-
Notifications
You must be signed in to change notification settings - Fork 28
/
Copy path.env.sample
136 lines (110 loc) · 4.61 KB
/
.env.sample
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
# Elasticsearch DB; Shared by api-server and CLI script
ELASTICSEARCH_URL=http://localhost:62222
# API server port
PORT=5000
ADM_PORT=5500
# For Admin API, we use Cloudflare Access to protect it
CLOUDFLARE_ACCESS_TEAM_DOMAIN=https://cofacts.cloudflareaccess.com
# Rollbar setup
ROLLBAR_TOKEN=YOUR_ROLLBAR_TOKEN
ROLLBAR_ENV=localhost
# HTTP header to identify the client apps
HTTP_HEADER_APP_ID=x-app-id
HTTP_HEADER_APP_SECRET=x-app-secret
# Official web clients. Use comma to separate all site origins.
RUMORS_SITE_CORS_ORIGIN=http://localhost:3000
# Websites to redirect back to. Use comma to separate all site origins.
# After logging-in, it will always redirect user to domains specified here.
# If the request is coming from other domains, it will be redirected to the first origin here.
#
# Please make sure the domain is the "same site" as PUBLIC_API_URL in rumors-site
# so that login cookies can be picked up when rumors-site make requests to this API server.
#
RUMORS_SITE_REDIRECT_ORIGIN=http://localhost:3000
# Official LINE clients
RUMORS_LINE_BOT_CORS_ORIGIN=http://localhost:5001
# official line bot client
RUMORS_LINE_BOT_SECRET=secret
# Cookie related setup, expire time default to 86400 * 1000 * 14 milliseconds (14 days)
COOKIE_MAXAGE=1209600000
COOKIE_SECRETS=foo,bar
# If we should trust proxy headers (x-forwarded-*).
#
# Note: don't turn this on unless the server is behind a reversed proxy (like nginx or cloudflare).
#
TRUST_PROXY_HEADERS=
# Set Samesite=none and secure flag to enable cross-site login.
# See: https://github.com/cofacts/rumors-api/issues/186#issuecomment-644612628
#
# Note: don't turn this on unless you have HTTPS or X-Forwarded-Proto header set.
# Koa will throw error preventing us from setting the secure flag if we don't satisfy the condition
# above.
#
COOKIE_SAMESITE_NONE=
# Login-service credentials
FACEBOOK_APP_ID=YOUR_FB_ID
FACEBOOK_SECRET=YOUR_FB_SECRET
FACEBOOK_CALLBACK_URL=PUBLIC_URL/callback/facebook
TWITTER_CONSUMER_KEY=YOUR_TWITTER_CONSUMER_KEY
TWITTER_CONSUMER_SECRET=YOUR_TWITTER_CONSUMER_SECRET
TWITTER_CALLBACK_URL=PUBLIC_URL/callback/twitter
GITHUB_CLIENT_ID=YOUR_GITHUB_CLIENT_ID
GITHUB_SECRET=YOUR_GITHUB_CLIENT_SECRET
GITHUB_CALLBACK_URL=PUBLIC_URL/callback/github
GOOGLE_CLIENT_ID=YOUR_GOOGLE_CLIENT_ID
GOOGLE_SECRET=YOUR_GOOGLE_CLIENT_SECRET
GOOGLE_CALLBACK_URL=PUBLIC_URL/callback/google
INSTAGRAM_CLIENT_ID=YOUR_INSTAGRAM_CLIENT_ID
INSTAGRAM_SECRET=YOUR_INSTAGRAM_CLIENT_SECRET
INSTAGRAM_CALLBACK_URL=PUBLIC_URL/callback/instagram
# Google Analytics Related settings
GA_PAGE_SIZE=10000
# The target dataset ID (`projectId.dataset`) of LINE bot's analytics.
# The schema should match `/src/rumors-db/bq`
LINE_BOT_EVENT_DATASET_ID=
# The target dataset ID (`projectId.dataset`) of Google Analytics 4.
GA4_DATASET_ID=
# `stream_id` for website and LIFF, respectively, within GA_DATASET's tables.
GA_WEB_STREAM_ID=
GA_LIFF_STREAM_ID=
# The dataset (name only, no project ID prefix) for fetchStatsForGA unit tests.
# The application default credential should have writable permission on this dataset;
# the test script will create and drop fixture tables in it.
TEST_DATASET=
# This is used in putting events into days when calculating traffic.
# Must match "Reporting time zone" in Google analytics.
TIMEZONE=Asia/Taipei
# Google API key for reading category review sheet
GOOGLE_SHEETS_API_KEY=
# URL to URL resolver microservice (http://github.com/cofacts/url-resolver)
URL_RESOLVER_URL=localhost:4000
# Apollo engine. When not given, disables Apollo Engine introspection
ENGINE_API_KEY=
WEB_CONCURRENCY=2
JEST_TIMEOUT=5000
# Multimedia storage
# We use google cloud storage to store the files sent by users.
#
# 1. Create a bucket and paste the name to `GCS_BUCKET_NAME`, you can create a folder
# `GCS_IMAGE_FOLDER` to save image files or leave it null to root.
# 2. Make data public
# https://cloud.google.com/storage/docs/access-control/making-data-public?hl=zh-tw#console
# 3. Get the cloud storage JSON key and paste it to `GCS_CREDENTIALS`.
# https://cloud.google.com/docs/authentication/getting-started#cloud-console
#
GCS_CREDENTIALS=
GCS_BUCKET_NAME=
GCS_MEDIA_FOLDER=media/
# Open AI API key for AI replies, etc.
OPENAI_API_KEY=sk-...
# Langfuse configuration
LANGFUSE_PUBLIC_KEY=pk-lf-...
LANGFUSE_SECRET_KEY=sk-lf-...
LANGFUSE_BASEURL=https://langfuse.cofacts.tw # Optional, for self-hosted
# When LOG_REQUESTS exists, it also shows incoming GraphQL operation, variables, and resolved user info
LOG_REQUESTS=
# Internet Archive S30Like API key and secret from https://archive.org/account/s3.php
# They are used to call Save Page Now 2 Public API
#
INTERNET_ARCHIVE_S3_ACCESS_KEY=
INTERNET_ARCHIVE_S3_SECRET_KEY=