30 lines
820 B
Bash
30 lines
820 B
Bash
# Core runtime
|
|
SERVER_PORT=3000
|
|
DB_DIR=./data
|
|
TZ=UTC
|
|
|
|
# Admin auth
|
|
ADMIN_AUTH_MODE=both
|
|
ADMIN_USERNAME=admin
|
|
# Example for password "change-me": sha256$e2186dbdb1bb4193608605e84f33208765b5693b55edd4f730a719a100eeea6f
|
|
ADMIN_PASSWORD_HASH=sha256$e2186dbdb1bb4193608605e84f33208765b5693b55edd4f730a719a100eeea6f
|
|
ADMIN_COOKIE_SECURE=true
|
|
ADMIN_SESSION_SECRET=replace-with-a-long-random-secret
|
|
ADMIN_SESSION_TTL_HOURS=12
|
|
ADMIN_API_TOKEN_TTL_DAYS=30
|
|
|
|
# Admin gateway / proxy hardening
|
|
CORS_ORIGINS=http://localhost:3000,http://127.0.0.1:3000
|
|
ADMIN_TRUSTED_PROXY_IPS=
|
|
|
|
# Model routing
|
|
MODEL_LIST_INCLUDE_ROUTING_METADATA=false
|
|
|
|
# OpenID Connect
|
|
OIDC_ISSUER_URL=
|
|
OIDC_CLIENT_ID=
|
|
OIDC_CLIENT_SECRET=
|
|
OIDC_REDIRECT_URI=
|
|
OIDC_ALLOWED_EMAILS=
|
|
# Optional override. Defaults to "openid profile email"
|
|
OIDC_SCOPES=openid profile email
|