update keys in .env.example

2026-02-23 17:29:24 +01:00
parent f09748f4a1
commit faa5756e23
2 changed files with 19 additions and 3 deletions
--- a/.env.example
+++ b/.env.example
@@ -107,6 +107,13 @@ FRONTEND_PORT=80
 # IMPORTANT: Must be accessible from the user's browser!
 VITE_API_URL=http://localhost:3000

+# Authentik URL for frontend
+# The base URL of your Authentik instance (without application path)
+# Development: http://localhost:9000
+# Production: https://auth.yourdomain.com
+# IMPORTANT: Used for OAuth redirect URL construction
+VITE_AUTHENTIK_URL=https://auth.yourdomain.com
+
 # ============================================================================
 # AUTHENTIK OAUTH CONFIGURATION
 # ============================================================================
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -30,10 +30,19 @@ services:
    container_name: feuerwehr_backend_prod
    environment:
      NODE_ENV: production
-      DATABASE_URL: postgresql://${POSTGRES_USER:-prod_user}:${POSTGRES_PASSWORD}@postgres:5432/${POSTGRES_DB:-feuerwehr_prod}
      PORT: 3000
+      DB_HOST: postgres
+      DB_PORT: 5432
+      DB_NAME: ${POSTGRES_DB:-feuerwehr_prod}
+      DB_USER: ${POSTGRES_USER:-prod_user}
+      DB_PASSWORD: ${POSTGRES_PASSWORD:?POSTGRES_PASSWORD is required}
      JWT_SECRET: ${JWT_SECRET:?JWT_SECRET is required}
+      JWT_EXPIRES_IN: ${JWT_EXPIRES_IN:-24h}
      CORS_ORIGIN: ${CORS_ORIGIN:-http://localhost:80}
+      AUTHENTIK_ISSUER: ${AUTHENTIK_ISSUER:?AUTHENTIK_ISSUER is required}
+      AUTHENTIK_CLIENT_ID: ${AUTHENTIK_CLIENT_ID:?AUTHENTIK_CLIENT_ID is required}
+      AUTHENTIK_CLIENT_SECRET: ${AUTHENTIK_CLIENT_SECRET:?AUTHENTIK_CLIENT_SECRET is required}
+      AUTHENTIK_REDIRECT_URI: ${AUTHENTIK_REDIRECT_URI:-http://localhost/auth/callback}
    ports:
      - "${BACKEND_PORT:-3000}:3000"
    depends_on:
@@ -55,9 +64,9 @@ services:
      dockerfile: Dockerfile
      args:
        VITE_API_URL: ${VITE_API_URL:-http://localhost:3000}
+        VITE_AUTHENTIK_URL: ${VITE_AUTHENTIK_URL:?VITE_AUTHENTIK_URL is required}
+        VITE_CLIENT_ID: ${AUTHENTIK_CLIENT_ID:?AUTHENTIK_CLIENT_ID is required}
    container_name: feuerwehr_frontend_prod
-    environment:
-      VITE_API_URL: ${VITE_API_URL:-http://localhost:3000}
    ports:
      - "${FRONTEND_PORT:-80}:80"
    depends_on: