164 строки
5.6 KiB
Bash
164 строки
5.6 KiB
Bash
|
# local, heroku, stage, production
|
||
|
APP_ENV=local
|
||
|
SERVER_URL=http://localhost:6060
|
||
|
PORT=6060
|
||
|
NEXTAUTH_URL=http://localhost:6060
|
||
|
|
||
|
# 1: disables the dockerflow endpoints
|
||
|
# see: https://github.com/mozilla-services/Dockerflow#containerized-app-requirements
|
||
|
DISABLE_DOCKERFLOW=
|
||
|
|
||
|
# Database server
|
||
|
DATABASE_URL=postgres://postgres@localhost:5432/blurts
|
||
|
# How many seconds can unverified subscribers remain in the database
|
||
|
DELETE_UNVERIFIED_SUBSCRIBERS_TIMER=86400
|
||
|
|
||
|
# How many seconds until page tokens expire?
|
||
|
PAGE_TOKEN_TIMER=0
|
||
|
|
||
|
# Email server
|
||
|
SMTP_URL=
|
||
|
# From: address used in emails
|
||
|
EMAIL_FROM=
|
||
|
# https://docs.aws.amazon.com/ses/latest/DeveloperGuide/using-configuration-sets.html
|
||
|
SES_CONFIG_SET=
|
||
|
# 1: only log messages coming back from SES
|
||
|
SES_NOTIFICATION_LOG_ONLY=
|
||
|
|
||
|
# s3 bucket for cdn
|
||
|
AWS_ACCESS_KEY_ID=
|
||
|
AWS_SECRET_ACCESS_KEY=
|
||
|
AWS_REGION=
|
||
|
S3_BUCKET=
|
||
|
|
||
|
# Firefox Accounts OAuth
|
||
|
FXA_SETTINGS_URL=https://accounts.stage.mozaws.net/settings
|
||
|
|
||
|
OAUTH_CLIENT_ID=edd29a80019d61a1
|
||
|
OAUTH_CLIENT_SECRET=get-this-from-groovecoder-or-fxmonitor-engineering
|
||
|
OAUTH_AUTHORIZATION_URI=https://oauth.stage.mozaws.net/v1/authorization
|
||
|
OAUTH_PROFILE_URI=https://profile.stage.mozaws.net/v1/profile
|
||
|
OAUTH_TOKEN_URI=https://oauth.stage.mozaws.net/v1/token
|
||
|
OAUTH_ACCOUNT_URI = "https://oauth.accounts.firefox.com/v1"
|
||
|
OAUTH_API_URI="https://api-accounts.stage.mozaws.net/v1"
|
||
|
|
||
|
# HIBP API for breach data
|
||
|
# How many seconds to wait before refreshing upstream breach data from HIBP
|
||
|
HIBP_RELOAD_BREACHES_TIMER=600
|
||
|
# HIBP API for range search and subscription
|
||
|
HIBP_KANON_API_ROOT=https://enterprise.stage-api.haveibeenpwned.com
|
||
|
HIBP_KANON_API_TOKEN=
|
||
|
HIBP_API_ROOT=https://haveibeenpwned.com/api/v2
|
||
|
HIBP_API_TOKEN=
|
||
|
# How many milliseconds to wait before retrying an HIBP request
|
||
|
HIBP_THROTTLE_DELAY=2000
|
||
|
# Max number of times to try an HIBP request before throwing error
|
||
|
HIBP_THROTTLE_MAX_TRIES=5
|
||
|
# Authorization token for HIBP to present to /hibp/notify endpoint
|
||
|
HIBP_NOTIFY_TOKEN=unsafe-default-token-for-dev
|
||
|
# Domains we prefer to not link to
|
||
|
HIBP_BREACH_DOMAIN_BLOCKLIST=a-blocked-domain.com,another-blocked-domain.org
|
||
|
|
||
|
# OneRep API for exposure scanning
|
||
|
ONEREP_API_BASE=https://mozilla.api.onerep.com
|
||
|
ONEREP_API_KEY=
|
||
|
ONEREP_WEBHOOK_SECRET="unsafe-default-secret-for-dev"
|
||
|
|
||
|
# Firefox Remote Settings
|
||
|
FX_REMOTE_SETTINGS_WRITER_SERVER=https://settings-writer.prod.mozaws.net/v1
|
||
|
FX_REMOTE_SETTINGS_WRITER_USER=
|
||
|
FX_REMOTE_SETTINGS_WRITER_PASS=
|
||
|
|
||
|
# DSN for Sentry error and event capturing
|
||
|
# e.g., SENTRY_DSN=https://{key}@sentry.prod.mozaws.net/408
|
||
|
SENTRY_DSN=
|
||
|
SENTRY_DSN_LEGACY=
|
||
|
|
||
|
BREACH_RESOLUTION_ENABLED=1
|
||
|
PRODUCT_PROMOS_ENABLED=1
|
||
|
|
||
|
# Experiment Flag
|
||
|
EXPERIMENT_ACTIVE=0
|
||
|
|
||
|
REDIS_URL=redis-mock
|
||
|
|
||
|
SUPPORTED_LOCALES=cak,cs,cy,da,de,el,en,en-CA,en-GB,es-AR,es-CL,es-ES,es-MX,fi,fr,fy-NL,gn,hu,kab,ia,id,it,ja,nb-NO,nl,nn-NO,pt-BR,pt-PT,ro,ru,sk,sl,sq,sv-SE,tr,uk,vi,zh-CN,zh-TW
