Daniel Volz
81 lines
2.9 KiB
Bash
81 lines
2.9 KiB
Bash
# =============================================================================
|
|
# MedAssist-ng Configuration
|
|
# =============================================================================
|
|
# Copy this file to .env and adjust values for your setup
|
|
# =============================================================================
|
|
|
|
# Container user/group IDs (for bind mount permissions)
|
|
# Set to your host user's UID/GID: id -u && id -g
|
|
PUID=1000
|
|
PGID=1000
|
|
|
|
PORT=3000
|
|
CORS_ORIGINS=http://localhost:4174
|
|
LOG_LEVEL=info
|
|
|
|
# Timezone for scheduled reminders (e.g., Europe/Berlin, America/New_York)
|
|
TZ=Europe/Berlin
|
|
|
|
# =============================================================================
|
|
# Authentication (optional - disabled by default for easy setup)
|
|
# =============================================================================
|
|
# Enable authentication (default: false = open access)
|
|
AUTH_ENABLED=false
|
|
|
|
# Allow new user registrations (auto-enabled when no users exist)
|
|
# REGISTRATION_ENABLED=false
|
|
|
|
# JWT Secrets - REQUIRED when AUTH_ENABLED=true
|
|
# Generate with: openssl rand -hex 32
|
|
# JWT_SECRET=
|
|
# REFRESH_SECRET=
|
|
# COOKIE_SECRET=
|
|
|
|
# Token TTL (optional - defaults shown)
|
|
# ACCESS_TOKEN_TTL_MINUTES=15
|
|
# REFRESH_TOKEN_TTL_DAYS=7
|
|
|
|
# =============================================================================
|
|
# OIDC SSO (optional - for Pocket ID, Authelia, Authentik, etc.)
|
|
# =============================================================================
|
|
# Enable OIDC authentication
|
|
# OIDC_ENABLED=false
|
|
|
|
# OIDC Provider URL (discovery endpoint will be auto-detected)
|
|
# OIDC_ISSUER_URL=https://auth.example.com
|
|
|
|
# Client credentials (from your OIDC provider)
|
|
# OIDC_CLIENT_ID=medassist
|
|
# OIDC_CLIENT_SECRET=your-client-secret
|
|
|
|
# Callback URL (must match what's configured in your OIDC provider)
|
|
# OIDC_REDIRECT_URI=https://medassist.example.com/api/auth/oidc/callback
|
|
|
|
# OIDC scopes to request (default: openid profile email)
|
|
# OIDC_SCOPES=openid profile email
|
|
|
|
# Claim to use as username (options: preferred_username, email, sub)
|
|
# OIDC_USERNAME_CLAIM=preferred_username
|
|
|
|
# Auto-create users on first SSO login (default: true)
|
|
# OIDC_AUTO_CREATE_USERS=true
|
|
|
|
# Provider name for login button (e.g., "Pocket ID", "Authelia", "SSO")
|
|
# OIDC_PROVIDER_NAME=SSO
|
|
|
|
# SMTP (optional - for email notifications and password reset)
|
|
SMTP_HOST=
|
|
SMTP_PORT=587
|
|
SMTP_USER=
|
|
SMTP_PASS= # Traditional password auth
|
|
SMTP_TOKEN= # OAuth2/App token auth (takes precedence over SMTP_PASS)
|
|
SMTP_FROM=
|
|
SMTP_SECURE=false
|
|
|
|
# Admin settings default value only - frontend settings (stored in settings.json) take precedence
|
|
REMINDER_DAYS_BEFORE=7
|
|
|
|
# Admin settings (not editable in UI)
|
|
REMINDER_HOUR=6 # 24h format (0-23), e.g. 6 = 6:00 AM, 18 = 6:00 PM
|
|
REMINDER_MINUTES_BEFORE=15 # Minutes before intake to send reminder
|
|
EXPIRY_WARNING_DAYS=30 # Days before expiry to show yellow warning |