-
Notifications
You must be signed in to change notification settings - Fork 0
/
example.env
122 lines (117 loc) · 4.92 KB
/
example.env
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
# Note that for every parameter, you can also set "[PARAMETER]_FILE"
# to a file that contains the value. This is especially useful for things
# like mounted secrets in Docker Swarm or Kubernetes.
# ASN Generation Settings
#
# Additional namespaces managed by the system outside of the ASN_NAMESPACE_RANGE.
#
# Namespaces are notated as "<Namespace Label><Namespace Label>..." where:
# - Namespace is the numeric ID of the namespace.
# - Label is the label for the namespace.
# Optionally, commas and spaces can be used to separate namespaces.
#
# If empty, no additional namespaces are managed and only the ASN_NAMESPACE_RANGE is used.
# ADDITIONAL_MANAGED_NAMESPACES=
# ADDITIONAL_MANAGED_NAMESPACES=<700 NDA-Covered Documents (Generic)><800 Personal Data Documents (Generic)>
#
# The type of barcode to generate for the ASN.
# ASN_BARCODE_TYPE=CODE128
# ASN_BARCODE_TYPE=CODE39
# ASN_BARCODE_TYPE=CODE93
#
# Enable namespace extension. If true, the ADDITIONAL_MANAGED_NAMESPACES can have more digits than
# the ASN_NAMESPACE_RANGE.
# If false, the ADDITIONAL_MANAGED_NAMESPACES must have the same number of digits as the ASN_NAMESPACE_RANGE.
#
# This works by reserving leading `9`s for namespace extension:
# For example, let's say the ASN_NAMESPACE_RANGE is 60. Therefore, without the extension, our ADDITIONAL_MANAGED_NAMESPACES
# could only be 6X-9X, meaning we only have 39 available namespaces.
# With the extension, in the two-digit namespace range, we actually lose 9X (leaving 6X-8X). However, leading 9s
# expand the namespace by another digit. This can also be chained, giving us theoretically infinite additional namespaces:
# 6X-8X, 90X-98X, 990X-998X, 9990X-9998X, etc.
#
# Note that behind the leading 9s, the namespace must still be the same number of digits as the ASN_NAMESPACE_RANGE.
# ASN_ENABLE_NAMESPACE_EXTENSION=false
# ASN_ENABLE_NAMESPACE_EXTENSION=true
#
# The namespace range. The number of digits must not change after the first run.
# For example, if the range is 600, auto-generated ASNs will be in the range of 100XXX to 599XXX.
# 600XXX to 999XXX will be reserved for manual ASNs in that case.
ASN_NAMESPACE_RANGE=600
#
# Prefix for the ASN. Must not change after the first run.
ASN_PREFIX=ASN
# ASN Lookup Settings
#
# URL to look up existing ASN data. "{asn}" will be replaced with the ASN.
# If empty, the lookup feature will be disabled.
# ASN_LOOKUP_URL=
# ASN_LOOKUP_URL="https://dms.example.com/documents?archive_serial_number
#
# Include the ASN_PREFIX in the {asn} replacement of the lookup URL. If false, the prefix will be removed.
# Default is false.
# ASN_LOOKUP_URL_INCLUDE_PREFIX=false
# Network Settings
#
# The port the server will listen on.
# PORT=8080
# PORT=80
# OIDC (OpenID Connect) Configuration
#
# Secret key used for signing and verifying tokens.
# Must be at least 32 characters long for security purposes.
OIDC_AUTH_SECRET=RANDOM_SECRET_WITH_MIN_32_CHARS_CHANGE_ME_IMMEDIATELY_UPON_COPYING
#
# Client ID provided by your OIDC provider.
# Replace "XXX" with your actual client ID.
OIDC_CLIENT_ID="XXX"
#
# Client Secret provided by your OIDC provider.
# Replace "XXX" with your actual client secret.
OIDC_CLIENT_SECRET="XXX"
#
# The URL of the OIDC provider's authorization server.
# This is where your application will redirect users to authenticate.
OIDC_ISSUER=https://logto.example.com/oidc # Logto
# OIDC_ISSUER=https://authentik.example.com/application/o/dms/ # Authentik
# OIDC_ISSUER=https://authelia.example.com # Authelia
# OIDC_ISSUER=https://keycloak.example.com/realms/[REALM] # Keycloak
#
# The claim in the ID token that contains the user's name.
# OIDC_NAME_CLAIM=name
# OIDC_NAME_CLAIM=preferred_username
#
# The URL to which the OIDC provider will redirect users after authentication.
# This should match the redirect URI registered with your OIDC provider.
OIDC_REDIRECT_URI=http://localhost:41319/oidc/callback
#
# The claim in the ID token that contains the user's roles.
# OIDC_ROLES_CLAIM=roles
# OIDC_ROLES_CLAIM=groups
# OIDC_ROLES_CLAIM=custom-roles-claim
#
# Scopes requested from the OIDC provider.
# These determine the information returned in the ID token.
OIDC_SCOPES="openid profile roles"
#
# The claim in the ID token that contains the user's unique identifier.
# OIDC_UID_CLAIM=sub
# OIDC_UID_CLAIM=uid
# OIDC_UID_CLAIM=email
# OIDC_UID_CLAIM=custom-uid-claim
# Storage Settings
#
# Data directory.
# DATA_DIR=data
#
# Name of the SQLite3 database file within the data directory.
# The database gets created if it does not exist.
# To use a distributed database, set this to a URL beginning with "http" or "https".
# If it starts with "http" or "https", this uses the KV Connect Protocol:
# https://github.com/denoland/denokv/blob/main/proto/kv-connect.md
# DB_FILE_NAME=denokv.sqlite3
#
# The access token for the KV Connect Protocol.
# This is required if DB_FILE_NAME is a URL.
# The token must be set in the environment variable DENO_KV_ACCESS_TOKEN as per Deno's requirements.
# DENO_KV_ACCESS_TOKEN=XXX