chore: update example env

2025-12-19 14:42:27 +00:00 · 2025-12-17 19:42:26 +02:00
parent dba5580a7c
commit 9c7a4af295
3 changed files with 98 additions and 26 deletions
--- a/.env.example
+++ b/.env.example
@@ -1,22 +1,84 @@
-PORT=3000
+# Base Configuration
-ADDRESS=0.0.0.0
+
-APP_URL=http://localhost:3000
+# The base URL where Tinyauth is accessible
-USERS=your_user_password_hash
+TINYAUTH_APPURL=https://auth.example.com
-USERS_FILE=users_file
+# Log level: trace, debug, info, warn, error
-SECURE_COOKIE=false
+TINYAUTH_LOGLEVEL=info
-OAUTH_WHITELIST=
+# Directory for static resources
-GENERIC_NAME=My OAuth
+TINYAUTH_RESOURCESDIR=/data/resources
-SESSION_EXPIRY=7200
+# Path to SQLite database file
-LOGIN_TIMEOUT=300
+TINYAUTH_DATABASEPATH=/data/tinyauth.db
-LOGIN_MAX_RETRIES=5
+# Disable version heartbeat
-LOG_LEVEL=debug
+TINYAUTH_DISABLEANALYTICS=false
-APP_TITLE=Tinyauth SSO
+# Disable static resource serving
-FORGOT_PASSWORD_MESSAGE=Some message about resetting the password
+TINYAUTH_DISABLERESOURCES=false
-OAUTH_AUTO_REDIRECT=none
+# Disable UI warning messages
-BACKGROUND_IMAGE=some_image_url
+TINYAUTH_DISABLEUIWARNINGS=false
-GENERIC_SKIP_SSL=false
+
-RESOURCES_DIR=/data/resources
+# Server Configuration
-DATABASE_PATH=/data/tinyauth.db
+
-DISABLE_ANALYTICS=false
+# Port to listen on
-DISABLE_RESOURCES=false
+TINYAUTH_SERVER_PORT=3000
-TRUSTED_PROXIES=
+# Interface to bind to (0.0.0.0 for all interfaces)
 TINYAUTH_SERVER_ADDRESS=0.0.0.0
 # Unix socket path (optional, overrides port/address if set)
 TINYAUTH_SERVER_SOCKETPATH=
 # Comma-separated list of trusted proxy IPs/CIDRs
 TINYAUTH_SERVER_TRUSTEDPROXIES=
 # Authentication Configuration
 # Format: username:bcrypt_hash (use bcrypt to generate hash)
 TINYAUTH_AUTH_USERS=admin:$2a$10$example_bcrypt_hash_here
 # Path to external users file (optional)
 TINYAUTH_USERSFILE=
 # Enable secure cookies (requires HTTPS)
 TINYAUTH_SECURECOOKIE=true
 # Session expiry in seconds (7200 = 2 hours)
 TINYAUTH_SESSIONEXPIRY=7200
 # Login timeout in seconds (300 = 5 minutes)
 TINYAUTH_LOGINTIMEOUT=300
 # Maximum login retries before lockout
 TINYAUTH_LOGINMAXRETRIES=5
 # OAuth Configuration
 # Regex pattern for allowed email addresses (e.g., /@example\.com$/)
 TINYAUTH_OAUTH_WHITELIST=
 # Provider ID to auto-redirect to (skips login page)
 TINYAUTH_OAUTH_AUTOREDIRECT=
 # OAuth Provider Configuration (replace MYPROVIDER with your provider name)
 TINYAUTH_OAUTH_PROVIDERS_MYPROVIDER_CLIENTID=your_client_id_here
 TINYAUTH_OAUTH_PROVIDERS_MYPROVIDER_CLIENTSECRET=your_client_secret_here
 TINYAUTH_OAUTH_PROVIDERS_MYPROVIDER_AUTHURL=https://provider.example.com/oauth/authorize
 TINYAUTH_OAUTH_PROVIDERS_MYPROVIDER_TOKENURL=https://provider.example.com/oauth/token
