# ============================================================================= # MedAssist-ng Configuration # ============================================================================= # Copy this file to .env and adjust values for your setup # ============================================================================= # Container user/group IDs (for bind mount permissions) # Set to your host user's UID/GID: id -u && id -g PUID=1000 PGID=1000 PORT=3000 CORS_ORIGINS=http://localhost:4174 LOG_LEVEL=warn # Levels: debug, info, warn, error, silent # Controls: backend Fastify logging, frontend nginx access logs (Docker), # and frontend browser console (via build-time injection) # # Behavior per level: # debug — all app logs + all HTTP request logs (including polling endpoints) # info — all app logs + HTTP request logs, EXCEPT high-frequency polling # (GET /doses/taken, GET /share/:token/doses, GET /health are hidden) # warn — only warnings and errors # error — only errors # silent — no logs # Rate limit: max requests per minute per IP (default: 100) # Increase for development/testing environments # RATE_LIMIT_MAX=100 # API documentation UI + OpenAPI JSON # Default behavior: enabled outside production, disabled in production # When enabled, docs are available on /docs and /docs/json. # Recommended: # development/staging: OPENAPI_DOCS_ENABLED=true # production: leave unset, or set OPENAPI_DOCS_ENABLED=false # OPENAPI_DOCS_ENABLED=true # Server default timezone for scheduled reminders (e.g., Europe/Berlin, America/New_York). # Users can override this per account in Settings -> Timezone. TZ=Europe/Berlin # ============================================================================= # Authentication (optional - disabled by default for easy setup) # ============================================================================= # Enable authentication (default: false = open access) AUTH_ENABLED=false # Allow new user registrations (auto-enabled when no users exist) # REGISTRATION_ENABLED=false # Disable username/password form login (useful for OIDC-only setups) # FORM_LOGIN_ENABLED=true # JWT Secrets - REQUIRED when AUTH_ENABLED=true # Generate with: openssl rand -hex 32 # JWT_SECRET= # REFRESH_SECRET= # COOKIE_SECRET= # Token TTL (optional - defaults shown) # ACCESS_TOKEN_TTL_MINUTES=15 # REFRESH_TOKEN_TTL_DAYS=7 # ============================================================================= # OIDC SSO (optional - for Pocket ID, Authelia, Authentik, etc.) # ============================================================================= # Enable OIDC authentication # OIDC_ENABLED=false # OIDC Provider URL (discovery endpoint will be auto-detected) # OIDC_ISSUER_URL=https://auth.example.com # Client credentials (from your OIDC provider) # OIDC_CLIENT_ID=medassist # OIDC_CLIENT_SECRET=your-client-secret # Callback URL (must match what's configured in your OIDC provider) # OIDC_REDIRECT_URI=https://medassist.example.com/api/auth/oidc/callback # OIDC scopes to request (default: openid profile email) # OIDC_SCOPES=openid profile email # Claim to use as username (options: preferred_username, email, sub) # OIDC_USERNAME_CLAIM=preferred_username # Auto-create users on first SSO login (default: true) # OIDC_AUTO_CREATE_USERS=true # Provider name for login button (e.g., "Pocket ID", "Authelia", "SSO") # OIDC_PROVIDER_NAME=SSO # SMTP (optional - for email notifications and password reset) SMTP_HOST= SMTP_PORT=587 SMTP_USER= SMTP_PASS= # Traditional password auth SMTP_TOKEN= # OAuth2/App token auth (takes precedence over SMTP_PASS) SMTP_FROM= SMTP_SECURE=false # Admin settings default value only - frontend settings (stored in settings.json) take precedence REMINDER_DAYS_BEFORE=7 # Admin settings (not editable in UI) REMINDER_HOUR=6 # 24h format (0-23), e.g. 6 = 6:00 AM, 18 = 6:00 PM REMINDER_MINUTES_BEFORE=15 # Minutes before intake to send reminder EXPIRY_WARNING_DAYS=30 # Days before expiry to show yellow warning # ============================================================================= # Default User Settings (applied when new user is created) # ============================================================================= # These ENV values are only used as DEFAULTS when a new user is created. # Once a user saves their settings in the app, these ENV values are ignored # for that user - their saved preferences take precedence. # # Useful for server admins to pre-configure settings for all new users. # ============================================================================= # Email notifications (requires SMTP config above) # DEFAULT_EMAIL_ENABLED=false # DEFAULT_NOTIFICATION_EMAIL= # DEFAULT_EMAIL_STOCK_REMINDERS=true # DEFAULT_EMAIL_INTAKE_REMINDERS=true # DEFAULT_EMAIL_PRESCRIPTION_REMINDERS=true # Push notifications (ntfy/gotify via Shoutrrr) # DEFAULT_SHOUTRRR_ENABLED=false # DEFAULT_SHOUTRRR_URL= # DEFAULT_SHOUTRRR_STOCK_REMINDERS=true # DEFAULT_SHOUTRRR_INTAKE_REMINDERS=true # DEFAULT_SHOUTRRR_PRESCRIPTION_REMINDERS=true # Repeat/nagging reminders for missed doses # DEFAULT_REPEAT_REMINDERS_ENABLED=false # DEFAULT_REMINDER_REPEAT_INTERVAL_MINUTES=30 # DEFAULT_MAX_NAGGING_REMINDERS=5 # DEFAULT_SKIP_REMINDERS_FOR_TAKEN_DOSES=false # Stock reminder settings # DEFAULT_REPEAT_DAILY_REMINDERS=false # Stock thresholds (days of supply) # DEFAULT_LOW_STOCK_DAYS=30 # DEFAULT_NORMAL_STOCK_DAYS=90 # DEFAULT_HIGH_STOCK_DAYS=180 # UI defaults # DEFAULT_LANGUAGE=en # en or de # DEFAULT_STOCK_CALCULATION_MODE=automatic # automatic or manual # DEFAULT_SHARE_STOCK_STATUS=true # Show stock status on shared schedule links # DEFAULT_UPCOMING_TODAY_ONLY=false # DEFAULT_SHARE_SCHEDULE_TODAY_ONLY=false