-
Notifications
You must be signed in to change notification settings - Fork 56
/
Copy path.env.example
612 lines (524 loc) · 23.7 KB
/
.env.example
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
# =======================================================
# HAWKI 2: Configuration environment varibales (template)
# =======================================================
#
# HAWKI 2 is built with the Lavarel framework for PHP. This allows to configure the
# application by editing the *.php files in the config directory. However, by default
# these files are writtin in such a way that most settings can also be changed with
# environment variables. This is handy because changing the config files would mean
# to change the HAWKI 2 source code, since these files are managed in the HAWKI git
# repository and also contained in the installation packages. Environment variables,
# however, are set in the OS (or your hosting environment).
#
# Additionaly, Lavarel reads the contents of a .env file in the project root directory
# to override the environment variables. This file is not contained in the HAWKI
# installation as it is meant for developers and administrators to set their local
# configuration values.
#
# This file is a template for the .env file. It documents all relevant settings,
# their allowed values and their defaults. Simply copy this file (don't just rename
# it) to a new file called .env and change the values as needed. The pre-set values
# will provide a sensible configuration for a "localhost deployment" for developers.
# Commented out settings are not strictly needed and usually contain the default
# values found in the config/*.php files.
# ===========================
# Global Application Settings
# ===========================
#
# - APP_NAME: Application name, can be anything you like
# - APP_ENV: Deployment type: "local", "statiging" or "production"
# - APP_URL: Public URL to access the web interface
# - APP_DEBUG: Enable debug output: "true" or "false"
# - APP_TIMEZONE: Timezone of the web server
# - APP_LOCALE: Language of the user interface
# - APP_FALLBACK_LOCALE: Fallback language (for any missing translations)
# - APP_FAKER_LOCALE: You shouldn't need this
# - APP_KEY: Encryption key: 32 random characters (e.g. created with https://www.random.org/strings)
# - APP_PREVIOUS_KEYS: Comma seperated list of previously used encryption keys
# - APP_MAINTENANCE_DRIVER: Maintenance mode driver: "cache" or "file": "cache" allows setting the maintenance mode across multiple machines
