# ---- Copy this file to .env and fill in the values ---- # Postgres (used by docker-compose for the db service and the DATABASE_URL) POSTGRES_USER=subfeed POSTGRES_PASSWORD=change-this-password POSTGRES_DB=subfeed # Host port the app is exposed on (http://localhost:) APP_PORT=8080 # Session signing key. Generate with: python -c "import secrets;print(secrets.token_urlsafe(48))" SECRET_KEY=change-me-session-key # Fernet key for encrypting stored OAuth refresh tokens. Generate with: # python -c "import base64,os;print(base64.urlsafe_b64encode(os.urandom(32)).decode())" TOKEN_ENCRYPTION_KEY=change-me-fernet-key # Google OAuth client (Google Cloud Console -> APIs & Services -> Credentials -> OAuth client ID, type "Web application"). # Authorized redirect URI must match OAUTH_REDIRECT_URL exactly. GOOGLE_CLIENT_ID= GOOGLE_CLIENT_SECRET= OAUTH_REDIRECT_URL=http://localhost:8080/auth/callback # Invite list: only these Google account emails may sign in (comma-separated). ALLOWED_EMAILS= # Admin emails (subset of the above) get the admin role. ADMIN_EMAILS= # Optional: origin of a separately-served frontend dev server (enables CORS). Leave empty in production. FRONTEND_ORIGIN=