 TINYAUTH_OAUTH_PROVIDERS_MYPROVIDER_USERINFOURL=https://provider.example.com/oauth/userinfo
 TINYAUTH_OAUTH_PROVIDERS_MYPROVIDER_REDIRECTURL=https://auth.example.com/oauth/callback/myprovider
 TINYAUTH_OAUTH_PROVIDERS_MYPROVIDER_SCOPES=openid email profile
 TINYAUTH_OAUTH_PROVIDERS_MYPROVIDER_NAME=My OAuth Provider
 # Allow self-signed certificates
 TINYAUTH_OAUTH_PROVIDERS_MYPROVIDER_INSECURE=false
 # UI Customization
 # Custom title for login page
 TINYAUTH_UI_TITLE=Tinyauth
 # Message shown on forgot password page
 TINYAUTH_UI_FORGOTPASSWORDMESSAGE="Contact your administrator to reset your password"
 # Background image URL for login page
 TINYAUTH_UI_BACKGROUNDIMAGE=
 # LDAP Configuration
 # LDAP server address
 TINYAUTH_LDAP_ADDRESS=ldap://ldap.example.com:389
 # DN for binding to LDAP server
 TINYAUTH_LDAP_BINDDN=cn=readonly,dc=example,dc=com
 # Password for bind DN
 TINYAUTH_LDAP_BINDPASSWORD=your_bind_password
 # Base DN for user searches
 TINYAUTH_LDAP_BASEDN=dc=example,dc=com
 # Search filter (%s will be replaced with username)
 TINYAUTH_LDAP_SEARCHFILTER=(&(uid=%s)(memberOf=cn=users,ou=groups,dc=example,dc=com))
 # Allow insecure LDAP connections
 TINYAUTH_LDAP_INSECURE=false
--- a/cmd/tinyauth.go
+++ b/cmd/tinyauth.go
@@ -1,9 +1,11 @@
 package main
 import (
 	"fmt"
 	"os"
 	"strings"
 	"time"
 	"tinyauth/internal/bootstrap"
 	"tinyauth/internal/config"
 	"tinyauth/internal/utils/loaders"
@@ -14,7 +16,7 @@ import (
 type TinyauthCmdConfiguration struct {
 	config.Config
-	ConfigFile string `description:"Path to config file."`
+	// ConfigFile string `description:"Path to config file."`
 }
 func NewTinyauthCmdConfiguration() *TinyauthCmdConfiguration {
@@ -22,7 +24,7 @@ func NewTinyauthCmdConfiguration() *TinyauthCmdConfiguration {
 		Config: config.Config{
 			LogLevel: "info",
 		},
-		ConfigFile: "",
+		// ConfigFile: "",
 	}
 }
@@ -94,5 +96,13 @@ func runCmd(cfg *config.Config) error {
 	log.Info().Str("version", config.Version).Msg("Starting tinyauth")
 	app := bootstrap.NewBootstrapApp(*cfg)
 	err = app.Setup()
 	if err != nil {
 		return fmt.Errorf("failed to bootstrap app: %w", err)
 	}
 	return nil
 }
--- a/docker-compose.example.yml
+++ b/docker-compose.example.yml
@@ -20,8 +20,8 @@ services:
    container_name: tinyauth
    image: ghcr.io/steveiliop56/tinyauth:v3
    environment:
-      - APP_URL=https://tinyauth.example.com
+      - TINYAUTH_APPURL=https://tinyauth.example.com
-      - USERS=user:$$2a$$10$$UdLYoJ5lgPsC0RKqYH/jMua7zIn0g9kPqWmhYayJYLaZQ/FTmH2/u # user:password
+      - TINYAUTH_AUTH_USERS=user:$$2a$$10$$UdLYoJ5lgPsC0RKqYH/jMua7zIn0g9kPqWmhYayJYLaZQ/FTmH2/u # user:password
    volumes:
      - ./data:/data
    labels: