packages/backend/environment.example.ts at api-load-balancing

jbc.lol / wafrn
fork atom
unoffical wafrn mirror wafrn.net
atproto social-network activitypub
fork atom
wafrn / packages / backend / environment.example.ts
at api-load-balancing 125 lines 6.6 kB view raw
wrap content
Zsolt Raven Force the usage of package-lock.json in builds 6mo ago
54593c3d
  1import { Environment } from './interfaces/environment.js'
  2
  3export const baseEnvironment: Environment = {
  4  prod: true,
  5  // this makes the logs really heavy, but might be useful for queries
  6  logSQLQueries: ${{LOG_SQL_QUERIES:-false}},
  7  workers: {
  8    // if you set this to true, workers will start in the main thread. no need for starting the utils/workers.ts in other tmux tab
  9    mainThread: ${{USE_WORKERS:-true}},
 10    low: ${{WORKERS_LOW:-10}},
 11    medium: ${{WORKERS_MEDIUM:-50}},
 12    high: ${{WORKERS_HIGH:-100}}
 13  },
 14  // this was a dev thing. leave to true unless you are doing stuff in local or your media url is yourinstance/uploads (not recomended)
 15  removeFolderNameFromFileUploads: true,
 16  // we use now postgresql.
 17  databaseConnectionString: 'postgresql://${{POSTGRES_USER}}:${{POSTGRES_PASSWORD}}@${{POSTGRES_HOST}}:${{POSTGRES_PORT}}/${{POSTGRES_DBNAME}}',
 18  listenIp: '${{LISTEN_IP:-0.0.0.0}}',
 19  port: ${{PORT:-9000}},
 20  // In the case of you wantint to put fedi petitions in another thread, use a different port here. You will have to update your apache config
 21  fediPort: ${{PORT:-9000}},
 22  // If you want to run the cache routes in another port, same thing!
 23  cachePort: ${{PORT:-9000}},
 24
 25  saltRounds: 14,
 26  // for jwt secret you should use something like https://www.grc.com/passwords.htm please this is SUPER DUPER SECRET.
 27  jwtSecret: Buffer.from('${{JWT_SECRET}}', 'base64'),
 28  // https://app.wafrn.net
 29  frontendUrl: 'https://${{DOMAIN_NAME}}',
 30  // app.wafrn.net
 31  instanceUrl: '${{DOMAIN_NAME}}',
 32  // https://media.wafrn.net
 33  mediaUrl: '${{FRONTEND_MEDIA_URL}}',
 34  // You should run also this project github.com/gabboman/fediversemediacacher. In my case, https://cache.wafrn.net/?media= The cache is there because at some point in the past I configured it to precache images. No need for it to be honest
 35  externalCacheurl: '${{FRONTEND_CACHE_URL}}',
 36  // If main cache fails due to IP limits you can install additional proxies, and use them here. The cache will try these as well before failing.
 37  // You can deploy https://github.com/sztupy/did-decoder-lambda this project to Netlify or Vercel as a backup for example
 38  externalCacheBackups: [${{FRONTEND_CACHE_BACKUP_URLS:-}}],
 39  // after the first run, create the admin user. and a deleted user. You will have to edit the user url in db so it starts with an @
 40  adminUser: '${{ADMIN_USER}}',
 41  // admin email wich you will recive things like "someone registred and you need to review this"
 42  adminEmail: '${{ADMIN_EMAIL}}',
 43  adminPassword: '${{ADMIN_PASSWORD}}',
 44  // after creating the deleted_user we advice to also set the user to BANNED
 45  deletedUser: '@DELETEDUSER',
 46  // in MB. Please make sure you have the same in the frontend
 47  uploadLimit: ${{UPLOAD_LIMIT:-250}},
 48  // 20 is a good number. With the new query we could investigate a higher number but no need to do it
 49  postsPerPage: ${{POSTS_PER_PAGE:-20}},
 50  // trace is extreme logging. debug is ok for now
 51  logLevel: '${{LOG_LEVEL:-debug}}',
 52  // There is a script that loads the file from this url and blocks the servers
 53  blocklistUrl: ${{BLOCKLIST_URI:-''}},
 54  // In some cases we serve the frontend with the backend with a small preprocessing. We need the location of the frontend
 55  frontedLocation: '${{FRONTEND_PATH:-/app/packages/frontend}}',
 56  // oh yes, you need TWO redis connections, one for queues other for cache
 57  bullmqConnection: {
 58    host: '${{REDIS_HOST:-localhost}}',
 59    port: ${{REDIS_PORT:-6379}},
 60    db: 0
 61  },
 62  // second database used for cache
 63  redisioConnection: {
 64    host: '${{REDIS_HOST:-localhost}}',
 65    port: ${{REDIS_PORT:-6379}},
 66    db: 1
 67  },
 68  // this will create a backendlog.log file on the folder superior to this one.
