mirror of
https://github.com/Dvorinka/Containr.git
synced 2026-06-03 20:12:58 +00:00
small fix, don't worry about it
This commit is contained in:
Tomas Dvorak
@@ -0,0 +1,118 @@
|
||||
# Canonical production environment template for:
|
||||
# - self-hosted full stack via ./start-unified.sh prod
|
||||
# - frontend deployment on Vercel (copy VITE_* and FRONTEND_URL/BACKEND_URL values)
|
||||
# - backend deployment on Railway (copy backend/auth/database values)
|
||||
|
||||
ENVIRONMENT=production
|
||||
|
||||
# Public application URLs
|
||||
FRONTEND_URL=https://containr-web.vercel.app
|
||||
BACKEND_URL=https://containr-api.up.railway.app
|
||||
VITE_API_URL=https://containr-api.up.railway.app
|
||||
VITE_AUTH_URL=https://containr-api.up.railway.app/api/auth
|
||||
BETTER_AUTH_URL=https://containr-api.up.railway.app
|
||||
BETTER_AUTH_TRUSTED_ORIGINS=https://containr-web.vercel.app,https://containr-api.up.railway.app
|
||||
CORS_ORIGINS=https://containr-web.vercel.app,https://containr-api.up.railway.app
|
||||
CORS_CREDENTIALS=true
|
||||
|
||||
# Self-hosted domain settings
|
||||
DOMAIN=containr.example.com
|
||||
ACME_EMAIL=ops@example.com
|
||||
TRAEFIK_API_INSECURE=false
|
||||
TRAEFIK_AUTH=admin:$$apr1$$replace_me$$replace_me
|
||||
|
||||
# Backend runtime
|
||||
PORT=8080
|
||||
HOST=0.0.0.0
|
||||
AUTH_PORT=3001
|
||||
BETTER_AUTH_ENABLED=true
|
||||
BETTER_AUTH_ENTRYPOINT=auth/src/server.js
|
||||
BETTER_AUTH_NODE_BINARY=node
|
||||
BETTER_AUTH_STARTUP_TIMEOUT=20s
|
||||
BETTER_AUTH_PROXY_URL=http://127.0.0.1:3001
|
||||
BETTER_AUTH_INTERNAL_URL=http://127.0.0.1:3001/internal/session
|
||||
MAX_REQUEST_BODY_BYTES=10485760
|
||||
READ_TIMEOUT=30s
|
||||
WRITE_TIMEOUT=30s
|
||||
IDLE_TIMEOUT=60s
|
||||
SHUTDOWN_TIMEOUT=30s
|
||||
AUTO_MIGRATE=true
|
||||
MIGRATION_LOCK_TIMEOUT=5m
|
||||
SEED_DATA_ON_START=false
|
||||
TRUSTED_PROXY_CIDR=172.20.0.0/16
|
||||
LOG_LEVEL=info
|
||||
LOG_FORMAT=json
|
||||
LOG_OUTPUT=stdout
|
||||
DEBUG=false
|
||||
|
||||
# Secrets
|
||||
JWT_SECRET=CHANGE_ME_AT_LEAST_32_CHARACTERS_LONG
|
||||
BETTER_AUTH_SECRET=CHANGE_ME_AT_LEAST_32_CHARACTERS_LONG
|
||||
BETTER_AUTH_INTERNAL_TOKEN=CHANGE_ME_INTERNAL_AUTH_TOKEN
|
||||
CONTAINR_AGENT_AUTH_TOKEN=CHANGE_ME_AGENT_AUTH_TOKEN
|
||||
# Optional rotating token list
|
||||
# CONTAINR_AGENT_AUTH_TOKENS=current_secret,next_secret
|
||||
|
||||
# Cookies
|
||||
COOKIE_SECURE=true
|
||||
COOKIE_DOMAIN=
|
||||
COOKIE_PATH=/
|
||||
COOKIE_SAME_SITE=lax
|
||||
|
||||
# Self-hosted database defaults.
|
||||
