-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy path.env.example
More file actions
50 lines (42 loc) · 2.16 KB
/
Copy path.env.example
File metadata and controls
50 lines (42 loc) · 2.16 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
# Copy to .env and adjust before first deployment:
# cp .env.example .env
# Frontend host bind.
# Production recommendation: bind to localhost and expose only via reverse proxy (Caddy).
FRONTEND_PORT=127.0.0.1:8080
# pgAdmin host port
PGADMIN_PORT=8081
# Postgres host port (optional; keep closed in hardened setups)
POSTGRES_PORT=5433
# Host directory that should be exposed to cloud-page backend
# This path is on the server/host machine (must exist).
CLOUD_HOST_ROOT=/srv/vault-web/cloud-root
# Shared database credentials
POSTGRES_USER=vaultweb
POSTGRES_PASSWORD=change_me_strong_password
POSTGRES_DEFAULT_DB=postgres
PGADMIN_DEFAULT_EMAIL=admin@vaultweb.app
PGADMIN_DEFAULT_PASSWORD=change_me_pgadmin_password
# Individual logical DB names
POSTGRES_DB_VAULT=vault_db
POSTGRES_DB_CLOUD=cloud_db
POSTGRES_DB_PASSWORD_MANAGER=password_manager_db
# Core backend secrets
JWT_SECRET=8f70e2af2e0f53a3b7f0ea4f52fcb4fb62a77aaf9e3c4d6f66d5cc5f22f1295b4c0d89d3f4a831ef7dd9e6452af0c4d62b5f66fd9f4ea3f7f1e92a52a8d6c1be
JWT_REFRESH_SECRET=FjR+I5zJfX2x8q8e9lK5nS4U2xY7gR9mW6pQ3bV1nD8tH2jK9mC4qL7uN5rT8yP
# Password manager encryption key (base64, 32 bytes recommended)
PASSWORD_MANAGER_ENCRYPTION_SECRET=7TR+e8v7IG3HJ65QWkvtogw8jQRRPYQbzn4/KMqbnQI=
# Vault Habits (Beaver Habit Tracker with Vault Web SSO)
# Random secret for NiceGUI session storage (generate with: openssl rand -hex 32)
VAULT_HABITS_NICEGUI_SECRET=change_me_nicegui_secret
# Full URL of the Vault Web login page with externalLink query param.
# Replace vault.example.com with your actual Vault Web hostname.
VAULT_HABITS_LOGIN_URL=https://vault.example.com/login?externalLink=Habits
# Base URL of Vault Web (used for the in-app "Back to Vault Web" button).
# If left empty, the origin of VAULT_HABITS_LOGIN_URL is used as fallback.
VAULT_WEB_HOME_URL=https://vault.example.com
# Public URL of the Vault Habits vault-web-login endpoint.
# After login Vault Web redirects here and forwards the JWT.
# Replace habits.example.com with your actual Habits hostname.
VAULT_HABITS_URL=https://habits.example.com/vault-web-login
# Email domain used to derive internal user identifiers for Vault Web SSO users.
VAULT_HABITS_USER_EMAIL_DOMAIN=vaultweb.app