 69  pinoTransportOptions: {
 70    targets: [
 71      {
 72        target: 'pino/file',
 73        level: '${{LOG_LEVEL:-debug}}',
 74        options: {
 75          destination: ${{LOG_DESTINATION:-'logs/backendlog.log'}} // set to 1 to log to stdout
 76        }
 77      }
 78    ]
 79  },
 80  // you can try with gmail but we actually use sendinblue for this. bear in mind that this might require some fiddling in your gmail account too
 81  // you might need to enable https://myaccount.google.com/lesssecureapps
 82  // https://miracleio.me/snippets/use-gmail-with-nodemailer/
 83  emailConfig: {
 84    host: '${{SMTP_HOST:-localhost}}',
 85    port: ${{SMTP_PORT:-587}},
 86    auth: {
 87      user: '${{SMTP_USER}}',
 88      pass: '${{SMTP_PASSWORD}}',
 89      from: '${{SMTP_FROM}}'
 90    }
 91  },
 92  // you dont have an smtp server and you want to do a single user instance? set this to true!
 93  disableRequireSendEmail: ${{DISABLE_REQUIRE_SEND_EMAIL:-false}},
 94  // if someone is trying to scrap your place you can send a funny message in some petitions (attacks to the frontend)
 95  blockedIps: ${{BLOCKED_IPS:-[]}} as string[],
 96  // do you want to manually review registrations or have them open? We advice to leave this one to true
 97  reviewRegistrations: ${{REVIEW_REGISTRATIONS:-true}},
 98  // if the blocklist youre using turns out to be biased you can tell the script that loads the block host to do not block these hosts
 99  ignoreBlockHosts: ${{IGNORE_BLOCK_HOSTS:-[]}} as string[],
100  // default SEO data that will be used when trying to load server data
101  defaultSEOData: {
102    title: '${{FRONTEND_SHORT_TITLE:-Wafrn, the social media that respects you}}',
103    description: '${{FRONTEND_DESCRIPTION:-Wafrn is a federated social media inspired by tumblr that connects with the fediverse and bluesky}}',
104    img: 'https://${{DOMAIN_NAME}}/assets/logo.png'
105  },
106  enableBsky: ${{ENABLE_BSKY:-false}},
107  bskyPds: '${{PDS_DOMAIN_NAME}}',
108  bskyPdsJwtSecret: '${{PDS_JWT_SECRET}}',
109  bskyPdsAdminPassword: '${{PDS_ADMIN_PASSWORD}}',
110  // to generate these keys use the following command: `npx web-push generate-vapid-keys`. Remember to do the environment one too!!
111  webpushPrivateKey: '${{WEBPUSH_PRIVATE}}',
112  webpushPublicKey: '${{WEBPUSH_PUBLIC}}',
113  // this is a email that will be sent to the distribution services in the users devices in case the owner of the distribution service wants to contact the server that is sending the notifications
114  webpushEmail: '${{WEBPUSH_EMAIL}}',
115  frontendEnvironment: {
116    logo: '${{FRONTEND_LOGO:-/assets/logo.png}}',
117    frontUrl: '${{FRONTEND_FQDN_URL}}',
118    baseUrl: '${{FRONTEND_API_URL:-/api}}',
119    baseMediaUrl: '${{FRONTEND_MEDIA_URL}}',
120    externalCacheurl: '${{FRONTEND_CACHE_URL}}',
121    shortenPosts: ${{FRONTEND_SHORTEN_POSTS:-3}},
122    disablePWA: ${{FRONTEND_DISABLE_PWA:-false}},
123    maintenance: ${{FRONTEND_MAINTENANCE:-false}}
124  }
125}