use dotenv config to load sensitive values from environment variables

.env

@@ -0,0 +1,21 @@
+# Fusio
+FUSIO_PROJECT_KEY="42eec18ffdbffc9fda6110dcc705d6ce"
+FUSIO_URL="http://127.0.0.1/projects/fusio/public"
+FUSIO_ENV="dev" # dev or prod
+FUSIO_DB_NAME="fusio"
+FUSIO_DB_USER="root"
+FUSIO_DB_PW=""
+FUSIO_DB_HOST="localhost"
+
+# Config (resources/config.yaml)
+# Login provider
+PROVIDER_FACEBOOK_SECRET=""
+PROVIDER_GOOGLE_SECRET=""
+PROVIDER_GITHUB_SECRET=""
+
+# Register captcha
+RECAPTCHA_SECRET=""
+
+# Connections (resources/connections.yaml)
+# Default-Connection
+SQLITE_1_DB="todo-app.db"

CHANGELOG.md

@@ -1,5 +1,10 @@
 
-### 1.0.0-RC6
+### 1.0.0-RC7
+
+* Use dotenv config to load sensitive values from environment variables
+* Add missing help files
+
+### 1.0.0-RC6 (2017-12-14)
 
 * Update developer app
 * Summarize deploy status and improve deploy output #108

composer.json

@@ -12,7 +12,8 @@
   ],
   "require": {
     "php": ">=7.0",
-    "fusio/impl": "^1.0"
+    "fusio/impl": "^1.0",
+    "symfony/dotenv": "^3.4"
   },
   "require-dev": {
     "phpunit/phpunit": "^5.6",

configuration.php

@@ -1,6 +1,11 @@
 <?php
 
-return array(
+if (!getenv('FUSIO_ENV')) {
+    $dotenv = new \Symfony\Component\Dotenv\Dotenv();
+    $dotenv->load(__DIR__ . '/.env');
+}
+
+return [
 
     // Whether the implicit flow is allowed. This is mostly needed for 
     // javascript apps
@@ -21,7 +26,7 @@
     // the database. NOTE IF YOU CHANGE THE KEY FUSIO CAN NO LONGER READ ANY 
     // DATA WHICH WAS ENCRYPTED BEFORE. BECAUSE OF THAT IT IS RECOMMENDED TO 
     // CHANGE THE KEY ONLY BEFORE THE INSTALLATION
-    'fusio_project_key'       => '42eec18ffdbffc9fda6110dcc705d6ce',
+    'fusio_project_key'       => getenv('FUSIO_PROJECT_KEY'),
 
     // Settings of the internal mailer. By default we use the internal PHP mail
     // function
@@ -52,22 +57,22 @@
 
     // The url to the psx public folder (i.e. http://127.0.0.1/psx/public or 
     // http://localhost.com)
-    'psx_url'                 => 'http://127.0.0.1/projects/fusio/public',
+    'psx_url'                 => getenv('FUSIO_URL'),
 
     // The default timezone
     'psx_timezone'            => 'UTC',
 
     // Whether PSX runs in debug mode or not. If not error reporting is set to 0
     // Also several caches are used if the debug mode is false
-    'psx_debug'               => true,
+    'psx_debug'               => getenv('FUSIO_ENV') != 'prod',
 
     // Database parameters which are used for the doctrine DBAL connection
     // http://docs.doctrine-project.org/projects/doctrine-dbal/en/latest/reference/configuration.html
     'psx_connection'          => [
-        'dbname'              => 'fusio',
-        'user'                => 'root',
-        'password'            => '',
-        'host'                => 'localhost',
+        'dbname'              => getenv('FUSIO_DB_NAME'),
+        'user'                => getenv('FUSIO_DB_USER'),
+        'password'            => getenv('FUSIO_DB_PW'),
+        'host'                => getenv('FUSIO_DB_HOST'),
         'driver'              => 'pdo_mysql',
     ],
 
@@ -89,7 +94,18 @@
 
     // A closure which returns a doctrine cache implementation. If null the
     // filesystem cache is used
-    //'psx_cache_factory'       => null,
+    /*
+    'psx_cache_factory'       => function($config, $namespace){
+        $memcached = new \Memcached();
+        $memcached->addServer(getenv('FUSIO_MEMCACHE_HOST'), getenv('FUSIO_MEMCACHE_PORT'));
+
+        $memcache = new \Doctrine\Common\Cache\MemcachedCache();
+        $memcache->setMemcached($memcached);
+        $memcache->setNamespace($namespace);
+
+        return $memcache;
+    },
+    */
 
     // A closure which returns a monolog handler implementation. If null the
     // system handler is used
@@ -102,4 +118,4 @@
     // specify a custom template
     //'psx_error_template'      => null,
 
-);
+];

doc/installation.rst

@@ -20,9 +20,9 @@ Configuration
 
 * **Adjust the configuration file**
 
-  Open the file ``configuration.php`` in the Fusio directory and change the key 
-  ``psx_url`` to the domain pointing to the public folder. Also insert the 
-  database credentials to the ``psx_connection`` keys.
+  Open the file ``.env`` in the Fusio directory and change the key ``FUSIO_URL``
+  to the domain pointing to the public folder. Also insert the database 
+  credentials to the ``FUSIO_DB_*`` keys.
 * **Execute the installation command**
 
   The installation script inserts the Fusio database schema into the provided 

resources/config.yaml

@@ -17,13 +17,13 @@ mail_register_body: >
 # Email address which is used in the "From" header
 mail_sender: ""
 # Facebook app secret
-provider_facebook_secret: ""
+provider_facebook_secret: "${env.PROVIDER_FACEBOOK_SECRET}"
 # Google app secret
-provider_google_secret: ""
+provider_google_secret: "${env.PROVIDER_GOOGLE_SECRET}"
 # GitHub app secret
-provider_github_secret: ""
+provider_github_secret: "${env.PROVIDER_GITHUB_SECRET}"
 # ReCaptcha secret
-recaptcha_secret: ""
+recaptcha_secret: "${env.RECAPTCHA_SECRET}"
 # If set each API response contains a Access-Control-Allow-Origin header with 
 # the provided value
 cors_allow_origin: "*"