-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.env.example
More file actions
73 lines (58 loc) · 3.17 KB
/
.env.example
File metadata and controls
73 lines (58 loc) · 3.17 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
# LFX V2 Survey Service — Local Development Environment
# Copy this file to .env and fill in the required values.
# The .env file is gitignored and will never be committed.
#
# Quickstart: set the LOCAL DEV OVERRIDES below, get ITX credentials from
# 1Password (LFX V2 vault -> LFX Platform Chart Values Secrets - Local Development), then run:
# source .env && make run
# =============================================================================
# SERVER
# =============================================================================
export PORT=8080
export LOG_LEVEL=debug
# Add source file and line number to log output
export LOG_ADD_SOURCE=true
# =============================================================================
# AUTHENTICATION (Heimdall JWT)
# =============================================================================
export JWKS_URL=http://heimdall:4457/.well-known/jwks
# Must match the audience claim in incoming JWTs
export AUDIENCE=lfx-v2-survey-service
# LOCAL DEV OVERRIDE: set to any string to skip JWT validation entirely.
# Remove or leave empty in non-local environments.
export JWT_AUTH_DISABLED_MOCK_LOCAL_PRINCIPAL=test-user@example.com
# =============================================================================
# ITX PROXY — credentials required to call the ITX API
# Find these in 1Password: Linux Foundation org -> LFX V2 vault ->
# "LFX Platform Chart Values Secrets - Local Development" (secure note).
# Store the private key at tmp/local.private.key (gitignored).
# =============================================================================
export ITX_BASE_URL=https://api.dev.itx.linuxfoundation.org/
export ITX_AUTH0_DOMAIN=linuxfoundation-dev.auth0.com
# Auth0 API audience for ITX M2M token requests
export ITX_AUDIENCE=https://api.dev.itx.linuxfoundation.org/
# REQUIRED — see 1Password note above
export ITX_CLIENT_ID=
# RSA private key in raw PEM format (not base64-encoded)
export ITX_CLIENT_PRIVATE_KEY=
# To load the key from a file instead of inlining it, run:
# export ITX_CLIENT_PRIVATE_KEY="$(cat tmp/local.private.key)"
# =============================================================================
# NATS / ID MAPPING
# =============================================================================
# Default assumes the lfx-platform Helm chart is running locally.
# Override with nats://localhost:4222 if your NATS server is on that port instead.
export NATS_URL=nats://lfx-platform-nats.lfx.svc.cluster.local:4222
# LOCAL DEV OVERRIDE: set to true to skip NATS ID mapping (no NATS needed).
export ID_MAPPING_DISABLED=true
# =============================================================================
# EVENT PROCESSING
# Consumes NATS JetStream events to sync v1 survey data to the v2 indexer and FGA.
# See docs/event-processing.md for details.
# =============================================================================
# LOCAL DEV OVERRIDE: set to false to skip NATS event processing (no NATS needed).
export EVENT_PROCESSING_ENABLED=false
# JetStream consumer name — must be unique per service instance
export EVENT_CONSUMER_NAME=survey-service-kv-consumer
# JetStream stream to consume from
export EVENT_STREAM_NAME=KV_v1-objects