20 lines
1.1 KiB
Plaintext
20 lines
1.1 KiB
Plaintext
PORT=3001 # Port to run the server on
|
|
NODE_ENV=development # development = development mode; production = production mode
|
|
JWT_SECRET=your-super-secret-jwt-key-change-in-production # Auto-generated if not set; persist across restarts for stable sessions
|
|
TZ=UTC # Timezone for logs, reminders and scheduled tasks (e.g. Europe/Berlin)
|
|
LOG_LEVEL=info # info = concise user actions; debug = verbose admin-level details
|
|
|
|
ALLOWED_ORIGINS=https://trek.example.com # Comma-separated origins for CORS and email links
|
|
FORCE_HTTPS=false # Redirect HTTP → HTTPS behind a TLS proxy
|
|
TRUST_PROXY=1 # Number of trusted proxies for X-Forwarded-For
|
|
|
|
OIDC_ISSUER=https://auth.example.com # OpenID Connect provider URL
|
|
OIDC_CLIENT_ID=trek # OpenID Connect client ID
|
|
OIDC_CLIENT_SECRET=supersecret # OpenID Connect client secret
|
|
OIDC_DISPLAY_NAME=SSO # Label shown on the SSO login button
|
|
OIDC_ONLY=true # Disable local password auth entirely (SSO only)
|
|
OIDC_ADMIN_CLAIM=groups # OIDC claim used to identify admin users
|
|
OIDC_ADMIN_VALUE=app-trek-admins # Value of the OIDC claim that grants admin role
|
|
|
|
DEMO_MODE=false # Demo mode - resets data hourly
|