Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 8 additions & 0 deletions .env.example
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,14 @@ SECUSCAN_BIND_PORT=8000
# SECUSCAN_REDIS_URL=redis://127.0.0.1:6379/0
# SECUSCAN_CACHE_TTL_SECONDS=30

# PostgreSQL — optional overrides for docker-compose (defaults work for local dev)
# The default credentials are only reachable on 127.0.0.1. Override them if
# PostgreSQL will be accessible beyond localhost.
# Generate a strong password with: python -c "import secrets; print(secrets.token_urlsafe(32))"
# SECUSCAN_POSTGRES_USER=secuscan
# SECUSCAN_POSTGRES_DB=secuscan
# SECUSCAN_POSTGRES_PASSWORD=

# Docker Support
SECUSCAN_DOCKER_ENABLED=false
# Docker sandbox network (auto-created if absent; ICC disabled for isolation)
Expand Down
2 changes: 2 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -173,6 +173,8 @@ cd SecuScan
docker compose up --build
```

The quickstart uses default local-only credentials. For production or any deployment where PostgreSQL is reachable beyond localhost, set `SECUSCAN_POSTGRES_PASSWORD` (and optionally `SECUSCAN_POSTGRES_USER`, `SECUSCAN_POSTGRES_DB`) in a `.env` file before starting. See `.env.example` for details.

Open:

- Frontend: `http://127.0.0.1:5173`
Expand Down
10 changes: 5 additions & 5 deletions docker-compose.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,15 +3,15 @@ services:
postgres:
image: postgres:16-alpine
environment:
POSTGRES_DB: secuscan
POSTGRES_USER: secuscan
POSTGRES_PASSWORD: secuscan
POSTGRES_DB: ${SECUSCAN_POSTGRES_DB:-secuscan}
POSTGRES_USER: ${SECUSCAN_POSTGRES_USER:-secuscan}
POSTGRES_PASSWORD: ${SECUSCAN_POSTGRES_PASSWORD:-secuscan}
ports:
- "127.0.0.1:5432:5432"
volumes:
- postgres_data:/var/lib/postgresql/data
healthcheck:
test: ["CMD-SHELL", "pg_isready -U secuscan -d secuscan"]
test: ["CMD-SHELL", "pg_isready -U ${SECUSCAN_POSTGRES_USER:-secuscan} -d ${SECUSCAN_POSTGRES_DB:-secuscan}"]
interval: 10s
timeout: 5s
retries: 5
Expand Down Expand Up @@ -43,7 +43,7 @@ services:
environment:
- SECUSCAN_BIND_ADDRESS=0.0.0.0 # fix: was 127.0.0.1, unreachable inside Docker
- SECUSCAN_BIND_PORT=8081
- SECUSCAN_POSTGRES_DSN=postgresql://secuscan:secuscan@postgres:5432/secuscan
- SECUSCAN_POSTGRES_DSN=postgresql://${SECUSCAN_POSTGRES_USER:-secuscan}:${SECUSCAN_POSTGRES_PASSWORD:-secuscan}@postgres:5432/${SECUSCAN_POSTGRES_DB:-secuscan}
- SECUSCAN_REDIS_URL=redis://redis:6379/0
- SECUSCAN_PLUGINS_DIR=/app/plugins
depends_on:
Expand Down
5 changes: 5 additions & 0 deletions docs/windows_contributor_guide.md
Original file line number Diff line number Diff line change
Expand Up @@ -222,6 +222,11 @@ docker compose up --build
If `docker compose` fails even though Docker Desktop is installed, open Docker
Desktop first and wait until the engine reports it is running.

The quickstart uses default local-only credentials. To set custom PostgreSQL
credentials (recommended for production), create a `.env` file in the project
root before running `docker compose up --build`. See `.env.example` for the
available variables.

---

## Common Windows Troubleshooting
Expand Down
Loading