fix: security first development

- criar gerador de Secrets JWT e Rails
- udpate docker envs

Author: Bulletdev

.env.example

@@ -1,36 +1,59 @@
-# Database
-DB_HOST=localhost
-DB_PORT=5432
-DB_USERNAME=postgres
-DB_PASSWORD=
+# ===========================================
+# Docker Compose Configuration
+# ===========================================
+
+# PostgreSQL (when using local Docker postgres)
+POSTGRES_DB=prostaff_api_development
+POSTGRES_USER=postgres
+POSTGRES_PASSWORD=password
+POSTGRES_PORT=5432
+
+# Redis
+REDIS_PORT=6379
+REDIS_URL=redis://redis:6379/0
+
+# API Port
+API_PORT=3333
+
+# ===========================================
+# Application Configuration
+# ===========================================
+
+# Database Connection
+# For Docker with local postgres: postgresql://postgres:password@postgres:5432/prostaff_api_development
+# For Supabase: postgresql://user:password@host:port/database
+DATABASE_URL=postgresql://postgres:password@postgres:5432/prostaff_api_development
 
 # Rails
 RAILS_ENV=development
 SECRET_KEY_BASE=your_secret_key_here
 
-# JWT
+# JWT Authentication
 JWT_SECRET_KEY=your_jwt_secret_key_here
 JWT_EXPIRATION_HOURS=24
 
 # Riot API
 RIOT_API_KEY=your_riot_api_key_here
 
-# Redis (for Sidekiq and caching)
-REDIS_URL=redis://localhost:6379/0
+# CORS - Add your frontend URLs separated by commas
+CORS_ORIGINS=http://localhost:8888,http://localhost:5173,http://localhost:8080,http://localhost:3001
 
-# CORS
-CORS_ORIGINS=http://localhost:8888,http://localhost:5173,http://localhost:8080
+# ===========================================
+# Email Configuration (Optional)
+# ===========================================
 
-# Email (for password reset)
 SMTP_ADDRESS=smtp.gmail.com
 SMTP_PORT=587
 SMTP_USERNAME=[email protected]
-SMTP_PASSWORD=your_password
+SMTP_PASSWORD=your_app_password
 SMTP_DOMAIN=gmail.com
 
 # Frontend URL (for email links)
 FRONTEND_URL=http://localhost:8888
 
+# ===========================================
 # Rate Limiting
+# ===========================================
+
 RACK_ATTACK_LIMIT=300
 RACK_ATTACK_PERIOD=300

docker-compose.yml

@@ -3,15 +3,15 @@ services:
   postgres:
     image: postgres:15-alpine
     environment:
-      POSTGRES_DB: prostaff_api_development
-      POSTGRES_USER: postgres
-      POSTGRES_PASSWORD: password
+      POSTGRES_DB: ${POSTGRES_DB:-prostaff_api_development}
+      POSTGRES_USER: ${POSTGRES_USER:-postgres}
+      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-password}
     volumes:
       - postgres_data:/var/lib/postgresql/data
     ports:
-      - "5432:5432"
+      - "${POSTGRES_PORT:-5432}:5432"
     healthcheck:
-      test: ["CMD-SHELL", "pg_isready -U postgres"]
+      test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-postgres}"]
       interval: 10s
       timeout: 5s
       retries: 5
@@ -22,7 +22,7 @@ services:
     volumes:
       - redis_data:/data
     ports:
-      - "6399:6379"
+      - "${REDIS_PORT:-6379}:6379"
     healthcheck:
       test: ["CMD", "redis-cli", "ping"]
       interval: 10s
@@ -33,34 +33,35 @@ services:
   api:
     build: .
     environment:
-      DATABASE_URL: postgresql://postgres:password@postgres:5432/prostaff_api_development
-      REDIS_URL: redis://redis:6379/0
-      RAILS_ENV: development
-      JWT_SECRET_KEY: your_jwt_secret_key_for_development
-      CORS_ORIGINS: http://localhost:5173,http://localhost:8080,http://localhost:3001
+      DATABASE_URL: ${DATABASE_URL}
+      REDIS_URL: ${REDIS_URL:-redis://redis:6379/0}
+      RAILS_ENV: ${RAILS_ENV:-development}
+      JWT_SECRET_KEY: ${JWT_SECRET_KEY}
+      CORS_ORIGINS: ${CORS_ORIGINS}
+      RIOT_API_KEY: ${RIOT_API_KEY}
     volumes:
       - .:/app
       - bundle_cache:/usr/local/bundle
     ports:
-      - "3333:3000"
+      - "${API_PORT:-3333}:3000"
     depends_on:
-      postgres:
-        condition: service_healthy
       redis:
         condition: service_healthy
     command: >
       sh -c "
-        bundle exec rails db:create db:migrate db:seed &&
-        bundle exec rails server -b 0.0.0.0
+        rm -f tmp/pids/server.pid &&
+        bundle exec rails db:migrate &&
+        bundle exec rails server -b 0.0.0.0 -p 3000
       "
 
   # Sidekiq for background jobs
   sidekiq:
     build: .
     environment:
-      DATABASE_URL: postgresql://postgres:password@postgres:5432/prostaff_api_development
-      REDIS_URL: redis://redis:6379/0
-      RAILS_ENV: development
+      DATABASE_URL: ${DATABASE_URL}
+      REDIS_URL: ${REDIS_URL:-redis://redis:6379/0}
+      RAILS_ENV: ${RAILS_ENV:-development}
+      JWT_SECRET_KEY: ${JWT_SECRET_KEY}
     volumes:
       - .:/app
       - bundle_cache:/usr/local/bundle

scripts/generate_secrets.sh

@@ -0,0 +1,20 @@
+#!/bin/bash
+
+echo "================================================"
+echo "🔐 ProStaff API - Secret Generator"
+echo "================================================"
+echo ""
+echo "Cole esses valores no seu arquivo .env:"
+echo ""
+
+echo "# Rails Secret Key Base"
+echo "SECRET_KEY_BASE=$(openssl rand -hex 64)"
+echo ""
+
+echo "# JWT Secret Key"
+echo "JWT_SECRET_KEY=$(openssl rand -hex 64)"
+echo ""
+
+echo "================================================"
+echo "✅ Secrets gerados com sucesso!"
+echo "================================================"