SloMR · SloMR · May 8, 2026 · May 7, 2026 · May 7, 2026 · May 7, 2026
@@ -0,0 +1,28 @@
+# Development Environment Variables
+#
+# Copy this file to .env.development and adjust values for your machine:
+#   cp .env.development.example .env.development
+#
+# Then run ./scripts/configure-network.sh to set your local IP automatically.
+# Do NOT commit .env.development — it is gitignored.
+
+CERT_PATH=./certs
+CONTAINER_USER=nobody
+SERVER_ENV=docker-dev
+
+# Build Configuration for Development
+BUILD_MODE=development
+NPM_BUILD_CONFIG=docker-dev
+RUST_BUILD_MODE=debug
+
+# NGINX Configuration for Development
+HOST=127.0.0.1
+PORT=4000
+SERVER_NAME=127.0.0.1
+
+# Sentry (error tracking)
+# Leave SENTRY_ENABLED=false in dev unless you actively want to send events.
+# SENTRY_DSN must stay empty in this committed file — set it only in your
+# local .env.development (which is gitignored).
+SENTRY_DSN=
+SENTRY_ENABLED=false
@@ -0,0 +1,28 @@
+# Production Environment Variables
+#
+# This file is a template. On your production host (e.g. the EC2 instance):
+#   cp .env.production.example .env.production
+#   chmod 600 .env.production
+#   # then edit .env.production and fill in real secrets (SENTRY_DSN, etc.)
+#
+# .env.production is gitignored — it must NEVER be committed.
+
+CERT_PATH=/etc/ssl/pastepoint
+CONTAINER_USER=nobody
+SERVER_ENV=production
+
+# Build Configuration for Production
+BUILD_MODE=production
+NPM_BUILD_CONFIG=docker
+RUST_BUILD_MODE=release
+
+# NGINX Configuration for Production
+HOST=0.0.0.0
+PORT=4000
+SERVER_NAME=pastepoint.com
+
+# Sentry (error tracking)
+# Set SENTRY_DSN to the production server DSN. Without it, Sentry stays
+# disabled even if SENTRY_ENABLED=true.
+SENTRY_DSN=
+SENTRY_ENABLED=true
@@ -1,5 +1,8 @@
 .DS_Store
 .env
+.env.development
+.env.production
+.env.*.local
 target/*
 node_modules/*
 certs/*

@@ -4,14 +4,12 @@
 
 This document outlines the legal disclaimer for the use of **PastePoint**, a peer-to-peer file sharing and messaging platform focused on privacy, speed, and local connectivity. By using PastePoint, you agree to the terms outlined below. If you do not agree with these terms, please discontinue use.
 
-
 ## 1. No Warranty
 
 PastePoint is provided “as is,” without any warranty of any kind, express or implied. This includes, but is not limited to, warranties of merchantability, fitness for a particular purpose, and non-infringement.
 
 The developers make no guarantees about the reliability, availability, or security of the service.
 
-
 ## 2. Limitation of Liability
 
 Under no circumstances shall the creators, maintainers, or contributors of PastePoint be held liable for any damages or claims resulting from the use or misuse of this software, including but not limited to:
@@ -23,7 +21,6 @@ Under no circumstances shall the creators, maintainers, or contributors of Paste
 
 Users accept full responsibility for their actions and content shared via PastePoint.
 
-
 ## 3. Intended Use
 
 PastePoint is designed for:
@@ -34,7 +31,6 @@ PastePoint is designed for:
 
 It is **not recommended** for use over public or untrusted networks unless you fully understand and accept the associated risks.
 
-
 ## 4. User Responsibility
 
 By using PastePoint, you agree to:
@@ -45,7 +41,6 @@ By using PastePoint, you agree to:
 
 The developers are not responsible for monitoring or controlling user activity.
 
-
 ## 5. No Data Retention
 
 PastePoint does **not** store:
@@ -55,8 +50,7 @@ PastePoint does **not** store:
 - Metadata
 - IP logs or session history
 
-All file transfers occur directly and are ephemeral. However, your device, browser, or network may log information independently.
-
+All file transfers occur directly and are ephemeral. However, your device, browser, or network may log information independently. The application may send anonymized error reports to a third-party error-tracking service to help maintainers diagnose crashes; see §11 below.
 