# - APP_MAINTENANCE_STORE: Maintenance mode storage: "database" or ???
APP_NAME = HAWKI2
APP_URL = http://127.0.0.1:8000
APP_ENV = local
APP_DEBUG = true
APP_TIMEZONE = CET
APP_LOCALE = de_DE
APP_FALLBACK_LOCALE = en_US
APP_FAKER_LOCALE = de_DE
APP_KEY = ChangeThis!ChangeThis!ChangeThis
APP_PREVIOS_KEYS =
APP_MAINTENANCE_DRIVER = cache
APP_MAINTENANCE_STORE = database
# ===============
# Database server
# ===============
#
# HAWKI uses a database to save chats and other data. For this a relation SQL database
# like MariaDB (MySQL) or Postgres should be used in production. For local development
# SQlite provides a zero-config default solution (but note that SQlite is single-user
# only and stores all data in a single file).
#
# IMPORTANT: When using a database other than SQlite set DB_DATABASE to a sensible value.
# Because the default value in config/database.php is "lavarel" which is less clear and
# could at least in theory already be in use by other applications.
#
# - DB_CONNECTION: Database server type: "mysql", "sqlite", "mariadb", "pgsql", "sqlsrv" (see config/database.php)
# - DB_URL: Database connection URL (instead of host and port)
# - DB_HOST: Database server host name
# - DB_PORT: Database server port number
# - DB_SOCKET: Unix domain socket instead of URL, host and port (MySQL and MariaDB only)
# - DB_DATABASE: Database name (please change!)
# - DB_USERNAME: Username to access the database server
# - DB_PASSWORD: Password to access the database server
# - DB_CHARSET: Character encoding of the database
# - DB_COLLATION: Database collation (MySQL and MariaDB only)
DB_CONNECTION = mysql
## SQlite
#DB_URL =
#DB_DATABASE = database/database.sqlite
#DB_FOREIGN_KEYS = true
## MySQL / MariaDB
#DB_URL =
#DB_HOST = localhost
#DB_PORT = 3306
#DB_SOCKET =
#DB_DATABASE = HAWKI2
#DB_USERNAME = root
#DB_PASSWORD =
#DB_CHARSET = utf8mb4
#DB_COLLATION = utf8mb4_unicode_ci
#MYSQL_ATTR_SSL_CA =
## Postgresql
#DB_URL =
#DB_HOST = localhost
#DB_PORT = 5432
#DB_DATABASE = HAWKI2
#DB_USERNAME = root
#DB_PASSWORD =
#DB_CHARSET = utf8
## Microsoft SQL Server
#DB_URL =
#DB_HOST = localhost
#DB_PORT = 1433
#DB_DATABASE = HAWKI2
#DB_USERNAME = root
#DB_PASSWORD =
#DB_CHARSET = utf8
# ==================
# Filesystem Storage
# ==================
#
# Uploaded media files are typically stored on disk and served from an asset web server.
# However, to simplify the setup the uploaded files will be served by PHP by default,
# though thos is not so good for performance. Alternateively Amazon S3 could be used.
#
# NOTE: If you want to serve media files with your web server, choose "public" for
# FILESYSTEM_DISK. In this case make the server serve the files from the "app/public"
# directory. The HTTP address must be your APP_URL followed by "/storage".
#
# - FILESYSTEM_DISK: Storage type: "local", "public", "s3" (see config/filesystem.php)
# - AWS_BUCKET: ???
# - AWS_URL: ???
# - AWS_ENDPOINT: ???
# - AWS_USE_PATH_STYLE_ENDPOINT: ???
FILESYSTEM_DISK = local
## Amazon S3 Compatible Service (please also set the common AWS values at the end of this file)
#AWS_BUCKET =
#AWS_URL =
#AWS_ENDPOINT =
#AWS_USE_PATH_STYLE_ENDPOINT = false
# ===========================
# Session Configuration
# ===========================
#
# These are essential Laravel default variables for session management and they must be
# present and active to ensure proper session handling within the application.
#
# SESSION_DRIVER: Specifies the session "driver" or handler used to store session data.
# Common choices include "file", "cookie", "database", etc. Typically, "database" is used
# if sessions are stored in the database.
#
# SESSION_LIFETIME: The session lifetime in minutes. It determines how long a session
# remains active before it expires.
#
# SESSION_ENCRYPT: Indicates whether session data should be encrypted. Accepts "true" or "false".
# When set to "true", it adds an extra layer of security by encrypting session data.
#
# SESSION_PATH: Defines the path for which the session cookie is available. The default value is "/".
#
# SESSION_DOMAIN: Specifies the domain that the session cookie is available to. Use "null"
# to default to the current domain.
#
# SESSION_EXPIRE_ON_CLOSE: Defines whether the session should expire when the browser
# is closed. Set to "true" to expire sessions on browser close, enhancing session security.
SESSION_DRIVER=database
SESSION_LIFETIME=120
SESSION_ENCRYPT=false
SESSION_PATH=/
SESSION_DOMAIN=null
SESSION_EXPIRE_ON_CLOSE=true
# ========================
# Reverb: Websocket Server
# ========================
#
# For websocket connectivity Lavarel provides a special server called Reverb. This must be
# set up for HAWKI since many features rely on real-time communication via web sockets.
#
# - REVERB_HOST: Hostname of the Reverb server (set to your top-level domain for production)
# - REVERB_PORT: Port number of the Reverb server (set to 443 for production)
# - REVERB_SERVER_HOST: Hostname of the Reverb server (set to 0.0.0.0 for production)
# - REVERB_SERVER_PORT: Port number of the Reverb server (set to 8080 for production)
# - REVERB_SCHEME: Connection protocol for the Reverb server: "http" or "https"
# - REVERB_APP_ID: Reverb application Id, can be anything you like?
# - REVERB_APP_SECRET: Password to access the Reverb server???
# - REVERB_APP_KEY: Secret key to access the Reverb server ???
# - REVERB_APP_PING_INTERVAL: Ping interval in seconds ???
# - REVERB_APP_MAX_MESSAGE_SIZE: Maximum message size in bytes ???
# - REVERB_SCALING_ENABLED: "true" or "false"
# - REVERB_SCALING_CHANNEL: "reverb"
REVERB_HOST = 127.0.0.1
REVERB_PORT = 8080
# REVERB_SERVER_HOST= 0.0.0.0
# REVERB_SERVER_PORT= 8080
REVERB_SCHEME = http
REVERB_APP_ID = HAWKI2
REVERB_APP_SECRET = ChangeMe!