# Railway: replace DATABASE_URL and REDIS_URL with Railway-provided values.
|
||||
POSTGRES_DB=containr
|
||||
POSTGRES_USER=containr_user
|
||||
POSTGRES_PASSWORD=CHANGE_ME_POSTGRES_PASSWORD
|
||||
DATABASE_URL=postgres://containr_user:CHANGE_ME_POSTGRES_PASSWORD@postgres:5432/containr?sslmode=disable
|
||||
MAX_CONNECTIONS=50
|
||||
MAX_IDLE_CONNECTIONS=10
|
||||
CONN_MAX_LIFETIME=10m
|
||||
CONN_MAX_IDLE_TIME=5m
|
||||
|
||||
REDIS_PASSWORD=CHANGE_ME_REDIS_PASSWORD
|
||||
REDIS_URL=redis://:CHANGE_ME_REDIS_PASSWORD@redis:6379/0
|
||||
|
||||
# Explicit DB settings for the embedded Better Auth runtime.
|
||||
DB_HOST=postgres
|
||||
DB_PORT=5432
|
||||
DB_NAME=containr
|
||||
DB_USER=containr_user
|
||||
DB_PASSWORD=CHANGE_ME_POSTGRES_PASSWORD
|
||||
|
||||
# Optional OAuth providers
|
||||
GITHUB_CLIENT_ID=
|
||||
GITHUB_CLIENT_SECRET=
|
||||
GITLAB_CLIENT_ID=PLACEHOLDER_GITLAB_CLIENT_ID
|
||||
GITLAB_CLIENT_SECRET=PLACEHOLDER_GITLAB_CLIENT_SECRET
|
||||
GITLAB_OAUTH_AUTHORIZE_URL=https://gitlab.com/oauth/authorize
|
||||
GITLAB_OAUTH_TOKEN_URL=https://gitlab.com/oauth/token
|
||||
GITLAB_OAUTH_USERINFO_URL=https://gitlab.com/api/v4/user
|
||||
BITBUCKET_CLIENT_ID=PLACEHOLDER_BITBUCKET_CLIENT_ID
|
||||
BITBUCKET_CLIENT_SECRET=PLACEHOLDER_BITBUCKET_CLIENT_SECRET
|
||||
BITBUCKET_OAUTH_AUTHORIZE_URL=https://bitbucket.org/site/oauth2/authorize
|
||||
BITBUCKET_OAUTH_TOKEN_URL=https://bitbucket.org/site/oauth2/access_token
|
||||
BITBUCKET_OAUTH_USERINFO_URL=https://api.bitbucket.org/2.0/user
|
||||
BITBUCKET_OAUTH_EMAILS_URL=https://api.bitbucket.org/2.0/user/emails
|
||||
GITEA_CLIENT_ID=PLACEHOLDER_GITEA_CLIENT_ID
|
||||
GITEA_CLIENT_SECRET=PLACEHOLDER_GITEA_CLIENT_SECRET
|
||||
GITEA_OAUTH_AUTHORIZE_URL=https://gitea.example.com/login/oauth/authorize
|
||||
GITEA_OAUTH_TOKEN_URL=https://gitea.example.com/login/oauth/access_token
|
||||
GITEA_OAUTH_USERINFO_URL=https://gitea.example.com/api/v1/user
|
||||
|
||||
# Repo sync / SCM integrations
|
||||
GITHUB_APP_ID=
|
||||
GITHUB_APP_SLUG=
|
||||
GITHUB_APP_PRIVATE_KEY=
|
||||
GITHUB_APP_BASE_URL=https://api.github.com
|
||||
GITLAB_API_URL=https://gitlab.com/api/v4
|
||||
GITLAB_BASE_URL=https://gitlab.com
|
||||
BITBUCKET_API_URL=https://api.bitbucket.org/2.0
|
||||
BITBUCKET_BASE_URL=https://bitbucket.org
|
||||
GITEA_BASE_URL=https://gitea.example.com
|
||||
|
||||
# Optional analytics / observability
|
||||
UMAMI_BASE_URL=
|
||||
UMAMI_API_KEY=
|
||||
UMAMI_WEBSITE_ID=
|
||||
CLOUDFLARED_TOKEN=
|
||||
Reference in New Issue
Block a user