yiekheng
b29d137c84
robots.ts + metadata.robots blocks indexing.
serverActions.allowedOrigins gates cross-origin Server Action posts.
Bot + web Dockerfiles add a non-root 'app' user (uid 1000) with
chmod 700 on /data/sessions.
sendTestAction grows a per-group rate limit (3/60s).
resumeReminderRunAction + cancelReminderRunAction get a per-IP
rate limit (30/10s).
.env.example documents every required key.
packages/db/src/scripts/{set-password,create-user}.ts + thin shell
wrappers in scripts/ — first admin sets their password via
./scripts/set-password.sh admin before signing in.
28 lines
662 B
Plaintext
28 lines
662 B
Plaintext
# Required
|
|
DATABASE_URL=postgres://user:pass@host:5432/dbname
|
|
|
|
# Auth — sign cookies. 64+ random chars. Generate via scripts/gen_auth_secret.sh.
|
|
AUTH_SECRET=replace-me
|
|
|
|
# Bump to invalidate all live sessions instantly. Leave at 1 normally.
|
|
OPERATOR_TOKEN_VERSION=1
|
|
|
|
# File-storage paths inside the bot container
|
|
DATA_DIR=/data
|
|
SESSIONS_DIR=/data/sessions
|
|
MEDIA_DIR=/data/media
|
|
|
|
# Bot fan-out tuning (see apps/bot/src/env.ts)
|
|
BOT_HEALTH_PORT=8081
|
|
BOT_LOG_LEVEL=info
|
|
BOT_FIRE_CONCURRENCY=8
|
|
BOT_GROUP_CONCURRENCY=3
|
|
BOT_MAX_SEND_PER_MINUTE=40
|
|
|
|
# Web
|
|
WEB_PORT=9000
|
|
|
|
# Seed (runs once via scripts/db.sh seed)
|
|
SEED_OPERATOR_USERNAME=admin
|
|
SEED_OPERATOR_NAME=Operator
|