- complete tokenized theme preset system and admin style guide visibility - refine dashboard layout/scroll behavior and shared async/request UI states - add user nav-visibility settings across API, migration, and frontend stores - harden security headers/CSP handling and related test coverage - enforce CI repository hygiene + frontend contract/theme/build quality gates - update docs/env references and make migration smoke test head-aware
80 lines
3.1 KiB
Text
80 lines
3.1 KiB
Text
POSTGRES_DB=scholar
|
|
POSTGRES_USER=scholar
|
|
POSTGRES_PASSWORD=change-me
|
|
|
|
DATABASE_URL=postgresql+asyncpg://scholar:scholar@db:5432/scholar
|
|
# Optional override. If empty, tests derive "<DATABASE_URL db name>_test".
|
|
TEST_DATABASE_URL=
|
|
SCHOLARR_IMAGE=justinzeus/scholarr:latest
|
|
|
|
APP_NAME=scholarr
|
|
APP_HOST=0.0.0.0
|
|
APP_PORT=8000
|
|
APP_HOST_PORT=8000
|
|
APP_RELOAD=0
|
|
FRONTEND_ENABLED=1
|
|
FRONTEND_DIST_DIR=/app/frontend/dist
|
|
FRONTEND_HOST_PORT=5173
|
|
CHOKIDAR_USEPOLLING=1
|
|
VITE_DEV_API_PROXY_TARGET=http://app:8000
|
|
MIGRATE_ON_START=1
|
|
|
|
SESSION_SECRET_KEY=replace-with-a-long-random-secret-at-least-32-characters
|
|
SESSION_COOKIE_SECURE=1
|
|
SECURITY_HEADERS_ENABLED=1
|
|
SECURITY_X_CONTENT_TYPE_OPTIONS=nosniff
|
|
SECURITY_X_FRAME_OPTIONS=DENY
|
|
SECURITY_REFERRER_POLICY=strict-origin-when-cross-origin
|
|
SECURITY_PERMISSIONS_POLICY=accelerometer=(), autoplay=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), microphone=(), payment=(), usb=()
|
|
SECURITY_CROSS_ORIGIN_OPENER_POLICY=same-origin
|
|
SECURITY_CROSS_ORIGIN_RESOURCE_POLICY=same-origin
|
|
SECURITY_CSP_ENABLED=1
|
|
SECURITY_CSP_POLICY=default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: https:; script-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self' data:; connect-src 'self'; object-src 'none'
|
|
SECURITY_CSP_DOCS_POLICY=default-src 'self'; img-src 'self' data: https:; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self' data:; connect-src 'self' https:; object-src 'none'; frame-ancestors 'none'
|
|
SECURITY_CSP_REPORT_ONLY=0
|
|
SECURITY_STRICT_TRANSPORT_SECURITY_ENABLED=0
|
|
SECURITY_STRICT_TRANSPORT_SECURITY_MAX_AGE=31536000
|
|
SECURITY_STRICT_TRANSPORT_SECURITY_INCLUDE_SUBDOMAINS=1
|
|
SECURITY_STRICT_TRANSPORT_SECURITY_PRELOAD=0
|
|
LOGIN_RATE_LIMIT_ATTEMPTS=5
|
|
LOGIN_RATE_LIMIT_WINDOW_SECONDS=60
|
|
LOG_LEVEL=INFO
|
|
LOG_FORMAT=console
|
|
LOG_REQUESTS=1
|
|
LOG_UVICORN_ACCESS=0
|
|
LOG_REQUEST_SKIP_PATHS=/healthz
|
|
LOG_REDACT_FIELDS=
|
|
SCHEDULER_ENABLED=1
|
|
SCHEDULER_TICK_SECONDS=60
|
|
INGESTION_NETWORK_ERROR_RETRIES=1
|
|
INGESTION_RETRY_BACKOFF_SECONDS=1.0
|
|
INGESTION_MAX_PAGES_PER_SCHOLAR=30
|
|
INGESTION_PAGE_SIZE=100
|
|
INGESTION_ALERT_BLOCKED_FAILURE_THRESHOLD=1
|
|
INGESTION_ALERT_NETWORK_FAILURE_THRESHOLD=2
|
|
INGESTION_ALERT_RETRY_SCHEDULED_THRESHOLD=3
|
|
INGESTION_CONTINUATION_QUEUE_ENABLED=1
|
|
INGESTION_CONTINUATION_BASE_DELAY_SECONDS=120
|
|
INGESTION_CONTINUATION_MAX_DELAY_SECONDS=3600
|
|
INGESTION_CONTINUATION_MAX_ATTEMPTS=6
|
|
SCHEDULER_QUEUE_BATCH_SIZE=10
|
|
SCHOLAR_IMAGE_UPLOAD_DIR=/var/lib/scholarr/uploads
|
|
SCHOLAR_IMAGE_UPLOAD_MAX_BYTES=2000000
|
|
SCHOLAR_NAME_SEARCH_ENABLED=1
|
|
SCHOLAR_NAME_SEARCH_CACHE_TTL_SECONDS=21600
|
|
SCHOLAR_NAME_SEARCH_BLOCKED_CACHE_TTL_SECONDS=300
|
|
SCHOLAR_NAME_SEARCH_CACHE_MAX_ENTRIES=512
|
|
SCHOLAR_NAME_SEARCH_MIN_INTERVAL_SECONDS=8.0
|
|
SCHOLAR_NAME_SEARCH_INTERVAL_JITTER_SECONDS=2.0
|
|
SCHOLAR_NAME_SEARCH_COOLDOWN_BLOCK_THRESHOLD=1
|
|
SCHOLAR_NAME_SEARCH_COOLDOWN_SECONDS=1800
|
|
SCHOLAR_NAME_SEARCH_ALERT_RETRY_COUNT_THRESHOLD=2
|
|
SCHOLAR_NAME_SEARCH_ALERT_COOLDOWN_REJECTIONS_THRESHOLD=3
|
|
|
|
BOOTSTRAP_ADMIN_ON_START=0
|
|
BOOTSTRAP_ADMIN_EMAIL=
|
|
BOOTSTRAP_ADMIN_PASSWORD=
|
|
BOOTSTRAP_ADMIN_FORCE_PASSWORD=0
|
|
|
|
DB_WAIT_TIMEOUT_SECONDS=60
|
|
DB_WAIT_INTERVAL_SECONDS=2
|