# set timezone to get correct log timestamp
TZ=ETC/UTC

# API/WebUI user password login credentials (optional)
# These fields are not required for OIDC authentication
GODOXY_API_USER=admin
GODOXY_API_PASSWORD=password

# Enable `secure` cookie flag
GODOXY_API_JWT_SECURE=true
# generate secret with `openssl rand -base64 32`
GODOXY_API_JWT_SECRET=
# the JWT token time-to-live
GODOXY_API_JWT_TOKEN_TTL=1h

# OIDC Configuration (optional)
# Uncomment and configure these values to enable OIDC authentication.
# GODOXY_OIDC_ISSUER_URL=https://accounts.google.com
# GODOXY_OIDC_CLIENT_ID=your-client-id
# GODOXY_OIDC_CLIENT_SECRET=your-client-secret
# Keep /api/auth/callback as the redirect URL, change the domain to match your setup.
# GODOXY_OIDC_REDIRECT_URL=https://your-domain/api/auth/callback
# Comma-separated list of scopes
# GODOXY_OIDC_SCOPES=openid, profile, email
#
# User definitions: Uncomment and configure these values to restrict access to specific users or groups.
# These two fields act as a logical AND operator. For example, given the following membership:
#   user1, group1
#   user2, group1
#   user3, group2
#   user1, group2
# You can allow access to user3 AND all users of group1 by providing:
#   # GODOXY_OIDC_ALLOWED_USERS=user3
#   # GODOXY_OIDC_ALLOWED_GROUPS=group1
#
# Comma-separated list of allowed users.
# GODOXY_OIDC_ALLOWED_USERS=user1,user2
# Optional: Comma-separated list of allowed groups.
# GODOXY_OIDC_ALLOWED_GROUPS=group1,group2

# Proxy listening address
GODOXY_HTTP_ADDR=:80
GODOXY_HTTPS_ADDR=:443

# API listening address
GODOXY_API_ADDR=127.0.0.1:8888

# Frontend listening port
GODOXY_FRONTEND_PORT=3000

# Prometheus Metrics
GODOXY_PROMETHEUS_ENABLED=true

# Debug mode
GODOXY_DEBUG=false