implement .env configuration support and restrict web interface to localhost

.env.example

@@ -0,0 +1,7 @@
+# Web interface authentication password
+WEB_PASSWORD=admin
+
+# Encryption key for securing stored OTP secrets
+# You MUST change this for a production deployment!
+# Generate a secure key using: python -c "from cryptography.fernet import Fernet; print(Fernet.generate_key().decode())"
+ENCRYPTION_KEY=CHANGE_ME_TO_A_VALID_FERNET_KEY

README.md

@@ -16,7 +16,7 @@ This application acts as a central manager. You can add the IP address, Port (de
 ## Setup & Running
 
 1. Clone or copy this directory.
-2. Edit `docker-compose.yml`:
+2. Copy `.env.example` to `.env` and edit it:
    - Change `WEB_PASSWORD` to your desired password for the web interface (the username can be anything, e.g., `admin`).
    - Change `ENCRYPTION_KEY` to a securely generated Fernet key.
      *You can generate one by running: `python -c "from cryptography.fernet import Fernet; print(Fernet.generate_key().decode())"`*

docker-compose.yml

@@ -5,11 +5,11 @@ services:
     build: .
     container_name: xivlauncher-remote-otp
     ports:
-      - "8080:8080"
+      - "127.0.0.1:8080:8080"
     volumes:
       - ./data:/app/data
     environment:
-      - WEB_PASSWORD=admin
+      - WEB_PASSWORD=${WEB_PASSWORD:-admin}
       # Generate a secure key using: python -c "from cryptography.fernet import Fernet; print(Fernet.generate_key().decode())"
-      - ENCRYPTION_KEY=CHANGE_ME_TO_A_VALID_FERNET_KEY
+      - ENCRYPTION_KEY=${ENCRYPTION_KEY:-CHANGE_ME_TO_A_VALID_FERNET_KEY}
     restart: unless-stopped