-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.env.split.example
More file actions
41 lines (31 loc) · 1.61 KB
/
.env.split.example
File metadata and controls
41 lines (31 loc) · 1.61 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
# Split frontend deployment example
# Use with: docker compose -f docker-compose.yml -f docker-compose.split.yml up --build
# Runtime PostgreSQL connection string (usually managed externally in split deployments)
# Use a non-superuser role without BYPASSRLS.
# DATABASE_URL=postgres://user:password@db-host:5432/composure
# Optional migration PostgreSQL connection string for the schema owner/migration role
# MIGRATION_DATABASE_URL=postgres://migration-user:password@db-host:5432/composure
# Public origin where your frontend is hosted (for CORS + websocket origin checks)
# CORS_ORIGIN=https://your-app.pages.dev
# Publicly reachable URL of the backend API (for OAuth redirect_uri)
# BACKEND_URL=https://api.yourdomain.com
# Publicly reachable URL of the frontend (for post-OAuth redirects, invite/reset links)
# FRONTEND_URL=https://your-app.pages.dev
# Stable ES256 JWT private key. Must be an EC P-256 private key in PKCS#8 PEM
# format. Required for production so access tokens and JWKS stay valid across
# backend restarts.
# JWT_PRIVATE_KEY_PEM=
# JWT_ISSUER=https://api.yourdomain.com
# Optional SameSite overrides for auth cookies.
# Accepted values: strict | lax | none
# Defaults are automatic based on FRONTEND_URL + BACKEND_URL:
# - same-site frontend/api keeps stricter defaults (session=lax, guest=strict)
# - cross-site frontend/api uses SameSite=None
# SESSION_COOKIE_SAME_SITE=
# GUEST_COOKIE_SAME_SITE=
# Mount backend API at /v1 on api.<domain> instead of /api/v1
# API_BASE_PATH=/
# Disable backend SPA static serving because frontend is hosted separately
# SERVE_FRONTEND=false
# Backend public port
# PORT=8080