mirror of
https://github.com/apidoorman/doorman.git
synced 2026-02-11 03:58:39 -06:00
50 lines
1.2 KiB
Plaintext
50 lines
1.2 KiB
Plaintext
STARTUP_ADMIN_EMAIL=admin@localhost.com
|
|
STARTUP_ADMIN_PASSWORD=SecPassword!12345
|
|
|
|
# Unified cache/DB mode
|
|
MEM_OR_EXTERNAL=MEM
|
|
|
|
# Mongo (optional when memory-only)
|
|
MONGO_DB_HOSTS=localhost:27017
|
|
MONGO_REPLICA_SET_NAME=rs0
|
|
|
|
# Redis (recommended for rate-limiting/cache)
|
|
REDIS_HOST=localhost
|
|
REDIS_PORT=6379
|
|
REDIS_DB=0
|
|
|
|
# Dumps path (memory-only mode)
|
|
MEM_DUMP_PATH=generated/memory_dump.bin
|
|
|
|
# Auth
|
|
JWT_SECRET_KEY=please-change-me
|
|
# Access/refresh token expiry (defaults shown)
|
|
AUTH_EXPIRE_TIME=30
|
|
AUTH_EXPIRE_TIME_FREQ=minutes
|
|
AUTH_REFRESH_EXPIRE_TIME=7
|
|
AUTH_REFRESH_EXPIRE_FREQ=days
|
|
|
|
# Secrets & Encryption
|
|
# Encrypt API keys at rest and memory dumps
|
|
TOKEN_ENCRYPTION_KEY=optional-secret-for-api-key-encryption
|
|
MEM_ENCRYPTION_KEY=change-this-32+chars
|
|
|
|
# CORS/HTTPS
|
|
ALLOWED_ORIGINS=http://localhost:3000
|
|
CORS_STRICT=true
|
|
ALLOW_CREDENTIALS=true
|
|
ALLOW_METHODS=GET,POST,PUT,DELETE,OPTIONS,PATCH,HEAD
|
|
ALLOW_HEADERS=*
|
|
HTTPS_ONLY=true
|
|
# Enforce CSRF double-submit validation (and set Secure cookies when HTTPS_ONLY=true)
|
|
HTTPS_ENABLED=true
|
|
COOKIE_DOMAIN=localhost
|
|
|
|
# App
|
|
PORT=5001
|
|
THREADS=4
|
|
DEV_RELOAD=false
|
|
SSL_CERTFILE=./certs/localhost.crt
|
|
SSL_KEYFILE=./certs/localhost.key
|
|
PID_FILE=doorman.pid
|