✨ Add .env.example; fixed #232

staart · Aug 15, 2019 · 8c09ee5 · 8c09ee5
1 parent ade00a1
commit 8c09ee5
Showing 1 changed file with 101 additions and 0 deletions.
diff --git a/.env.example b/.env.example
@@ -0,0 +1,101 @@
+# Port to run the server on, use 80 for HTTP
+PORT = 8080
+
+# These URLs (including domain) are used for links in emails
+BASE_URL = "http://localhost:8080" # This server's full URL
+FRONTEND_URL = "http://localhost:3000" # URL for Staart UI
+
+# Secret keys for encryption
+JWT_SECRET = "staart"
+JWT_ISSUER = "staart"
+SERVICE_2FA = "staart"
+
+# MySQL/MariaDB connection
+DB_HOST = "localhost"
+DB_PORT = 3306
+DB_USERNAME = "root"
+DB_PASSWORD = ""
+DB_DATABASE = "database-name"
+DB_TABLE_PREFIX = ""
+
+# Sending emails via AWS SES
+SES_EMAIL = "[email protected]"
+SES_REGION = "eu-west-2"
+SES_ACCESS = "aws-access-key-xxxxxxxxxx"
+SES_SECRET = "aws-secret-key-xxxxxxxxxx"
+
+# Caching
+REDIS_URL = "redis://127.0.0.1:6379"
+CACHE_TTL = 600                  #     10 mins
+CACHE_CHECK_PERIOD = 1000        #        1k s
+
+# Billing via Stripe
+STRIPE_SECRET_KEY = "stripe-test-api-key"
+STRIPE_PRODUCT_ID = "stripe-product-id"
+
+# ElasticSearch event tracking and server logs
+AWS_ELASTIC_ACCESS_KEY = "aws-access-key-xxxxxxxxxx"
+AWS_ELASTIC_SECRET_KEY = "aws-secret-key-xxxxxxxxxx"
+AWS_ELASTIC_HOST = "https://name.region.es.amazonaws.com"
+
+##################################
+# Optional environment variables #
+##################################
+
+# Limits for brute force and rate limiting
+
+## Brute force is used for auth endpoints
+BRUTE_FREE_RETRIES = 50          # 50 requests
+BRUTE_LIFETIME = 300000          #   in 5 mins
+
+## Public limits
+PUBLIC_RATE_LIMIT_MAX = 60       # 60 requests
+PUBLIC_RATE_LIMIT_TIME = 60000   #    in 1 min
+SPEED_LIMIT_COUNT = 1000         # 1k requests
+SPEED_LIMIT_TIME = 600000        #    in 1 min
+SPEED_LIMIT_DELAY = 100          # delay 100ms
+
+## Limits when using an API key
+RATE_LIMIT_MAX = 1000            # 1k requests
+RATE_LIMIT_TIME = 60000          #    in 1 min
+
+# JWT expiry durations
+TOKEN_EXPIRY_EMAIL_VERIFICATION = "7d"
+TOKEN_EXPIRY_PASSWORD_RESET = "1d"
+TOKEN_EXPIRY_LOGIN = "15m"
+TOKEN_EXPIRY_APPROVE_LOCATION = "10m"
+TOKEN_EXPIRY_REFRESH = "30d"
+
+# 2299-12-31 is the default maximum expiry (also what Microsoft uses)
+TOKEN_EXPIRY_API_KEY_MAX = 10413685800000
+
+# Remove CORS headers without API key
+DISALLOW_OPEN_CORS = false
+
+# Allow users with disposable emails to sign up
+ALLOW_DISPOSABLE_EMAILS = false
+
+# Error tracking using Sentry
+SENTRY_DSN = "https://<key>@sentry.io/<project>"
+
+# OAuth2 credentials for "Login with [service]"
+
+## Google
+GOOGLE_CLIENT_ID = "google-oauth2-client-id"
+GOOGLE_CLIENT_SECRET = "oauth2-client-secret"
+
+## GitHub
+GITHUB_CLIENT_ID = "github-oauth2-client-id"
+GITHUB_CLIENT_SECRET = "oauth2-client-secret"
+
+## Microsoft
+MICROSOFT_CLIENT_ID = "microsoft-oauth2-client-id"
+MICROSOFT_CLIENT_SECRET = "oauth2-client-secret"
+
+## Facebook
+FACEBOOK_CLIENT_ID = "facebook-oauth2-client-id"
+FACEBOOK_CLIENT_SECRET = "oauth2-client-secret"
+
+## Salesforce
+SALESFORCE_CLIENT_ID = "salesforce-oauth2-client-id"
+SALESFORCE_CLIENT_SECRET = "oauth2-client-secret"