This repository has been archived by the owner on Jan 28, 2024. It is now read-only.
-
-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy path.env.template
196 lines (154 loc) · 6.47 KB
/
.env.template
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
###########################################################
### STANDARD ENV VARIABLES ################################
###########################################################
# Set to "production" for live system
NODE_ENV="development"
# NOTE: Needs to be set to "0.0.0.0" if using Docker.
# Defaults to resolving to "localhost" if not set
HOST=
# Expects number.
# Defaults to using port 3000 if not set
PORT=
### CORS ##################################################
# Set "Access-Control-Allow-Origin" response header.
# Origin can be comma-delimited string, string, or boolean;
# if set to boolean true then reflect request origin
# (NOTE: this is NOT recommended for production as it enables reflection exploits).
# Defaults to false and disables CORS if not set
CORS_ORIGIN=
# Set "Access-Control-Allow-Headers" response header.
# Expects comma-delimited string i.e. "Content-Type, Authorization".
# Defaults to reflecting the headers specified in the
# request's "Access-Control-Request-Headers" header
CORS_ALLOWED_HEADERS="Accept, Accept-Encoding, Accept-Language, Authorization, Content-Type, Origin, X-Forwarded-For, X-Requested-With"
# Set "Access-Control-Allow-Credentials" response header.
# Expects true or to be unset
CORS_ALLOW_CREDENTIALS=
# Set "Access-Control-Expose-Headers" response header.
# Expects comma-delimited string i.e. "Content-Range, X-Content-Range" or to be unset
CORS_EXPOSED_HEADERS=
# Set "Access-Control-Max-Age" response header.
# Expects integer or to be unset
CORS_MAX_AGE=
### DOCKER ################################################
# The max amount of processing time the Docker container
# can use of CPU.
# As an example, setting to 0.98 represents 98% of CPU
# processing time of a single core.
# Defaults to 0 (use all available processing time)
DOCKER_APP_CPUS=
# The max amount of memory the Docker container can use.
# As an example, "50M".
# Defaults to 0 (use all available memory)
DOCKER_APP_MEMORY=
# Refer to https://docs.docker.com/compose/compose-file/compose-file-v3/#restart
# for options.
# Defaults to "unless-stopped"
DOCKER_RESTART_POLICY=
### HTTPS #################################################
# Will use PFX file/passphrase over SSL cert/key if both specified.
# Defaults to serving over HTTP if not set
HTTPS_PFX_PASSPHRASE=
HTTPS_PFX_FILE_PATH=
HTTPS_SSL_CERT_PATH=
HTTPS_SSL_KEY_PATH=
# Enable HTTP/2 support with HTTP/1.x fallback.
# Requires cert/key supporting TLS 1.2 or above.
# Expects true or to be unset
HTTPS_HTTP2_ENABLED=
### LOGGER ################################################
# Level can be "trace", "debug", "info", "warn", "error", or "fatal".
# Defaults to "info"
LOG_LEVEL=
# See https://github.com/rogerc/file-stream-rotator#options for
# date format options.
# Requires LOG_ROTATION_FILENAME to be set.
# Defaults to "YYYY-MM-DD"
LOG_ROTATION_DATE_FORMAT=
# Filename including full path used by the stream, example:
# "./logs/yh-sider-obfuscation-service-%DATE%.log"
# Defaults to STDOUT.
# Ignored if deployed with Docker Compose, as Docker's
# daemon handles logging and rotations
LOG_ROTATION_FILENAME=
# Frequency can be "daily", "date", "[1-12]h" or "[1-30]m".
# Defaults to "daily".
# Set to "date" if you want to rotate based on LOG_ROTATION_DATE_FORMAT.
# Requires LOG_ROTATION_FILENAME to be set.
# Ignored if deployed with Docker Compose.
# Defaults to "daily"
LOG_ROTATION_FREQUENCY=
# Max number of logs to keep. If not set, it will not remove past logs.
# Requires LOG_ROTATION_FILENAME to be set.
# If using days, add "d" as the suffix.
# Defaults to "10" if deployed with Docker Compose
LOG_ROTATION_MAX_LOGS=
# Max size of the file after which it will rotate.
# It can be combined with frequency or date format.
# The size units are "k", "m" and "g".
# Units need to directly follow a number e.g. 1g, 100m, 20k.
# Requires LOG_ROTATION_FILENAME to be set.
# Defaults to "100m" if deployed with Docker Compose
LOG_ROTATION_MAX_SIZE=
### PROCESS LOAD HANDLING #################################
# If one of the below thresholds is reached then the server
# will return a 503 response until the load has been relieved
# The max event loop delay in milliseconds.
# Defaults to 0 (disabled)
PROC_LOAD_MAX_EVENT_LOOP_DELAY=
# The max Event Loop Utilization (ELU).
# As an example, setting to 0.98 represents 98%.
# Defaults to 0 (disabled)
PROC_LOAD_MAX_EVENT_LOOP_UTILIZATION=
# The max heap size in bytes.
# Defaults to 0 (disabled)
PROC_LOAD_MAX_HEAP_USED_BYTES=
# The max Resident Set Size (RSS) in bytes.
# Defaults to 0 (disabled)
PROC_LOAD_MAX_RSS_BYTES=
### RATE LIMITING #########################################
# List of IPs that are excluded from rate limiting
RATE_LIMIT_EXCLUDED_ARRAY=
# Maximum number of connections per minute per client.
# Defaults to 1000
RATE_LIMIT_MAX_CONNECTIONS_PER_MIN=
###########################################################
### PROJECT SPECIFIC ENV VARIABLES ########################
###########################################################
# SIDeR URL to redirect to, must include trailing "?"
REDIRECT_URL="https://pyrusapps.blackpear.com/esp/#!/launch?"
### KEYCLOAK ##############################################
# Refer to documentation for details on options:
# https://github.com/keycloak/keycloak-documentation/blob/main/securing_apps/topics/token-exchange/token-exchange.adoc
# Request Token
KC_ENABLED=false
KC_REQUESTTOKEN_URL=
KC_REQUESTTOKEN_AUDIENCE=
KC_REQUESTTOKEN_CLIENT_ID=
KC_REQUESTTOKEN_CLIENT_SECRET=
KC_REQUESTTOKEN_GRANT_TYPE="urn:ietf:params:oauth:grant-type:token-exchange"
KC_REQUESTTOKEN_REQUESTED_TOKEN_TYPE="urn:ietf:params:oauth:token-type:access_token"
# Service Authorisation
KC_SERVICEAUTH_URL=
KC_SERVICEAUTH_CLIENT_ID=
KC_SERVICEAUTH_CLIENT_SECRET=
KC_SERVICEAUTH_GRANT_TYPE="password"
KC_SERVICEAUTH_PASSWORD=
KC_SERVICEAUTH_USERNAME=
### OBFUSCATION ###########################################
# All REQUIRED variables
# Encryption key name
OBFUSCATION_KEY_NAME="k01"
# Encryption key value
OBFUSCATION_KEY_VALUE="0123456789"
# Array of request query string parameter keys to obfuscate
OBFUSCATION_QUERYSTRING_KEY_ARRAY=["birthdate", "patient"]
### QUERY STRING AUTH PARAM ###############################
# Contextual links do not allow setting of HTTP request
# headers, so auth is done via the "api_key" query string
# param rather than the Authorization HTTP request header
# Example: [{"clientName": "test", "value": "testKey"}]
# Both "clientName" and "value" are mandatory values inside
# objects.
# Leaving empty will disable query string API key auth
QUERY_STRING_API_KEY_ARRAY=