forked from NoFxAiOS/nofx
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.env.example
More file actions
70 lines (54 loc) · 2.08 KB
/
.env.example
File metadata and controls
70 lines (54 loc) · 2.08 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
# NOFX Environment Variables Template
# Copy this file to .env and modify the values as needed
# ===========================================
# Server Configuration
# ===========================================
# Backend API server port
NOFX_BACKEND_PORT=8080
# Frontend web interface port
NOFX_FRONTEND_PORT=3000
# Timezone
NOFX_TIMEZONE=Asia/Shanghai
# ===========================================
# Authentication (Required)
# ===========================================
# JWT signing secret (any random string, at least 32 characters)
# Generate with: openssl rand -base64 32
JWT_SECRET=your-jwt-secret-change-this-in-production
# ===========================================
# Encryption Keys (Required)
# ===========================================
# AES-256 data encryption key (Base64 encoded, 32 bytes)
# Used for encrypting sensitive data in database (API keys, secrets)
# Generate with: openssl rand -base64 32
DATA_ENCRYPTION_KEY=your-base64-encoded-32-byte-key
# RSA private key for client-server encryption (PEM format)
# Used for end-to-end encryption of sensitive data from browser
# Generate with: openssl genrsa 2048
# Note: Replace newlines with \n for single-line format
RSA_PRIVATE_KEY=-----BEGIN RSA PRIVATE KEY-----\nYOUR_KEY_HERE\n-----END RSA PRIVATE KEY-----
# ===========================================
# Security Options
# ===========================================
# Transport encryption for API keys (default: false)
# When enabled, browser uses Web Crypto API to encrypt API keys before sending
# Requires HTTPS or localhost to work
# Set to true for enhanced security (HTTPS required)
# Set to false for easier deployment (HTTP/IP access allowed)
TRANSPORT_ENCRYPTION=false
# ===========================================
# Optional: External Services
# ===========================================
# Telegram notifications (optional)
# TELEGRAM_BOT_TOKEN=your-bot-token
# TELEGRAM_CHAT_ID=your-chat-id
DB_TYPE=postgres
DB_HOST=10.
DB_PORT=5432
DB_USER=nofx_user
DB_PASSWORD=
DB_NAME=nofx
DB_SSLMODE=disable
# 数据库配置 - SQLite(默认)
DB_TYPE=sqlite
DB_PATH=data/data.db