forked from Orcpub/orcpub
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.env.example
More file actions
73 lines (62 loc) · 2.43 KB
/
.env.example
File metadata and controls
73 lines (62 loc) · 2.43 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
# ============================================================================
# Dungeon Master's Vault — Docker Environment Configuration
#
# Copy this file to .env and update the values:
# cp .env.example .env
#
# Or run the setup script to generate .env with secure random values:
# ./docker-setup.sh
# ============================================================================
# --- Application ---
PORT=8890
# Image tag for docker-compose.yaml (pre-built images only, ignored by build compose)
# ORCPUB_TAG=release-v2.5.0.27
# --- Datomic Database ---
# Datomic Pro with dev storage protocol (required for Java 21 support)
# ADMIN_PASSWORD secures the Datomic admin interface
# DATOMIC_PASSWORD is used by the application to connect to Datomic
# The password in DATOMIC_URL must match DATOMIC_PASSWORD
ADMIN_PASSWORD=change-me-admin
DATOMIC_PASSWORD=change-me-datomic
DATOMIC_URL=datomic:dev://datomic:4334/orcpub?password=change-me-datomic
# --- Transactor Tuning ---
# These rarely need changing. See docker/transactor.properties.template.
# ALT_HOST: peer fallback hostname (default: 127.0.0.1, set to service name for Swarm)
# ENCRYPT_CHANNEL: encrypt peer-transactor communication (default: true)
ALT_HOST=127.0.0.1
ENCRYPT_CHANNEL=true
# Password rotation — set OLD vars during rotation, remove after all peers reconnect
# ADMIN_PASSWORD_OLD=
# DATOMIC_PASSWORD_OLD=
# --- Security ---
# REQUIRED: JWT signing secret. Authentication will fail without this.
# 20+ random characters recommended (e.g., openssl rand -hex 16)
SIGNATURE=change-me-to-something-unique-and-long
# Content Security Policy (strict|permissive|none)
CSP_POLICY=strict
# Dev mode: CSP violations are logged (Report-Only) instead of blocked,
# allowing Figwheel hot-reload scripts to execute.
DEV_MODE=true
# --- Plugins ---
# URL to fetch server-hosted .orcbrew plugins on first page load.
# Leave empty to disable (plugins come only from local file imports).
# LOAD_HOMEBREW_URL=/homebrew.orcbrew
# --- Logs ---
# Defaults to project logs/ if unset
LOG_DIR=
# --- Email (SMTP) ---
# Leave EMAIL_SERVER_URL empty to disable email functionality
EMAIL_SERVER_URL=
EMAIL_ACCESS_KEY=
EMAIL_SECRET_KEY=
EMAIL_SERVER_PORT=587
EMAIL_FROM_ADDRESS=
EMAIL_ERRORS_TO=
EMAIL_SSL=FALSE
EMAIL_TLS=FALSE
# --- Initial Admin User (optional) ---
# Set these then run: ./docker-user.sh init
# Safe to run multiple times — duplicates are skipped.
INIT_ADMIN_USER=
INIT_ADMIN_EMAIL=
INIT_ADMIN_PASSWORD=