forked from Nine-Minds/alga-psa
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path.env.example
110 lines (98 loc) · 3.4 KB
/
.env.example
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
# Application Settings
APP_VERSION=1.0.0
APP_NAME=sebastian
APP_ENV=development
APP_HOST=0.0.0.0
APP_PORT=3000
APP_EDITION=community # Options: community, enterprise
APP_VERIFY_EMAIL=false
# Redis Configuration
REDIS_HOST=redis
REDIS_PORT=6379
# REDIS_PASSWORD is managed via Docker secrets
# Database Configuration
DB_TYPE=postgres # Required: Must be "postgres"
DB_HOST=postgres
DB_PORT=5432
DB_NAME=server
DB_NAME_SERVER=server
# Database Users:
# 1. Admin User (postgres):
# - Username: postgres (fixed)
# - Used for: Database administration, setup, migrations
# - Password: Managed via postgres_password secret
# - Has full database access
POSTGRES_USER=postgres
DB_USER_ADMIN=postgres # Required: Admin user for database operations
DB_PASSWORD_ADMIN=/run/secrets/postgres_password # Required: Path to admin password secret
DB_PASSWORD_SUPERUSER=/run/secrets/postgres_password # Required: Path to superuser password secret
DB_PASSWORD_SERVER=/run/secrets/db_password_server # Required: Path to server password secret
# 2. Application User (app_user):
# - Username: app_user (fixed)
# - Used for: Application database access
# - Password: Managed via db_password_server secret
# - Access controlled by Row Level Security (RLS)
DB_USER_SERVER=app_user
# 3. Hocuspocus User:
# - Username: app_user (fixed)
# - Used for: Hocuspocus service database access
# - Password: Managed via db_password_hocuspocus secret
# - Access controlled by Row Level Security (RLS)
DB_USER_HOCUSPOCUS=app_user
# Logging Configuration
LOG_LEVEL=INFO # Required: One of 'SYSTEM' | 'TRACE' | 'DEBUG' | 'INFO' | 'WARNING' | 'ERROR' | 'CRITICAL'
LOG_IS_FORMAT_JSON=false # Required: Boolean
LOG_IS_FULL_DETAILS=false # Required: Boolean
LOG_ENABLED_FILE_LOGGING=false
LOG_DIR_PATH=/path/to/logs
LOG_ENABLED_EXTERNAL_LOGGING=false
LOG_EXTERNAL_HTTP_HOST=
LOG_EXTERNAL_HTTP_PORT=
LOG_EXTERNAL_HTTP_PATH=
LOG_EXTERNAL_HTTP_LEVEL=
LOG_EXTERNAL_HTTP_TOKEN=
# Hocuspocus Configuration
HOCUSPOCUS_PORT=1234
HOCUSPOCUS_URL=ws://localhost:1234
REQUIRE_HOCUSPOCUS=false # Optional: Set to "true" to require hocuspocus
# Email Configuration
EMAIL_ENABLE=false # Required: Boolean
[email protected] # Required: Valid email address
EMAIL_HOST=smtp.example.com
EMAIL_PORT=587 # Required: Number greater than 0
[email protected] # Required: Valid email address
# EMAIL_PASSWORD is managed via Docker secrets
# Cryptographic Settings
# CRYPTO_KEY is managed via Docker secrets
CRYPTO_SALT_BYTES=16
CRYPTO_ITERATION=100000
CRYPTO_KEY_LENGTH=64
CRYPTO_ALGORITHM=aes-256-gcm
# Authentication Settings
NEXTAUTH_URL=http://localhost:3000 # Required: Valid URL
NEXTAUTH_SESSION_EXPIRES=86400 # Required: Number greater than 0
# Deployment Settings
PROJECT_NAME=sebastian
EXPOSE_DB_PORT=5432
EXPOSE_HOCUSPOCUS_PORT=1234
EXPOSE_REDIS_PORT=6379
EXPOSE_SERVER_PORT=3000
# Docker Secrets:
# The following sensitive values are managed via Docker secrets:
# 1. Database Passwords:
# - postgres_password: Admin user password
# - db_password_server: Application user password
# - db_password_hocuspocus: Hocuspocus service password
# 2. Redis Password:
# - redis_password
# 3. Email Password:
# - email_password
# 4. Security Keys:
# - crypto_key
# - token_secret_key
# - nextauth_secret
# - alga_auth_key
# - secret_key
# 5. OAuth Credentials:
# - google_oauth_client_id
# - google_oauth_client_secret