71 lines
2.2 KiB
Bash
71 lines
2.2 KiB
Bash
# --- Server ---
|
|
TZ="America/Chicago"
|
|
APP_URL="http://localhost:3006"
|
|
|
|
# Optional, uses APP_URL by default
|
|
# This can be set to a different URL (like http://host.docker.internal:3000 or http://{docker_service}:3000)
|
|
# to let the browser navigate to a non-public instance of Reactive Resume
|
|
PRINTER_APP_URL="http://host.docker.internal:3006"
|
|
|
|
# --- Printer ---
|
|
# If using browserless with token authentication, include the token as a query parameter:
|
|
# PRINTER_ENDPOINT="ws://printer:3000?token=your-secret-token"
|
|
PRINTER_ENDPOINT="ws://printer:3000"
|
|
|
|
# --- Database (PostgreSQL) ---
|
|
DATABASE_URL="postgresql://postgres:postgres@postgres:5432/postgres"
|
|
|
|
# --- Authentication ---
|
|
# Generated using `openssl rand -hex 32`
|
|
AUTH_SECRET=""
|
|
|
|
# Social Auth (Google, optional)
|
|
GOOGLE_CLIENT_ID=""
|
|
GOOGLE_CLIENT_SECRET=""
|
|
|
|
# Social Auth (GitHub, optional)
|
|
GITHUB_CLIENT_ID=""
|
|
GITHUB_CLIENT_SECRET=""
|
|
|
|
# Social Auth (LinkedIn, optional)
|
|
LINKEDIN_CLIENT_ID=""
|
|
LINKEDIN_CLIENT_SECRET=""
|
|
|
|
# Custom OAuth Provider
|
|
OAUTH_PROVIDER_NAME=""
|
|
OAUTH_CLIENT_ID=""
|
|
OAUTH_CLIENT_SECRET=""
|
|
# Use EITHER discovery URL (preferred for OIDC-compliant providers):
|
|
OAUTH_DISCOVERY_URL=""
|
|
# OR manual URLs (all three required if not using discovery):
|
|
OAUTH_AUTHORIZATION_URL=""
|
|
OAUTH_TOKEN_URL=""
|
|
OAUTH_USER_INFO_URL=""
|
|
# Custom scopes (space-separated, defaults to "openid profile email")
|
|
OAUTH_SCOPES=""
|
|
|
|
# --- Email (optional) ---
|
|
# If all keys are disabled, the app logs the email to be sent to the console instead.
|
|
SMTP_HOST=""
|
|
SMTP_PORT="465"
|
|
SMTP_USER=""
|
|
SMTP_PASS=""
|
|
SMTP_FROM="Reactive Resume <noreply@rxresu.me>"
|
|
SMTP_SECURE="false"
|
|
|
|
# --- Storage (optional) ---
|
|
# If all keys are disabled, the app uses local filesystem (/data) to store uploads instead.
|
|
# Make sure to mount this directory to a volume or the host filesystem to ensure data integrity.
|
|
S3_ACCESS_KEY_ID=""
|
|
S3_SECRET_ACCESS_KEY=""
|
|
S3_REGION="us-east-1"
|
|
S3_ENDPOINT=""
|
|
S3_BUCKET=""
|
|
# Set to "true" for path-style URLs (https://endpoint/bucket), common with MinIO, SeaweedFS, etc.
|
|
# Set to "false" for virtual-hosted-style URLs (https://bucket.endpoint), common with AWS S3, Cloudflare R2, etc.
|
|
S3_FORCE_PATH_STYLE="false"
|
|
|
|
# --- Feature Flags ---
|
|
FLAG_DEBUG_PRINTER="false"
|
|
FLAG_DISABLE_SIGNUPS="false"
|
|
FLAG_DISABLE_EMAIL_AUTH="false" |