-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.env.example
More file actions
153 lines (131 loc) · 8.34 KB
/
.env.example
File metadata and controls
153 lines (131 loc) · 8.34 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
# ─── App ──────────────────────────────────────────────────────────────────────
NODE_ENV=production
APP_TITLE=App_NAME
APP_URL=https://yourdomain.com
HOST=0.0.0.0
PORT=5000
APP_TIMEZONE=UTC
# ─── Auth ─────────────────────────────────────────────────────────────────────
# All three required, all different, min 32 chars each
JWT_SECRET=
JWT_EXPIRES_IN=15m
REFRESH_SECRET=
REFRESH_EXPIRES_IN=7d
COOKIE_SECRET=
# ─── Database ─────────────────────────────────────────────────────────────────
# Single connection string — used by both Prisma migrate and the MariaDB adapter.
# Production: use a cloud-managed MySQL/MariaDB service (see options below).
# Local dev: mysql://root:rootpassword@127.0.0.1:3306/app_dev
# (start local DB with: docker compose -f docker-compose.dev.yml up -d)
#
# Cloud DB options:
# AWS RDS MySQL: mysql://user:pass@your-rds-endpoint.rds.amazonaws.com:3306/dbname
# PlanetScale: mysql://user:pass@aws.connect.psdb.cloud/dbname?ssl={"rejectUnauthorized":true}
# Railway MySQL: provided as DATABASE_URL in Railway dashboard
# DigitalOcean Managed: mysql://user:pass@db-mysql-xxx.db.ondigitalocean.com:25060/dbname?ssl-mode=require
# Hostinger MySQL: mysql://user:pass@your-hostname:3306/dbname
DATABASE_URL=mysql://user:password@127.0.0.1:3306/app_dev
# ─── Redis ────────────────────────────────────────────────────────────────────
# Production: use a cloud-managed Redis service.
# Local dev: starts with docker-compose.dev.yml (REDIS_HOST=127.0.0.1, REDIS_PORT=6379)
#
# Cloud Redis options:
# Upstash: https://upstash.com (free tier, serverless, set REDIS_HOST + REDIS_PASSWORD)
# Redis Cloud: https://redis.io/cloud (set REDIS_HOST + REDIS_PORT + REDIS_PASSWORD)
# Railway Redis: provided as individual vars in Railway dashboard
REDIS_HOST=127.0.0.1
REDIS_PORT=6379
REDIS_PASSWORD=
# ─── CORS ─────────────────────────────────────────────────────────────────────
# Comma-separated list of allowed origins (must match frontend URL exactly)
ALLOWED_ORIGINS=https://yourdomain.com
# ─── Rate Limiting ────────────────────────────────────────────────────────────
RATE_LIMIT_MAX=1000
RATE_LIMIT_WINDOW=1 minute
# ─── Queue ────────────────────────────────────────────────────────────────────
QUEUE_CONCURRENCY=3
# ─── Logging ──────────────────────────────────────────────────────────────────
LOG_LEVEL=info
PRETTY_LOGS=false
# ─── Storage ──────────────────────────────────────────────────────────────────
# STORAGE_DRIVER options: filesystem | s3 | cloudinary
# filesystem: files stored at STORAGE_PATH inside the container, served at APP_URL/cdn/
# Requires a persistent named volume when deployed (see docker-compose.yml).
# For multi-container or multi-instance deployments, use s3 or cloudinary instead.
# s3: requires AWS_* vars below + npm install @aws-sdk/client-s3 @aws-sdk/lib-storage
# cloudinary: requires CLOUDINARY_* vars below + npm install cloudinary
STORAGE_DRIVER=filesystem
STORAGE_PATH=./cdn/
MAX_FILE_SIZE=52428800
