You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
@@ -68,18 +68,184 @@ There are a few environment variables that the remote configuration files are se
68
68
69
69
If you DO NOT like this behavior, and would prefer the variables stay the same across your environments, feel free to change them in [`config/env/development.js`](config/env/development.js) and [`config/env/production.js`](config/env/production.js)
70
70
71
-
| DEV Variable | DEV default | PROD Variable | PROD default | Description |
| ASSETS_URL | "" (empty string) | ASSETS_URL | "" (empty string) | Webpack is configured to modify static asset URLs to point to a CDN, like CloudFront. MUST end with a slash " / ", or be empty. |
74
-
| BASE_URL |https://myapi.app| BASE_URL |https://myapi.app| The address of the Sails instance. |
75
-
| DB_HOST | localhost | DB_HOSTNAME | localhost | The hostname of the datastore. |
76
-
| DB_USER | root | DB_USERNAME | produser | Username for the datastore. |
77
-
| DB_PASS | mypass | DB_PASSWORD | myprodpassword | Password for the datastore. |
78
-
| DB_NAME | myapp | DB_NAME | proddatabase | The name of the database inside the datastore. |
79
-
| DB_PORT | 3306 | DB_PORT | 3306 | The port number for datastore. |
80
-
| DB_SSL | true | DB_SSL | true | If the datastore requires SSL, set this to "true". |
81
-
| SESSION_SECRET | "" (empty string) | SESSION_SECRET | "" (emptry string) | This is used to sign cookies, and SHOULD be set, especially on PRODUCTION environments. |
Webpack is configured to modify static asset URLs to point to a CDN, like CloudFront. MUST end with a slash " / ", or be empty.
87
+
</td>
88
+
</tr>
89
+
<tr>
90
+
<td>
91
+
<strong>PROD:</strong> ASSETS_URL
92
+
</td>
93
+
</tr>
94
+
<tr>
95
+
<td>
96
+
<strong>DEV:</strong> BASE_URL
97
+
</td>
98
+
<td rowspan="2">
99
+
https://myapi.app
100
+
</td>
101
+
<td rowspan="2">
102
+
The address of the Sails instance.
103
+
</td>
104
+
</tr>
105
+
<tr>
106
+
<td>
107
+
<strong>PROD:</strong> BASE_URL
108
+
</td>
109
+
</tr>
110
+
<tr>
111
+
<td>
112
+
<strong>DEV:</strong> DB_HOST
113
+
</td>
114
+
<td rowspan="2">
115
+
localhost
116
+
</td>
117
+
<td rowspan="2">
118
+
The hostname of the datastore.
119
+
</td>
120
+
</tr>
121
+
<tr>
122
+
<td>
123
+
<strong>PROD:</strong> DB_HOSTNAME
124
+
</td>
125
+
</tr>
126
+
<tr>
127
+
<td>
128
+
<strong>DEV:</strong> DB_USER
129
+
</td>
130
+
<td>
131
+
root
132
+
</td>
133
+
<td rowspan="2">
134
+
Username for the datastore.
135
+
</td>
136
+
</tr>
137
+
<tr>
138
+
<td>
139
+
<strong>PROD:</strong> DB_USERNAME
140
+
</td>
141
+
<td>
142
+
produser
143
+
</td>
144
+
</tr>
145
+
<tr>
146
+
<td>
147
+
<strong>DEV:</strong> DB_PASS
148
+
</td>
149
+
<td>
150
+
root
151
+
</td>
152
+
<td rowspan="2">
153
+
Password for the datastore.
154
+
</td>
155
+
</tr>
156
+
<tr>
157
+
<td>
158
+
<strong>PROD:</strong> DB_PASSWORD
159
+
</td>
160
+
<td>
161
+
produser
162
+
</td>
163
+
</tr>
164
+
<tr>
165
+
<td>
166
+
<strong>DEV:</strong> DB_NAME
167
+
</td>
168
+
<td>
169
+
myapp
170
+
</td>
171
+
<td rowspan="2">
172
+
The name of the database inside the datastore.
173
+
</td>
174
+
</tr>
175
+
<tr>
176
+
<td>
177
+
<strong>PROD:</strong> DB_NAME
178
+
</td>
179
+
<td>
180
+
proddatabase
181
+
</td>
182
+
</tr>
183
+
<tr>
184
+
<td>
185
+
<strong>DEV:</strong> DB_PORT
186
+
</td>
187
+
<td rowspan="2">
188
+
3306
189
+
</td>
190
+
<td rowspan="2">
191
+
The port number for the datastore.
192
+
</td>
193
+
</tr>
194
+
<tr>
195
+
<td>
196
+
<strong>PROD:</strong> DB_PORT
197
+
</td>
198
+
</tr>
199
+
<tr>
200
+
<td>
201
+
<strong>DEV:</strong> DB_SSL
202
+
</td>
203
+
<td rowspan="2">
204
+
true
205
+
</td>
206
+
<td rowspan="2">
207
+
If the datastore requires SSL, set this to "true".
208
+
</td>
209
+
</tr>
210
+
<tr>
211
+
<td>
212
+
<strong>PROD:</strong> DB_SSL
213
+
</td>
214
+
</tr>
215
+
<tr>
216
+
<td>
217
+
<strong>DEV:</strong> SESSION_SECRET
218
+
</td>
219
+
<td rowspan="2">
220
+
"" (empty string)
221
+
</td>
222
+
<td rowspan="2">
223
+
This is used to sign cookies, and SHOULD be set, especially on PRODUCTION environments.
224
+
</td>
225
+
</tr>
226
+
<tr>
227
+
<td>
228
+
<strong>PROD:</strong> SESSION_SECRET
229
+
</td>
230
+
</tr>
231
+
<tr>
232
+
<td>
233
+
<strong>DEV:</strong> DATA_ENCRYPTION_KEY
234
+
</td>
235
+
<td rowspan="2">
236
+
"" (empty string)
237
+
</td>
238
+
<td rowspan="2">
239
+
<strong>Currently unused; intended for future use.</strong>
240
+
</td>
241
+
</tr>
242
+
<tr>
243
+
<td>
244
+
<strong>PROD:</strong> DATA_ENCRYPTION_KEY
245
+
</td>
246
+
</tr>
247
+
</tbody>
248
+
</table>
83
249
84
250
## Request Logging
85
251
Automatic incoming request logging, is a 2 part process. First, the [`request-logger` hook](api/hooks/request-logger.js) gathers info from the request, and creates a new [`RequestLog` record](api/models/RequestLog.js), making sure to mask anything that may be sensitive, such as passwords. Then, a custom response gathers information from the response, again, scrubbing sensitive data (using the [customToJSON](https://sailsjs.com/documentation/concepts/models-and-orm/model-settings?identity=#customtojson) feature of Sails models) to prevent leaking of password hashes, or anything else that should never be publicly accessible. The [`keepModelsSafe` helper](api/helpers/keep-models-safe.js) and the custom responses (such as [ok](api/responses/ok.js) or [serverError](api/responses/serverError.js)) are responsible for the final leg of request logs.
0 commit comments