jesus/Rustelo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Rustelo/config/others/rbac.env.example
Jesús Pérex 515c9343f4
Some checks failed
CI/CD Pipeline / Test Suite (push) Has been cancelled
Details
CI/CD Pipeline / Security Audit (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Image (push) Has been cancelled
Details
CI/CD Pipeline / Deploy to Staging (push) Has been cancelled
Details
CI/CD Pipeline / Deploy to Production (push) Has been cancelled
Details
CI/CD Pipeline / Performance Benchmarks (push) Has been cancelled
Details
CI/CD Pipeline / Cleanup (push) Has been cancelled
Details
chore: add config path
2025-07-07 23:13:01 +01:00

314 lines
8.7 KiB
Plaintext
Raw Blame History

# RBAC (Role-Based Access Control) Configuration
# Copy this file to .env and configure for your environment
# =============================================================================
# RBAC Feature Flags
# =============================================================================
# Enable/disable RBAC system entirely (default: false)
ENABLE_RBAC=false
# Database access control (requires ENABLE_RBAC=true)
ENABLE_RBAC_DATABASE=false
# File system access control (requires ENABLE_RBAC=true)
ENABLE_RBAC_FILES=false
# Content management access control (requires ENABLE_RBAC=true)
ENABLE_RBAC_CONTENT=false
# API endpoint access control (requires ENABLE_RBAC=true)
ENABLE_RBAC_API=false
# User categories feature (requires ENABLE_RBAC=true)
ENABLE_RBAC_CATEGORIES=false
# User tags feature (requires ENABLE_RBAC=true)
ENABLE_RBAC_TAGS=false
# Permission caching (improves performance, requires ENABLE_RBAC=true)
ENABLE_RBAC_CACHING=false
# Access audit logging (requires ENABLE_RBAC=true)
ENABLE_RBAC_AUDIT=false
# TOML configuration file loading (requires ENABLE_RBAC=true)
ENABLE_RBAC_TOML_CONFIG=false
# Hierarchical permissions (categories/tags inheritance)
ENABLE_RBAC_HIERARCHICAL=false
# Dynamic rule evaluation
ENABLE_RBAC_DYNAMIC_RULES=false
# =============================================================================
# RBAC Configuration Paths
# =============================================================================
# Path to RBAC TOML configuration file
RBAC_CONFIG_PATH=config/rbac.toml
# Path to RBAC database migrations
RBAC_MIGRATIONS_PATH=migrations/rbac
# =============================================================================
# Core Authentication (always required)
# =============================================================================
# Enable basic authentication system
ENABLE_AUTH=true
# Enable JWT token authentication
ENABLE_JWT=true
# Enable OAuth providers (Google, GitHub, etc.)
ENABLE_OAUTH=false
# Enable two-factor authentication
ENABLE_2FA=false
# Enable session management
ENABLE_SESSIONS=true
# Enable password reset functionality
ENABLE_PASSWORD_RESET=true
# Enable email verification
ENABLE_EMAIL_VERIFICATION=false
# =============================================================================
# Database Configuration
# =============================================================================
# Database connection string
DATABASE_URL=postgresql://username:password@localhost:5432/rustelo_dev
# Database pool settings
DATABASE_MAX_CONNECTIONS=20
DATABASE_MIN_CONNECTIONS=5
DATABASE_CONNECTION_TIMEOUT=30
DATABASE_IDLE_TIMEOUT=600
DATABASE_MAX_LIFETIME=1800
# =============================================================================
# Server Configuration
# =============================================================================
# Server host and port
SERVER_HOST=127.0.0.1
SERVER_PORT=3030
SERVER_PROTOCOL=http
# Environment (development/production)
ENVIRONMENT=development
# =============================================================================
# Security Configuration
# =============================================================================
# JWT secret key (change in production!)
JWT_SECRET=your-super-secret-jwt-key-change-this-in-production
# Session secret (change in production!)
SESSION_SECRET=your-session-secret-key-change-this-in-production
# Enable CSRF protection
ENABLE_CSRF=true
# Enable rate limiting
ENABLE_RATE_LIMITING=true
# Rate limiting settings
RATE_LIMIT_REQUESTS=100
RATE_LIMIT_WINDOW=60
# Bcrypt cost for password hashing
BCRYPT_COST=12
# =============================================================================
# Content Management Features
# =============================================================================
# Enable content management system
ENABLE_CONTENT=true
# Enable markdown rendering
ENABLE_MARKDOWN=true
# Enable syntax highlighting
ENABLE_SYNTAX_HIGHLIGHTING=false
# Enable file uploads
ENABLE_FILE_UPLOADS=true
# Enable content versioning
ENABLE_CONTENT_VERSIONING=false
# Enable content scheduling
ENABLE_CONTENT_SCHEDULING=false
