-
Notifications
You must be signed in to change notification settings - Fork 52
/
sample.env
255 lines (230 loc) · 10.7 KB
/
sample.env
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
# Sample configuration for the `.env` settings file. These values are interpreted as
# JSON, falling back to plain strings. This file must be a valid shell script, so
# values using shell glob characters '*?[]' must be enclosed in single quotes
# .env is automatically loaded in pytest and ./devserver.py, but not in production.
# Your production environment is responsible for setting these values. A bash script
# like this may work:
# set -o allexport
# source .flaskenv
# source .env
# set +o allexport
# Environment variables are named FLASK_*. The prefix is used to identify app config
# A second prefix APP_{appname}_* is used for app-specific configuration. Available:
# * APP_FUNNEL_: Main Funnel app
# * APP_SHORTLINK_: Shortlink app
# * APP_UNSUBSCRIBE_: Unsubscribe app
# --- Development mode (remove these three in production)
# Coaster uses this value; Flask 2.2's deprecation warning can be ignored
FLASK_ENV=development
# Flask >=2.2 requires this value
FLASK_DEBUG=1
# Flask-DebugToolbar (optional) is useful for dev, but MUST NOT BE enabled in production
FLASK_DEBUG_TB_ENABLED=true
FLASK_DEBUG_TB_INTERCEPT_REDIRECTS=false
# Run devserver with HTTPS? Options:
# "null" (or empty value): HTTP-only, no HTTPS
# "adhoc": Create an adhoc self-signed certificate on each (re)start
# "path/to/cert_file:path/to/key_file": use specified certificate and private key
FLASK_DEVSERVER_HTTPS=adhoc
# --- Domain configuration (these must point to 127.0.0.1 in /etc/hosts in dev and test)
# Funnel app's server name (Hasgeek uses 'hasgeek.com' in production)
APP_FUNNEL_SERVER_NAME=funnel.test:3000
# Funnel app's default domain when running without a HTTP context
APP_FUNNEL_DEFAULT_DOMAIN=funnel.test
# Shortlink domain (Hasgeek uses 'has.gy' in production)
FLASK_SHORTLINK_DOMAIN=f.test:3000
# Optional unsubscribe URL domain (Hasgeek uses 'bye.li' in production)
# https://bye.li/* redirects to https://hasgeek.com/account/notifications/bye/*
FLASK_UNSUBSCRIBE_DOMAIN=null
# Auth cookie domain (auth cookie is shared across apps in subdomains)
FLASK_LASTUSER_COOKIE_DOMAIN=.funnel.test
# Session cookies are not shared with subdomains, so don't set a domain ('false' is
# required in Flask 2.2 but not in Flask 2.3; the default value `null` changes meaning
# between these versions)
FLASK_SESSION_COOKIE_DOMAIN=false
# Give main app a different session cookie name, just in case a subdomain app has not
# set SESSION_COOKIE_DOMAIN=False
APP_FUNNEL_SESSION_COOKIE_NAME=root_session
# --- Secrets
# Secret keys with key rotation -- put older keys further down the list. Older keys will
# be used to decode tokens as fallback, but will not be used to encode. Remove old keys
# when they are considered expired
FLASK_SECRET_KEYS='["make-this-something-random", "older-secret-keys-here"]'
# Secret keys for auth cookie. This is shared across apps in subdomains, so set the
# same value in subdomain-hosted apps
FLASK_LASTUSER_SECRET_KEYS='["make-this-something-random", "older-secret-keys-here"]'
# --- App configuration
# Default timezone when user timezone is not known
FLASK_TIMEZONE='Asia/Kolkata'
# Support email and phone numbers (must be syntactically valid)
FLASK_SITE_SUPPORT_PHONE=+91...
# Optional featured accounts for the home page (list of featured names, or empty list)
APP_FUNNEL_FEATURED_ACCOUNTS='["first", "second"]'
# --- Analytics
# Google Analytics code
APP_FUNNEL_GA_CODE=null
# Matomo analytics (shared config across apps; URL must have trailing slash)
FLASK_MATOMO_URL=https://...
