mirror of
https://codeberg.org/likwid/likwid.git
synced 2026-06-25 07:27:42 +00:00
Marco Allegretti
c0d7249b0e
Verified changes: - modify backend/.env.example - modify backend/src/config/mod.rs - modify backend/src/main.rs - modify docs/admin/configuration.md - modify docs/admin/security.md Diffstat: - 5 files changed, 180 insertions(+), 7 deletions(-)
52 lines
2.1 KiB
Text
52 lines
2.1 KiB
Text
# Likwid Backend Configuration
|
|
# Copy this file to .env and configure as needed
|
|
|
|
# Database connection URL
|
|
DATABASE_URL=postgres://likwid:likwid@localhost:5432/likwid
|
|
|
|
# Server configuration
|
|
SERVER_HOST=127.0.0.1
|
|
SERVER_PORT=3000
|
|
|
|
# =============================================================================
|
|
# CORS
|
|
# =============================================================================
|
|
# In development, CORS defaults to allowing any origin.
|
|
# In production, set an allowlist (comma-separated) to restrict browser access.
|
|
# Example:
|
|
# CORS_ALLOWED_ORIGINS=https://openlikwid.org,https://staging.openlikwid.org
|
|
CORS_ALLOWED_ORIGINS=
|
|
|
|
# JWT Secret for authentication tokens
|
|
# IMPORTANT: Change this in production!
|
|
JWT_SECRET=change-me-in-production
|
|
|
|
# =============================================================================
|
|
# RATE LIMITING
|
|
# =============================================================================
|
|
# The backend applies a global fixed-window rate limiter (60s window).
|
|
#
|
|
# - Set RATE_LIMIT_ENABLED=false to disable all rate limiting.
|
|
# - Set any *_RPM variable to 0 to disable that specific limiter.
|
|
#
|
|
# Per-IP rate limit (all endpoints except / and /health)
|
|
RATE_LIMIT_IP_RPM=300
|
|
# Per-user rate limit (only applies when Authorization: Bearer <jwt> is present)
|
|
RATE_LIMIT_USER_RPM=1200
|
|
# Auth endpoints rate limit (applies per IP for /api/auth/login and /api/auth/register)
|
|
RATE_LIMIT_AUTH_RPM=30
|
|
# Master toggle
|
|
RATE_LIMIT_ENABLED=true
|
|
|
|
# =============================================================================
|
|
# DEMO MODE
|
|
# =============================================================================
|
|
# Enable demo mode for public demonstration instances.
|
|
# When enabled:
|
|
# - Restricts destructive actions (delete communities, modify instance settings)
|
|
# - Enables demo accounts (contributor, moderator, observer) with password: demo123
|
|
# - Loads seed data with realistic governance history
|
|
# - Data can be reset via POST /api/demo/reset
|
|
#
|
|
# Set to true for demo/showcase instances, false for production
|
|
DEMO_MODE=false
|