mirror of
https://github.com/zoriya/Kyoo.git
synced 2025-05-24 02:02:36 -04:00
35 lines
1.6 KiB
Plaintext
35 lines
1.6 KiB
Plaintext
# vi: ft=sh
|
|
# shellcheck disable=SC2034
|
|
|
|
# http route prefix (will listen to $KEIBI_PREFIX/users for example)
|
|
KEIBI_PREFIX=""
|
|
|
|
# path of the private key used to sign jwts. If this is empty, a new one will be generated on startup
|
|
RSA_PRIVATE_KEY_PATH=""
|
|
|
|
# json object with the claims to add to every jwt (this is read when creating a new user)
|
|
EXTRA_CLAIMS='{}'
|
|
# json object with the claims to add to every jwt of the FIRST user (this can be used to mark the first user as admin).
|
|
# Those claims are merged with the `EXTRA_CLAIMS`.
|
|
FIRST_USER_CLAIMS='{"permissions": ["users.read", "users.write", "users.delete"]}'
|
|
# If this is not empty, calls to `/jwt` without an `Authorization` header will still create a jwt (with `null` in `sub`)
|
|
GUEST_CLAIMS=""
|
|
# Comma separated list of claims that users without the `user.write` permissions should NOT be able to edit
|
|
# (if you don't specify this an user could make themself administrator for example)
|
|
# PS: `permissions` is always a protected claim since keibi uses it for user.read/user.write
|
|
PROTECTED_CLAIMS="permissions"
|
|
|
|
# The url you can use to reach your kyoo instance. This is used during oidc to redirect users to your instance.
|
|
PUBLIC_URL=http://localhost:8901
|
|
|
|
# Database things
|
|
POSTGRES_USER=kyoo
|
|
POSTGRES_PASSWORD=password
|
|
POSTGRES_DB=kyoo
|
|
POSTGRES_SERVER=postgres
|
|
POSTGRES_PORT=5432
|
|
# Default is keibi, you can specify "disabled" to use the default search_path of the user.
|
|
# If this is not "disabled", the schema will be created (if it does not exists) and
|
|
# the search_path of the user will be ignored (only the schema specified will be used).
|
|
POSTGRES_SCHEMA=keibi
|