REVERB_APP_KEY = ChangeMe!
#REVERB_APP_PING_INTERVAL = 60
#REVERB_APP_MAX_MESSAGE_SIZE = 10000
#REVERB_SCALING_ENABLED = false
#REVERB_SCALING_CHANNEL = reverb
# =================================
# SSL Certificate Configuration
# =================================
#
# These environment variables are used to specify the SSL certificate and the corresponding
# private key that are essential for establishing secure TLS/SSL connections in certain
# broadcasting setups. This is particularly crucial when using Reverb or similar services
# with encrypted connections, ensuring data is securely transmitted over HTTPS.
#
# SSL_CERTIFICATE: Specifies the path to your SSL certificate file. This certificate is used
# to authenticate and establish a secure connection between the server and the client.
#
# SSL_CERTIFICATE_KEY: Specifies the path to the private key file corresponding to your SSL
# certificate. The key is required to confirm the identity of the server and encrypt the
# data being transmitted.
#
# In the broadcasting configuration, these variables are used to configure the Guzzle
# HTTP client with appropriate SSL settings. By providing these files, you enable
# SSL/TLS encryption for broadcast services, enhancing the security of data in transit.
SSL_CERTIFICATE=""
SSL_CERTIFICATE_KEY=""
# ===========================
# Vite Environment Configuration
# ===========================
#
# These Vite environment variables are used to configure the front-end build system
# and its integration with services such as Reverb for real-time functionality within
# the application.
#
# VITE_APP_NAME: Represents the application's name used within the Vite build process.
# It is typically a direct reflection of the application's name set in the Laravel backend.
#
# VITE_REVERB_APP_KEY: The Reverb application's key used for authentication. It should
# mirror the REVERB_APP_KEY variable set in the backend environment configuration.
#
# VITE_REVERB_APP_CLUSTER: The cluster designation for the Reverb setup, which specifies
# which region or data center the real-time data will be managed through.
#
# VITE_REVERB_HOST: Designates the host for the Reverb service. This is typically set
# from the corresponding backend environment variable REVERB_HOST.
#
# VITE_REVERB_PORT: Specifies the port that the Reverb service will run on, consistent
# with the setup from the backend environment variable REVERB_PORT.
#
# VITE_REVERB_SCHEME: Defines the protocol scheme used by the Reverb service, such as
# "http" or "https", typically mirroring the REVERB_SCHEME variable from the backend.
VITE_APP_NAME="${APP_NAME}"
VITE_REVERB_APP_KEY=${REVERB_APP_KEY}
VITE_REVERB_APP_CLUSTER=your_cluster
VITE_REVERB_HOST=${REVERB_HOST}
VITE_REVERB_PORT=${REVERB_PORT}
VITE_REVERB_SCHEME="${REVERB_SCHEME}"
