Skip to main content

Configuration

Configuration

Before running the application, ensure that all necessary configurations are set. Here are the key configuration files and their purposes:

Application Configuration (app.conf)

This file contains all the necessary configurations for running the application in different environments (development, production). Here are some of the key configurations:

  • Security: Configure SSL certificates for secure connections.
  • Admin Panel: Enable or disable the admin panel and set its address and port.

Sensitive configurations such as API keys and database credentials are managed via AWS Secrets Manager to ensure security and compliance. Specific secrets include:

  • Database Credentials
  • API Keys for third-party services
  • Encryption keys

Environment Variables

The application also uses environment variables for sensitive and environment-specific settings:

  • MAPBOX_API_KEY: API key for Mapbox services.
  • GMAPS_API_KEY: API key for Google Maps services.
  • AWS_REGION: AWS region for deploying services.

Ensure these variables are set in your environment before running the application.

Secrets Management

Sensitive configurations such as API keys, database credentials, and encryption keys are managed via AWS Secrets Manager to ensure security and compliance. This approach helps in securely storing and accessing secrets needed by the application at runtime.

Here are some of the specific secrets managed through AWS Secrets Manager:

  • Database Credentials: Used for accessing the primary database securely without hardcoding credentials in the configuration files.
  • API Keys for Third-Party Services: Such as payment gateways, map services, and other external APIs.
  • Encryption Keys: Used for encrypting sensitive data before storing it in databases or other storage systems.

To integrate these secrets into the application, the AWS SDK is used to retrieve the secrets at runtime based on the environment the application is running in. This ensures that development, staging, and production environments can have different sets of credentials without code changes.