Environment Variables

This document describes the environment variables required or supported by the application, including their descriptions, default values, and additional constraints.

Tip

To configure namespace-specific settings, such as authentication options, use YAML configuration files instead.

Docker Secrets

To use docker secrets, append the _FILE postfix to the variable name, e.g. SIGNING_SECRET will become SIGNING_SECRET_FILE which points to the file such as /run/secrets/{name}.

General Variables

ALLOWED_HOSTS

• Description: A comma-separated list of whitelisted hosts. If empty, all hosts will be accepted. Supports wildcards (*.example.com).
• Default: ''

APP_URL

• Description: The application URL if it differs from the BASE_URL.
• Default: http://localhost:5173
• Format: URI

BASE_URL

• Description: Base URL for the application, where it will be accessible.
• Default: http://localhost:3000
• Format: URI

LOG_LEVEL

• Description: Application log level.
• Default: info
• Allowed Values: debug|fatal|error|info|silent|trace|warn

JWT_ISSUER

• Description: JWT issuer identifier.
• Default: BAUSW

SIGNING_SECRET

• Description: Secret key for signing JWTs and HMAC.
• Constraints: Must be at least 24 characters long.

ALTCHA Configuration

ALTCHA_EXPIRES

• Description: Expiration for ALTCHA challenges (as human-duration).
• Default: 10m

ALTCHA_HMAC_KEY

• Description: HMAC key for ALTCHA challenges.
• Constraints: Must be at least 10 characters long.

ALTCHA_MAX_NUMBER

• Description: Maximum number for ALTCHA challenges.
• Default: 30000

SMTP Configuration

SMTP_URL

• Description: SMTP server URL.
• Optional
• Format: URI

SMTP_SENDER

• Description: Default sender email address.
• Optional

SMTP_REPLY_TO

• Description: Default Reply-To email address.
• Optional

Storage Configuration

STORAGE_PROVIDER

• Description: Storage provider (e.g., fs, s3).
• Default: fs
• Allowed Values: fs|s3

STORAGE_FS_DIR

• Description: Directory path for file system storage.
• Default: ./data/files

STORAGE_MAX_FILE_SIZE

• Description: Maximum upload file size (as a human-readable string, e.g., 100mb).
• Default: 100mb

STORAGE_S3_ACCESS_KEY_ID

• Description: AWS S3 access key ID.
• Optional

STORAGE_S3_BUCKET

• Description: AWS S3 bucket name.
• Optional

STORAGE_S3_ENDPOINT

• Description: AWS S3 endpoint URL.
• Optional

STORAGE_S3_SECRET_ACCESS_KEY

• Description: AWS S3 secret access key.
• Optional

STORAGE_S3_REGION

• Description: AWS S3 region.
• Optional

Rate Limiting

RATE_LIMIT_L1

• Description: L1 (low) rate limit as requests/duration in seconds.
• Default: 40/60

RATE_LIMIT_L2

• Description: L2 (medium) rate limit as requests/duration in seconds.
• Default: 200/60

RATE_LIMIT_L3

• Description: L3 (high) rate limit as requests/duration in seconds.
• Default: 400/60

Miscellaneous

VISUALCROSSING_API_KEY

• Description: The weather API key for visualcrossing.com.
• Optional