# AWS — shared by s3 storage driver and ses email driver
# AWS_ACCESS_KEY_ID=
# AWS_SECRET_ACCESS_KEY=
# AWS_REGION=us-east-1
# S3 storage (STORAGE_DRIVER=s3)
# AWS_BUCKET=
# AWS_CLOUDFRONT_URL= # Optional CDN URL prefix (e.g. https://d1234.cloudfront.net)
# AWS_ENDPOINT_URL= # Optional: S3-compatible override for MinIO, R2, DO Spaces
# # MinIO local: http://localhost:9000
# # Cloudflare R2: https://<account-id>.r2.cloudflarestorage.com
# # DigitalOcean Spaces: https://nyc3.digitaloceanspaces.com
# Cloudinary (STORAGE_DRIVER=cloudinary)
# CLOUDINARY_CLOUD_NAME=
# CLOUDINARY_API_KEY=
# CLOUDINARY_API_SECRET=
# ─── Frontend ─────────────────────────────────────────────────────────────────
# VITE_APP_URL must end with a trailing slash — used for API calls, socket, and media URLs
VITE_APP_TITLE=App_NAME
VITE_APP_URL=https://yourdomain.com/
# ─── Admin Seed User ──────────────────────────────────────────────────────────
ADMIN_NAME=System Admin
ADMIN_EMAIL=admin@yourdomain.com
ADMIN_PHONE=01556008005
# ─── Email ────────────────────────────────────────────────────────────────────
# MAIL_DRIVER options: smtp | ses | sendgrid
# smtp: standard SMTP server — configure MAIL_HOST + MAIL_PORT + MAIL_USER + MAIL_PASSWORD
# ses: Amazon SES SMTP endpoint — configure SES_SMTP_* vars below (no extra package)
# sendgrid: SendGrid SMTP relay — configure SENDGRID_API_KEY below (no extra package)
# Leave MAIL_FROM empty to disable all email sending.
MAIL_DRIVER=smtp
MAIL_FROM=
# SMTP driver (MAIL_DRIVER=smtp)
# Local dev with Mailhog: MAIL_HOST=localhost, MAIL_PORT=1025
MAIL_HOST=
MAIL_PORT=587
MAIL_USER=
MAIL_PASSWORD=
# SES driver (MAIL_DRIVER=ses)
# Generate SMTP credentials: AWS Console → SES → SMTP Settings → Create SMTP Credentials
# SES host varies by region: email-smtp.us-east-1.amazonaws.com, email-smtp.eu-west-1.amazonaws.com
# SES is in sandbox by default — verify sending domain and request production access before go-live
# SES_SMTP_HOST=email-smtp.us-east-1.amazonaws.com
# SES_SMTP_USER=
# SES_SMTP_PASSWORD=
# SendGrid driver (MAIL_DRIVER=sendgrid)
# Create API key: SendGrid Dashboard → Settings → API Keys (Mail Send permission)
# Verify your sending domain/email in SendGrid before going live
# SENDGRID_API_KEY=
# ─── Push Notifications ───────────────────────────────────────────────────────
# NTFY (admin/ops push channel — self-hosted or ntfy.sh)
# Free, no account needed with ntfy.sh. Self-host for private channels.
# Docs: https://docs.ntfy.sh
# Pass ntfy: true in notify() options to trigger this channel per notification.
NTFY_CHANNEL=notify_channel
NTFY_URL=https://ntfy.sh
# Twilio SMS (opt-in per notify() call — requires user phone in E.164 format)
# Create account: https://console.twilio.com
# Get Account SID + Auth Token from dashboard, buy a phone number for FROM.
# TWILIO_ACCOUNT_SID=
# TWILIO_AUTH_TOKEN=
# TWILIO_FROM_NUMBER=+12345678900
# OneSignal (mobile/web push — opt-in per notify() call — requires device player ID)
# Create app: https://onesignal.com → Settings → Keys & IDs
# Add OneSignal SDK to frontend, store subscription ID on User model.
# ONESIGNAL_APP_ID=
# ONESIGNAL_API_KEY=
# ─── GitHub Deploy Hook ───────────────────────────────────────────────────────
# Optional — if absent, /admin/deploy returns 503
# GITHUB_TOKEN: fine-grained PAT, read-only contents, this repo only
# GITHUB_REPO: owner/repo format, e.g. org/repo_name
GITHUB_TOKEN=
GITHUB_REPO=