stupa-pdf-api/.env.example

# ========================================
# STUPA PDF API Configuration
# ========================================

# Application Settings
APP_NAME="STUPA PDF API"
APP_VERSION="3.0.0"
ENVIRONMENT="development"
DEBUG=true
LOG_LEVEL="INFO"
TIMEZONE="Europe/Berlin"
FRONTEND_URL="http://localhost:3001"

# API Settings
API_PREFIX="/api"
DOCS_URL="/docs"
REDOC_URL="/redoc"
OPENAPI_URL="/openapi.json"

# Feature Flags
ENABLE_METRICS=false
ENABLE_TRACING=false
ENABLE_CACHE=true
CACHE_TTL=300
ENABLE_FORM_DESIGNER=true
ENABLE_PDF_UPLOAD=true
ENABLE_WORKFLOW=true

# ========================================
# Database Configuration
# ========================================
MYSQL_HOST=db
MYSQL_PORT=3306
MYSQL_DB=stupa
MYSQL_USER=stupa
MYSQL_PASSWORD=secret
DB_POOL_SIZE=10
DB_MAX_OVERFLOW=20
DB_POOL_PRE_PING=true
DB_ECHO=false

# ========================================
# Security Settings
# ========================================
MASTER_KEY="change_me_to_secure_key"
JWT_SECRET_KEY="change_me_to_secure_jwt_secret"
JWT_ALGORITHM="HS256"
ACCESS_TOKEN_EXPIRE_MINUTES=30
REFRESH_TOKEN_EXPIRE_DAYS=7
ENCRYPTION_KEY="change_me_to_32_byte_encryption_key"
API_KEY_HEADER="X-API-Key"

# CORS Settings
CORS_ORIGINS="http://localhost:3001,http://localhost:3000"
CORS_CREDENTIALS=true
CORS_METHODS="*"
CORS_HEADERS="*"

# ========================================
# OIDC/OAuth2 Settings (Nextcloud)
# ========================================
OIDC_ENABLED=true
OIDC_ISSUER="https://nextcloud.example.com"
OIDC_CLIENT_ID="your_client_id"
OIDC_CLIENT_SECRET="your_client_secret"
OIDC_REDIRECT_URI="http://localhost:3001/auth/callback"
OIDC_SCOPE="openid profile email groups"
OIDC_AUTO_CREATE_USERS=true

# OIDC Group Mappings (comma-separated)
OIDC_ADMIN_GROUPS="admin,administrators"
OIDC_BUDGET_REVIEWER_GROUPS="haushaltsbeauftragte,budget_reviewers"
OIDC_FINANCE_REVIEWER_GROUPS="finanzreferent,finance_reviewers"
OIDC_ASTA_GROUPS="asta,asta_members"

# ========================================
# Email Settings
# ========================================
EMAIL_ENABLED=true
SMTP_HOST="localhost"
SMTP_PORT=587
SMTP_TLS=true
SMTP_SSL=false
SMTP_USERNAME=""
SMTP_PASSWORD=""
EMAIL_FROM="noreply@example.com"
EMAIL_FROM_NAME="STUPA System"

# Email Templates
EMAIL_VERIFICATION_SUBJECT="Verifizieren Sie Ihre E-Mail-Adresse"
EMAIL_MAGIC_LINK_SUBJECT="Anmelden bei STUPA"
EMAIL_APP_NOTIFICATION_SUBJECT="Status-Update zu Ihrer Bewerbung"

# ========================================
# Rate Limiting
# ========================================
RATE_LIMIT_ENABLED=true
RATE_IP_PER_MIN=60
RATE_KEY_PER_MIN=30
RATE_GLOBAL_PER_MIN=1000
RATE_BURST_SIZE=10

# ========================================
# Storage Settings
# ========================================
UPLOAD_DIR="/app/uploads"
TEMPLATE_DIR="/app/templates"
MAX_FILE_SIZE=10485760  # 10MB
ALLOWED_EXTENSIONS="pdf,json,jpg,jpeg,png"
TEMP_DIR="/tmp"
ATTACHMENT_STORAGE="filesystem"  # database or filesystem
FILESYSTEM_PATH="/app/attachments"

# ========================================
# Workflow Settings
# ========================================
WORKFLOW_REQUIRED_VOTES=5
WORKFLOW_APPROVAL_THRESHOLD=50.0  # Percentage
WORKFLOW_REVIEW_TIMEOUT_DAYS=14
WORKFLOW_VOTING_TIMEOUT_DAYS=7
WORKFLOW_ALLOW_MANUAL_STATUS_CHANGE=true
WORKFLOW_AUTO_LOCK_ON_SUBMISSION=true

# ========================================
# Docker Compose Specific
# ========================================
MYSQL_ROOT_PASSWORD=rootsecret
TZ="Europe/Berlin"