-
-
Notifications
You must be signed in to change notification settings - Fork 103
Expand file tree
/
Copy path.env.example
More file actions
55 lines (46 loc) · 2.27 KB
/
.env.example
File metadata and controls
55 lines (46 loc) · 2.27 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
# Since the ".env" file is gitignored, you can use the ".env.example" file to
# build a new ".env" file when you clone the repo. Keep this file up-to-date
# when you add new variables to `.env`.
# This file will be committed to version control, so make sure not to have any
# secrets in it. If you are cloning this repo, create a copy of this file named
# ".env" and populate it with your secrets.
# When adding additional environment variables, the schema in "/src/env.mjs"
# should be updated accordingly.
# Next Auth
NEXTAUTH_URL="http://localhost:3000"
# You can generate a new secret on the command line with:
# openssl rand -base64 32
# https://next-auth.js.org/configuration/options#secret
# NEXTAUTH_SECRET=""
NEXTAUTH_SECRET="change_me"
# Prisma
# https://www.prisma.io/docs/reference/database-reference/connection-urls#env
POSTGRES_HOST="postgres" # use "localhost" if developing in tradional way. postgres is the hostname of the container
POSTGRES_USER="postgres"
POSTGRES_PASSWORD="postgres"
POSTGRES_PORT=5432
POSTGRES_DB="ztnet"
DATABASE_URL="postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@localhost:${POSTGRES_PORT}/${POSTGRES_DB}?schema=public"
# prisma migrate uses a different env variable for the shaddow database url
# https://www.prisma.io/docs/concepts/components/prisma-migrate/shadow-database
MIGRATE_POSTGRES_DB="shaddow_ztnet"
MIGRATE_DATABASE_URL="postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@localhost:${POSTGRES_PORT}/${MIGRATE_POSTGRES_DB}?schema=public"
# OAuth
OAUTH_ALLOW_DANGEROUS_EMAIL_LINKING=true
OAUTH_WELLKNOWN="https://accounts.google.com/.well-known/openid-configuration"
OAUTH_ID=
OAUTH_SECRET=
OAUTH_EXCLUSIVE_LOGIN=false
OAUTH_ALLOW_NEW_USERS=true
# Rate Limiting - Authentication endpoints
# Time window in minutes for auth rate limiting (default: 10)
# RATE_LIMIT_WINDOW=10
# Max requests for general operations like registration, token validation (default: 60)
# RATE_LIMIT_MAX_REQUESTS=60
# Max requests for sensitive operations like password reset, email verification (default: 10)
# RATE_LIMIT_MAX_REQUESTS_SHORT=10
# Rate Limiting - REST API endpoints (/api/v1/*)
# Time window in minutes for REST API rate limiting (default: 1)
# RATE_LIMIT_API_WINDOW=1
# Max requests per window for REST API endpoints (default: 50)
# RATE_LIMIT_API_MAX_REQUESTS=50