FastAPI MCP Template

# =============================================== # FastAPI + MCP Template - Environment Variables # =============================================== # Copy this file to .env and update the values for your environment # =============================================== # 🏷️ APPLICATION SETTINGS # =============================================== APP_NAME="My Awesome API" APP_VERSION="0.1.0" APP_DESCRIPTION="FastAPI와 MCP를 활용한 API 서버" ENVIRONMENT="development" # development, production, test # =============================================== # 🌐 SERVER SETTINGS # =============================================== HOST="127.0.0.1" PORT=8000 DEBUG=true RELOAD=true # =============================================== # 🤖 MCP SERVER SETTINGS # =============================================== MCP_HOST="127.0.0.1" MCP_PORT=8001 MCP_TRANSPORT="sse" # stdio, sse, streamable-http # =============================================== # 💾 DATABASE SETTINGS (Optional) # =============================================== # DATABASE_URL="sqlite:///./app.db" # DATABASE_URL="postgresql://user:password@localhost:5432/dbname" # DATABASE_URL="mysql://user:password@localhost:3306/dbname" DATABASE_ECHO=false # =============================================== # 🔐 SECURITY SETTINGS # =============================================== # IMPORTANT: Generate a secure random key for production! # You can generate one using: python -c "import secrets; print(secrets.token_urlsafe(32))" SECRET_KEY="your-secret-key-change-this-in-production" ALGORITHM="HS256" ACCESS_TOKEN_EXPIRE_MINUTES=30 # =============================================== # 🌍 CORS SETTINGS # =============================================== # Development (comma-separated list) CORS_ORIGINS="http://localhost:3000,http://localhost:8080,http://127.0.0.1:3000" # Production (specific domains only) # CORS_ORIGINS="https://yourdomain.com,https://api.yourdomain.com" CORS_CREDENTIALS=true CORS_METHODS="GET,POST,PUT,DELETE,OPTIONS" CORS_HEADERS="*" # =============================================== # 🔌 EXTERNAL API SETTINGS # =============================================== # EXTERNAL_API_URL="https://api.external-service.com" # EXTERNAL_API_KEY="your-external-api-key" # =============================================== # 📝 LOGGING SETTINGS # =============================================== LOG_LEVEL="INFO" # DEBUG, INFO, WARNING, ERROR, CRITICAL LOG_FORMAT="%(asctime)s - %(name)s - %(levelname)s - %(message)s" LOG_FILE="logs/app.log" # =============================================== # 🧪 TESTING SETTINGS # =============================================== TESTING=false # =============================================== # 🚀 PRODUCTION EXAMPLE # =============================================== # For production deployment, use these settings: # # ENVIRONMENT="production" # DEBUG=false # RELOAD=false # LOG_LEVEL="WARNING" # SECRET_KEY="your-super-secure-random-key-here" # CORS_ORIGINS="https://yourdomain.com" # DATABASE_URL="postgresql://user:password@db-host:5432/production_db" # =============================================== # 🧪 TESTING EXAMPLE # =============================================== # For testing environment, use these settings: # # ENVIRONMENT="test" # TESTING=true # LOG_LEVEL="DEBUG" # DATABASE_URL="sqlite:///./test.db" # SECRET_KEY="test-secret-key-for-testing-purposes-only-32-chars" # =============================================== # 📋 ENVIRONMENT-SPECIFIC NOTES # =============================================== # # 🔧 Development: # - DEBUG=true for detailed error messages # - RELOAD=true for auto-restart on code changes # - LOG_LEVEL="DEBUG" for verbose logging # - Permissive CORS settings # # 🚀 Production: # - DEBUG=false for security # - RELOAD=false for stability # - LOG_LEVEL="WARNING" to reduce noise # - Strict CORS settings with specific domains # - Strong SECRET_KEY (32+ characters) # - Secure database connection # # 🧪 Testing: # - TESTING=true to enable test mode # - Fixed SECRET_KEY for consistent tests # - In-memory or test database # - Verbose logging for debugging # # =============================================== # 🛡️ SECURITY CHECKLIST # =============================================== # # ✅ Generate a strong SECRET_KEY # ✅ Set specific CORS_ORIGINS (not "*") # ✅ Use HTTPS in production # ✅ Secure database credentials # ✅ Set appropriate LOG_LEVEL # ✅ Review all settings before deployment # # ===============================================