-
Notifications
You must be signed in to change notification settings - Fork 317
Expand file tree
/
Copy pathexample.env
More file actions
153 lines (132 loc) · 9.18 KB
/
example.env
File metadata and controls
153 lines (132 loc) · 9.18 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
NODE_ENV=production
LOG_LEVEL='errors-only' #'all', 'info', 'errors-only', 'none'
# Postgres connection details
POSTGRES_HOST=postgres
POSTGRES_PORT=5432
POSTGRES_USER=metamcp_user
POSTGRES_PASSWORD=m3t4mcp
POSTGRES_DB=metamcp_db
# Database configuration (composed from above vars)
DATABASE_URL=postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:${POSTGRES_PORT}/${POSTGRES_DB}
# Application URL configuration
# This is the public URL where your application will be accessible
APP_URL=http://localhost:12008
NEXT_PUBLIC_APP_URL=http://localhost:12008
# Auth configuration
BETTER_AUTH_SECRET=your-super-secret-key-change-this-in-production
# OIDC Provider Configuration (Optional)
# Uncomment and configure these variables to enable OpenID Connect authentication
# callback url is ${APP_URL}/api/auth/oauth2/callback/oidc
# Required for OIDC:
# OIDC_CLIENT_ID=your-oidc-client-id
# OIDC_CLIENT_SECRET=your-oidc-client-secret
# OIDC_DISCOVERY_URL=https://your-oidc-provider.com/.well-known/openid-configuration
# OIDC_AUTHORIZATION_URL=https://your-oidc-provider.com/auth
# Optional OIDC Configuration:
# OIDC_PROVIDER_ID=oidc
# OIDC_SCOPES=openid email profile
# OIDC_PKCE=true
# Docker networking fix
TRANSFORM_LOCALHOST_TO_DOCKER_INTERNAL=true
# Basic bootstrap configuration
BOOTSTRAP_ENABLE=true # Whether to enable bootstrap configuration. Default: true
BOOTSTRAP_FAIL_HARD=false # Whether a failure to bootstrap should stop the application from initializing. Default: false
BOOTSTRAP_DEBUG=false # Enable debug logging for bootstrap process. Default: false
# ============================================================================
# USER CONFIGURATION
# ============================================================================
# Single User Configuration (Legacy - for simple setups)
# If BOOTSTRAP_USERS is not set, these will be used to create a single user
BOOTSTRAP_USER_EMAIL=test@user.example # Bootstrapped user email.
BOOTSTRAP_USER_NAME=Admin # Bootstrapped user name.
BOOTSTRAP_USER_PASSWORD=changeme # Bootstrap user password.
# Multiple Users Configuration (JSON array - recommended for complex setups)
# Each user can have:
# - email (required): User email address
# - password (required): User password
# - name (optional): Display name for the user
#
# Example: BOOTSTRAP_USERS=[{"email":"admin@example.com","password":"pass1","name":"Admin"},{"email":"user@example.com","password":"pass2","name":"User"}]
# BOOTSTRAP_USERS=[{"email":"admin@example.com","password":"admin-password","name":"Administrator"},{"email":"developer@example.com","password":"dev-password","name":"Developer"}]
# User Management Options
BOOTSTRAP_WARN_PASSWORD_CHANGE=true # Whether to log a warning when the password is changed. Default: true
BOOTSTRAP_RECREATE_USER=true # Delete and re-create the bootstrapped user if the password has changed. Default: false
BOOTSTRAP_DELETE_OTHER_USERS=false # Whether to delete users not in the bootstrap configuration. Default: false
BOOTSTRAP_PRESERVE_API_KEYS=true # Whether to preserve existing API keys when recreating users. Default: true
BOOTSTRAP_ONLY_FIRST_RUN=false # Run bootstrap only on first startup. Default: false
# Registration Controls
BOOTSTRAP_DISABLE_REGISTRATION_UI=false # Whether to disable UI registration. Default: false
BOOTSTRAP_DISABLE_REGISTRATION_SSO=true # Whether to disable SSO registration. Default: false
