bert.hausmans/crewli
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
crewli/api/.env.example
bert.hausmans bdb89a2479 feat: sentry-laravel install + scrubber + ignored exceptions 
WS-7 PR-2 commit 1. Wires sentry-laravel into the app behind a
config-only no-op when SENTRY_DSN_BACKEND is empty (RFC §3.3).

- composer require sentry/sentry-laravel ^4.15 (resolved 4.25.1)
- config/sentry.php: DSN env mapped to SENTRY_DSN_BACKEND, environment
  falls back to APP_ENV, traces/profiles forced to 0.0 (RFC §2
  amendment B), send_default_pii hard-pinned false, before_send to
  SentryEventScrubber, ignore_exceptions covers ValidationException /
  AuthenticationException / AuthorizationException.
- app/Services/Observability/SentryEventScrubber.php: recursive body /
  header / query-string scrubber + form_values wholesale replacement +
  HttpException sub-500 drop (status filter that ignore_exceptions
  cannot do class-only). Max-depth guard against malicious payloads.
- app/Enums/Observability/ActorType.php: enum + resolver for §3.6
  actor_type tag (consumed by BindSentryContext in commit 2).
- tests/Feature/Observability/PiiScrubbingTest.php: 20 cases.
- api/.env.example: SENTRY_DSN_BACKEND + SENTRY_RELEASE entries.

Larastan: clean. Test count: 1487 to 1507.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-06 08:55:50 +02:00

92 lines
2.6 KiB
Plaintext
Raw Permalink Blame History

APP_NAME="Crewli"
APP_ENV=local
APP_KEY=
# Set to true only in local development
APP_DEBUG=false
# Local API origin (no path suffix). Production: https://api.crewli.app
APP_URL=http://localhost:8000
APP_LOCALE=en
APP_FALLBACK_LOCALE=en
APP_FAKER_LOCALE=en_US
APP_MAINTENANCE_DRIVER=file
BCRYPT_ROUNDS=12
LOG_CHANNEL=stack
LOG_STACK=single
LOG_DEPRECATIONS_CHANNEL=null
LOG_LEVEL=debug
DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=crewli
DB_USERNAME=crewli
DB_PASSWORD=secret
SESSION_DRIVER=database
SESSION_LIFETIME=120
SESSION_ENCRYPT=false
SESSION_PATH=/
# In production, use: SESSION_DOMAIN=.crewli.app
SESSION_DOMAIN=localhost
BROADCAST_CONNECTION=log
FILESYSTEM_DISK=local
QUEUE_CONNECTION=redis
CACHE_STORE=redis
REDIS_CLIENT=phpredis
REDIS_HOST=127.0.0.1
REDIS_PASSWORD=null
REDIS_PORT=6379
# Mail — Local development (Mailpit)
MAIL_MAILER=smtp
MAIL_HOST=127.0.0.1
MAIL_PORT=1025
MAIL_USERNAME=null
MAIL_PASSWORD=null
MAIL_ENCRYPTION=null
# App / transactional mail: use crewli.app. (crewli.nl = future marketing site only, not this stack.)
MAIL_FROM_ADDRESS="noreply@crewli.app"
MAIL_FROM_NAME="${APP_NAME}"
# --- Production mail: Amazon SES — uncomment and configure:
# MAIL_MAILER=ses
# AWS_ACCESS_KEY_ID=
# AWS_SECRET_ACCESS_KEY=
# AWS_DEFAULT_REGION=eu-west-1
# CORS + Sanctum — SPA origins (no trailing slash; must match the browser URL)
FRONTEND_APP_URL=http://localhost:5174
FRONTEND_PORTAL_URL=http://localhost:5175
SANCTUM_STATEFUL_DOMAINS=localhost:5174,localhost:5175
# --- Production (crewli.app) — uncomment and adjust hostnames:
# APP_URL=https://api.crewli.app
# FRONTEND_APP_URL=https://crewli.app
# FRONTEND_PORTAL_URL=https://portal.crewli.app
# SANCTUM_STATEFUL_DOMAINS=crewli.app,portal.crewli.app
# Laravel Telescope — dev-only debugging dashboard at /telescope.
# Flip to true in your local .env. Production MUST keep this false;
# the three-layer safety (composer dont-discover + AppServiceProvider
# env-gate + this flag) keeps Telescope out even if one layer is
# breached. See /dev-docs/TELESCOPE.md.
TELESCOPE_ENABLED=false
# Sentry / GlitchTip (RFC-WS-7 §3.3, §3.4).
# DSN routes events to the self-hosted GlitchTip project crewli-api.
# Empty = SDK no-op — leave blank in local development. Source the real
# value from the 1Password vault entry "Crewli / GlitchTip / DSNs"
# (key SENTRY_DSN_BACKEND) for staging / production.
SENTRY_DSN_BACKEND=
# Release identifier in the form crewli-api@<short-sha>. The deploy
# pipeline injects this per build; leave blank locally. Empty release
# means events are still captured but won't carry release context.
SENTRY_RELEASE=
Reference in New Issue View Git Blame Copy Permalink