2026-05-07 10:48:49 +05:30
|
|
|
# copy this to .env and fill in your values
|
|
|
|
|
# don't commit your actual .env file
|
|
|
|
|
|
2026-04-07 18:13:43 +05:30
|
|
|
APP_NAME=SecureLens AI
|
2026-05-03 16:10:42 +05:30
|
|
|
APP_VERSION=1.1.0
|
2026-04-07 18:13:43 +05:30
|
|
|
DEBUG=true
|
|
|
|
|
|
|
|
|
|
HOST=0.0.0.0
|
|
|
|
|
PORT=8000
|
|
|
|
|
|
2026-05-07 10:48:49 +05:30
|
|
|
# comma-separated, add your frontend origin here
|
2026-04-07 18:13:43 +05:30
|
|
|
CORS_ORIGINS=http://localhost:3000,http://localhost:5173
|
|
|
|
|
|
|
|
|
|
RATE_LIMIT=30/minute
|
|
|
|
|
|
2026-05-07 10:48:49 +05:30
|
|
|
# how long to wait when scanning a URL (seconds)
|
2026-04-07 18:13:43 +05:30
|
|
|
SCAN_TIMEOUT=5
|
|
|
|
|
PATH_CHECK_TIMEOUT=3
|
|
|
|
|
|
|
|
|
|
DATABASE_URL=postgresql+asyncpg://securelens:securelens@localhost:5433/securelens
|
|
|
|
|
|
2026-05-07 10:48:49 +05:30
|
|
|
# change this in production, use something long and random
|
2026-05-03 16:10:42 +05:30
|
|
|
JWT_SECRET=change-me-in-production-use-a-long-random-string
|
2026-04-07 18:13:43 +05:30
|
|
|
|
2026-05-07 10:48:49 +05:30
|
|
|
# AI provider - uses LiteLLM so you can swap models by changing these two lines
|
|
|
|
|
# gemini (default)
|
2026-05-03 16:10:42 +05:30
|
|
|
AI_MODEL=gemini/gemini-2.0-flash
|
2026-05-07 10:48:49 +05:30
|
|
|
AI_API_KEY=your-api-key-here
|
2026-05-03 16:10:42 +05:30
|
|
|
|
2026-05-07 10:48:49 +05:30
|
|
|
# openai — uncomment to use instead
|
2026-05-03 16:10:42 +05:30
|
|
|
# AI_MODEL=gpt-4o-mini
|
2026-05-07 10:48:49 +05:30
|
|
|
# AI_API_KEY=sk-...
|
2026-05-03 16:10:42 +05:30
|
|
|
|
2026-05-07 10:48:49 +05:30
|
|
|
# anthropic claude — uncomment to use instead
|
2026-05-03 16:10:42 +05:30
|
|
|
# AI_MODEL=claude-3-5-haiku-20241022
|
2026-05-07 10:48:49 +05:30
|
|
|
# AI_API_KEY=sk-ant-...
|
2026-05-03 16:10:42 +05:30
|
|
|
|
2026-05-07 10:48:49 +05:30
|
|
|
# openrouter — one key for all models
|
2026-05-03 16:10:42 +05:30
|
|
|
# AI_MODEL=openrouter/google/gemini-2.0-flash-exp:free
|
2026-05-07 10:48:49 +05:30
|
|
|
# AI_API_KEY=sk-or-...
|
2026-05-03 16:10:42 +05:30
|
|
|
|
2026-05-07 10:48:49 +05:30
|
|
|
# ollama (local, no key needed)
|
2026-05-03 16:10:42 +05:30
|
|
|
# AI_MODEL=ollama/llama3.1
|
|
|
|
|
# AI_API_KEY=
|
|
|
|
|
|
2026-05-07 10:48:49 +05:30
|
|
|
# old gemini key still works if you haven't migrated yet
|
|
|
|
|
# GEMINI_API_KEY=
|
2026-05-03 16:10:42 +05:30
|
|
|
|
2026-05-07 10:48:49 +05:30
|
|
|
# threat intelligence — both have free tiers, leave blank to skip
|
|
|
|
|
# virustotal.com — 500 lookups/day free
|
2026-05-03 16:10:42 +05:30
|
|
|
VIRUSTOTAL_API_KEY=
|
2026-05-07 10:48:49 +05:30
|
|
|
# abuseipdb.com — 1000 lookups/day free
|
2026-05-03 16:10:42 +05:30
|
|
|
ABUSEIPDB_API_KEY=
|
2026-05-07 10:35:36 +05:30
|
|
|
|
2026-05-07 10:48:49 +05:30
|
|
|
# nuclei active scanner — leave blank if nuclei isn't installed
|
|
|
|
|
# it'll search PATH automatically, or set an explicit path here
|
|
|
|
|
# install: go install github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest
|
|
|
|
|
NUCLEI_BINARY_PATH=
|
|
|
|
|
|
|
|
|
|
# slack alerts — paste your incoming webhook URL here to get notified on scan completion
|
|
|
|
|
# and score regressions. leave blank to skip
|
|
|
|
|
# create one at: https://api.slack.com/messaging/webhooks
|
|
|
|
|
SLACK_WEBHOOK_URL=
|
|
|
|
|
|
|
|
|
|
# email alerts via SMTP — leave SMTP_HOST blank to skip
|
|
|
|
|
# works with gmail app passwords, sendgrid, etc.
|
|
|
|
|
SMTP_HOST=
|
|
|
|
|
SMTP_PORT=587
|
|
|
|
|
SMTP_USERNAME=
|
|
|
|
|
SMTP_PASSWORD=
|
|
|
|
|
SMTP_FROM_EMAIL=
|
|
|
|
|
# set to true if your provider uses port 465 (SSL), false for port 587 (STARTTLS)
|
|
|
|
|
SMTP_USE_SSL=false
|
