LegacyHUB/.env.prod.example

# ---- PRODUCTION TEMPLATE ----
# Copy to .env.prod and replace every PLACEHOLDER value.
# Never commit .env.prod.
# All values below are placeholders — rotation required before use.

# ==== PostgreSQL ====
POSTGRES_HOST=postgres
POSTGRES_PORT=5432
POSTGRES_DB=legacyhub
POSTGRES_USER=legacyhub_prod
POSTGRES_PASSWORD=__ROTATE_ME__

# ==== MinIO ====
MINIO_ENDPOINT=minio:9000
MINIO_ACCESS_KEY=__ROTATE_ME__
MINIO_SECRET_KEY=__ROTATE_ME__
MINIO_BUCKET_ORIGINALS=legacyhub-originals
MINIO_BUCKET_DERIVED=legacyhub-derived
MINIO_SECURE=true
MINIO_REGION=us-east-1

# ==== OpenSearch (security plugin ON in prod overlay) ====
OPENSEARCH_HOST=opensearch
OPENSEARCH_PORT=9200
OPENSEARCH_USE_SSL=true
OPENSEARCH_VERIFY_CERTS=true
OPENSEARCH_USER=admin
OPENSEARCH_PASSWORD=__ROTATE_ME__
OPENSEARCH_INDEX_CHUNKS=legacy_chunks
OPENSEARCH_ADMIN_PASSWORD=__ROTATE_ME__

# ==== Qdrant ====
QDRANT_HOST=qdrant
QDRANT_PORT=6333
QDRANT_API_KEY=__ROTATE_ME__
QDRANT_COLLECTION_CHUNKS=legacy_chunks

# ==== Redis ====
REDIS_URL=redis://:__ROTATE_ME__@redis:6379/0

# ==== OCR ====
OCR_LANGUAGES=rus+eng
OCR_ENABLED=true
DOCLING_OCR_ENABLED=false
MAX_DOCUMENT_TIMEOUT_SECONDS=300

# ==== Embeddings / Reranker ====
EMBEDDING_MODEL=BAAI/bge-m3
EMBEDDING_DIM=1024
EMBEDDING_DEVICE=cuda
EMBEDDING_BATCH_SIZE=32
EMBEDDING_NORMALIZE=true

RERANKER_MODEL=BAAI/bge-reranker-v2-m3
RERANKER_DEVICE=cuda
RERANKER_ENABLED=true
RERANKER_BATCH_SIZE=32

# ==== Hybrid search ====
HYBRID_OPENSEARCH_TOP_K=50
HYBRID_QDRANT_TOP_K=50
HYBRID_RRF_K=60
RERANK_CANDIDATES=40

# ==== App ====
APP_LOG_LEVEL=INFO
APP_HOST=0.0.0.0
APP_PORT=8000
APP_INPUT_DIR=/data/input
APP_WORK_DIR=/data/work
APP_API_PREFIX=/api/v1

# Comma-separated list of allowed origins. NEVER use * in production.
CORS_ALLOWED_ORIGINS=https://legacyhub.teamhub.example

# Mandatory in production. Use a long random value (e.g. `openssl rand -hex 32`).
API_KEY=__ROTATE_ME__