# ============================================================================
# API KEYS CONFIGURATION (JSON array)
# ============================================================================
# Each API key can have:
# - name (required): Name for the API key
# - is_public (optional): Whether the key is public (global) or private (user-scoped). Default: false
# - user_email (optional): Email of the user who owns this key (for private keys). If not specified, first user is used.
# - owner (optional): Alias for user_email - both work the same way
#
# Examples:
# Single public key:
# BOOTSTRAP_API_KEYS=[{"name":"Public","is_public":true}]
#
# Multiple keys with different owners (using user_email):
# BOOTSTRAP_API_KEYS=[{"name":"Admin Key","is_public":false,"user_email":"admin@example.com"},{"name":"Dev Key","is_public":false,"user_email":"developer@example.com"},{"name":"Public","is_public":true}]
#
# Multiple keys with different owners (using owner):
# BOOTSTRAP_API_KEYS=[{"name":"Admin Key","is_public":false,"owner":"admin@example.com"},{"name":"Dev Key","is_public":false,"owner":"developer@example.com"},{"name":"Public","is_public":true}]
BOOTSTRAP_API_KEYS=[{"name":"Public","is_public":true},{"name":"Private","is_public":false}]
# ============================================================================
# NAMESPACES CONFIGURATION (JSON array)
# ============================================================================
# Each namespace can have:
# - name (required): Name for the namespace
# - description (optional): Description for the namespace
# - is_public (optional): Whether the namespace is public or owned by a user. Default: false
# - user_email (optional): Email of the user who owns this namespace (for private namespaces). If not specified, first user is used.
# - owner (optional): Alias for user_email - both work the same way
# - update (optional): Whether to update the namespace if one with the same name exists. Default: true
#
# Examples:
# Single public namespace:
# BOOTSTRAP_NAMESPACES=[{"name":"Production","description":"Production environment","is_public":true}]
#
# Multiple namespaces with different owners (using user_email):
# BOOTSTRAP_NAMESPACES=[{"name":"Admin Workspace","description":"Admin's private workspace","is_public":false,"user_email":"admin@example.com"},{"name":"Dev Workspace","description":"Developer's workspace","is_public":false,"user_email":"developer@example.com"},{"name":"Shared","description":"Shared namespace","is_public":true}]
#
# Multiple namespaces with different owners (using owner):
# BOOTSTRAP_NAMESPACES=[{"name":"Admin Workspace","description":"Admin's private workspace","is_public":false,"owner":"admin@example.com"},{"name":"Dev Workspace","description":"Developer's workspace","is_public":false,"owner":"developer@example.com"},{"name":"Shared","description":"Shared namespace","is_public":true}]
BOOTSTRAP_NAMESPACES=[{"name":"Default","description":"Default namespace","is_public":true,"update":true}]
# ============================================================================
# ENDPOINTS CONFIGURATION (JSON array)
# ============================================================================
# Each endpoint can have:
# - name (required): Name for the endpoint
# - description (optional): Description for the endpoint
# - enable_auth (optional): Whether to enable API Key authentication. Default: true
# - enable_auth_query (optional): Whether to enable query parameter authentication. Requires enable_auth=true. Default: false
# - enable_auth_oauth (optional): Whether to enable OAuth for the endpoint. Default: false
# - is_public (optional): Whether the endpoint is public or owned by a user. Default: true
# - user_email (optional): Email of the user who owns this endpoint (for private endpoints). If not specified, first user is used.
# - owner (optional): Alias for user_email - both work the same way
# - namespace (optional): Name of the namespace where this endpoint should be created. If not specified, first available namespace is used.
# - update (optional): Whether to update the endpoint if one with the same name exists. Default: true
#
# Note: If namespace is not specified, endpoints will be created in the first available namespace.
#
# Examples:
# Single public endpoint (in first available namespace):
# BOOTSTRAP_ENDPOINTS=[{"name":"api","description":"Public API","enable_auth":false,"is_public":true}]
#
# Endpoints in specific namespaces:
# BOOTSTRAP_ENDPOINTS=[{"name":"admin-api","namespace":"Admin Workspace","enable_auth":true,"is_public":false,"user_email":"admin@example.com"},{"name":"dev-api","namespace":"Dev Workspace","enable_auth":true,"is_public":false,"user_email":"developer@example.com"}]
#
# Multiple endpoints with different owners (using user_email):
# BOOTSTRAP_ENDPOINTS=[{"name":"admin-api","description":"Admin API","enable_auth":true,"is_public":false,"user_email":"admin@example.com"},{"name":"dev-api","description":"Dev API","enable_auth":true,"is_public":false,"user_email":"developer@example.com"},{"name":"public-api","description":"Public API","enable_auth":false,"is_public":true}]
#
# Multiple endpoints with different owners (using owner):
# BOOTSTRAP_ENDPOINTS=[{"name":"admin-api","description":"Admin API","enable_auth":true,"is_public":false,"owner":"admin@example.com"},{"name":"dev-api","description":"Dev API","enable_auth":true,"is_public":false,"owner":"developer@example.com"},{"name":"public-api","description":"Public API","enable_auth":false,"is_public":true}]
BOOTSTRAP_ENDPOINTS=[{"name":"Public","description":"Public endpoint","enable_auth":false,"enable_auth_query":false,"enable_auth_oauth":false,"is_public":true,"update":true}]
# Extra trusted origins for Better Auth (comma-separated)
# Useful for cluster deployments where different ports/origins are needed
# EXTRA_TRUSTED_ORIGINS=http://myapp.example.com,http://myapp.example.com:8080