-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.env.example
More file actions
185 lines (161 loc) · 7.15 KB
/
Copy path.env.example
File metadata and controls
185 lines (161 loc) · 7.15 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
# ==========================================
# Application Configuration
# ==========================================
# Application name used in emails and UI
APP_NAME=Arpix Solutions
# ==========================================
# Logto Authentication Configuration
# ==========================================
# Logto Endpoint (e.g., https://your-logto.logto.app or self-hosted URL)
# For Docker self-hosted: http://localhost:3001
# For production: https://your-logto-domain.com
# Get this from your Logto Console > Application details
NUXT_LOGTO_ENDPOINT=http://localhost:3001
# Logto Admin Console Endpoint (for self-hosted Docker)
# Default: http://localhost:3002
# For production: https://admin.your-logto-domain.com
LOGTO_ADMIN_ENDPOINT=http://localhost:3002
# Logto Application ID
# Get this from your Logto Console > Application details
# After starting Logto, create an app in the Admin Console (port 3002)
NUXT_LOGTO_APP_ID=your-app-id
# Logto App Secret (for server-side)
# Get this from your Logto Console > Application details
NUXT_LOGTO_APP_SECRET=your-app-secret
# Cookie Encryption Key (must be 32 characters minimum)
# Generate with: openssl rand -base64 48
NUXT_LOGTO_COOKIE_ENCRYPTION_KEY=generate-a-random-32-char-string-minimum
# Logto API Resource for Hasura (must EXACTLY match the API Identifier in Logto Console)
# This is a URI that identifies your Hasura instance
NUXT_LOGTO_HASURA_RESOURCE=https://hasura.io/jwt/claims
# ==========================================
# Logto Docker Configuration (Self-hosted)
# ==========================================
# Logto Database Configuration (separate from app database)
LOGTO_DB_USER=logto
LOGTO_DB_PASSWORD=change-this-logto-db-password
LOGTO_DB_NAME=logto
# Logto Session Secret (for session management)
# Generate with: openssl rand -base64 48
LOGTO_SESSION_SECRET=generate-with-openssl-rand-base64-48
# Logto Verification Code Expiration (in seconds)
# Default: 600 (10 minutes)
LOGTO_VERIFICATION_CODE_EXPIRATION=600
# Logto Password Reset Expiration (in seconds)
# Default: 1800 (30 minutes)
LOGTO_PASSWORD_RESET_EXPIRATION=1800
# Redirect URIs to configure in Logto Console:
# - http://localhost:3000/callback (development) - default route from @logto/nuxt
# - https://your-domain.com/callback (production) - default route from @logto/nuxt
#
# Post Sign-out Redirect URIs:
# - http://localhost:3000 (development)
# - https://your-domain.com (production)
# ==========================================
# Hasura GraphQL Configuration
# ==========================================
# Hasura GraphQL HTTP Endpoint URL (used by the GraphQL client)
NUXT_HASURA_URL=http://localhost:8080/v1/graphql
# Hasura GraphQL WebSocket Endpoint URL (for subscriptions)
NUXT_HASURA_WS_URL=ws://localhost:8080/v1/graphql
# Hasura Admin Secret (for administrative operations)
# Generate with: openssl rand -base64 32
HASURA_ADMIN_SECRET=your-hasura-admin-secret-minimum-32-characters
# Hasura JWT Configuration for Logto
# Note: claims_format must be "json" or "stringified_json" (not "compressed")
# Configure in Hasura Console or docker-compose.yml:
# HASURA_GRAPHQL_JWT_SECRET={"type":"RS256","jwk_url":"$LOGTO_ENDPOINT/oidc/jwks","claims_format":"json"}
# ==========================================
# Email Sender Configuration (nuxt-arpix-email-sender)
# ==========================================
# Email address to send from (for SMTP/Gmail)
EMAIL_USER=info@yourdomain.com
EMAIL_FROM="Arpix Solutions <info@yourdomain.com>"
