-
Notifications
You must be signed in to change notification settings - Fork 7
Expand file tree
/
Copy path.env.example
More file actions
162 lines (145 loc) · 6.35 KB
/
.env.example
File metadata and controls
162 lines (145 loc) · 6.35 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
# ============================================
# TaskNebula - Configuration
# Copy this file: cp .env.example .env
# ============================================
# ===========================================
# APP URL (REQUIRED)
# Change this to your domain or IP
# ===========================================
APP_URL=http://localhost:3000
APP_NAME=TaskNebula
# ===========================================
# AUTH SECRET (REQUIRED)
# Generate with: openssl rand -base64 32
# ===========================================
AUTH_SECRET=
# ===========================================
# DATABASE (defaults work with docker-compose)
# ===========================================
POSTGRES_USER=postgres
POSTGRES_PASSWORD=postgres
POSTGRES_DB=tasknebula
# Redis password (required). Use hex output so REDIS_URL parsing is safe:
# openssl rand -hex 32
REDIS_PASSWORD=
# ===========================================
# PORTS (change if conflicts)
# ===========================================
PORT=3000
DB_PORT=5432
REDIS_PORT=6379
LIVEKIT_PORT=7880
LIVEKIT_TCP_PORT=7881
LIVEKIT_RTC_START_PORT=50000
LIVEKIT_RTC_END_PORT=50020
# ===========================================
# OAUTH (optional - for social login)
# ===========================================
# GitHub OAuth - https://github.com/settings/developers
# OPTIONAL fallback — super-admins should manage these in Admin → Integrations.
# Used both for sign-in (NextAuth) AND the workspace integration. The workspace
# integration redirects to /api/integrations/github/callback; configure
# GITHUB_INTEGRATION_REDIRECT_URI when it differs from the auto-derived value.
# Default scope when GITHUB_OAUTH_SCOPE is unset: "repo read:user".
GITHUB_CLIENT_ID=
GITHUB_CLIENT_SECRET=
# GITHUB_INTEGRATION_REDIRECT_URI=http://localhost:3000/api/integrations/github/callback
# GITHUB_OAUTH_SCOPE=
# Google OAuth - https://console.cloud.google.com/apis/credentials
# OPTIONAL fallback — super-admins should manage these in Admin → Integrations.
GOOGLE_CLIENT_ID=
GOOGLE_CLIENT_SECRET=
# ===========================================
# INTEGRATIONS - GitLab OAuth (OPTIONAL)
# Fallback only — prefer Admin → Integrations for runtime configuration.
# Create an application at https://gitlab.com/-/user_settings/applications
# Redirect URI must exactly match GITLAB_REDIRECT_URI.
# Scope defaults to "read_api read_repository" when GITLAB_OAUTH_SCOPE is unset.
# ===========================================
GITLAB_CLIENT_ID=
GITLAB_CLIENT_SECRET=
GITLAB_REDIRECT_URI=http://localhost:3000/api/integrations/gitlab/callback
# GITLAB_OAUTH_SCOPE=
# ===========================================
# EMAIL / SMTP (optional - for notifications)
# ===========================================
# SMTP_HOST=smtp.example.com
# SMTP_PORT=587
# SMTP_USER=
# SMTP_PASSWORD=
# SMTP_SECURE=false
# EMAIL_FROM=TaskNebula <noreply@example.com>
# ===========================================
# SELF-HOSTED CHAT / CALLS (optional)
# docker-compose provisions a LiveKit server for local chat voice rooms.
# LiveKit runs on the host network because the official docs recommend host networking
# in Dockerized environments for better ICE/WebRTC behavior.
# LIVEKIT_PUBLIC_HOST controls which host the browser connects to.
# Keep 127.0.0.1 for same-machine testing, or set your LAN IP when testing from another device.
# For production, replace these defaults with your own values.
# ===========================================
LIVEKIT_URL=http://host.docker.internal:7880
LIVEKIT_PUBLIC_HOST=127.0.0.1
NEXT_PUBLIC_LIVEKIT_URL=ws://127.0.0.1:7880
LIVEKIT_NODE_IP=
LIVEKIT_API_KEY=tasknebula-dev
LIVEKIT_API_SECRET=tasknebula-livekit-secret-local-2026
LIVEKIT_TURN_UDP_PORT=3478
# Optional external TURN relay for advanced deployments
# TURN_URL=
# TURN_USERNAME=
# TURN_PASSWORD=
# ===========================================
# INTEGRATIONS — Slack OAuth (OPTIONAL)
# Fallback only — prefer Admin → Integrations for runtime configuration.
# Create an app at https://api.slack.com/apps. SLACK_REDIRECT_URI must match
# the Redirect URL registered in your Slack app configuration.
# ===========================================
# SLACK_CLIENT_ID=
# SLACK_CLIENT_SECRET=
# SLACK_REDIRECT_URI=http://localhost:3000/api/integrations/slack/callback
# ===========================================
# INTEGRATIONS — Jira (Atlassian 3LO) OAuth (OPTIONAL)
# Fallback only — prefer Admin → Integrations. Create an app at
# https://developer.atlassian.com/console/myapps/ and register the redirect URI.
# ===========================================
# JIRA_CLIENT_ID=
# JIRA_CLIENT_SECRET=
# JIRA_REDIRECT_URI=http://localhost:3000/api/integrations/jira/callback
# ===========================================
# INTEGRATIONS — Sentry OAuth (OPTIONAL)
# Fallback only — prefer Admin → Integrations. Create an OAuth app under
# Settings → Account → API → Applications on sentry.io and register the
# redirect URI. SENTRY_BASE_URL can be set when self-hosting Sentry.
# Default scope when SENTRY_OAUTH_SCOPE is unset: "org:read project:read event:read".
# ===========================================
# SENTRY_CLIENT_ID=
# SENTRY_CLIENT_SECRET=
# SENTRY_REDIRECT_URI=http://localhost:3000/api/integrations/sentry/callback
# SENTRY_OAUTH_SCOPE=
# SENTRY_BASE_URL=https://sentry.io
# ===========================================
# AI / AGENTS / BOTS
# AI is OFF by default and managed entirely from the UI (DB-backed):
# Admin → Agent control → "Global enablement" toggle
# Admin → Agent control → Platform provider keys (OpenAI / Anthropic)
# Settings → AI & Agents → Per-workspace toggle + workspace keys
#
# The env vars below are OPTIONAL last-resort dev fallbacks used when
# neither the workspace nor the platform has a key configured. Prod should
# set these through the admin/workspace UI instead.
# ===========================================
# OPENAI_API_KEY=
# ANTHROPIC_API_KEY=
# ===========================================
# CRON AGENTS (standup + janitor)
# Shared secret used by POST /api/cron/standup and POST /api/cron/janitor.
# Generate with: openssl rand -hex 32
# Enable the docker-compose sidecar with:
# CRON_SECRET=... docker compose --profile cron up -d cron
# JANITOR_SYSTEM_USER_ID is the user id used as the author for janitor
# comments and updates — when unset the janitor runs in dry-run mode
# (decisions are returned but not applied).
# ===========================================
# CRON_SECRET=
# JANITOR_SYSTEM_USER_ID=