-
Notifications
You must be signed in to change notification settings - Fork 19
Expand file tree
/
Copy path.env.example
More file actions
42 lines (34 loc) · 2.55 KB
/
.env.example
File metadata and controls
42 lines (34 loc) · 2.55 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
# Server Configuration
PORT=3000
NODE_ENV=production
BASE_URL=http://localhost:3000
# Application Settings
SITE_TITLE=DumbPad
# Security: PIN Protection (4-10 digits, leave empty to disable)
DUMBPAD_PIN=
# Session Configuration
COOKIE_MAX_AGE=24
PAGE_HISTORY_COOKIE_AGE=365
# Rate Limiting
MAX_ATTEMPTS=5
LOCKOUT_TIME=15
# CORS Configuration
# Comma-separated list of allowed origins (use * for development)
# ALLOWED_ORIGINS=http://localhost:3000,https://yourdomain.com
# Proxy Trust Configuration
# WARNING: Only enable proxy trust if deploying behind a trusted reverse proxy
# Default: false (most secure - always use direct socket IP for rate-limiting and auth)
TRUST_PROXY=false
# Comma-separated list of trusted proxy IPs that connect directly to this app
# Required when TRUST_PROXY=true to prevent IP spoofing attacks
# Examples:
# - Docker default gateway: 172.17.0.1
# - Local nginx: 127.0.0.1
# - VPC internal proxy: 10.0.0.1
# Only connections from these IPs will have their X-Forwarded-For header trusted
TRUSTED_PROXY_IPS=
# Syntax Highlighting Configuration
# Comma-separated list of language identifiers for code syntax highlighting
# Leave empty to use all available languages (default)
# Example: HIGHLIGHT_LANGUAGES=javascript,python,bash,css,html
HIGHLIGHT_LANGUAGES=