# Gmail OAuth2 Configuration (Recommended for production)
# Get credentials from: https://console.cloud.google.com/
GMAIL_CLIENT_ID=your-gmail-oauth2-client-id
GMAIL_CLIENT_SECRET=your-gmail-oauth2-client-secret
GMAIL_REFRESH_TOKEN=your-gmail-oauth2-refresh-token
# Alternative: Gmail App Password (Development only)
# Generate at: https://myaccount.google.com/apppasswords
# GMAIL_APP_PASSWORD=your-16-character-app-password
# Logto HTTP Email Connector Authentication Token
# This token is used to authenticate requests from Logto to the email endpoint
# Generate with: openssl rand -base64 32
# Configure this in Logto Console > Connectors > HTTP Email > Authorization
LOGTO_EMAIL_AUTH_TOKEN=your-secure-token-here
# ==========================================
# Database Configuration (for your application)
# ==========================================
# PostgreSQL Docker configuration
DATABASE_USER=postgres
DATABASE_PASSWORD=postgrespassword
DATABASE_NAME=db_name
# PostgreSQL connection string for application
DATABASE_URL=postgres://${DATABASE_USER}:${DATABASE_PASSWORD}@localhost:5432/${DATABASE_NAME}
# ==========================================
# Redis Configuration (Rate Limiting - Optional)
# ==========================================
# Redis is used for distributed rate limiting.
# Falls back to in-memory if Redis is not available.
REDIS_HOST=localhost
REDIS_PORT=6379
# Optional: Set password if your Redis instance requires authentication
# REDIS_PASSWORD=your-redis-password
# ==========================================
# Additional Configuration
# ==========================================
# Base URL for the application (used for redirects and emails)
BASE_URL=http://localhost:3000
# ==========================================
# Logto Setup Instructions
# ==========================================
#
# Option 1: Self-hosted with Docker (included in this boilerplate)
# ----------------------------------------------------------------
# 1. Start the Docker services:
# docker compose -f docker/docker-compose.yml up -d
#
# 2. Initialize Logto database (first time only):
# docker compose -f docker/docker-compose.yml --profile init up logto-init
#
# 3. Access Logto Admin Console at http://localhost:3002
# 4. Create a new Application type: "Traditional Web"
# 5. Configure redirect URIs in Logto Console:
# - Add: http://localhost:3000/callback (default route from @logto/nuxt)
# - Add post sign-out redirect: http://localhost:3000
# 6. Copy App ID, App Secret, and Endpoint to this file
# 7. Configure social providers in Logto Console (Google, GitHub, etc.)
#
# Option 2: Logto Cloud
# ----------------------------------------------------------------
# 1. Create a Logto account at https://logto.io/
# 2. Create a new tenant
# 3. Create a new Application type: "Traditional Web"
# 4. Configure redirect URIs in Logto Console:
# - Add: http://localhost:3000/callback (default route from @logto/nuxt)
# - Add post sign-out redirect: http://localhost:3000
# 5. Update LOGTO_ENDPOINT to your Logto Cloud URL
# 6. Copy App ID, App Secret, and Endpoint to this file
#
# For Hasura integration:
# 1. Create an API Resource in Logto for Hasura
# 2. Configure JWT claims in Logto Console:
# {
# "https://hasura.io/jwt/claims": {
# "x-hasura-user-id": "{{user.sub}}",
# "x-hasura-default-role": "user",
# "x-hasura-allowed-roles": ["user", "admin"]
# }
# }
# 3. Configure Hasura to use Logto's JWKS endpoint for JWT verification
# ==========================================
# Minio Configuration
# ==========================================
MINIO_ROOT_USER=minioadmin
MINIO_ROOT_PASSWORD=minioadmin
MINIO_BUCKET_NAME=arpix-bucket
MINIO_USER=minio
MINIO_PASSWORD=miniopass
MINIO_ACCESS_KEY=minioaccesskey
MINIO_SECRET_KEY=miniosecretkey