auth
This commit is contained in:
51
.env.example
51
.env.example
@@ -1,30 +1,33 @@
|
||||
# --- VAPID Keys ---
|
||||
# Generate using: npx web-push generate-vapid-keys
|
||||
# The Public Key is needed by your PWA to subscribe.
|
||||
VAPID_PUBLIC_KEY=YOUR_VAPID_PUBLIC_KEY
|
||||
# The Private Key MUST be kept secret on the server.
|
||||
VAPID_PRIVATE_KEY=YOUR_VAPID_PRIVATE_KEY
|
||||
# A contact URL for the push service (mailto: or https:)
|
||||
VAPID_SUBJECT=mailto:admin@yourdomain.com
|
||||
# --- Application Configuration ---
|
||||
|
||||
# --- Application Settings ---
|
||||
# Port the Node.js server will listen on inside the container
|
||||
PORT=3000
|
||||
# Path to the JSON file storing Flic button serial -> PWA subscription mappings
|
||||
SUBSCRIPTIONS_FILE=/app/subscriptions.json
|
||||
# --- VAPID Keys (REQUIRED for Web Push) ---
|
||||
# Generate these once using npx web-push generate-vapid-keys (or other tools)
|
||||
# Keep the private key SECRET!
|
||||
VAPID_PUBLIC_KEY=
|
||||
VAPID_PRIVATE_KEY=
|
||||
|
||||
# --- Security ---
|
||||
# (Optional) A secret bearer token. If set, Flic requests must include "Authorization: Bearer <YOUR_SECRET>" header.
|
||||
# Generate a strong secret, e.g., using: openssl rand -hex 32
|
||||
FLIC_SECRET=YOUR_OPTIONAL_FLIC_SECRET_TOKEN
|
||||
# Subject claim for VAPID. Use a 'mailto:' URI or an 'https:' URL identifying your application.
|
||||
# Example: mailto:admin@yourdomain.com or https://yourdomain.com/contact
|
||||
VAPID_SUBJECT=mailto:admin@virtonline.eu
|
||||
|
||||
# --- CORS Settings ---
|
||||
# Comma-separated list of allowed origins for CORS requests (e.g., your PWA's domain)
|
||||
# Leave empty or unset to allow any origin (less secure, useful for testing)
|
||||
# Example: ALLOWED_ORIGINS=https://pwa.yourdomain.com,http://localhost:8080
|
||||
# Flic Button Configuration
|
||||
FLIC_BUTTON1_SERIAL=your_button1_serial
|
||||
FLIC_BUTTON2_SERIAL=your_button2_serial
|
||||
FLIC_BUTTON3_SERIAL=your_button3_serial
|
||||
|
||||
# Subscription Storage
|
||||
SUBSCRIPTIONS_FILE=subscriptions.json
|
||||
|
||||
# CORS
|
||||
ALLOWED_ORIGINS=https://game-timer.virtonline.eu
|
||||
# Comma-separated list of allowed HTTP methods
|
||||
ALLOWED_METHODS=POST,OPTIONS
|
||||
# Comma-separated list of allowed HTTP headers
|
||||
ALLOWED_METHODS=POST,OPTIONS,GET
|
||||
ALLOWED_HEADERS=Content-Type,Authorization
|
||||
|
||||
# Logging Configuration
|
||||
LOG_LEVEL=INFO
|
||||
|
||||
# --- Security (Optional) ---
|
||||
# If you want to add a simple security layer between Flic and this app.
|
||||
# If set, configure Flic's HTTP request to include an "Authorization: Bearer YOUR_SECRET_VALUE" header.
|
||||
# use e.g.: openssl rand -hex 32
|
||||
FLIC_SECRET=
|
||||
Reference in New Issue
Block a user