 ## 6. Encryption & Security
 
@@ -68,14 +62,12 @@ PastePoint uses:
 
 Security is a shared responsibility between the app and the user. For sensitive usage, use trusted certificates and ensure your host system is secure.
 
-
 ## 7. Open Source Licensing
 
 PastePoint uses and integrates third-party open-source software. Each component is governed by its own license (e.g., MIT, Apache, GPL).
 
 The main project is released under the **GPL-3.0** license. Refer to the [LICENSE](LICENSE) file for more.
 
-
 ## 8. Contributions
 
 By contributing, you agree to:
@@ -84,7 +76,6 @@ By contributing, you agree to:
 - Avoid submitting malicious or unauthorized content
 - Follow the project’s code quality and community standards
 
-
 ## 9. Production Use Notice
 
 PastePoint is under active development and is primarily intended for local or experimental use. Production deployments should:
@@ -94,13 +85,28 @@ PastePoint is under active development and is primarily intended for local or ex
 - Regularly audit code and dependencies
 - Use isolated network setups if handling sensitive files
 
-
 ## 10. Contact
 
 For security concerns, legal questions, or bug reports:
 
 - GitHub Issues: [https://github.com/SloMR/pastepoint/issues](https://github.com/SloMR/pastepoint/issues)
 - Email: [sulaimanromaih@gmail.com](mailto:sulaimanromaih@gmail.com)
 
+## 11. Error Diagnostics & Third-Party Processors
+
+PastePoint may send technical error reports to **Sentry** (operated by Functional Software, Inc. d/b/a Sentry). These reports are stored in Sentry's **European Union data region** and contain:
+
+- Crash and exception details (error type, message, stack trace)
+- Application version, environment (development / production), and runtime info (OS, browser, language)
+
+The reports do **not** contain:
+
+- File contents or filenames
+- Chat messages
+- Room or session identifiers
+- User accounts, names, or email addresses
+- IP addresses or geolocation (the SDK and server-side scrubbing both strip these)
+
+Error reports help us identify and fix bugs. They are retained for a limited time and then deleted automatically. Operators of self-hosted PastePoint instances may disable error reporting entirely by setting `SENTRY_ENABLED=false` in their environment configuration.
 
 PastePoint is a tool. Please use it wisely, lawfully, and responsibly.
@@ -7,34 +7,44 @@
 export DOCKER_BUILDKIT=1
 export COMPOSE_DOCKER_CLI_BUILD=1
 
+# Env file used by read-only targets (logs/down/stop). Auto-detects whichever
+# file exists; prefers .env.development on dev machines that have both.
+# Override explicitly: `make logs ENV_FILE=.env.production`
+ENV_FILE ?= $(firstword $(wildcard .env.development .env.production))
+
 # Production environment (default)
 prod:
 	@echo "Starting production environment..."
-	docker compose build --parallel
-	docker compose up --force-recreate -d
+	@test -f .env.production || (echo "Error: .env.production not found. Copy .env.production.example to .env.production on this host and fill in real values." && exit 1)
+	docker compose --env-file .env.production build --parallel
+	docker compose --env-file .env.production up --force-recreate -d
 	@echo "Production services are starting. View logs with: make logs"
 
 # Development environment
 dev:
 	@echo "Starting development environment..."
+	@test -f .env.development || (echo "Error: .env.development not found. Copy .env.development.example to .env.development and configure it." && exit 1)
 	docker compose --env-file .env.development build --parallel
 	docker compose --env-file .env.development up --force-recreate -d
 	@echo "Development services are starting. View logs with: make logs"
 
 # Stop and remove PastePoint containers
 down:
 	@echo "Stopping and removing PastePoint services..."
-	docker compose down
+	@test -n "$(ENV_FILE)" || (echo "Error: no .env.development or .env.production found." && exit 1)
+	docker compose --env-file $(ENV_FILE) down
 
 # Stop PastePoint containers without removing them
 stop:
 	@echo "Stopping PastePoint services..."
-	docker compose stop
+	@test -n "$(ENV_FILE)" || (echo "Error: no .env.development or .env.production found." && exit 1)
+	docker compose --env-file $(ENV_FILE) stop
 
 # View logs
 logs:
 	@echo "Viewing logs (Ctrl+C to exit)..."
-	docker compose logs -f
+	@test -n "$(ENV_FILE)" || (echo "Error: no .env.development or .env.production found." && exit 1)
+	docker compose --env-file $(ENV_FILE) logs -f
 
