-
Notifications
You must be signed in to change notification settings - Fork 0
/
.env.example
128 lines (128 loc) · 5.32 KB
/
.env.example
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
# URLs
PUBLIC_API_URL="http://localhost:4000/graphql"
PUBLIC_API_AUTH_URL="http://localhost:4000/auth"
PUBLIC_API_WEBSOCKET_URL="ws://localhost:4000/graphql"
PUBLIC_STORAGE_URL="http://localhost:4000/storage/"
PUBLIC_USER_DUMP_URL="http://localhost:4000/dump"
PRIVATE_API_URL="http://localhost:4000/graphql"
REDIS_URL="redis://localhost:6379"
PROMETHEUS_URL="http://localhost:9090"
# School
PUBLIC_SCHOOL_UID="o"
# Notifications
PUBLIC_VAPID_KEY="BO9G7s2ya5I-tgsClQs5m618yT5uwZkuWCVY0LC1Bvg_K_RsXF6dpNtipxzmrJeXZWbkDB-NkOnR_Tp3T9sOlNg"
VAPID_PRIVATE_KEY="pud3TjuDNEf3fvkZ6JzVcKsymPdLrQTOhSeovEkERWU"
# Lydia
PUBLIC_LYDIA_API_URL="https://lydia-app.com"
LYDIA_WEBHOOK_URL="http://localhost:5173/lydia-webhook"
# Database
DATABASE_URL="postgres://postgres:dev@localhost:5432/postgres?schema=public"
# LDAP
LDAP_SCHOOL='{
"servers": {
"inp": {
"url": "ldap://localhost:1389",
"filterAttribute": "supannAliasLogin",
"wholeEmail": false,
"attributesMap": {
"schoolUid": "uid",
"schoolEmail": "mail",
"firstName": "givenName",
"lastName": "sn"
}
}
},
"emailDomains": {
"etu.enseeiht.fr": "inp",
"etu.inp-n7.fr": "inp",
"etu.toulouse-inp.fr": "inp"
}
}'
LDAP_URL="ldap://localhost:389"
LDAP_BASE_DN="dc=inpt,dc=fr"
LDAP_BIND_DN="uid=churros,ou=services"
LDAP_BIND_PASSWORD="ldapdev"
# Emails
PUBLIC_SUPPORT_EMAIL="[email protected]"
PUBLIC_CONTACT_EMAIL="[email protected]"
SMTP_URL="smtp://localhost:1025"
# Mailman
MAILMAN_API_URL="http://mailman-api-link"
MAILMAN_API_KEY="mailman-api-key"
# Misc
PUBLIC_FOY_GROUPS="foyer-n7"
PUBLIC_FRONTEND_ORIGIN="http://localhost:5173"
ORIGIN="http://localhost:5173"
GITLAB_PROJECT_ID="1013"
# Ignored in development: it's always (repository root)/packages/api/storage
STORAGE=""
# TODO: document this environment variable
MASTER_PASSWORD_HASH=""
# TODO: document this environment variable
PAYPAL_CLIENT_SECRET=""
# TODO: document this environment variable
PUBLIC_PAYPAL_CLIENT_ID=""
PUBLIC_PAYPAL_API_BASE_URL="https://api-m.sandbox.paypal.com"
# Disable body size limit
BODY_SIZE_LIMIT="Infinity"
# TODO: document this environment variable
GOOGLE_CLIENT_SECRET=""
PUBLIC_GOOGLE_CLIENT_ID=""
PUBLIC_GOOGLE_WALLET_ISSUER_ID="3388000000022345009"
# JSON contents of issuer service account keypair from Google Cloud Console, see net7’s bitwarden vault, should be there
GOOGLE_WALLET_ISSUER_KEY=""
# Set to "true" to deactivate signups
PUBLIC_DEACTIVATE_SIGNUPS="true"
# Custom message to show when users try to hit the /register page
PUBLIC_DEACTIVATE_SIGNUPS_MESSAGE="Les inscriptions sont désactivées pour le moment. Merci de votre compréhension."
FRONTEND_ORIGIN="http://localhost:5173"
# @churros/sync
# Logs type: pretty, json, hidden
SYNC_LOGS="pretty"
# Log level: 0: silent, 1: error, 2: warn, 3: info, 4: debug
SYNC_LOG_LEVEL="3"
# Enable modules to sync. Available modules: ldap
SYNC_MODULES="ldap"
# oauth client
PUBLIC_OAUTH_ENABLED="0"
PUBLIC_OAUTH_LOGOUT_URL=""
PUBLIC_OAUTH_AUTHORIZE_URL=""
PUBLIC_OAUTH_CLIENT_ID=""
PUBLIC_OAUTH_TOKEN_URL=""
PUBLIC_OAUTH_USER_INFO_URL=""
PUBLIC_OAUTH_SCOPES="openid,profile,email"
OAUTH_UID_KEY="nickname"
OAUTH_CLIENT_SECRET=""
# session
SESSION_SECRET="secret-to-change-in-production"
# Sentry
PUBLIC_SENTRY_DSN=""
# To generate this without a Mac:
# 1. Generate a CSR and private key: openssl req -nodes -newkey rsa:2048 -keyout private_key.key -out cer_sign_request.csr
# 2. Upload the CSR to Apple Developer Console: https://developer.apple.com/account/resources/certificates/add
# 3. Download the .cer file from Apple Developer Console: https://developer.apple.com/account/resources/certificates/list
# 4. Convert the .cer file to .crt file: openssl x509 -inform der -in certificate.cer -out certificate.crt
# 5. Use the .crt with the private key to get a .pfx file: openssl pkcs12 -export -out certificate.pfx -inkey private_key.key -in certificate.crt
# 6. Convert the .pfx to a .pem certificate: openssl pkcs12 -in certificate.pfx -out certificate.pem -nodes
APPLE_WALLET_PEM_CERTIFICATE=""
# The private key's optional password.
APPLE_WALLET_PEM_KEY_PASSWORD=""
# Pass Type ID, which is chosen during the certificate creation process
APPLE_WALLET_PASS_TYPE_ID="pass.dev.net7.churros.apple"
# Get it from https://developer.apple.com/account
APPLE_WALLET_TEAM_ID=""
# Additive modifier for favoring some types in global search results. A search result's rank is between 0 and 1. JSON object mapping types to rank bumps. Types are values of the `SearchResultType` GraphQL enum. Omitting a value means no bump.
PUBLIC_GLOBAL_SEARCH_BUMPS='{
"Users": 0.4,
"Groups": 0.5
}'
# Capacitor-related
PUBLIC_API_ORIGIN_WEB="http://localhost:4000"
# Note: 10.0.2.2 will *NOT* work on physical android devices, only on emulators
# To test on a physical device, install ngrok, setup your auth token, run `yarn ngrok` and set these origins to the ngrok URLs (API and frontend ports will be exposed to the Internet via Ngrok)
PUBLIC_API_ORIGIN_ANDROID="http://10.0.2.2:4000"
PUBLIC_FRONTEND_ORIGIN_ANDROID="http://10.0.2.2:5173"
# JSON contents of the service account key file from Firebase Console
FIREBASE_ADMIN_SERVICE_ACCOUNT_KEY=""
PUBLIC_APP_PACKAGE_ID="app.churros"
PUBLIC_REPOSITORY_URL="https://git.inpt.fr/churros/churros"