31 lines
1.0 KiB
Plaintext
31 lines
1.0 KiB
Plaintext
# Database (POSTGRES_PASSWORD is shared between the app and the postgres container)
|
|
POSTGRES_PASSWORD=change-me-to-a-strong-random-string
|
|
|
|
# Encryption keys (generate each with: node -e "console.log(require('crypto').randomBytes(32).toString('hex'))")
|
|
APP_MASTER_KEY=
|
|
APP_BLIND_INDEX_KEY=
|
|
|
|
# Auth secrets (generate each the same way)
|
|
TOKEN_SECRET=
|
|
JWT_SECRET=
|
|
|
|
# ALTCHA spam protection (generate the same way)
|
|
ALTCHA_HMAC_KEY=
|
|
|
|
# WebAuthn / Passkey (set these to your actual domain)
|
|
# If your domain has non-ASCII characters (umlauts, accents, etc.):
|
|
# RP_ID uses the unicode version: feedback.example.de
|
|
# ORIGIN uses the punycode version: https://xn--feedbck-example.de
|
|
# You can find the punycode version by opening the domain in a browser and copying from the address bar.
|
|
WEBAUTHN_RP_NAME=Echoboard
|
|
WEBAUTHN_RP_ID=example.com
|
|
WEBAUTHN_ORIGIN=https://example.com
|
|
|
|
# Web push notifications (generate with: npx web-push generate-vapid-keys)
|
|
VAPID_PUBLIC_KEY=
|
|
VAPID_PRIVATE_KEY=
|
|
VAPID_CONTACT=mailto:admin@example.com
|
|
|
|
# Server
|
|
PORT=3000
|