# ===========================
# Queue Worker Configuration
# ===========================
#
# This configuration setting is used to specify the queue connection that should be used by the
# Laravel application. This is essential for managing asynchronous tasks such as sending emails,
# processing uploads, or any other task that can be handled in the background.
#
# QUEUE_CONNECTION: Defines the queue connection that the Laravel application will use.
# Options include "sync", "database", "redis", etc. The "database" connection is typically
# used to store jobs in a database table, which is useful for tracking, retrying, or monitoring
# queued jobs effectively.
QUEUE_CONNECTION=database
# ================================
# Authentication and Authorization
# ================================
#
# Access to HAWKI is restricted for registered users. In a production environment, you
# usually want to connect to your LDAP directory, OpenID provider, or Shibboleth service
# to make HAWKI available to your staff and/or students. For simpler setups (e.g., a small
# project setup for a single course), you can use the built-in Test User Authentication mechanism.
# This allows defining a small set of pre-allocated users in the local database (set up in advance by you).
#
# NOTE: If you want a small setup with fixed users but want to allow the users to change
# their passwords, you can install LLDAP (https://github.com/lldap/lldap) on the same
# machine than HAWKI.
#
# Supported authentication methods:
# - LDAP
# - OIDC (OpenID Connect)
# - Shibboleth
#
# Set the AUTHENTICATION_METHOD variable to one of the following:
#
# AUTHENTICATION_METHOD="LDAP"
# AUTHENTICATION_METHOD="OIDC"
# AUTHENTICATION_METHOD="Shibboleth"
#
# According to your authentication method, set the necessary variables as follows:
AUTHENTICATION_METHOD=""
# -------------------------------
# LDAP Configuration
# -------------------------------
#
# LDAP_CONNECTION: Configure the LDAP connection. Currently only "default" is supported (see config/ldap.php)
# LDAP_HOST: Hostname of the LDAP server
# LDAP_PORT: Port number of the LDAP server
# LDAP_USERNAME: Distinguished Name (DN) used for bind operation
# LDAP_BIND_PW: Password to access the LDAP server
# LDAP_BASE_DN: Base DN for the LDAP search
# LDAP_TIMEOUT: Timeout for LDAP queries in seconds
# LDAP_SSL: Use SSL to connect to the LDAP server. Not recommended: "true" or "false"
# LDAP_TLS: Use TLS to connect to the LDAP server. Recommended: "true" or "false"
# LDAP_SASL: Use SASL to connect to the LDAP server: "true" or "false"
# LDAP_LOGGING: Enable logging of LDAP queries: "true" or "false"
# LDAP_CACHE: Enable caching of LDAP queries: "true" or "false"
# LDAP_ATTRIBUTES: Attributes required for data extraction (Username, Email Address, Employee Type, Name)
# LDAP_FILTER: Filter required for authentication based on Username
# CACHE_DRIVER: Cache driver for caching LDAP queries: "file", ...
# TEST_USER_LOGIN : Reads the test users list in storage folder before LDAP. Set to true for allowing test access and add tester profile to the json file.
#LDAP_CONNECTION = default
#LDAP_HOST = localhost
#LDAP_PORT = 389
#LDAP_USERNAME = cn=user,dc=local,dc=com
#LDAP_BIND_PW = secret
#LDAP_BASE_DN = dc=local,dc=com
#LDAP_TIMEOUT = 5
#LDAP_SSL = false
#LDAP_TLS = false
#LDAP_SASL = false
#LDAP_LOGGING = true
#LDAP_CACHE = false
#LDAP_ATTRIBUTES = cn,mail,employeetype,displayname
#LDAP_FILTER = "(|(sAMAccountName=username)(mail=username))"
#CACHE_DRIVER = file
#TEST_USER_LOGIN=false
# -------------------------------
# Shibboleth Configuration
# -------------------------------
#
# SHIBBOLETH_LOGIN_URL: Path to the Shibboleth login handler "{$scheme}://{$_SERVER['HTTP_HOST']}/{$loginPath}{$loginPage}"
# SHIBBOLETH_LOGOUT_URL: URL for Shibboleth logout
# ShIBBOLETH_NAME_VAR: Defined attribute on shibboleth server for name
# ShIBBOLETH_EMPLOYEETYPE_VAR: Defined attribute on shibboleth server for employee type
# ShIBBOLETH_EMAIL_VAR: Defined attribute on shibboleth server for email address
#SHIBBOLETH_LOGIN_URL=""
#SHIBBOLETH_LOGOUT_URL=""
#SHIBBOLETH_NAME_VAR="displayname"
#SHIBBOLETH_EMAIL_VAR="email"
#SHIBBOLETH_EMPLOYEETYPE_VAR="employeetype"
