-
Notifications
You must be signed in to change notification settings - Fork 7
Expand file tree
/
Copy path.env.docker.example
More file actions
125 lines (112 loc) · 3.89 KB
/
.env.docker.example
File metadata and controls
125 lines (112 loc) · 3.89 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
# ==============================================================================
# NSW Docker development env example
# ==============================================================================
# Usage:
# cp .env.docker.example .env.docker
# ./start-docker.sh --env-file=.env.docker
#
# Note:
# - Compose-internal values (DB_HOST, AUTH_JWKS_URL, SERVICE_URL, etc.) are
# hardcoded in docker-compose.yml using service names. You do NOT need to
# set them here.
# - Variables below control host-mapped ports, credentials, feature flags,
# and browser-facing URLs.
# - Keep secrets out of git; .env.docker is ignored by .gitignore.
# ==============================================================================
# ---- PostgreSQL ----
DB_PORT=55432
DB_USERNAME=postgres
DB_PASSWORD=changeme
DB_NAME=nsw_db
DB_SSLMODE=disable
# ---- IDP (Thunder) ----
THUNDER_ADMIN_USERNAME=admin
THUNDER_ADMIN_PASSWORD=1234
THUNDER_SAMPLE_USER_PASSWORD=1234
THUNDER_M2M_CLIENT_SECRET=1234
# Optional per-M2M overrides
# THUNDER_M2M_NPQS_SECRET=1234
# THUNDER_M2M_FCAU_SECRET=1234
# THUNDER_M2M_IRD_SECRET=1234
# THUNDER_M2M_CDA_SECRET=1234
IDP_PUBLIC_URL=https://localhost:8090
IDP_PORT=8090
# ---- Auth / OIDC ----
TRADER_IDP_CLIENT_ID=TRADER_PORTAL_APP
TRADER_IDP_TRADER_GROUP_NAME=Traders
TRADER_IDP_CHA_GROUP_NAME=CHA
NPQS_IDP_CLIENT_ID=OGA_PORTAL_APP_NPQS
FCAU_IDP_CLIENT_ID=OGA_PORTAL_APP_FCAU
IRD_IDP_CLIENT_ID=OGA_PORTAL_APP_IRD
CDA_IDP_CLIENT_ID=OGA_PORTAL_APP_CDA
IDP_SCOPES=openid,profile,email,group,role
IDP_PLATFORM=AsgardeoV2
AUTH_ISSUER=https://localhost:8090
AUTH_CLIENT_IDS=TRADER_PORTAL_APP,FCAU_TO_NSW,NPQS_TO_NSW,IRD_TO_NSW,CDA_TO_NSW
AUTH_AUDIENCE=NSW_API
AUTH_JWKS_INSECURE_SKIP_VERIFY=true
# ---- Host Ports ----
BACKEND_PORT=8080
TRADER_APP_PORT=5173
OGA_APP_NPQS_PORT=5174
OGA_APP_FCAU_PORT=5175
OGA_APP_IRD_PORT=5176
OGA_APP_CDA_PORT=5177
OGA_NPQS_PORT=8081
OGA_FCAU_PORT=8082
OGA_IRD_PORT=8083
OGA_CDA_PORT=8084
# ---- Backend ----
SERVER_DEBUG=true
SERVER_LOG_LEVEL=info
# ---- Temporal (optional) ----
TEMPORAL_HOST=host.docker.internal
TEMPORAL_PORT=7233
TEMPORAL_NAMESPACE=default
STORAGE_TYPE=local
STORAGE_LOCAL_PUT_SECRET=local-dev-secret
CORS_ALLOWED_ORIGINS=http://localhost:3000,http://localhost:5173,http://localhost:5174,http://localhost:5175,http://localhost:5176,http://localhost:5177
SHOW_AUTOFILL_BUTTON=true
# Optional Configurations
# STORAGE_LOCAL_PUBLIC_URL=http://localhost:8080
# STORAGE_PRESIGN_TTL=15m
# ---- OGA backends ----
OGA_NPQS_DB_DRIVER=postgres
OGA_NPQS_DB_PORT=55433
OGA_NPQS_DB_NAME=oga_npqs_db
OGA_NPQS_DB_USERNAME=postgres
OGA_NPQS_DB_PASSWORD=changeme
# SQLite paths (for FCAU and IRD)
OGA_FCAU_DB_DRIVER=sqlite
OGA_FCAU_DB_PATH=/data/oga_applications.db
OGA_IRD_DB_DRIVER=sqlite
OGA_IRD_DB_PATH=/data/oga_applications.db
OGA_CDA_DB_DRIVER=sqlite
OGA_CDA_DB_PATH=/data/oga_applications.db
OGA_DEFAULT_FORM_ID=default
OGA_ALLOWED_ORIGINS=http://localhost:5174,http://localhost:5175,http://localhost:5176,http://localhost:5177
# ---- OGA -> NSW outbound OAuth2 (required) ----
# NSW API base URL for calling NSW endpoints
OGA_NSW_API_BASE_URL=http://backend:8080/api/v1
# Client IDs are created by idp/02-sample-resources.sh
OGA_NSW_NPQS_CLIENT_ID=NPQS_TO_NSW
OGA_NSW_FCAU_CLIENT_ID=FCAU_TO_NSW
OGA_NSW_IRD_CLIENT_ID=IRD_TO_NSW
OGA_NSW_CDA_CLIENT_ID=CDA_TO_NSW
# Secrets match local IDP bootstrap defaults
OGA_NSW_NPQS_CLIENT_SECRET=1234
OGA_NSW_FCAU_CLIENT_SECRET=1234
OGA_NSW_IRD_CLIENT_SECRET=1234
OGA_NSW_CDA_CLIENT_SECRET=1234
# Token endpoint for client credentials grant
OGA_NSW_TOKEN_URL=https://host.docker.internal:8090/oauth2/token
# Optional scopes (comma-separated)
OGA_NSW_SCOPES=
# DEV-ONLY: set to true to skip TLS verification for OAuth2 token endpoint
OGA_NSW_TOKEN_INSECURE_SKIP_VERIFY=true
# ---- OGA portal instances ----
OGA_APP_NPQS_INSTANCE_CONFIG=npqs
OGA_APP_FCAU_INSTANCE_CONFIG=fcau
OGA_APP_IRD_INSTANCE_CONFIG=ird
OGA_APP_CDA_INSTANCE_CONFIG=cda
# ---- OGA portal OIDC ----