mirror of
https://github.com/jeffcaldwellca/mkcertWeb.git
synced 2026-02-08 23:09:45 -06:00
75 lines
3.0 KiB
Plaintext
75 lines
3.0 KiB
Plaintext
# Server Configuration
|
|
PORT=3000 # HTTP server port
|
|
HTTPS_PORT=3443 # HTTPS server port
|
|
|
|
# SSL/HTTPS Configuration
|
|
ENABLE_HTTPS=true # Enable HTTPS server (true/false)
|
|
SSL_DOMAIN=localhost # Domain name for SSL certificate
|
|
FORCE_HTTPS=false # Redirect HTTP to HTTPS (true/false)
|
|
|
|
# Application Configuration
|
|
NODE_ENV=development # Environment mode (development/production)
|
|
CERT_DIR= # Custom certificate storage directory (optional)
|
|
DEFAULT_THEME=dark # Default theme mode (dark/light)
|
|
|
|
# Rate Limiting Configuration
|
|
CLI_RATE_LIMIT_WINDOW=900000 # CLI rate limit window in ms (default: 15 minutes)
|
|
CLI_RATE_LIMIT_MAX=10 # Max CLI operations per window (default: 10)
|
|
API_RATE_LIMIT_WINDOW=900000 # API rate limit window in ms (default: 15 minutes)
|
|
API_RATE_LIMIT_MAX=100 # Max API requests per window (default: 100)
|
|
|
|
# Authentication Configuration
|
|
ENABLE_AUTH=false # Enable user authentication (true/false)
|
|
AUTH_USERNAME=admin # Username for authentication (when ENABLE_AUTH=true)
|
|
AUTH_PASSWORD=admin # Password for authentication (when ENABLE_AUTH=true)
|
|
SESSION_SECRET=mkcert-web-ui-secret-key-change-in-production # Session secret - CHANGE IN PRODUCTION!
|
|
|
|
# OpenID Connect (OIDC) SSO Authentication Configuration
|
|
ENABLE_OIDC=false # Enable OIDC SSO authentication alongside basic auth (true/false)
|
|
OIDC_ISSUER= # OIDC provider issuer URL (e.g., https://login.microsoftonline.com/tenant-id/v2.0)
|
|
OIDC_CLIENT_ID= # OIDC client application ID
|
|
OIDC_CLIENT_SECRET= # OIDC client secret
|
|
OIDC_CALLBACK_URL=http://localhost:3000/auth/oidc/callback # OIDC callback URL
|
|
OIDC_SCOPE=openid profile email # OIDC scopes to request
|
|
|
|
# Examples:
|
|
# For development with HTTPS:
|
|
# ENABLE_HTTPS=true
|
|
# SSL_DOMAIN=myapp.local
|
|
# FORCE_HTTPS=false
|
|
|
|
# For production with HTTPS only:
|
|
# ENABLE_HTTPS=true
|
|
# SSL_DOMAIN=your-domain.com
|
|
# FORCE_HTTPS=true
|
|
# NODE_ENV=production
|
|
|
|
# For production with authentication:
|
|
# ENABLE_AUTH=true
|
|
# AUTH_USERNAME=your-username
|
|
# AUTH_PASSWORD=your-secure-password
|
|
# SESSION_SECRET=your-very-long-random-secret-key
|
|
|
|
# For OIDC SSO authentication (Azure AD example):
|
|
# ENABLE_OIDC=true
|
|
# OIDC_ISSUER=https://login.microsoftonline.com/your-tenant-id/v2.0
|
|
# OIDC_CLIENT_ID=your-azure-app-id
|
|
# OIDC_CLIENT_SECRET=your-azure-app-secret
|
|
# OIDC_CALLBACK_URL=https://your-domain.com/auth/oidc/callback
|
|
|
|
# For OIDC SSO authentication (Google example):
|
|
# ENABLE_OIDC=true
|
|
# OIDC_ISSUER=https://accounts.google.com
|
|
# OIDC_CLIENT_ID=your-google-client-id.apps.googleusercontent.com
|
|
# OIDC_CLIENT_SECRET=your-google-client-secret
|
|
|
|
# For OIDC SSO authentication (Okta example):
|
|
# ENABLE_OIDC=true
|
|
# OIDC_ISSUER=https://your-domain.okta.com/oauth2/default
|
|
# OIDC_CLIENT_ID=your-okta-client-id
|
|
# OIDC_CLIENT_SECRET=your-okta-client-secret
|
|
|
|
# Theme configuration:
|
|
# DEFAULT_THEME=light # Start with light mode by default
|
|
# DEFAULT_THEME=dark # Start with dark mode by default (default)
|