-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.env.example
More file actions
100 lines (89 loc) · 6.45 KB
/
Copy path.env.example
File metadata and controls
100 lines (89 loc) · 6.45 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
# ─────────────────────────────────────────────────────────────────────────────
# OpenCoperLock — environment configuration
# Copy to `.env` and replace every CHANGE_ME value before running.
# Never commit your real .env. Generate keys with: openssl rand -base64 32
# ─────────────────────────────────────────────────────────────────────────────
# ── Core ─────────────────────────────────────────────────────────────────────
NODE_ENV=production
# Public URL the web app is served from (used for cookies, CORS, links).
APP_URL=http://localhost:3000
# Port the API listens on (inside the container / process).
API_PORT=4000
# Address the API binds to. Behind an nginx reverse proxy set this to 127.0.0.1 so the API
# cannot be reached directly (which would let clients spoof X-Forwarded-For).
API_HOST=0.0.0.0
# Port the web app listens on.
WEB_PORT=3000
# Reverse-proxy trust for deriving the real client IP from X-Forwarded-For (rate limiting,
# session IP tracking, audit logs). "false" = no proxy; "1" = one nginx hop in front;
# "true" = trust the whole chain; or a comma-separated list of trusted proxy IPs/subnets.
TRUST_PROXY=false
# ── Database (PostgreSQL) ────────────────────────────────────────────────────
POSTGRES_USER=opencoperlock
POSTGRES_PASSWORD=CHANGE_ME_strong_db_password
POSTGRES_DB=opencoperlock
# Connection string used by Prisma. With Docker Compose, host is the `postgres` service.
DATABASE_URL=postgresql://opencoperlock:CHANGE_ME_strong_db_password@postgres:5432/opencoperlock
# ── Secrets ──────────────────────────────────────────────────────────────────
# 32-byte base64 master key used to wrap per-file data-encryption keys (server-side
# encryption at rest). Rotating this requires re-wrapping existing file keys.
MASTER_KEY=CHANGE_ME_base64_32_bytes
# 32-byte base64 secret used to sign session cookies and download tokens.
SESSION_SECRET=CHANGE_ME_base64_32_bytes
# ── First admin (created by the seed script on first run) ────────────────────
ADMIN_EMAIL=admin@example.com
ADMIN_PASSWORD=CHANGE_ME_strong_admin_password
# ── Storage ──────────────────────────────────────────────────────────────────
# Driver: `local` (default). S3 driver is a documented future option.
STORAGE_DRIVER=local
# Where encrypted blobs are stored.
# - Docker: leave as-is (compose mounts the `storage` volume at /data).
# - Bare-metal / PM2: set an absolute path your run-user can write, then create it,
# e.g. sudo mkdir -p /var/lib/opencoperlock && sudo chown "$USER" /var/lib/opencoperlock
# STORAGE_PATH=/var/lib/opencoperlock/storage
STORAGE_PATH=/data/storage
# Where quarantined (infected) files are moved.
QUARANTINE_PATH=/data/quarantine
# Global storage cap across all users, in bytes. 0 = unlimited. (Also editable in admin UI.)
GLOBAL_STORAGE_CAP_BYTES=0
# Default per-user quota in bytes for newly created users (10 GiB).
DEFAULT_USER_QUOTA_BYTES=10737418240
# Maximum size for a single Remote-Upload download, in bytes (2 GiB).
REMOTE_UPLOAD_MAX_BYTES=2147483648
# ── Rate limiting & maintenance ──────────────────────────────────────────────
# Per-IP rate limiting (login/quick endpoints get stricter limits on top).
RATE_LIMIT_ENABLED=true
# Audit-log entries older than this are pruned by the maintenance pass.
AUDIT_RETENTION_DAYS=90
# Finished Remote-Upload jobs older than this are pruned.
JOB_RETENTION_DAYS=30
# A storage blob with no database row is deleted only once older than this (protects
# in-flight uploads from the orphan garbage collector).
ORPHAN_GRACE_HOURS=24
# How often the maintenance pass (reconcile usage, GC orphans, prune logs) runs.
MAINTENANCE_INTERVAL_HOURS=24
# ── Antivirus (ClamAV) — optional ───────────────────────────────────────────
# If unreachable, uploads are accepted and marked SKIPPED rather than blocked.
CLAMAV_ENABLED=true
CLAMAV_HOST=clamav
CLAMAV_PORT=3310
# ── VirusTotal — optional ────────────────────────────────────────────────────
# Leave empty to disable. With a key, files can be checked by hash on demand.
VIRUSTOTAL_API_KEY=
# ── Trash retention ──────────────────────────────────────────────────────────
# Days a soft-deleted file/folder stays in the Trash before being purged automatically.
TRASH_RETENTION_DAYS=30
# ── Version tracking & self-update ───────────────────────────────────────────
# The admin panel reads the deployed git SHA, compares it to this GitHub repo/branch,
# and can trigger an in-place update (git reset + rebuild + PM2 reload).
GITHUB_REPO=softpython2884/OpenCoperLock
UPDATE_BRANCH=main
# Optional read-only token to raise GitHub's API rate limit for update checks.
GITHUB_TOKEN=
# Set to false where updates are managed externally; disables the one-click update button.
SELF_UPDATE_ENABLED=true
# ── WebDAV ───────────────────────────────────────────────────────────────────
# Name advertised for the WebDAV root. Finder / Cyberduck / GNOME label the mount with this;
# keep it short. (Windows Explorer ignores it and uses the URL's last path segment instead —
# see docs/API.md "Naming the drive on Windows".)
WEBDAV_NAME=OpenCoper