mirror of
https://github.com/DumbWareio/DumbDrop.git
synced 2025-10-22 23:31:57 +00:00
1a8fe19416
* CORS/CSP fix * deprecate ALLOWED_IFRAME_ORIGINS * Revert "deprecate ALLOWED_IFRAME_ORIGINS" This reverts commit9792f06691. * Reapply "deprecate ALLOWED_IFRAME_ORIGINS" This reverts commit683ee93036. * Add helmet config and deprecate previous ALLOWED_IFRAME_ORIGINS * add build to docker compose for local builds * set server to listen on 0.0.0.0 and control with cors * Remove hsts from helmet and apply new pin status check limits * add back allowed_iframe_origins env as a fallback for allowed_origins * update readme for allowed_iframe_origins
74 lines
2.2 KiB
Plaintext
74 lines
2.2 KiB
Plaintext
#########################################
|
|
# SERVER CONFIGURATION
|
|
#########################################
|
|
|
|
# Port for the server (default: 3000)
|
|
PORT=3000
|
|
|
|
# Base URL for the application (default: http://localhost:PORT) -
|
|
# You must update this to the url you use to access your site
|
|
BASE_URL=http://localhost:3000/
|
|
|
|
#ALLOWED_IFRAME_ORIGINS= #DEPRECATED and will be used as ALLOWED_ORIGINS if SET
|
|
|
|
# Comma-separated list of allowed origins for CORS
|
|
# (default: '*' if empty, add your base_url if you want to restrict only to base_url)
|
|
# When adding multiple origins, base_url will be included by default
|
|
# ALLOWED_ORIGINS: http://internalip:port,https://subdomain.example.com
|
|
ALLOWED_ORIGINS=
|
|
|
|
# Node environment (default: production)
|
|
# When set to 'development', ALLOWED_ORIGINS will default to '*'
|
|
NODE_ENV=production
|
|
|
|
#########################################
|
|
# FILE UPLOAD SETTINGS
|
|
#########################################
|
|
|
|
# Maximum file size in MB (default: 1024)
|
|
MAX_FILE_SIZE=1024
|
|
|
|
# Directory for uploads (Docker/production; optional)
|
|
UPLOAD_DIR=
|
|
|
|
# Directory for uploads (local dev, fallback: './local_uploads')
|
|
LOCAL_UPLOAD_DIR=./local_uploads
|
|
|
|
# Comma-separated list of allowed file extensions (optional, e.g. .jpg,.png,.pdf)
|
|
# ALLOWED_EXTENSIONS=.jpg,.png,.pdf
|
|
ALLOWED_EXTENSIONS=
|
|
|
|
#########################################
|
|
# SECURITY
|
|
#########################################
|
|
|
|
# PIN protection (4-10 digits, optional)
|
|
# DUMBDROP_PIN=1234
|
|
DUMBDROP_PIN=
|
|
|
|
#########################################
|
|
# UI SETTINGS
|
|
#########################################
|
|
|
|
# Site title displayed in header (default: DumbDrop)
|
|
DUMBDROP_TITLE=DumbDrop
|
|
|
|
#########################################
|
|
# NOTIFICATION SETTINGS
|
|
#########################################
|
|
|
|
# Apprise URL for notifications (optional)
|
|
APPRISE_URL=
|
|
|
|
# Notification message template (default: New file uploaded {filename} ({size}), Storage used {storage})
|
|
APPRISE_MESSAGE=New file uploaded {filename} ({size}), Storage used {storage}
|
|
|
|
# Size unit for notifications (B, KB, MB, GB, TB, or Auto; default: Auto)
|
|
APPRISE_SIZE_UNIT=Auto
|
|
|
|
#########################################
|
|
# ADVANCED
|
|
#########################################
|
|
|
|
# Enable automatic upload on file selection (true/false, default: false)
|
|
AUTO_UPLOAD=false |