# -------------------------------
# OpenID Connect (OIDC) Configuration
# -------------------------------
#
# OIDC_IDP: URL of the OpenID Connect Identity Provider
# OIDC_CLIENT_ID: Client ID for the OIDC application
# OIDC_CLIENT_SECRET: Client secret for the OIDC application
# OIDC_LOGOUT_URI: URI for OIDC logout
# OIDC_SCOPES: Scopes define the level of access that the client is requesting from the authorization server.
# OIDC_FIRSTNAME_VAR="firstname"
# OIDC_LASTNAME_VAR="lastname"
# OIDC_EMAIL_VAR="email"
# OIDC_EMPLOYEETYPE_VAR="employeetype"
# OIDC_IDP="https://xxx"
# OIDC_CLIENT_ID="xxx"
# OIDC_CLIENT_SECRET="xxx"
# OIDC_LOGOUT_URI=""
# OIDC_SCOPES=profile,email
# OIDC_FIRSTNAME_VAR="firstname"
# OIDC_LASTNAME_VAR="lastname"
# OIDC_EMAIL_VAR="email"
# OIDC_EMPLOYEETYPE_VAR="employeetype"
# ====================================
# External Communication Configuration
# ====================================
#
# ALLOW_EXTERNAL_COMMUNICATION: This setting enables or disables the ability for users to generate and use API keys
# to access HAWKI models. When set to "true", users will be able to create API keys, allowing external applications
# to register and interact with HAWKI using the user's account. This is particularly useful for integrating
# HAWKI with third-party applications or for enabling programmatic access to HAWKI functionalities.
# Ensure that this feature is enabled only if you understand the security implications and have measures
# in place to protect API access and user data.
#
# Example: ALLOW_EXTERNAL_COMMUNICATION="true" or ALLOW_EXTERNAL_COMMUNICATION="false"
ALLOW_EXTERNAL_COMMUNICATION=false
# ==================
# Event Broadcasting
# ==================
#
# Lavarel contains an internal mechanism to broadcast events amongst servers.
# Normaly you shouldn't need to change the settings here. Just use the values
# below and only change them if you really know what you are doing.
#
# - BROADCAST_CONNECTION: Broadcasting mechanism: "null", "reverb", "pusher", "ably", "redis" or "log"
# - PUSHER_HOST: Hostname of the Pusher server
# - PUSHER_PORT: Port number of the Pusher server
# - PUSHER_SCHEME: Connection protocol for the Pusher server: "http" or "https"
# - PUSHER_APP_ID: Pusher application Id
# - PUSHER_APP_KEY: Secret key to access the Pusher server
# - PUSHER_APP_SECRET: Passwort to access the Pusher server
# - PUSHER_APP_CLUSTER: ???
# - ABLY_KEY: Secret key to access the Ably server
BROADCAST_CONNECTION = reverb
## Pusher Server
#PUSHER_HOST =
#PUSHER_PORT =
#PUSHER_SCHEME =
#PUSHER_APP_ID =
#PUSHER_APP_KEY =
#PUSHER_APP_SECRET =
#PUSHER_APP_CLUSTER =
# =======
# Caching
# =======
#
# The following settings allow use a dedicated cache server to speed up some often executed
# code paths like database queries and so on. Usually a very fast storage like Memcached or
# Redis is used for this. By default the local database will be used, which should be fine
# for most installations. So only change these values if you really need to.
#
# - CACHE_STORE: "array", "database", "file", "memcached", "redis", "dynamodb", "octane" (see config/cache.php)
# - CACHE_PREFIX: Prefix for cache keys (by default calculated from the app name)
# - DB_CACHE_TABLE: ???
# - DB_CACHE_CONNECTION: ???
# - DB_CACHE_LOCK_CONNECTION: ???
# - MEMCACHED_HOST: ???
# - MEMCACHED_PORT: ???
# - MEMCACHED_USERNAME: ???
# - MEMCACHED_PASSWORD: ???
# - MEMCACHED_PERSISTENT_ID: ???
# - REDIS_CACHE_CONNECTION: cache
# - REDIS_CACHE_LOCK_CONNECTION: default
# - DYNAMODB_CACHE_TABLE: ???
# - DYNAMODB_ENDPOINT: ???
CACHE_STORE = database
CACHE_PREFIX =
## Database Table
#DB_CACHE_TABLE = cache
#DB_CACHE_CONNECTION =
#DB_CACHE_LOCK_CONNECTION =
## Memcached
MEMCACHED_HOST=127.0.0.1
#MEMCACHED_PORT =
#MEMCACHED_USERNAME =
#MEMCACHED_PASSWORD =
#MEMCACHED_PERSISTENT_ID =
## Redis
#REDIS_CACHE_CONNECTION = cache
#REDIS_CACHE_LOCK_CONNECTION = default
## Amazon DynamoDB (please also set the common AWS values at the end of this file)
#DYNAMODB_CACHE_TABLE = cache
#DYNAMODB_ENDPOINT =
