182 lines
7.2 KiB
Bash
182 lines
7.2 KiB
Bash
APP_NAME=产互研发知识库
|
||
# –––––––––––––––– REQUIRED ––––––––––––––––
|
||
|
||
NODE_ENV=production
|
||
|
||
# Generate a hex-encoded 32-byte random key. You should use `openssl rand -hex 32`
|
||
# in your terminal to generate a random value.
|
||
SECRET_KEY=1d7272069f6070b6f691969478fe8aa4a9c34029a836491b3c30af66cb038e4b
|
||
|
||
# Generate a unique random key. The format is not important but you could still use
|
||
# `openssl rand -hex 32` in your terminal to produce this.
|
||
UTILS_SECRET=54f167019334b4e50f0f4954c7a2b3de75fce3c9cba6c743c67799e0091649e9
|
||
|
||
# For production point these at your databases, in development the default
|
||
# should work out of the box.
|
||
DATABASE_URL=postgres://user:pass@postgres:5432/outline
|
||
DATABASE_URL_TEST=postgres://user:pass@postgres:5432/outline-test
|
||
DATABASE_CONNECTION_POOL_MIN=
|
||
DATABASE_CONNECTION_POOL_MAX=
|
||
# Uncomment this to disable SSL for connecting to Postgres
|
||
PGSSLMODE=disable
|
||
|
||
# For redis you can either specify an ioredis compatible url like this
|
||
REDIS_URL=redis://redis:6379
|
||
# or alternatively, if you would like to provide additional connection options,
|
||
# use a base64 encoded JSON connection option object. Refer to the ioredis documentation
|
||
# for a list of available options.
|
||
# Example: Use Redis Sentinel for high availability
|
||
# {"sentinels":[{"host":"sentinel-0","port":26379},{"host":"sentinel-1","port":26379}],"name":"mymaster"}
|
||
# REDIS_URL=ioredis://eyJzZW50aW5lbHMiOlt7Imhvc3QiOiJzZW50aW5lbC0wIiwicG9ydCI6MjYzNzl9LHsiaG9zdCI6InNlbnRpbmVsLTEiLCJwb3J0IjoyNjM3OX1dLCJuYW1lIjoibXltYXN0ZXIifQ==
