mirror of
https://codeberg.org/likwid/likwid.git
synced 2026-03-26 19:03:08 +00:00
58 lines
2.3 KiB
Text
58 lines
2.3 KiB
Text
# Likwid Backend Configuration
|
|
# Copy this file to .env and configure as needed
|
|
|
|
# Database connection URL
|
|
DATABASE_URL=postgres://likwid:likwid@localhost:5432/likwid
|
|
|
|
# Server configuration
|
|
SERVER_HOST=127.0.0.1
|
|
SERVER_PORT=3000
|
|
|
|
# =============================================================================
|
|
# CORS
|
|
# =============================================================================
|
|
# In development, CORS defaults to allowing any origin.
|
|
# In production, set an allowlist (comma-separated) to restrict browser access.
|
|
# Example:
|
|
# CORS_ALLOWED_ORIGINS=https://openlikwid.org,https://staging.openlikwid.org
|
|
CORS_ALLOWED_ORIGINS=
|
|
|
|
# JWT Secret for authentication tokens
|
|
# IMPORTANT: Change this in production!
|
|
JWT_SECRET=change-me-in-production
|
|
|
|
# =============================================================================
|
|
# RATE LIMITING
|
|
# =============================================================================
|
|
# The backend applies a global fixed-window rate limiter (60s window).
|
|
#
|
|
# If you run the backend behind a reverse proxy, you may want to configure trusted proxy IPs
|
|
# so the backend can safely use X-Forwarded-For / X-Real-IP for rate limiting.
|
|
#
|
|
# Comma-separated IP allowlist (examples: 127.0.0.1,::1,10.0.0.10)
|
|
TRUSTED_PROXY_IPS=
|
|
#
|
|
# - Set RATE_LIMIT_ENABLED=false to disable all rate limiting.
|
|
# - Set any *_RPM variable to 0 to disable that specific limiter.
|
|
#
|
|
# Per-IP rate limit (all endpoints except / and /health)
|
|
RATE_LIMIT_IP_RPM=300
|
|
# Per-user rate limit (only applies when Authorization: Bearer <jwt> is present)
|
|
RATE_LIMIT_USER_RPM=1200
|
|
# Auth endpoints rate limit (applies per IP for /api/auth/login and /api/auth/register)
|
|
RATE_LIMIT_AUTH_RPM=30
|
|
# Master toggle
|
|
RATE_LIMIT_ENABLED=true
|
|
|
|
# =============================================================================
|
|
# DEMO MODE
|
|
# =============================================================================
|
|
# Enable demo mode for public demonstration instances.
|
|
# When enabled:
|
|
# - Restricts destructive actions (delete communities, modify instance settings)
|
|
# - Enables demo accounts (contributor, moderator, observer) with password: demo123
|
|
# - Loads seed data with realistic governance history
|
|
# - Data can be reset via POST /api/demo/reset
|
|
#
|
|
# Set to true for demo/showcase instances, false for production
|
|
DEMO_MODE=false
|