From a1e5e6234fcfebd41498d92897af07d1c261af6d Mon Sep 17 00:00:00 2001
From: Liam Stanley <me@liamstanley.io>
Date: Tue, 7 May 2019 15:07:59 -0400
Subject: [PATCH] set better security defaults in docker-compose.yml

Without `APP_DEBUG=false` or `APP_ENV=production`, this may lead to unwanted exposure of environment variables when a user hits an exception (or even a 404). With docker specifically, these environment variables also include the database credentials. This change will ensure this debugging functionality is not enabled by default.
---
 docker-compose.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/docker-compose.yml b/docker-compose.yml
index 2703373a..9bef4b09 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -28,6 +28,8 @@ services:
       - DB_PREFIX=chq_
       - APP_KEY=${APP_KEY:-null}
       - APP_LOG=errorlog
+      - APP_ENV=production
+      - APP_DEBUG=false
       - DEBUG=false
     depends_on:
       - postgres