.env.example

# SPDX-FileCopyrightText: 2024 Christian Meeßen (GFZ) <christian.meessen@gfz-potsdam.de>
# SPDX-FileCopyrightText: 2024 Helmholtz Centre Potsdam - GFZ German Research Centre for Geosciences
#
# SPDX-License-Identifier: CC0-1.0

# ---------------------------------------------------
# ENV variables of plugin-01
# ---------------------------------------------------

# API_ROOT_PATH="/"

# ---------------------------------------------------
# ENV variables of core RSD services
# ---------------------------------------------------

# ---- PUBLIC ENV VARIABLES -------------

# postgresql
# consumed by services: backend
POSTGRES_DB_HOST=database
# consumed by services: backend
POSTGRES_DB_HOST_PORT=5432
# consumed by services: database, backend
POSTGRES_DB=rsd-db
# consumed by services: database
POSTGRES_USER=rsd

# backend (postgREST)
# consumed by services: backend
PGRST_DB_ANON_ROLE=rsd_web_anon
PGRST_DB_SCHEMA=public
PGRST_SERVER_PORT=3500

# postgREST API
# consumed by services: authentication,frontend,auth-tests, scrapers
# .env.local: http://localhost/api/v1, .env: http://backend:3500
POSTGREST_URL=http://backend:3500

# postgREST API reachable outside of Docker
# consumed by services: swagger
POSTGREST_URL_EXTERNAL=http://localhost/api/v1

# RSD Auth module
# consumed by services: frontend (api/fe)
# .env.local: http://localhost/auth, .env: http://auth:7000
RSD_AUTH_URL=http://auth:7000

# RSD Reverse Proxy URL
# consumed by services: frontend
# .env.local: http://localhost, .env: http://nginx
RSD_REVERSE_PROXY_URL=http://nginx

# consumed by services: authentication
# If set to "dev", the first user to log in will become admin.
# Any other value doesn't activate this feature (and doesn't do anything).
RSD_ENVIRONMENT=dev

# consumed by services: authentication, frontend (api/fe)
# provide a list of supported OpenID auth providers
# the values should be separated by semicolon (;)
# Allowed values are: SURFCONEXT, HELMHOLTZID, ORCID or LOCAL
# if env value is not provided default provider is set to be SURFCONEXT
# if you add the value "LOCAL", then local accounts are enabled, USE THIS FOR TESTING PURPOSES ONLY
RSD_AUTH_PROVIDERS=SURFCONEXT;ORCID;LOCAL

# consumed by services: authentication, frontend (api/fe)
# provide a list of supported OpenID auth providers for coupling with the user's RSD account
# the values should be separated by semicolon (;)
# Allowed values are: ORCID
RSD_AUTH_COUPLE_PROVIDERS=ORCID

# SURFCONEXT - TEST ENVIRONMENT
# consumed by: authentication, frontend/utils/loginHelpers
SURFCONEXT_CLIENT_ID=www.research-software.nl
# consumed by: authentication, frontend/utils/loginHelpers
SURFCONEXT_REDIRECT=http://localhost/auth/login/surfconext
# consumed by: authentication, frontend/utils/loginHelpers
SURFCONEXT_WELL_KNOWN_URL=https://connect.test.surfconext.nl/.well-known/openid-configuration
# consumed by: authentication, frontend/utils/loginHelpers
SURFCONEXT_SCOPES=openid
# consumed by: frontend/utils/loginHelpers
SURFCONEXT_RESPONSE_MODE=form_post

# ORCID
# consumed by: authentication, frontend/utils/loginHelpers
ORCID_CLIENT_ID=APP-4D4D69ASWTYOI9QI
# consumed by: authentication, frontend/utils/loginHelpers
ORCID_REDIRECT=http://www.localhost/auth/login/orcid
# consumed by: authentication, frontend/utils/loginHelpers
ORCID_REDIRECT_COUPLE=http://www.localhost/auth/couple/orcid
# consumed by: authentication, frontend/utils/loginHelpers
ORCID_WELL_KNOWN_URL=https://sandbox.orcid.org/.well-known/openid-configuration
# consumed by: authentication, frontend/utils/loginHelpers
ORCID_SCOPES=openid
# consumed by: frontend/utils/loginHelpers
ORCID_RESPONSE_MODE=query

# max requests to the GitHub API per run, runs 10 times per hour
# optional, comment out if not available, a default of 6 will be used
# consumed by: scrapers
MAX_REQUESTS_GITHUB=6

# max request to GitLab API per run, runs 10 times per hour
# optional, comment out if not available, a default of 6 will be used
# consumed by: scrapers
MAX_REQUESTS_GITLAB=6

# max mentions to scrape per run, runs 10 times per hour
# optional, comment out if not available, a default of 6 will be used
# consumed by: scrapers
MAX_REQUESTS_DOI=6

# max organisations to scrape per run, runs 10 times per hour
# optional, comment out if not available, a default of 6 will be used
# consumed by: scrapers
MAX_REQUESTS_ROR=6

#------------------------------------------------------
# ---- SECRETS ------ SECRETS ----------- SECRETS -----
#------------------------------------------------------

# consumed by services: database
# generate random/strong password
POSTGRES_PASSWORD=

# consumed by services: database, backend
# generate random/strong password
POSTGRES_AUTHENTICATOR_PASSWORD=

# POSTGREST JWT SECRET
# consumed by services: authentication, frontend (auth-node), auth-tests, scrapers
# generate random/strong password with at least 32 characters
PGRST_JWT_SECRET=

# SURFCONEXT
# consumed by services: authentication
# obtain the secret from SURFCONEXT dashboard
AUTH_SURFCONEXT_CLIENT_SECRET=

# ORCID
# consumed by services: authentication
# obtain the secret from the project team
AUTH_ORCID_CLIENT_SECRET=

# Azure Active Directory
# consumed by services: authentication
AUTH_AZURE_CLIENT_SECRET=

# consumed by: scrapers
# optional, comment out if not available, should be of the form username:token
# obtain the secret from GITHUB dashboard
API_CREDENTIALS_GITHUB=

# consumed by: scrapers
# obtain the secret from ZENODO dashboard
ZENODO_ACCESS_TOKEN=

# consumed by: scrapers, frontend api (node)
# email address that Crossref can contact you with to comply with their "polite" policy
# leave blank or use a real email address that you will respond to
CROSSREF_CONTACT_EMAIL=

# consumed by: frontend
# URL (should end with a trailing slash) and ID for Matomo Tracking Code
MATOMO_URL=
MATOMO_ID=

# consumed by: scrapers
LIBRARIES_IO_ACCESS_TOKEN=