# Enable SEO features
ENABLE_SEO=true
# =============================================================================
# Performance Features
# =============================================================================
# Enable response caching
ENABLE_CACHING=true
# Enable database query caching
ENABLE_QUERY_CACHING=true
# Enable compression
ENABLE_COMPRESSION=true
# Enable connection pooling
ENABLE_CONNECTION_POOLING=true
# Enable lazy loading
ENABLE_LAZY_LOADING=false
# Enable background tasks
ENABLE_BACKGROUND_TASKS=true
# =============================================================================
# Logging Configuration
# =============================================================================
# Log level (trace, debug, info, warn, error)
LOG_LEVEL=info
RUST_LOG=info
# Enable console logging
ENABLE_CONSOLE_LOGGING=true
# Enable file logging
ENABLE_FILE_LOGGING=false
# Log file path
LOG_FILE_PATH=logs/app.log
# =============================================================================
# TLS/HTTPS Configuration
# =============================================================================
# Enable TLS/HTTPS
ENABLE_TLS=false
# TLS certificate paths (when ENABLE_TLS=true)
TLS_CERT_PATH=certs/cert.pem
TLS_KEY_PATH=certs/key.pem
# =============================================================================
# OAuth Configuration (when ENABLE_OAUTH=true)
# =============================================================================
# Google OAuth
GOOGLE_CLIENT_ID=your-google-client-id
GOOGLE_CLIENT_SECRET=your-google-client-secret
GOOGLE_REDIRECT_URI=http://localhost:3030/auth/google/callback
# GitHub OAuth
GITHUB_CLIENT_ID=your-github-client-id
GITHUB_CLIENT_SECRET=your-github-client-secret
GITHUB_REDIRECT_URI=http://localhost:3030/auth/github/callback
# =============================================================================
# Email Configuration (when email features are enabled)
# =============================================================================
# Enable email functionality
ENABLE_EMAIL=false
# SMTP settings
SMTP_HOST=smtp.gmail.com
SMTP_PORT=587
SMTP_USERNAME=your-email@gmail.com
SMTP_PASSWORD=your-app-password
FROM_EMAIL=noreply@yourapp.com
FROM_NAME=Your App
# =============================================================================
# Redis Configuration (optional)
# =============================================================================
# Enable Redis for caching/sessions
ENABLE_REDIS=false
# Redis connection
REDIS_URL=redis://localhost:6379
REDIS_POOL_SIZE=10
REDIS_CONNECTION_TIMEOUT=5
REDIS_COMMAND_TIMEOUT=5
# =============================================================================
# Custom Feature Flags
# =============================================================================
# Add your custom feature flags here
# ENABLE_MY_CUSTOM_FEATURE=false
# ENABLE_ANALYTICS=false
# ENABLE_NOTIFICATIONS=false
# =============================================================================
# RBAC Example Configurations
# =============================================================================
# Example 1: Minimal RBAC (only basic categories)
# ENABLE_RBAC=true
# ENABLE_RBAC_CATEGORIES=true
# ENABLE_RBAC_CACHING=true
# Example 2: Database-focused RBAC
# ENABLE_RBAC=true
# ENABLE_RBAC_DATABASE=true
# ENABLE_RBAC_CATEGORIES=true
# ENABLE_RBAC_TAGS=true
# ENABLE_RBAC_CACHING=true
# ENABLE_RBAC_AUDIT=true
# Example 3: Full RBAC with all features
# ENABLE_RBAC=true
# ENABLE_RBAC_DATABASE=true
# ENABLE_RBAC_FILES=true
# ENABLE_RBAC_CONTENT=true
# ENABLE_RBAC_API=true
# ENABLE_RBAC_CATEGORIES=true
# ENABLE_RBAC_TAGS=true
# ENABLE_RBAC_CACHING=true
# ENABLE_RBAC_AUDIT=true
# ENABLE_RBAC_TOML_CONFIG=true
# ENABLE_RBAC_HIERARCHICAL=true
# ENABLE_RBAC_DYNAMIC_RULES=true
# Example 4: Content management with RBAC
# ENABLE_RBAC=true
# ENABLE_RBAC_CONTENT=true
# ENABLE_RBAC_FILES=true
# ENABLE_RBAC_CATEGORIES=true
# ENABLE_RBAC_TAGS=true
# ENABLE_CONTENT=true
# ENABLE_FILE_UPLOADS=true
# =============================================================================
# Development vs Production Settings
# =============================================================================
# Development settings (copy these for development)
# ENVIRONMENT=development
# LOG_LEVEL=debug
# ENABLE_CSRF=false
# ENABLE_TLS=false
# DATABASE_URL=postgresql://dev:dev@localhost:5432/rustelo_dev
# Production settings (copy these for production)
# ENVIRONMENT=production
# LOG_LEVEL=warn
# ENABLE_CSRF=true
# ENABLE_TLS=true
# ENABLE_RATE_LIMITING=true
# DATABASE_URL=postgresql://prod_user:secure_password@db.example.com:5432/rustelo_prod
# JWT_SECRET=very-long-random-secure-key-for-production
# SESSION_SECRET=another-very-long-random-secure-key-for-production
Reference in New Issue View Git Blame Copy Permalink