# ============
# Redis Server
# ============
#
# This is only needed, if REVERB_SCALING_ENABLED is true, in which case it defines the Redis
# server that will be used by the Reverb instances to synchronize each other. Additionaly
# Redis can be used as a data storage instead of a traditional SQL database, though this would
# normally not be a good idea. And Redis can be used as cache server to replace the default
# cache database table.
#
# - REDIS_CLIENT: PHP library used to access the Redis server
# - REDIS_SERVER: Hostname of the Redis server
# - REDIS_PORT: Port number of the Redis server
# - REDIS_USERNAME: Username to access the Redis server
# - REDIS_PASSWORD: Password to access the Redis server
# - REDIS_DB: Redis database number for storing normal database entries in Redis
# - REDIS_CACHE_DB: Redis database number for storing cache entries in Redis
# - REDIS_CLUSTER: ???
# - REDIS_PREFIX: Prefix for database entry keys (by default calculated from the app name)
#REDIS_CLIENT = phpredis
#REDIS_SERVER = localhost
#REDIS_PORT = 6379
#REDIS_USERNAME =
#REDIS_PASSWORD =
#REDIS_DB = 0
#REDIS_CACHE_DB = 1
#REDIS_CLUSTER = redis
#REDIS_PREFIX =
# ===================
# Amazon Web Services
# ===================
#
# The following settings are only needed, if Amazon Web Services are used in one
# of the other sections above, e.g. DynamoDB as a cache bakend or S3 for file storage.
# In that case please provide your AWS credentials here and region here.
#
# - AWS_ACCESS_KEY_ID: ???
# - AWS_SECRET_ACCESS_KEY: ???
# - AWS_DEFAULT_REGION: AWS Region
#AWS_ACCESS_KEY_ID =
#AWS_SECRET_ACCESS_KEY =
#AWS_DEFAULT_REGION =
# ========================
# Email Configuration
# ========================
#
# The email configuration settings allow the application to send invitation emails to users,
# enabling them to invite other users to group chats. This feature is currently in beta testing.
# Ensure that the mail server settings are correctly configured to enable email functionality.
#
# MAIL_MAILER: The mailer method to use for sending emails. Typically set to "smtp".
# MAIL_HOST: The hostname of the SMTP server used to send emails.
# MAIL_PORT: The port number used by the SMTP server. Use 465 for SSL or 587 for TLS.
# MAIL_USERNAME: The username for authenticating with the SMTP server.
# MAIL_PASSWORD: The password for authenticating with the SMTP server.
# MAIL_ENCRYPTION: The encryption method used to secure email transmissions. Use 'ssl' for port 465.
# MAIL_FROM_ADDRESS: The email address that will appear as the sender of the invitation emails.
# MAIL_FROM_NAME: The display name that will appear as the sender of the invitation emails.
#MAIL_MAILER=smtp
#MAIL_HOST=
#MAIL_PORT= # Use 465 for SSL or 587 for TLS
#MAIL_USERNAME=
#MAIL_PASSWORD=
#MAIL_ENCRYPTION= # Use 'ssl' for port 465
#MAIL_FROM_ADDRESS=your_gmail_address@gmail.com
#MAIL_FROM_NAME=
# ==========================
# Encryption Configuration
# ==========================
#
# For enhanced security, HAWKI utilizes individual salts for each component to ensure that data is
# encrypted uniquely. While not mandatory, using unique hash keys for each component is recommended
# to maximize the security of user data, invitations, AI components, passkeys, and backups.
#
# USERDATA_ENCRYPTION_SALT: The salt used specifically for encrypting user data.
# INVITATION_SALT: The salt used for encrypting invitations data.
# AI_CRYPTO_SALT: Used to generate a derived key for the AI messages in the groupchat
# PASSKEY_SALT: The salt used for encrypting passkey data, contributing to robust password and credential security.
# BACKUP_SALT: The salt used to encrypt backup data, ensuring their security during storage and transfer.
USERDATA_ENCRYPTION_SALT=base64:someRandomSalt==
INVITATION_SALT=base64:someOtherRandomSalt==
AI_CRYPTO_SALT=base64:someVeryCoolSalt==
PASSKEY_SALT=base64:somePrettyAwesomeSalt==
BACKUP_SALT=base64:someLegendarySalt==
# ==========================
# Links
# ==========================
#
# IMPRINT_LOCATION: The URL to your organization imprint page.
IMPRINT_LOCATION = ""