optional - for subscriptions) STRIPE_KEY= STRIPE_SECRET= STRIPE_WEBHOOK_SECRET= SUBSCRIPTIONS_ENABLED=false # UI Configuration HIDE_AUTH_BUTTONS=false