The program configuration variables are assigned default values in the JavaScript file "server/config/index.js". Changes to configuration may be done by editing the file or using UNIX environment variables to override the defaults. Most of the variable names are self explanatory. Further explanation may be available in the Deployment tab. The program uses npm dotenv so a ".env" file located in the repository base folder is supported. If a .env file use used, remove public file permissions to protect credentials stored in the file.
Boolean values should be a string value, entered as:
SERVER_TLS=true
| Enviornment Variable | Default | Comment |
|---|---|---|
| SITE_VHOST | * | Disabled = * |
| SITE_AUTH_URL | http://127.0.0.1:3500 | |
| SITE_OWN_HOST | 127.0.0.1:3500 | |
| SITE_SECURITY_CONTACT | security@example.com | Disabled unless set |
| SITE_SECURITY_EXPIRES | "Fri, 1 Apr 2022 08:00:00 -0600" | Disabled unless set |
| SERVER_TLS_KEY | ../../data/token-certs/privatekey.pem | |
| SERVER_TLS_CERT | ../../data/token-certs/certificate.pem | |
| SERVER_TLS | false | |
| SERVER_PORT | 3500 | |
| SERVER_LOG_ROTATE_INTERVAL | Examples: 5m, 2h, 7d | |
| SERVER_LOG_ROTATE_SIZE | Examples: 100K, 1M | |
| SERVER_LOG_FILTER | Values: "error" | |
| SERVER_PID_FILENAME | Disabled unless set | |
| SESSION_SET_ROLLING_COOKIE | false | |
| SESSION_EXPIRE_SEC | 3600 | (1 hour) |
| SESSION_PRUNE_INTERVAL_SEC | 3600 | (1 hour) |
| SESSION_SECRET | A Secret That Should Be Changed | |
| SESSION_ENABLE_POSTGRES | false | |
| DATABASE_ENABLE_POSTGRES | false | |
| DATABASE_DISABLE_WEB_ADMIN_PANEL | false | |
| LIMITS_PASSWORD_RATE_LIMIT_COUNT | 10 | Includes successful |
| LIMITS_PASSWORD_RATE_LIMIT_MS | 3600000 | |
| LIMITS_TOKEN_RATE_LIMIT_COUNT | 1000 | Includes successful |
| LIMITS_TOKEN_RATE_LIMIT_MS | 3600000 | |
| LIMITS_WEB_RATE_LIMIT_COUNT | 1000 | Includes successful |
| LIMITS_WEB_RATE_LIMIT_MS | 3600000 | |
| OAUTH_CLIENT_SECRET_AES_KEY | A Secret That Should Be Changed | |
| OAUTH2_DISABLE_TOKEN_GRANT | false | |
| OAUTH2_DISABLE_CODE_GRANT | false | |
| OAUTH2_DISABLE_CLIENT_GRANT | false | |
| OAUTH2_DISABLE_PASSWORD_GRANT | false | |
| OAUTH2_DISABLE_REFRESH_TOKEN_GRANT | false | |
| OAUTH2_EDITOR_SHOW_CLIENT_SECRET | false | |
| OAUTH2_AUTH_CODE_EXPIRES_IN_SECONDS | 10 | |
| OAUTH2_TOKEN_EXPIRES_IN_SECONDS | 86400 | (24 hours) |
| OAUTH2_REFRESH_TOKEN_EXPIRES_IN_SECONDS | 2592000 | (30 days) |
| OAUTH2_CLIENT_TOKEN_EXPIRES_IN_SECONDS | 86400 | (24 hours) |
The PostgreSQL client, npm package pg, will use these enviornment variables directly. They may be entered into a .env or assigned before the program is started. You may refer to the npm pg package documentation for more info.
| Enviornment Variable | Comment |
|---|---|
| PGUSER | |
| PGPASSWORD | |
| PGHOSTADDR | |
| PGPORT | |
| PGDATABASE | Use: "collabauth" |
| PGSSLMODE |
The following enviornment variables are not supported in the .env file. They may be prepended to the command line when starting the program during debugging.
| Enviornment Variable | Comment |
|---|---|
| NODE_ENV | "production" or "development" |
| NODE_DEBUG_LOG | Use: NODE_DEBUG_LOG=1 to view logs in terminal |