# MATOMO_JS and MATOMO_FILE have default values; override if your installation varies
# FLASK_MATOMO_JS=matomo.js
# FLASK_MATOMO_FILE=matomo.php
# Matomo API key, used in funnel.cli.periodic.stats
FLASK_MATOMO_TOKEN=null
# Matomo site id (app-specific)
APP_FUNNEL_MATOMO_ID=
# --- Statsd logging (always enabled, emits to UDP)
# Support for tagging varies between implementations:
# Etsy's statsd doesn't support tagging (default `false` merges tags into metric name)
# Telegraf uses `,` as a tag separator
# Prometheus uses `;` as a tag separator
FLASK_STATSD_TAGS=,
# Other statsd settings have default values:
# FLASK_STATSD_HOST=127.0.0.1
# FLASK_STATSD_PORT=8125
# FLASK_STATSD_MAXUDPSIZE=512
# FLASK_STATSD_IPV6=false
# Sampling rate, 0.0-1.0, default 1 logs 100%
# FLASK_STATSD_RATE=1
# FLASK_STATSD_TAGS=false
# Log all Flask requests (time to serve, response status code)
# FLASK_STATSD_REQUEST_LOG=true
# Log all WTForms validations (when using baseframe.forms.Form subclass)
# FLASK_STATSD_FORM_LOG=true
# --- Redis Queue and Redis cache (use separate dbs to isolate)
# Redis server host
REDIS_HOST=localhost
# RQ and cache
FLASK_RQ_REDIS_URL=redis://${REDIS_HOST}:6379/1
FLASK_RQ_DASHBOARD_REDIS_URL=redis://${REDIS_HOST}:6379/1
FLASK_CACHE_TYPE=flask_caching.backends.RedisCache
FLASK_CACHE_REDIS_URL=redis://${REDIS_HOST}:6379/0
# --- Database configuration
DB_HOST=localhost
# Main app database
FLASK_SQLALCHEMY_DATABASE_URI='postgresql+psycopg:///funnel'
# Geoname database (the use of `__` creates a dict and sets a key in the dict)
FLASK_SQLALCHEMY_BINDS__geoname='postgresql+psycopg:///geoname'
# --- Email configuration
# SMTP mail server ('localhost' if Postfix is configured as a relay email server)
FLASK_MAIL_SERVER=localhost
# If not using localhost, SMTP will need authentication
# Port number (25 is default, but 587 is more likely for non-localhost)
FLASK_MAIL_PORT=25
# Port 25 uses neither TLS nor SSL. Port 587 uses TLS and port 465 uses SSL (obsolete)
FLASK_MAIL_USE_TLS=false
FLASK_MAIL_USE_SSL=false
# Authentication if using port 587 or 465
FLASK_MAIL_USERNAME=null
FLASK_MAIL_PASSWORD=null
# Default "From:" address in email
FLASK_MAIL_DEFAULT_SENDER="Hasgeek <[email protected]>"
# --- GeoIP databases for IP address geolocation (used in account settings)
# Obtain a free license key from Maxmind, install geoipupdate, place the account id and
# key in GeoIP.conf and enable the GeoLite2-ASN database. The location of GeoIP.conf
# varies between Ubuntu and macOS.
# https://support.maxmind.com/hc/en-us/articles/4407111582235-Generate-a-License-Key
# Ubuntu:
# sudo add-apt-repository ppa:maxmind/ppa
# sudo apt install geoipupdate
# vim /etc/GeoIP.conf
# sudo geoipupdate -f /etc/GeoIP.conf
# FLASK_GEOIP_DB_CITY=/usr/share/GeoIP/GeoLite2-City.mmdb
# FLASK_GEOIP_DB_ASN=/usr/share/GeoIP/GeoLite2-ASN.mmdb
# macOS with Homebrew on Apple Silicon:
# brew install geoipupdate
# vim /opt/homebrew/etc/GeoIP.conf
# geoipupdate -f /opt/homebrew/etc/GeoIP.conf
# FLASK_GEOIP_DB_CITY=/opt/homebrew/var/GeoIP/GeoLite2-City.mmdb
# FLASK_GEOIP_DB_ASN=/opt/homebrew/var/GeoIP/GeoLite2-ASN.mmdb
# --- AWS SNS configuration
# AWS SES events (required only if app is configured to send email via SES)
# AWS SNS must be configured with callback URL https://domain.tld/api/1/email/ses_event
FLASK_SES_NOTIFICATION_TOPICS='[]'
# --- Logging
# Optional path to log file, or default null to disable file logging
FLASK_LOG_FILE=null
