-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.env.example
More file actions
27 lines (21 loc) · 1 KB
/
.env.example
File metadata and controls
27 lines (21 loc) · 1 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
# GCS — required
GCS_BUCKET=your-bucket-name
# GOOGLE_APPLICATION_CREDENTIALS=/path/to/sa.json # optional; omit to use ADC
# SQLite — defaults to ./data/fileshare.db if unset
DATABASE_PATH=./data/fileshare.db
# Auth.js — required
# Generate with: openssl rand -base64 32
AUTH_SECRET=generate-with-openssl-rand-base64-32
# Canonical base URL of this deployment (required in production)
# Auth.js v5 reads AUTH_URL; NEXTAUTH_URL is accepted as a fallback
AUTH_URL=http://localhost:3000
# OIDC / SSO — optional; all three must be set together or OIDC is disabled
# AUTH_OIDC_ISSUER=https://your-idp.example.com
# AUTH_OIDC_CLIENT_ID=your-client-id
# AUTH_OIDC_CLIENT_SECRET=your-client-secret
# Callback URL to register with your IdP: {AUTH_URL}/api/auth/callback/oidc
# Cleanup job — required to use GET /api/cleanup
# Generate with: openssl rand -base64 32
CLEANUP_SECRET=generate-with-openssl-rand-base64-32
# Set to "true" if running behind a reverse proxy that sets X-Forwarded-Host
# AUTH_TRUST_HOST=true