super-productivity/packages/super-sync-server/.env.example
felix bear d82754faf2
feat(supersync): configure server bind host #7301 (#8108)
Co-authored-by: cocojojo5213 <cocojojo5213@users.noreply.github.com>
2026-06-08 12:12:49 +02:00

81 lines
2.7 KiB
Text

# SuperSync Server Configuration
# Copy this file to .env and customize the values
# Server port (default: 1900)
PORT=1900
# Server bind address (default: 0.0.0.0)
# Use :: for IPv6-only deployments.
HOST=0.0.0.0
# Data directory for storing sync files and database (default: ./data)
DATA_DIR=./data
# Public URL (used for email links). Set to your public host (with protocol).
# Example: https://sync.example.com
PUBLIC_URL=http://localhost:1900
# JWT Secret for signing authentication tokens
# REQUIRED in production (NODE_ENV=production)
# Use a long, random string (e.g., generated with: openssl rand -base64 32)
JWT_SECRET=change-me-in-production
# PostgreSQL connection (used by Prisma)
# Example assumes local Postgres; adjust user/password/host/db as needed.
DATABASE_URL=postgresql://supersync:superpassword@localhost:5432/supersync_db
# Environment mode
# Set to "production" for production deployments
# NODE_ENV=production
# CORS Configuration
# Enable/disable CORS (default: true)
CORS_ENABLED=true
# Allowed CORS origins (comma-separated)
# Supports:
# - Exact matches: https://app.super-productivity.com
# - Subdomain wildcards: https://*.super-productivity-preview.pages.dev
# - Multiple origins: https://app.example.com,https://*.preview.example.com,http://localhost:4200
# Use "*" to allow all origins (NOT recommended for production)
# Default includes: https://app.super-productivity.com and preview deployments
CORS_ORIGINS=https://app.super-productivity.com,https://*.super-productivity-preview.pages.dev
# Cleanup throttling
# Defaults are safe for production even when omitted.
OLD_OPS_CLEANUP_DELETE_BATCH_SIZE=5000
OLD_OPS_CLEANUP_MAX_DELETED_PER_RUN=25000
# Email
SMTP_HOST=smtp.gmail.com
SMTP_PORT=587
SMTP_SECURE=false
SMTP_USER=your-email@gmail.com
SMTP_PASS=your-app-password
SMTP_FROM="SuperSync <your-email@gmail.com>"
# Privacy Policy - Address for German legal requirements (Impressum)
# These values are injected into privacy.html on server startup
PRIVACY_CONTACT_NAME=Your Name
PRIVACY_ADDRESS_STREET=Street 123
PRIVACY_ADDRESS_CITY=12345 City
PRIVACY_ADDRESS_COUNTRY=Germany
PRIVACY_CONTACT_EMAIL=contact@example.com
# WebAuthn / Passkey Configuration
# RP (Relying Party) Name shown to users during passkey registration
WEBAUTHN_RP_NAME=Super Productivity Sync
# RP ID must match your domain (without protocol/port)
# For local development: localhost
# For production: your-domain.com
WEBAUTHN_RP_ID=localhost
# Origin must match where users access the auth UI (with protocol)
# For local development: http://localhost:1900
# For production: https://your-domain.com
WEBAUTHN_ORIGIN=http://localhost:1900
# GITHUB DEPLOY
GHCR_USER=uuuser
GHCR_TOKEN=TOOOOKEN