# ============================================ # LogStack Environment Configuration # IAM Role Authentication Support # ============================================ # ============================================ # DATABASE CONFIGURATION # ============================================ MONGODB_URI=mongodb://localhost:27017/logstack # MONGODB_URI=mongodb+srv://username:password@cluster.mongodb.net/logstack # ============================================ # S3 CONFIGURATION - CHOOSE ONE METHOD # ============================================ # ----------------------------------------------- # METHOD 1: ACCESS KEYS (Default) # Use this for: Local development, non-AWS servers # ----------------------------------------------- AWS_ACCESS_KEY_ID=AKIA... AWS_SECRET_ACCESS_KEY=abcd1234... AWS_REGION=us-east-1 S3_BUCKET=my-logs-bucket # To use this method in code: # s3: { # bucket: process.env.S3_BUCKET, # region: process.env.AWS_REGION, # accessKeyId: process.env.AWS_ACCESS_KEY_ID, # secretAccessKey: process.env.AWS_SECRET_ACCESS_KEY, # } # ----------------------------------------------- # METHOD 2: IAM ROLE (AWS Environments) # Use this for: EC2, ECS, Lambda, EKS # ----------------------------------------------- # AWS_REGION=us-east-1 # S3_BUCKET=my-logs-bucket # USE_IAM_ROLE=true # To use this method in code: # s3: { # bucket: process.env.S3_BUCKET, # region: process.env.AWS_REGION, # useIAMRole: true, // No credentials needed! # } # Note: When using IAM role, do NOT set AWS_ACCESS_KEY_ID # or AWS_SECRET_ACCESS_KEY. AWS SDK will automatically # retrieve credentials from EC2/ECS/Lambda metadata. # ============================================ # S3 OPTIONAL SETTINGS # ============================================ S3_KEY_PREFIX=logs/ S3_ENDPOINT=https://s3.amazonaws.com # S3_ENDPOINT=https://nyc3.digitaloceanspaces.com # For DigitalOcean Spaces # S3_ENDPOINT=http://localhost:9000 # For MinIO # ============================================ # APPLICATION SETTINGS # ============================================ NODE_ENV=development # NODE_ENV=production PORT=4000 # ============================================ # LOGGING SETTINGS # ============================================ LOG_LEVEL=info # LOG_LEVEL=debug # LOG_LEVEL=warn # LOG_LEVEL=error # ============================================ # CRON SETTINGS # ============================================ DAILY_CRON=0 0 * * * # Midnight daily HOURLY_CRON=0 * * * * # Every hour TIMEZONE=UTC # TIMEZONE=America/New_York # TIMEZONE=Asia/Karachi # ============================================ # COMPRESSION SETTINGS # ============================================ COMPRESSION_ENABLED=true COMPRESSION_FORMAT=gzip # COMPRESSION_FORMAT=brotli # COMPRESSION_FORMAT=zip COMPRESSION_LEVEL=6 # 1-9 (1=fastest, 9=best compression) # ============================================ # DATA MASKING (Security) # ============================================ DATA_MASKING_ENABLED=true MASK_EMAILS=true MASK_IPS=false MASK_CONNECTION_STRINGS=true # ============================================ # RETENTION POLICIES # ============================================ # Database retention (days) DB_RETENTION_API_LOGS=90 DB_RETENTION_JOBS=null # null = keep forever DB_RETENTION_LOGS=null # null = keep forever DB_AUTO_CLEANUP=true DB_CLEANUP_CRON=0 2 * * * # Daily at 2 AM # Storage retention (days) STORAGE_RETENTION_FILES=365 # 1 year STORAGE_AUTO_CLEANUP=true STORAGE_CLEANUP_CRON=0 3 * * * # Daily at 3 AM # S3 Lifecycle (AWS-native) S3_LIFECYCLE_EXPIRATION=365 S3_LIFECYCLE_IA=90 # Infrequent Access S3_LIFECYCLE_GLACIER=180 S3_LIFECYCLE_DEEP_ARCHIVE=null # Disabled # ============================================ # COLLECTION NAMES (Multi-environment) # ============================================ # Useful for separating dev/staging/production in same database API_LOGS_COLLECTION=production_api_logs JOBS_COLLECTION=production_jobs LOGS_COLLECTION=production_logs # Development: # API_LOGS_COLLECTION=dev_api_logs # JOBS_COLLECTION=dev_jobs # LOGS_COLLECTION=dev_logs # ============================================ # SECURITY (API Server) # ============================================ API_KEY=your-secure-api-key-here # Generate strong key: openssl rand -hex 32 # ============================================ # EXAMPLE CONFIGURATIONS # ============================================ # ----------------------------- # LOCAL DEVELOPMENT EXAMPLE # ----------------------------- # MONGODB_URI=mongodb://localhost:27017/logstack_dev # AWS_ACCESS_KEY_ID=AKIA... # AWS_SECRET_ACCESS_KEY=abcd... # AWS_REGION=us-east-1 # S3_BUCKET=dev-logs-bucket # NODE_ENV=development # LOG_LEVEL=debug # ----------------------------- # AWS EC2 PRODUCTION EXAMPLE # ----------------------------- # MONGODB_URI=mongodb+srv://user:pass@cluster.mongodb.net/logstack_prod # AWS_REGION=us-east-1 # S3_BUCKET=production-logs-bucket # USE_IAM_ROLE=true # NODE_ENV=production # LOG_LEVEL=info # COMPRESSION_ENABLED=true # DB_AUTO_CLEANUP=true # STORAGE_AUTO_CLEANUP=true # ----------------------------- # AWS LAMBDA EXAMPLE # ----------------------------- # MONGODB_URI=mongodb+srv://user:pass@cluster.mongodb.net/logstack # AWS_REGION=us-east-1 # S3_BUCKET=lambda-logs-bucket # USE_IAM_ROLE=true # NODE_ENV=production # ----------------------------- # DIGITALOCEAN SPACES EXAMPLE # ----------------------------- # MONGODB_URI=mongodb://localhost:27017/logstack # AWS_ACCESS_KEY_ID=DO_SPACES_KEY # AWS_SECRET_ACCESS_KEY=DO_SPACES_SECRET # AWS_REGION=nyc3 # S3_BUCKET=my-spaces-bucket # S3_ENDPOINT=https://nyc3.digitaloceanspaces.com # NODE_ENV=production