2024-06-06 17:02:18 +00:00
|
|
|
# Front-end public URL, without leading slash
|
2024-05-20 17:25:46 +00:00
|
|
|
PUBLIC_URL=http://localhost:5173
|
2024-06-06 17:02:18 +00:00
|
|
|
|
|
|
|
# Site name, displayed on the UI and in emails
|
2024-05-20 17:25:46 +00:00
|
|
|
PUBLIC_SITE_NAME=Amanita SSO
|
2024-06-06 17:02:18 +00:00
|
|
|
|
|
|
|
# Database connection (mysql)
|
2024-05-20 17:25:46 +00:00
|
|
|
DATABASE_HOST=localhost
|
|
|
|
DATABASE_DB=icyauth
|
|
|
|
DATABASE_USER=icyauth
|
|
|
|
DATABASE_PASS=icyauth
|
2024-06-06 17:02:18 +00:00
|
|
|
|
|
|
|
# Secret keys for sessions and challenges
|
|
|
|
# These keys should be rotated as part of regular maintenance
|
2024-05-20 17:25:46 +00:00
|
|
|
SESSION_SECRET=32 char key
|
|
|
|
CHALLENGE_SECRET=64 char key
|
2024-06-06 17:02:18 +00:00
|
|
|
|
2024-06-06 17:27:38 +00:00
|
|
|
# Set "Secure" flag on the cookie
|
|
|
|
SESSION_SECURE=true
|
|
|
|
|
2024-06-06 17:02:18 +00:00
|
|
|
# OpenID Connect JWT (ID token) settings
|
|
|
|
# Private keys for JWTs are stored as files in the private directory
|
2024-05-20 17:25:46 +00:00
|
|
|
JWT_ALGORITHM=RS256
|
2024-06-04 17:36:10 +00:00
|
|
|
JWT_EXPIRATION=7d
|
2024-05-20 17:25:46 +00:00
|
|
|
JWT_ISSUER=http://localhost:5173
|
2024-06-06 17:02:18 +00:00
|
|
|
|
|
|
|
# SMTP settings
|
2024-05-20 17:25:46 +00:00
|
|
|
EMAIL_ENABLED=true
|
|
|
|
EMAIL_FROM=no-reply@icynet.eu
|
|
|
|
EMAIL_SMTP_HOST=mail.icynet.eu
|
|
|
|
EMAIL_SMTP_PORT=587
|
|
|
|
EMAIL_SMTP_SECURE=false
|
|
|
|
EMAIL_SMTP_USER=
|
|
|
|
EMAIL_SMTP_PASS=
|
2024-06-06 17:02:18 +00:00
|
|
|
|
|
|
|
# Enable new account registrations
|
2024-05-20 17:25:46 +00:00
|
|
|
REGISTRATIONS=true
|
2024-06-06 17:02:18 +00:00
|
|
|
|
|
|
|
# Trust the first proxy to give us the user's real IP
|
2024-05-21 16:16:15 +00:00
|
|
|
ADDRESS_HEADER=X-Forwarded-For
|
|
|
|
XFF_DEPTH=1
|
2024-06-06 17:02:18 +00:00
|
|
|
|
|
|
|
# Run database migrations automatically on startup
|
2024-06-01 11:42:08 +00:00
|
|
|
AUTO_MIGRATE=true
|
2024-06-14 14:09:20 +00:00
|
|
|
|
|
|
|
# hCaptcha keys, leave empty if not using it
|
|
|
|
PUBLIC_HCAPTCHA_KEY=
|
|
|
|
HCAPTCHA_SECRET=
|