feat: harden gateway with policy engine, secure tools, and governance docs

.env.example

@@ -1,29 +1,50 @@
+# Runtime Environment
+ENVIRONMENT=production
+
 # Gitea Configuration
 GITEA_URL=https://gitea.example.com
 GITEA_TOKEN=your-bot-user-token-here
 
 # MCP Server Configuration
-MCP_HOST=0.0.0.0
+# Secure default: bind only localhost unless explicitly overridden.
+MCP_HOST=127.0.0.1
 MCP_PORT=8080
-MCP_DOMAIN=mcp.yourdomain.com  # Domain for Traefik (if using)
+ALLOW_INSECURE_BIND=false
 
-# Authentication Configuration (REQUIRED)
-# Generate key with: python scripts/generate_api_key.py
+# Authentication Configuration (REQUIRED unless AUTH_ENABLED=false)
 AUTH_ENABLED=true
 MCP_API_KEYS=your-generated-api-key-here
-
-# Multiple keys (comma-separated for grace period during rotation):
 # MCP_API_KEYS=key1,key2,key3
 
-# Authentication limits
-MAX_AUTH_FAILURES=5           # Max failures before rate limiting
-AUTH_FAILURE_WINDOW=300       # Time window in seconds (5 min)
+# Authentication failure controls
+MAX_AUTH_FAILURES=5
+AUTH_FAILURE_WINDOW=300
 
-# Logging Configuration
+# Request rate limiting
+RATE_LIMIT_PER_MINUTE=60
+TOKEN_RATE_LIMIT_PER_MINUTE=120
+
+# Logging / observability
 LOG_LEVEL=INFO
 AUDIT_LOG_PATH=/var/log/aegis-mcp/audit.log
+METRICS_ENABLED=true
+EXPOSE_ERROR_DETAILS=false
 
-# Security Configuration (optional)
-# MAX_FILE_SIZE_BYTES=1048576  # 1MB
-# REQUEST_TIMEOUT_SECONDS=30
-# RATE_LIMIT_PER_MINUTE=60
+# Tool output limits
+MAX_FILE_SIZE_BYTES=1048576
+MAX_TOOL_RESPONSE_ITEMS=200
+MAX_TOOL_RESPONSE_CHARS=20000
+REQUEST_TIMEOUT_SECONDS=30
+
+# Security controls
+SECRET_DETECTION_MODE=mask  # off|mask|block
+POLICY_FILE_PATH=policy.yaml
+
+# Write mode (disabled by default)
+WRITE_MODE=false
+WRITE_REPOSITORY_WHITELIST=
+
+# Automation mode (disabled by default)
+AUTOMATION_ENABLED=false
+AUTOMATION_SCHEDULER_ENABLED=false
+AUTOMATION_STALE_DAYS=30