 # Generate certificates (if needed)
 certs:

@@ -21,7 +21,6 @@ PastePoint is a secure, feature-rich file-sharing service designed for local net
 ### Core Features:
 
 - **Local Network Communication**:
-
   - Establish WebSocket-based local chat between computers on the same network
   - List available sessions, create new sessions, or join existing ones
   - Multiple rooms within a session — create, list, and switch between rooms
@@ -30,19 +29,22 @@ PastePoint is a secure, feature-rich file-sharing service designed for local net
   - Resilient WebSocket signaling with automatic reconnect, heartbeat, and bfcache support
 
 - **File Sharing**:
-
   - Peer-to-peer WebRTC connections for secure file transfers
   - Drag & drop file upload with real-time progress tracking
   - File offer system with accept/decline options
   - Chunk-based file transfer with progress tracking and cancellation support
 
 - **Security**:
-
   - End-to-end encryption for all file transfers via WebRTC
   - SSL/TLS encryption for WebSocket signaling
   - Self-signed certificate generation included
   - Input validation and rate limiting
 
+- **Observability**:
+  - Optional Sentry-based error tracking (EU-hosted, off by default in dev)
+  - Privacy-tight defaults: no IPs, no geo, no request bodies, no user identifiers
+  - Toggle per-environment via `SENTRY_ENABLED` / `SENTRY_DSN` (server: runtime env vars; web: built into the bundle from `client/web/src/environments/environment.*.ts` at compile time)
+
 - **Cross-Platform Compatibility**:
   - Runs seamlessly on Linux, macOS, and Windows with Dockerized support
   - Responsive design for mobile and desktop
@@ -72,6 +74,7 @@ PastePoint is a secure, feature-rich file-sharing service designed for local net
 - **Security**: OpenSSL for TLS termination
 - **Utilities**: UUID generation, Serde serialization
 - **Rate Limiting**: Actix-governor for request throttling
+- **Error Tracking**: `sentry` + `sentry-actix` with privacy-tight redaction
 
 ### Clients
 
@@ -89,6 +92,7 @@ PastePoint is a secure, feature-rich file-sharing service designed for local net
 - **QR Sharing**: `qrcode` for generation, `jsqr` for camera-based scanning
 - **Integrity**: `hash-wasm` for fast file hashing
 - **Notifications**: Hot-toast for real-time feedback
+- **Error Tracking**: `@sentry/angular` with privacy-tight redaction
 
 ### Infrastructure
 
@@ -197,14 +201,33 @@ pastepoint/
    ./scripts/configure-network.sh
    ```
 
-   This will prompt you to enter your local IP address and update all necessary configuration files.
+   The script will create `.env.development` from the committed template if it
+   doesn't already exist, then prompt for your local IP and update all
+   necessary configuration files. To bootstrap the environment manually:
+
+   ```bash
+   cp .env.development.example .env.development
+   ```
 
 4. Build and Start Services:
 
    ```bash
-   make dev # or make prod
+   make dev   # uses .env.development (gitignored, machine-local)
+   make prod  # uses .env.production (gitignored, host-local — see below)
    ```
 
+   For production deploys, one-time setup:
+
+   ```bash
+   cp .env.production.example .env.production
+   chmod 600 .env.production
+   # edit .env.production: SERVER_NAME, SENTRY_DSN, etc.
+   ```
+
+   Real DSNs and host-specific values live only in the gitignored
+   `.env.development` / `.env.production` files. The committed `.example`
+   templates document which variables exist.
+
 5. Access PastePoint:
    - Frontend:
      - Localhost: [https://localhost](https://localhost)
@@ -227,7 +250,6 @@ pastepoint/
 ## Security Considerations
 
 - **Certificate Management**:
-
   - Replace self-signed certificates with proper SSL certificates in production
   - Keep private keys secure and never commit them to version control
 
@@ -236,6 +258,10 @@ pastepoint/
   - No data is stored permanently on servers
   - Session data is cleared on server restart or leaving the session
 
+- **Error Diagnostics (Sentry)**:
+  - Server and web SDKs scrub: user identifiers, IP addresses, geo,
+    request bodies, headers, cookies, query strings, locale, timezone
+
 ## License
 
 This project is licensed under the GPL-3.0 License. See the [LICENSE](LICENSE) file for details.