Files
nofx/.env.example
tinkle-community 3ed0aec0ff refactor: single-user web-based setup — replace env config with Settings UI
Move from multi-user env-var config to single-user web-first architecture:
- Add SetupPage for first-time initialization (replaces /register)
- Add SettingsPage for AI models, exchanges, Telegram, and password management
- Enrich all API route schemas with exact ID usage documentation
- Add PUT /user/password endpoint for in-app password changes
- Remove REGISTRATION_ENABLED, MAX_USERS, TELEGRAM_BOT_TOKEN from env config
- Simplify LoginPage design, remove admin mode and registration links
- Telegram bot now resolves user email for identity display
- start.sh no longer runs interactive Telegram setup
2026-03-09 23:55:39 +08:00

66 lines
2.0 KiB
Plaintext
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# NOFX Environment Variables Template
# Copy this file to .env and modify the values as needed
# ===========================================
# Server Configuration
# ===========================================
# Backend API server port
NOFX_BACKEND_PORT=8080
# Frontend web interface port
NOFX_FRONTEND_PORT=3000
# Timezone
NOFX_TIMEZONE=Asia/Shanghai
# ===========================================
# Authentication (Required)
# ===========================================
# JWT signing secret (any random string, at least 32 characters)
# Generate with: openssl rand -base64 32
JWT_SECRET=your-jwt-secret-change-this-in-production
# ===========================================
# Encryption Keys (Required)
# ===========================================
# AES-256 data encryption key (Base64 encoded, 32 bytes)
# Used for encrypting sensitive data in database (API keys, secrets)
# Generate with: openssl rand -base64 32
DATA_ENCRYPTION_KEY=your-base64-encoded-32-byte-key
# RSA private key for client-server encryption (PEM format)
# Used for end-to-end encryption of sensitive data from browser
# Generate with: openssl genrsa 2048
# Note: Replace newlines with \n for single-line format
RSA_PRIVATE_KEY=-----BEGIN RSA PRIVATE KEY-----\nYOUR_KEY_HERE\n-----END RSA PRIVATE KEY-----
# ===========================================
# Security Options
# ===========================================
# Transport encryption for API keys (default: false)
# When enabled, browser uses Web Crypto API to encrypt API keys before sending
# Requires HTTPS or localhost to work
# Set to true for enhanced security (HTTPS required)
# Set to false for easier deployment (HTTP/IP access allowed)
TRANSPORT_ENCRYPTION=false
# ===========================================
# Optional: External Services
# ===========================================
DB_TYPE=postgres
DB_HOST=10.
DB_PORT=5432
DB_USER=nofx_user
DB_PASSWORD=
DB_NAME=nofx
DB_SSLMODE=disable
# 数据库配置 - SQLite默认
DB_TYPE=sqlite
DB_PATH=data/data.db