# Likwid Backend Configuration # Copy this file to .env and configure as needed # Database connection URL DATABASE_URL=postgres://likwid:likwid@localhost:5432/likwid # Server configuration SERVER_HOST=127.0.0.1 SERVER_PORT=3000 # JWT Secret for authentication tokens # IMPORTANT: Change this in production! JWT_SECRET=change-me-in-production # ============================================================================= # RATE LIMITING # ============================================================================= # The backend applies a global fixed-window rate limiter (60s window). # # - Set RATE_LIMIT_ENABLED=false to disable all rate limiting. # - Set any *_RPM variable to 0 to disable that specific limiter. # # Per-IP rate limit (all endpoints except / and /health) RATE_LIMIT_IP_RPM=300 # Per-user rate limit (only applies when Authorization: Bearer is present) RATE_LIMIT_USER_RPM=1200 # Auth endpoints rate limit (applies per IP for /api/auth/login and /api/auth/register) RATE_LIMIT_AUTH_RPM=30 # Master toggle RATE_LIMIT_ENABLED=true # ============================================================================= # DEMO MODE # ============================================================================= # Enable demo mode for public demonstration instances. # When enabled: # - Restricts destructive actions (delete communities, modify instance settings) # - Enables demo accounts (contributor, moderator, observer) with password: demo123 # - Loads seed data with realistic governance history # - Data can be reset via POST /api/demo/reset # # Set to true for demo/showcase instances, false for production DEMO_MODE=false