|
||
|
||
# URL should point to the fully qualified, publicly accessible URL. If using a
|
||
# proxy the port in URL and PORT may be different.
|
||
URL=https://outline.mynatapp.cc
|
||
PORT=3000
|
||
|
||
# See [documentation](docs/SERVICES.md) on running a separate collaboration
|
||
# server, for normal operation this does not need to be set.
|
||
COLLABORATION_URL=
|
||
|
||
# To support uploading of images for avatars and document attachments an
|
||
# s3-compatible storage must be provided. AWS S3 is recommended for redundancy
|
||
# however if you want to keep all file storage local an alternative such as
|
||
# minio (https://github.com/minio/minio) can be used.
|
||
|
||
# A more detailed guide on setting up S3 is available here:
|
||
# => https://wiki.generaloutline.com/share/125de1cc-9ff6-424b-8415-0d58c809a40f
|
||
#
|
||
AWS_ACCESS_KEY_ID=MPsDjtevz2Or9Nky
|
||
AWS_SECRET_ACCESS_KEY=6tOMVh1MOfu3GujGHrA07W6p3WpdX5vv
|
||
AWS_REGION=
|
||
AWS_S3_ACCELERATE_URL=
|
||
AWS_S3_UPLOAD_BUCKET_URL=https://wiki.flyfish.group
|
||
AWS_S3_UPLOAD_BUCKET_NAME=outline
|
||
AWS_S3_UPLOAD_MAX_SIZE=26214400
|
||
AWS_S3_FORCE_PATH_STYLE=true
|
||
AWS_S3_ACL=private
|
||
|
||
|
||
# –––––––––––––– AUTHENTICATION ––––––––––––––
|
||
|
||
# Third party signin credentials, at least ONE OF EITHER Google, Slack,
|
||
# or Microsoft is required for a working installation or you'll have no sign-in
|
||
# options.
|
||
|
||
# To configure Slack auth, you'll need to create an Application at
|
||
# => https://api.slack.com/apps
|
||
#
|
||
# When configuring the Client ID, add a redirect URL under "OAuth & Permissions":
|
||
# https://<URL>/auth/slack.callback
|
||
SLACK_CLIENT_ID=4631119152534.4661436488720
|
||
SLACK_CLIENT_SECRET=88064dce7ad0a36d14ce8cacbbd77ac7
|
||
|
||
# To configure Google auth, you'll need to create an OAuth Client ID at
|
||
# => https://console.cloud.google.com/apis/credentials
|
||
#
|
||
# When configuring the Client ID, add an Authorized redirect URI:
|
||
# https://<URL>/auth/google.callback
|
||
GOOGLE_CLIENT_ID=
|
||
GOOGLE_CLIENT_SECRET=
|
||
|
||
# To configure Microsoft/Azure auth, you'll need to create an OAuth Client. See
|
||
# the guide for details on setting up your Azure App:
|
||
# => https://wiki.generaloutline.com/share/dfa77e56-d4d2-4b51-8ff8-84ea6608faa4
|
||
AZURE_CLIENT_ID=
|
||
AZURE_CLIENT_SECRET=
|
||
AZURE_RESOURCE_APP_ID=
|
||
|
||
# To configure generic OIDC auth, you'll need some kind of identity provider.
|
||
# See documentation for whichever IdP you use to acquire the following info:
|
||
# Redirect URI is https://<URL>/auth/oidc.callback
|
||
OIDC_CLIENT_ID=outline
|
||
OIDC_CLIENT_SECRET=542e9284a37c87ebc165e7e1106650d9a669503ce384e8df0496485a85663984
|
||
OIDC_AUTH_URI=https://sso.flyfish.group/api/oidc/authorization
|
||
OIDC_TOKEN_URI=https://sso.flyfish.group/api/oidc/token
|
||
OIDC_USERINFO_URI=https://sso.flyfish.group/api/oidc/userinfo
|
||
|
||
# Specify which claims to derive user information from
|
||
# Supports any valid JSON path with the JWT payload
|
||
OIDC_USERNAME_CLAIM=preferred_username
|
||
|
||
# Display name for OIDC authentication
|
||
OIDC_DISPLAY_NAME=账号密码
|
||
|
||
# Space separated auth scopes.
|
||
OIDC_SCOPES="openid offline_access profile email"
|
||
|
||
|
||
# –––––––––––––––– OPTIONAL ––––––––––––––––
|
||
|
||
# Base64 encoded private key and certificate for HTTPS termination. This is only
|
||
# required if you do not use an external reverse proxy. See documentation:
|
||
# https://wiki.generaloutline.com/share/1c922644-40d8-41fe-98f9-df2b67239d45
|
||
SSL_KEY=
|
||
SSL_CERT=
|
||
|
||
# If using a Cloudfront/Cloudflare distribution or similar it can be set below.
|
||
# This will cause paths to javascript, stylesheets, and images to be updated to
|
||
# the hostname defined in CDN_URL. In your CDN configuration the origin server
|
||
# should be set to the same as URL.
|
||
CDN_URL=
|
||
|
||
# Auto-redirect to https in production. The default is true but you may set to
|
||
# false if you can be sure that SSL is terminated at an external loadbalancer.
|
||
FORCE_HTTPS=false
|
||
|
||
# Have the installation check for updates by sending anonymized statistics to
|
||
# the maintainers
|
||
ENABLE_UPDATES=true
|
||
|
||
# How many processes should be spawned. As a reasonable rule divide your servers
|
||
# available memory by 512 for a rough estimate
|
||
WEB_CONCURRENCY=1
|
||
|
||
# Override the maximum size of document imports, could be required if you have
|
||
# especially large Word documents with embedded imagery
|
||
MAXIMUM_IMPORT_SIZE=5120000
|
||
|
||
# You can remove this line if your reverse proxy already logs incoming http
|
||
# requests and this ends up being duplicative
|
||
DEBUG=http
|
||
|
||
# For a complete Slack integration with search and posting to channels the
|
||
# following configs are also needed, some more details
|
||
# => https://wiki.generaloutline.com/share/be25efd1-b3ef-4450-b8e5-c4a4fc11e02a
|
||
#
|
||
SLACK_VERIFICATION_TOKEN=your_token
|
||
SLACK_APP_ID=A0XXXXXXX
|
||
SLACK_MESSAGE_ACTIONS=true
|
||
|
||
# Optionally enable google analytics to track pageviews in the knowledge base
|
||
GOOGLE_ANALYTICS_ID=
|
||
|
||
# Optionally enable Sentry (sentry.io) to track errors and performance,
|
||
# and optionally add a Sentry proxy tunnel for bypassing ad blockers in the UI:
|
||
# https://docs.sentry.io/platforms/javascript/troubleshooting/#using-the-tunnel-option)
|
||
SENTRY_DSN=
|
||
SENTRY_TUNNEL=
|
||
|
||
# To support sending outgoing transactional emails such as "document updated" or storage-certs: "./certs"
|
||
# "you've been invited" you'll need to provide authentication for an SMTP server
|
||
SMTP_HOST=smtp.163.com
|
||
SMTP_PORT=465
|
||
SMTP_USERNAME=wybaby168@163.com
|
||
SMTP_PASSWORD=TWNQBHMSQIGRBCYU
|
||
SMTP_FROM_EMAIL=wybaby168@163.com
|
||
SMTP_REPLY_EMAIL=
|
||
SMTP_TLS_CIPHERS=
|
||
SMTP_SECURE=true
|
||
|
||
# The default interface language. See translate.getoutline.com for a list of
|
||
# available language codes and their rough percentage translated.
|
||
DEFAULT_LANGUAGE=zh_CN
|
||
LANGUAGE=zh_CN
|
||
|
||
# Optionally enable rate limiter at application web server
|
||
RATE_LIMITER_ENABLED=true
|
||
|
||
# Configure default throttling parameters for rate limiter
|
||
RATE_LIMITER_REQUESTS=1000
|
||
RATE_LIMITER_DURATION_WINDOW=60
|