Enable Discovery debug logging for production troubleshooting

- Add DISCOVERY_LOG_LEVEL=debug - Add DISCOVERY_SHOW_PROGRESS=true - Temporary changes for debugging InitializerProcessor fixes on production
2025-08-11 20:13:26 +02:00
parent 59fd3dd3b1
commit 55a330b223
3683 changed files with 2956207 additions and 16948 deletions
--- a/.env.secrets.example
+++ b/.env.secrets.example
@@ -0,0 +1,107 @@
+# .env.secrets.example - Template for encrypted secrets
+# Copy this file to .env.secrets and encrypt your sensitive values
+# Generated for michaelschiemer.de framework
+
+# =============================================================================
+# ENCRYPTION SETUP
+# =============================================================================
+# 1. Generate an encryption key: php console.php secrets:generate-key
+# 2. Add ENCRYPTION_KEY to your .env file (never commit this!)
+# 3. Encrypt secrets: php console.php secrets:encrypt "your-secret-value"
+# 4. Store encrypted values below with ENC[...] format
+
+# =============================================================================
+# DATABASE SECRETS
+# =============================================================================
+# Production database password (encrypted)
+# SECRET_DB_PASSWORD=ENC[base64encodedencryptedvalue]
+
+# Database backup encryption key
+# SECRET_DB_BACKUP_KEY=ENC[backupencryptionkey]
+
+# =============================================================================
+# API SECRETS
+# =============================================================================
+# Shopify webhook secret
+# SECRET_SHOPIFY_WEBHOOK_SECRET=ENC[shopifywebhooksecret]
+
+# RapidMail API credentials
+# SECRET_RAPIDMAIL_USERNAME=ENC[rapidmailusername]
+# SECRET_RAPIDMAIL_PASSWORD=ENC[rapidmailpassword]
+
+# External API keys
+# SECRET_PAYMENT_API_KEY=ENC[paymentapikey]
+# SECRET_ANALYTICS_API_KEY=ENC[analyticsapikey]
+
+# =============================================================================
+# AUTHENTICATION SECRETS
+# =============================================================================
+# JWT signing secret
+# SECRET_JWT_SECRET=ENC[jwtsigningsecret]
+
+# OAuth client secrets
+# SECRET_OAUTH_GOOGLE_SECRET=ENC[googleoauthsecret]
+# SECRET_OAUTH_GITHUB_SECRET=ENC[githuboauthsecret]
+
+# Session encryption key
+# SECRET_SESSION_KEY=ENC[sessionencryptionkey]
+
+# =============================================================================
+# INFRASTRUCTURE SECRETS
+# =============================================================================
+# Redis password
+# SECRET_REDIS_PASSWORD=ENC[redispassword]
+
+# SMTP credentials
+# SECRET_SMTP_USERNAME=ENC[smtpusername]
+# SECRET_SMTP_PASSWORD=ENC[smtppassword]
+
+# SSL certificate passwords
+# SECRET_SSL_CERT_PASSWORD=ENC[sslcertpassword]
+
+# =============================================================================
+# THIRD-PARTY INTEGRATIONS
+# =============================================================================
+# CDN API secrets
+# SECRET_CDN_API_KEY=ENC[cdnapikey]
+
+# Monitoring service tokens
+# SECRET_MONITORING_TOKEN=ENC[monitoringtoken]
+
+# Backup service credentials
+# SECRET_BACKUP_ACCESS_KEY=ENC[backupaccesskey]
+# SECRET_BACKUP_SECRET_KEY=ENC[backupsecretkey]
+
+# =============================================================================
+# DEVELOPMENT NOTES
+# =============================================================================
+# 
+# Commands for secret management:
+# 
+# Generate encryption key:
+#   php console.php secrets:generate-key
+# 
+# Encrypt a value:
+#   php console.php secrets:encrypt "my-secret-value"
+# 
+# Decrypt a value (for debugging):
+#   php console.php secrets:decrypt "ENC[encrypted-value]"
+# 
+# Rotate all secrets:
+#   php console.php secrets:rotate
+# 
+# Validate secrets setup:
+#   php console.php secrets:validate
+# 
+# =============================================================================
+# SECURITY NOTES
+# =============================================================================
+# 
+# 1. Never commit .env.secrets to version control
+# 2. Store ENCRYPTION_KEY securely (environment variable, secret manager)
+# 3. Use different encryption keys for different environments
+# 4. Regularly rotate secrets and encryption keys
+# 5. Monitor secret access through audit logs
+# 6. Use HTTPS in production for additional security
+# 7. Consider using hardware security modules (HSM) for production
+#