Implement a check for GitHub OAuth credentials to conditionally render the GitHub sign-in button. This ensures the UI accurately reflects available authentication methods based on environment configuration. - Add `isGithubAuthEnabled` utility to verify server-side credentials - Propagate GitHub auth status through context providers to the UI - Conditionally display the GitHub sign-in button in the sign-in page - Update documentation and examples to use hex encoding for `AUTH_SECRET` - Add unit tests for the new GitHub authentication configuration logic
76 lines
3.1 KiB
Text
76 lines
3.1 KiB
Text
# (Optional) Client feature flags (does not work in Docker containers due to being build-time only)
|
|
NEXT_PUBLIC_NODE_ENV=development
|
|
NEXT_PUBLIC_ENABLE_AUDIOBOOK_EXPORT=
|
|
NEXT_PUBLIC_ENABLE_WORD_HIGHLIGHT=
|
|
|
|
# Local / OpenAI TTS API Configuration (default)
|
|
# Suggest using https://github.com/remsky/Kokoro-FastAPI
|
|
API_BASE=http://localhost:8880/v1
|
|
API_KEY=api_key_optional
|
|
|
|
# (Optional) TTS request/cache tuning (leave unset to use defaults)
|
|
# TTS_CACHE_MAX_SIZE_BYTES=268435456 # 256MB
|
|
# TTS_CACHE_TTL_MS=1800000 # 30 minutes
|
|
# TTS_MAX_RETRIES=2
|
|
# TTS_RETRY_INITIAL_MS=250
|
|
# TTS_RETRY_MAX_MS=2000
|
|
# TTS_RETRY_BACKOFF=2
|
|
|
|
# (Optional) Enable TTS character rate limiting (default is `false`)
|
|
# TTS_ENABLE_RATE_LIMIT=true
|
|
# (Optional) TTS per-user daily limits (leave unset to use defaults)
|
|
# TTS_DAILY_LIMIT_ANONYMOUS=50000
|
|
# TTS_DAILY_LIMIT_AUTHENTICATED=500000
|
|
# (Optional) TTS IP backstop daily limits (leave unset to use defaults)
|
|
# TTS_IP_DAILY_LIMIT_ANONYMOUS=100000
|
|
# TTS_IP_DAILY_LIMIT_AUTHENTICATED=1000000
|
|
|
|
# Auth configuration (recommended for contributors and public instances)
|
|
# (Optional) Auth is only enabled when AUTH_SECRET and BASE_URL are set
|
|
BASE_URL=http://localhost:3003 # Externally facing URL for this app (set to LAN IP for access from other devices on the network)
|
|
AUTH_SECRET=some_random_secret_key # Generate with `openssl rand -hex 32`
|
|
AUTH_TRUSTED_ORIGINS=http://localhost:3003,http://127.0.0.1:3003 # Additional trusted origins (BASE_URL is always trusted)
|
|
# (Optional) Allow anonymous auth sessions when auth is enabled (default: `false`)
|
|
USE_ANONYMOUS_AUTH_SESSIONS=
|
|
# (Optional) Sign in w/ GitHub Configuration
|
|
GITHUB_CLIENT_ID=
|
|
GITHUB_CLIENT_SECRET=
|
|
# (Optional) Disable Better Auth built-in rate limiting (useful for testing)
|
|
DISABLE_AUTH_RATE_LIMIT=
|
|
|
|
# (Optional) Backend DB used for server-side metadata (documents/audiobooks) and, when auth is enabled, auth tables.
|
|
# Defaults to SQLite at docstore/sqlite3.db when not set.
|
|
POSTGRES_URL=
|
|
|
|
# Embedded SeaweedFS weed mini config
|
|
# (Optional) Enable embedded weed mini for local S3-compatible storage (default: `true`)
|
|
USE_EMBEDDED_WEED_MINI=
|
|
WEED_MINI_DIR=
|
|
WEED_MINI_WAIT_SEC=
|
|
|
|
# S3 storage config (use with embedded weed mini or external S3-compatible storage)
|
|
# (Optional) For embedded weed mini, set explicit keys if you want stable credentials across restarts.
|
|
S3_ACCESS_KEY_ID=
|
|
S3_SECRET_ACCESS_KEY=
|
|
S3_BUCKET=
|
|
S3_REGION=
|
|
# (Optional) If empty in embedded mode, OpenReader uses BASE_URL host (when set) or detected LAN host.
|
|
S3_ENDPOINT=
|
|
S3_FORCE_PATH_STYLE=
|
|
S3_PREFIX=
|
|
|
|
# Migrations configuration
|
|
# (Optional) Skip automatic startup migrations when set to `false` (default: `true`)
|
|
RUN_DRIZZLE_MIGRATIONS=
|
|
# (Optional) Skip automatic filesystem->S3/DB migration pass when set to `false` (default: `true`)
|
|
RUN_FS_MIGRATIONS=
|
|
|
|
# (Optional) Server library import roots (uses /docstore/library by default)
|
|
IMPORT_LIBRARY_DIR=
|
|
IMPORT_LIBRARY_DIRS=
|
|
|
|
# (Required without Docker) Path to your local whisper.cpp CLI binary for STT timestamp generation
|
|
WHISPER_CPP_BIN=/whisper.cpp/build/bin/whisper-cli
|
|
|
|
# (Optional) Override ffmpeg binary path used for audiobook processing
|
|
FFMPEG_BIN=
|