NODE_ENV=development HOST=0.0.0.0 PORT=3002 # Database file path (defaults to db/{NODE_ENV}.sqlite3) # DB_FILE=db/development.sqlite3 FRONTEND_URL=http://localhost:8080 BACKEND_URL=http://localhost:3002 TUDUDI_USER_EMAIL=admin@example.com TUDUDI_USER_PASSWORD=change-me-to-secure-password TUDUDI_SESSION_SECRET=your-random-64-character-hex-string-here ENABLE_EMAIL=false EMAIL_SMTP_HOST=smtp.gmail.com EMAIL_SMTP_PORT=587 EMAIL_SMTP_SECURE=false EMAIL_SMTP_USERNAME=your-email@example.com EMAIL_SMTP_PASSWORD=your-app-password EMAIL_FROM_ADDRESS=noreply@example.com EMAIL_FROM_NAME=Tududi REGISTRATION_TOKEN_EXPIRY_HOURS=24 DISABLE_SCHEDULER=false DISABLE_TELEGRAM=false # Feature Flags FF_ENABLE_BACKUPS=false FF_ENABLE_CALENDAR=false FF_ENABLE_HABITS=false FF_ENABLE_MCP=false # Trust proxy (REQUIRED when behind reverse proxy - nginx, Traefik, etc.) # Uncomment this if you're getting session issues or rate limiter errors # TUDUDI_TRUST_PROXY=true # Disable HSTS (HTTP Strict Transport Security) headers # Set to 'true' for local development when running production builds on HTTP # NEVER enable this in actual production deployments with HTTPS # DISABLE_HSTS=false # OIDC/SSO Configuration # See docs/10-oidc-sso.md for detailed setup instructions OIDC_ENABLED=false # BASE_URL=https://your-domain.com # Required for OIDC callbacks # Password Authentication # Set to false to disable password login/registration (SSO-only mode) # Default: true (password auth enabled) PASSWORD_AUTH_ENABLED=true # Single provider configuration # OIDC_PROVIDER_NAME=PocketID # OIDC_PROVIDER_SLUG=pocketid # OIDC_ISSUER_URL=https://pocketid.app # OIDC_CLIENT_ID=your-client-id # OIDC_CLIENT_SECRET=your-client-secret # OIDC_SCOPE=openid profile email # OIDC_AUTO_PROVISION=true # OIDC_ADMIN_EMAIL_DOMAINS=example.com,company.com # For multiple providers, use numbered variables: # OIDC_PROVIDER_1_NAME=Google # OIDC_PROVIDER_1_SLUG=google # OIDC_PROVIDER_1_ISSUER=https://accounts.google.com # OIDC_PROVIDER_1_CLIENT_ID=xxx.apps.googleusercontent.com # OIDC_PROVIDER_1_CLIENT_SECRET=xxx # OIDC_PROVIDER_1_AUTO_PROVISION=true # CalDAV Synchronization # See docs/feature-plans/01-caldav-sync.md for detailed documentation CALDAV_ENABLED=false # Encryption key for storing remote calendar passwords # If not set, falls back to TUDUDI_SESSION_SECRET # ENCRYPTION_KEY=your-256-bit-encryption-key # CalDAV defaults # CALDAV_DEFAULT_SYNC_INTERVAL=15 # Minutes # CALDAV_MAX_RECURRING_INSTANCES=365 # Number of future instances to expand # CALDAV_CONFLICT_RESOLUTION=last_write_wins # Performance settings # CALDAV_RATE_LIMIT=60 # Requests per minute # CALDAV_MAX_SYNC_TASKS=1000 # Max tasks per sync # CALDAV_REQUEST_TIMEOUT=30000 # Milliseconds # Debugging # CALDAV_LOG_LEVEL=info # CALDAV_LOG_REQUESTS=false