|
||
|
|
||
|
# Locales blocked from viewing Mozilla VPN promos. Use CSV without whitespace.
|
||
|
VPN_PROMO_BLOCKED_LOCALES=zh-CN
|
||
|
|
||
|
# MaxMind GeoLite2 geolocation service used for VPN Banner
|
||
|
# For Heroku deploys, the following 3 vars are generated automatically via Buildpack https://github.com/HiMamaInc/heroku-buildpack-geoip-geolite2
|
||
|
# Staging and production environments will need variables set manually
|
||
|
# Local environment uses a test database with limited data (preset here)
|
||
|
GEOIP_GEOLITE2_PATH=./tests/mmdb/
|
||
|
GEOIP_GEOLITE2_CITY_FILENAME=GeoLite2-City-Test.mmdb
|
||
|
GEOIP_GEOLITE2_COUNTRY_FILENAME=GeoLite2-Country-Test.mmdb
|
||
|
|
||
|
# Educational video src urls, hosted by SRE team on a CDN
|
||
|
EDUCATION_VIDEO_URL_RELAY=https://monitor.cdn.mozilla.net/videos/FF_Relay_version_02.mp4
|
||
|
EDUCATION_VIDEO_URL_VPN=https://monitor.cdn.mozilla.net/videos/Mozilla_VPN.mp4
|
||
|
|
||
|
# Email addresses that are allowed to test and send emails
|
||
|
ADMINS=
|
||
|
|
||
|
# Enable monthly cron-job, currently for sending unresolved breach reminder emails
|
||
|
MONTHLY_CRON_ENABLED=
|
||
|
|
||
|
# E2E Tests
|
||
|
E2E_TEST_ENV=
|
||
|
E2E_TEST_BASE_URL=
|
||
|
E2E_TEST_ACCOUNT_EMAIL=
|
||
|
E2E_TEST_ACCOUNT_PASSWORD=
|
||
|
|
||
|
E2E_TEST_ACCOUNT_EMAIL_ZERO_BREACHES=
|
||
|
E2E_TEST_ACCOUNT_EMAIL_EXPOSURES_STARTED=
|
||
|
|
||
|
E2E_TEST_PAYPAL_LOGIN =
|
||
|
E2E_TEST_PAYPAL_PASSWORD =
|
||
|
|
||
|
# Monitor Premium features
|
||
|
# Link to start user on the subscription process. PREMIUM_ENABLED must be set to `true`.
|
||
|
FXA_SUBSCRIPTIONS_URL=https://accounts.stage.mozaws.net/subscriptions
|
||
|
PREMIUM_PRODUCT_ID=prod_NErZh679W62lai
|
||
|
PREMIUM_PLAN_ID_MONTHLY_US=price_1MUNq0Kb9q6OnNsL4BoJgepf
|
||
|
PREMIUM_PLAN_ID_YEARLY_US=
|
||
|
SUBSCRIPTION_BILLING_AMOUNT_YEARLY_US=13.37
|
||
|
SUBSCRIPTION_BILLING_AMOUNT_MONTHLY_US=42.42
|
||
|
|
||
|
# This date is used to direct users who signed up after data broker scanning
|
||
|
# was released to the welcome flow. Users who had signed up before and thus
|
||
|
# have seen data breach results before, will be able to see their known breaches
|
||
|
# first:
|
||
|
BROKER_SCAN_RELEASE_DATE=2024-02-06
|
||
|
|
||
|
MONTHLY_SUBSCRIBERS_QUOTA=
|
||
|
MONTHLY_SCANS_QUOTA=
|
||
|
STATS_TOKEN=
|
||
|
|
||
|
# GCP PubSub Project ID and subscription name
|
||
|
GCP_PUBSUB_PROJECT_ID=
|
||
|
GCP_PUBSUB_TOPIC_NAME=
|
||
|
GCP_PUBSUB_SUBSCRIPTION_NAME=
|
||
|
|
||
|
# Randomly-generated UUIDv5 namespace, until/unless we are approved to use FxA UID for Nimbus User ID.
|
||
|
NIMBUS_UUID_NAMESPACE=00000000-0000-0000-0000-000000000000
|
||
|
NIMBUS_SIDECAR_URL=http://localhost:8001
|
||
|
|
||
|
# The maximum number of jobs that the email breach alert worker will process.
|
||
|
EMAIL_BREACH_ALERT_MAX_MESSAGES = 10000
|
||
|
|
||
|
# The maximum number of scans and profiles allowed. May be used for alerts, and for redirecting to waitlist.
|
||
|
MAX_MANUAL_SCANS=100
|
||
|
MAX_INITIAL_SCANS=100
|
||
|
MAX_PROFILES_ACTIVATED=100
|
||
|
MAX_PROFILES_CREATED=100
|
||
|
|
||
|
# Used during CI to upload sourcemaps to Sentry.
|
||
|
UPLOAD_SENTRY_SOURCEMAPS=false
|
||
|
SENTRY_AUTH_TOKEN=
|
||
|
|
||
|
# Whether GA4 sends data or not. NOTE: must be set in build environment.
|
||
|
NEXT_PUBLIC_GA4_DEBUG_MODE=true
|
||
|
|
||
|
CURRENT_COUPON_CODE_ID=
|