# Application APP_NAME=ConsentOS API DEBUG=true ENVIRONMENT=development LOG_LEVEL=DEBUG # Database DATABASE_URL=postgresql+asyncpg://consentos:consentos@postgres:5432/consentos DATABASE_ECHO=false # Redis REDIS_URL=redis://redis:6379/0 # JWT — generate with `openssl rand -hex 32` for production JWT_SECRET_KEY=dev-secret-change-in-production JWT_ACCESS_TOKEN_EXPIRE_MINUTES=30 # CDN — public URL where banner scripts are served. In dev the admin # UI dog-foods the banner from its own /banner/ path, so localhost:5173 # works. In production point this at your real CDN (CloudFlare Pages, # S3 + CloudFront, etc.) where consent-loader.js / consent-bundle.js # are hosted. CDN_BASE_URL=http://localhost:5173 # CORS — comma-separated list of allowed origins. Wildcards are refused # at startup when ENVIRONMENT is not dev/test. ALLOWED_ORIGINS=http://localhost:5173,http://localhost:8000 # Required to enable POST /api/v1/organisations/. Set to a strong random # value (`openssl rand -hex 32`) to bootstrap your first organisation, # then unset or rotate. # ADMIN_BOOTSTRAP_TOKEN= # Extra GeoIP country header — checked before the built-in list # (cf-ipcountry, x-vercel-ip-country, x-appengine-country, # x-country-code). Set this when you're behind a CDN or load # balancer that uses a non-standard header, e.g. Google Cloud Load # Balancer's x-gclb-country. Header names are case-insensitive. # GEOIP_COUNTRY_HEADER=x-gclb-country # Companion subdivision/state header. When both are set, the API # pairs them to produce keys like "US-CA" or "GB-SCT" (ISO 3166-2). # Only applies alongside GEOIP_COUNTRY_HEADER. Common names: # cf-region-code (Cloudflare Enterprise) # x-vercel-ip-country-region (Vercel) # x-gclb-region (Google Cloud Load Balancer) # cloudfront-viewer-country-region (AWS CloudFront functions) # GEOIP_REGION_HEADER=x-gclb-region # Local MaxMind GeoLite2-City database — used as a fallback when no # CDN header is present. Download GeoLite2-City.mmdb from MaxMind # (free, registration required) and mount it into the container, # then point at it here. Without this, the API falls back to the # external ip-api.com service which is rate-limited and should not # be relied on in production. # GEOIP_MAXMIND_DB_PATH=/data/GeoLite2-City.mmdb # Initial admin bootstrap — on first startup, if the users table is # empty and both credentials below are set, the API creates an # organisation and an owner user so you can log in to the admin UI. # Rotate the password via the admin UI after first login. Once any # user exists this is a no-op, so the variables can safely remain set # across restarts. # INITIAL_ADMIN_EMAIL=admin@example.com # INITIAL_ADMIN_PASSWORD=change-me-immediately # INITIAL_ADMIN_FULL_NAME=Administrator # INITIAL_ORG_NAME=Default Organisation # INITIAL_ORG_SLUG=default