services/compose/znas/homelable/.env

# ============================================================
# Homelable — Environment Configuration
# ============================================================
# Deploy: docker stack deploy --env-file homelable.env -c homelable-stack.yml homelable
# ============================================================

# Generate with: python3 -c "import secrets; print(secrets.token_hex(32))"
SECRET_KEY=c11b1b069248886b07fc58f94952e130630853369b58ed36c32589d708e285a7

# --- Web UI credentials ---
AUTH_USERNAME=admin
# Generate hash:
#   docker run --rm ghcr.io/pouzor/homelable-backend:latest \
#     python -c "from passlib.context import CryptContext; print(CryptContext(schemes=['bcrypt']).hash('yourpassword'))"
# Keep single quotes — bcrypt hashes contain $ characters
AUTH_PASSWORD_HASH='$2b$12$EgnSJrBorqg9ibNl6IGARuXg/pmq52/sDiIeISL1tMEkz/o9cjE3i'

# --- Network scanner ---
# Adjust CIDR ranges to match your subnet layout
SCANNER_RANGES=["192.168.3.0/24","192.168.4.0/24","192.168.5.0/24"]

# How often to poll node health (seconds)
STATUS_CHECKER_INTERVAL=60

# --- MCP server keys ---
# Authenticates external MCP clients (Open WebUI / Gremlin, Claude Code, n8n)
# Generate: python3 -c "import secrets; print('mcp_sk_' + secrets.token_hex(32))"
MCP_API_KEY=mcp_sk_CHANGEME

# Authenticates MCP server -> backend internally (never leave this network)
# Generate: python3 -c "import secrets; print('svc_' + secrets.token_hex(32))"
MCP_SERVICE_KEY=svc_d60114070a6f3c4cfe5cd9f676499a857088f5da37d18499c8cf9901264fdab7