30 lines
1.0 KiB
Bash
30 lines
1.0 KiB
Bash
# Backend Environment Variables
|
|
PORT=8000
|
|
NODE_ENV=production
|
|
DATABASE_URL=file:/app/prisma/dev.db
|
|
FRONTEND_URL=https://draw.louiscreates.com
|
|
API_BASE_PATH=/api
|
|
# Keep disabled unless traffic always comes through a trusted reverse proxy.
|
|
TRUST_PROXY=false
|
|
AUTH_MODE=local
|
|
JWT_SECRET=change-this-secret-in-production-min-32-chars
|
|
|
|
# Optional Feature Flags (all default to false for backward compatibility)
|
|
# Set to "true" or "1" to enable:
|
|
# ENABLE_PASSWORD_RESET=false
|
|
# ENABLE_REFRESH_TOKEN_ROTATION=false
|
|
# ENABLE_AUDIT_LOGGING=false
|
|
|
|
# OIDC Configuration (required when AUTH_MODE=hybrid or AUTH_MODE=oidc_enforced)
|
|
# OIDC_PROVIDER_NAME=Authentik
|
|
# OIDC_ISSUER_URL=https://auth.example.com/application/o/excalidash/
|
|
# OIDC_CLIENT_ID=your-client-id
|
|
# OIDC_CLIENT_SECRET=your-client-secret
|
|
# OIDC_REDIRECT_URI=https://excalidash.example.com/api/auth/oidc/callback
|
|
# OIDC_SCOPES=openid profile email
|
|
# OIDC_EMAIL_CLAIM=email
|
|
# OIDC_EMAIL_VERIFIED_CLAIM=email_verified
|
|
# OIDC_REQUIRE_EMAIL_VERIFIED=true
|
|
# OIDC_JIT_PROVISIONING=true
|
|
# OIDC_FIRST_USER_ADMIN=true
|