# Optional config for file logging:
# FLASK_LOG_FILE_LEVEL accepts NOTSET, DEBUG, INFO, WARNING (default), ERROR, CRITICAL
# FLASK_LOG_FILE_DELAY (bool, default true, delays log file creation until first log)
# FLASK_LOG_FILE_ROTATE (bool, default true, controls logrotate on the basis of time)
# FLASK_LOG_FILE_ROTATE_WHEN (default "midnight", other options: S, M, H, D, W0-W6)
# FLASK_LOG_FILE_ROTATE_COUNT (count of old files to keep, default 7 for a week's worth)
# FLASK_LOG_FILE_ROTATE_UTC (default false, if set uses UTC for midnight and W0-W6)
# List of email addresses to send error reports with traceback and local var dump
# This requires SMTP config (above)
FLASK_LOG_EMAIL_TO='["[email protected]"]'
# Additional options: FLASK_LOG_EMAIL_FROM, defaults to FLASK_MAIL_DEFAULT_SENDER
# Send error reports to a Telegram chat
FLASK_LOG_TELEGRAM_CHATID=null
# Use these bot API credentials (configure your bot at https://t.me/botfather)
FLASK_LOG_TELEGRAM_APIKEY=null
# Optional settings:
# FLASK_LOG_TELEGRAM_THREADID (if the chat has topic threads, use a specific thread)
# FLASK_LOG_TELEGRAM_LEVEL=NOTSET, DEBUG, INFO, WARNING (default), ERROR, CRITICAL
# --- Hasgeek app integrations
# Imgee image server
FLASK_IMGEE_HOST=images.hasgeek.com
FLASK_IMAGE_URL_SCHEMES='["https"]'
FLASK_IMAGE_URL_DOMAINS='["hasgeek.com", "images.hasgeek.com", "imgee.s3.amazonaws.com"]'
# Boxoffice ticket sales server (API endpoint)
FLASK_BOXOFFICE_SERVER=http://boxoffice.hasgeek.com/api/1/
# Hasjob job board (API endpoint)
FLASK_HASJOB_SERVER=http://hasjob.test/api/1/
# --- OAuth2 login integrations
# GitHub (register an app here: https://github.com/settings/developers)
FLASK_OAUTH_GITHUB_KEY=null
FLASK_OAUTH_GITHUB_SECRET=null
# Google (register an app here: https://console.developers.google.com/)
FLASK_OAUTH_GOOGLE_KEY=null
FLASK_OAUTH_GOOGLE_SECRET=null
FLASK_OAUTH_GOOGLE_SCOPE='["email", "profile"]'
# LinkedIn
FLASK_OAUTH_LINKEDIN_KEY=null
FLASK_OAUTH_LINKEDIN_SECRET=null
# Zoom
FLASK_OAUTH_ZOOM_KEY=null
FLASK_OAUTH_ZOOM_SECRET=null
# --- Functional integrations
# YouTube (for thumbnails and video metadata)
FLASK_YOUTUBE_API_KEY=null
# Vimeo (for thumbnails and video metadata)
FLASK_VIMEO_CLIENT_ID=null
FLASK_VIMEO_CLIENT_SECRET=null
FLASK_VIMEO_ACCESS_TOKEN=null
# Google Maps
FLASK_GOOGLE_MAPS_API_KEY=
# Recaptcha (only invisible recaptcha v2 is supported)
FLASK_RECAPTCHA_USE_SSL=true
FLASK_RECAPTCHA_PUBLIC_KEY=null
FLASK_RECAPTCHA_PRIVATE_KEY=null
# Daily stats to Telegram
FLASK_TELEGRAM_STATS_APIKEY=null
FLASK_TELEGRAM_STATS_CHATID=null
# TRAI Mobile Number Revocation List (MNRL) for expired phone numbers
FLASK_MNRL_API_KEY=null
# --- SMS integrations
# Exotel (for SMS to Indian numbers; primary)
FLASK_SMS_EXOTEL_SID=null
FLASK_SMS_EXOTEL_TOKEN=null
FLASK_SMS_EXOTEL_FROM=null
# Twilio (for SMS to international numbers; fallback)
FLASK_SMS_TWILIO_SID=null
FLASK_SMS_TWILIO_TOKEN=null
FLASK_SMS_TWILIO_FROM=null
#: DLT registered entity id and template ids (required for SMS to Indian numbers)
FLASK_SMS_DLT_ENTITY_ID=null
FLASK_SMS_DLT_SHORTURL_HEADER=null
FLASK_SMS_DLT_TEMPLATE_IDS__web_otp_template=null
FLASK_SMS_DLT_TEMPLATE_IDS__project_starting_template=null
FLASK_SMS_DLT_TEMPLATE_IDS__project_starting_tomorrow_venue_template=null
FLASK_SMS_DLT_TEMPLATE_IDS__project_starting_tomorrow_location_template=null
FLASK_SMS_DLT_TEMPLATE_IDS__registration_confirmation_template=null
FLASK_SMS_DLT_TEMPLATE_IDS__registration_confirmation_with_next_template=null
FLASK_SMS_DLT_TEMPLATE_IDS__proposal_received_template=null
FLASK_SMS_DLT_TEMPLATE_IDS__proposal_submitted_template=null
FLASK_SMS_DLT_TEMPLATE_IDS__update_merged_title_template=null
FLASK_SMS_DLT_TEMPLATE_IDS__update_split_title_template=null
FLASK_SMS_DLT_TEMPLATE_IDS__comment_project_template=null
FLASK_SMS_DLT_TEMPLATE_IDS__comment_proposal_template=null
FLASK_SMS_DLT_TEMPLATE_IDS__comment_reply_template=null