-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.env.example
More file actions
82 lines (69 loc) · 3.01 KB
/
.env.example
File metadata and controls
82 lines (69 loc) · 3.01 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
# Environment variables for development and testing
# Database configuration
DB_URL=jdbc:postgresql://localhost:5432/documenten
DB_USER=documenten
DB_PASSWORD=documenten
DB_DRIVER=org.postgresql.Driver
# DB_POOL_SIZE=10
# Application settings
PORT=8080
# MinIO configuration (object storage)
# These are defaults; can be overridden for custom storage
S3_ENDPOINT=http://localhost:9000
S3_ACCESS_KEY=minioadmin
S3_SECRET_KEY=minioadmin
S3_BUCKET=documenten
S3_URL_EXPIRY=PT15M
# Bestandsdelen (chunked upload) configuration
# Files larger than BESTANDSDELEN_TRIGGER_SIZE will use the chunked upload workflow
# BESTANDSDELEN_TRIGGER_SIZE=4294967296 # 4 GB (default)
# BESTANDSDELEN_CHUNK_SIZE=3221225472 # 3 GB (default)
# Example configuration for multiple blob storage repositories (customize as needed)
# Blob Storage Repository 1 (S3 / MinIO)
BLOB_STORAGE_TYPE1=S3
BLOB_STORAGE_NAME1=minio-local
BLOB_STORAGE_URL1=http://localhost:9000
BLOB_STORAGE_ACCESS_KEY1=minioadmin
BLOB_STORAGE_SECRET_KEY1=minioadmin
BLOB_STORAGE_BUCKET1=documenten
BLOB_STORAGE_REGION1=eu-west-1
BLOB_STORAGE_DISABLE_CHECKSUMS1=false
BLOB_STORAGE_DISABLE_CHUNKED_ENCODING1=false
# Blob Storage Repository 2 (Azurite local Azure Blob Storage emulator)
BLOB_STORAGE_TYPE2=Azure Blob Storage
BLOB_STORAGE_NAME2=azure-dev
BLOB_STORAGE_URL2=http://localhost:10000/devstoreaccount1
BLOB_STORAGE_ACCESS_KEY2=devstoreaccount1
BLOB_STORAGE_SECRET_KEY2=Eby8vdM02xNOcqFlqUwJPLlmEtlCDXJ1OUzFT50uSRZ6IFsuFq2UVErCz4I6tq/K1SZFPTOtr/KBHBeksoGMGw==
BLOB_STORAGE_BUCKET2=documenten
# OpenZaak configuration (for OpenZaak integration tests)
# These are defaults; only needed if testing OpenZaak integration
OPENZAAK_ENDPOINT=https://openzaak.dev.baseflow.com
OPENZAAK_CLIENT_ID=cg-dmf
OPENZAAK_CLIENT_SECRET=baseflow
OPENZAAK_VALIDATION_ENABLED=true
# Encryption (at-rest encryption of blob storage credentials)
# ENCRYPTION_SECRET_KEY — passphrase for AES-256-PBE-CBC key derivation.
# Generate with: openssl rand -base64 32
ENCRYPTION_SECRET_KEY=changeme-replace-with-a-strong-random-value
# ENCRYPTION_SALT — hex salt for key derivation. Must be an even-length hex string.
# Generate with: openssl rand -hex 16
ENCRYPTION_SALT=deadbeefcafe0123456789abcdef0123
# OIDC / JWT authentication
# Issuer URL of the OIDC provider used to validate incoming JWT tokens
OIDC_ISSUER=http://localhost:8081/realms/cg-dmf
# ZGW-style JWT authentication (for GZAC/Valtimo, Open Zaak, etc.)
# Comma-separated list of allowed client_id values
ZGW_ALLOWED_CLIENT_IDS=gzac
# WOPI integration (optional)
# Set to true to enable WOPI routes
WOPI_ENABLED=false
# Open Notificaties API (optional — notifications are disabled when left blank)
# Base URL of the Open Notificaties API, e.g. https://notificaties.example.com/api/v1
NOTIFICATION_API_URL=
# Bearer token with the 'notificaties.publiceren' scope
NOTIFICATION_API_TOKEN=
# Notification channel name (kanaal); defaults to "documenten"
NOTIFICATION_KANAAL=documenten
# Source identifier sent with each notification; defaults to "drc"
NOTIFICATION_SOURCE=drc