mirror of
https://github.com/zoriya/Kyoo.git
synced 2025-11-21 14:03:21 -05:00
Update .env.example
This commit is contained in:
Zoe Roux
parent
04171af3e3
commit
165d9e8f31
62
.env.example
62
.env.example
@ -21,8 +21,8 @@ GOCODER_PRESET=fast
|
|||||||
|
|
||||||
|
|
||||||
# Keep those empty to use kyoo's default api key. You can also specify a custom API key if you want.
|
# Keep those empty to use kyoo's default api key. You can also specify a custom API key if you want.
|
||||||
# go to https://www.themoviedb.org/settings/api and copy the api key (not the read access token, the api key)
|
# go to https://www.themoviedb.org/settings/api and copy the read access token (not the api key)
|
||||||
THEMOVIEDB_APIKEY=
|
THEMOVIEDB_API_ACCESS_TOKEN=""
|
||||||
# go to https://thetvdb.com/api-information/signup and copy the api key
|
# go to https://thetvdb.com/api-information/signup and copy the api key
|
||||||
TVDB_APIKEY=
|
TVDB_APIKEY=
|
||||||
# you can also input your subscriber's pin to support TVDB
|
# you can also input your subscriber's pin to support TVDB
|
||||||
@ -32,41 +32,45 @@ TVDB_PIN=
|
|||||||
# The url you can use to reach your kyoo instance. This is used during oidc to redirect users to your instance.
|
# The url you can use to reach your kyoo instance. This is used during oidc to redirect users to your instance.
|
||||||
PUBLIC_URL=http://localhost:8901
|
PUBLIC_URL=http://localhost:8901
|
||||||
|
|
||||||
# Use a builtin oidc service (google, discord, trakt, or simkl):
|
# Default permissions of new users. They are able to browse & play videos.
|
||||||
# When you create a client_id, secret combo you may be asked for a redirect url. You need to specify https://YOUR-PUBLIC-URL/api/auth/logged/YOUR-SERVICE-NAME
|
# Set `verified` to true if you don't wanna manually verify users.
|
||||||
OIDC_DISCORD_CLIENTID=
|
EXTRA_CLAIMS='{"permissions": ["core.read", "core.play"], "verified": false}'
|
||||||
OIDC_DISCORD_SECRET=
|
# This is the permissions of the first user (aka the first user is admin)
|
||||||
# Or add your custom one:
|
FIRST_USER_CLAIMS='{"permissions": ["users.read", "users.write", "apikeys.read", "apikeys.write", "users.delete", "core.read", "core.write", "core.play", "scanner.trigger"], "verified": true}'
|
||||||
OIDC_SERVICE_NAME=YourPrettyName
|
|
||||||
OIDC_SERVICE_LOGO=https://url-of-your-logo.com
|
# Guest (meaning unlogged in users) can be:
|
||||||
OIDC_SERVICE_CLIENTID=
|
# unauthorized (they need to connect before doing anything)
|
||||||
OIDC_SERVICE_SECRET=
|
# GUEST_CLAIMS=""
|
||||||
OIDC_SERVICE_AUTHORIZATION=https://url-of-the-authorization-endpoint-of-the-oidc-service.com/auth
|
# able to browse & see what you have but not able to play
|
||||||
OIDC_SERVICE_TOKEN=https://url-of-the-token-endpoint-of-the-oidc-service.com/token
|
GUEST_CLAIMS='{"permissions": ["core.read"], "verified": true}'
|
||||||
OIDC_SERVICE_PROFILE=https://url-of-the-profile-endpoint-of-the-oidc-service.com/userinfo
|
# or have browse & play permissions
|
||||||
OIDC_SERVICE_SCOPE="the list of scopes space separeted like email identity"
|
GUEST_CLAIMS='{"permissions": ["core.read", "core.play"], "verified": true}'
|
||||||
# Token authentication method as seen in https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication
|
|
||||||
# Supported values: ClientSecretBasic (default) or ClientSecretPost
|
# DO NOT change this.
|
||||||
# If in doubt, leave this empty.
|
PROTECTED_CLAIMS="permissions,verified"
|
||||||
OIDC_SERVICE_AUTHMETHOD=ClientSecretBasic
|
|
||||||
# on the previous list, service is the internal name of your service, you can add as many as you want.
|
|
||||||
|
|
||||||
|
|
||||||
# Following options are optional and only useful for debugging.
|
# You can create apikeys at runtime via POST /apikey but you can also have some defined in the env.
|
||||||
|
# Replace $YOURNAME with the name of the key you want (only alpha are valid)
|
||||||
|
# The value will be the apikey (max 128 bytes)
|
||||||
|
# KEIBI_APIKEY_$YOURNAME=oaeushtaoesunthoaensuth
|
||||||
|
# KEIBI_APIKEY_$YOURNAME_CLAIMS='{"permissions": ["users.read"]}'
|
||||||
|
|
||||||
# To debug the front end, you can set the following to an external backend
|
# To debug the front end, you can set the following to an external backend
|
||||||
KYOO_URL=
|
KYOO_URL=
|
||||||
|
|
||||||
# Database things
|
# It is recommended to use the below PG environment variables when possible.
|
||||||
|
# POSTGRES_URL=postgres://user:password@hostname:port/dbname?sslmode=verify-full&sslrootcert=/path/to/server.crt&sslcert=/path/to/client.crt&sslkey=/path/to/client.key
|
||||||
|
# The behavior of the below variables match what is documented here:
|
||||||
|
# https://www.postgresql.org/docs/current/libpq-envars.html
|
||||||
PGUSER=kyoo
|
PGUSER=kyoo
|
||||||
PGPASSWORD=password
|
PGPASSWORD=password
|
||||||
PGDATABASE=kyoo
|
PGDATABASE=kyoo
|
||||||
PGHOST=postgres
|
PGHOST=postgres
|
||||||
PGPORT=5432
|
PGPORT=5432
|
||||||
|
# PGOPTIONS=-c search_path=kyoo,public
|
||||||
# v5 stuff, does absolutely nothing on master (aka: you can delete this)
|
# PGPASSFILE=/my/password # Takes precedence over PGPASSWORD. New line characters are not trimmed.
|
||||||
EXTRA_CLAIMS='{"permissions": ["core.read"], "verified": false}'
|
# PGSSLMODE=verify-full
|
||||||
FIRST_USER_CLAIMS='{"permissions": ["users.read", "users.write", "apikeys.read", "apikeys.write", "users.delete", "core.read", "core.write", "scanner.trigger"], "verified": true}'
|
# PGSSLROOTCERT=/my/serving.crt
|
||||||
GUEST_CLAIMS='{"permissions": ["users.read", "users.write", "apikeys.read", "apikeys.write", "users.delete", "core.read", "core.write", "scanner.trigger"], "verified": true}'
|
# PGSSLCERT=/my/client.crt
|
||||||
# GUEST_CLAIMS='{"permissions": ["core.read"]}'
|
# PGSSLKEY=/my/client.key=password
|
||||||
PROTECTED_CLAIMS="permissions,verified"
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user