- Setup C++/Qt6 desktop application structure - Added initial Go proxy backend for TMDB/IGDB integration
33 lines
1.4 KiB
Text
33 lines
1.4 KiB
Text
# --- umt-tmdb-proxy configuration ---------------------------------------
|
|
# Copy to .env and fill in. All values are read from the environment.
|
|
|
|
# Where the server listens (inside the container / on the host).
|
|
LISTEN_ADDR=:8080
|
|
|
|
# Externally reachable base URL of this proxy (no trailing slash).
|
|
# This is also what users enter as "Proxy-URL" in the desktop app.
|
|
PUBLIC_URL=https://tmdb.example.com
|
|
|
|
# The single shared TMDB v3 API key the whole group will use.
|
|
TMDB_API_KEY=your_tmdb_v3_key
|
|
|
|
# --- Authentik / OIDC ---------------------------------------------------
|
|
# Issuer is the OIDC provider URL from your Authentik application
|
|
# (e.g. https://auth.example.com/application/o/watchlist-proxy/).
|
|
OIDC_ISSUER=https://auth.example.com/application/o/watchlist-proxy/
|
|
OIDC_CLIENT_ID=your_client_id
|
|
OIDC_CLIENT_SECRET=your_client_secret
|
|
# Must exactly match a Redirect URI configured in Authentik.
|
|
# Defaults to PUBLIC_URL + /callback if left empty.
|
|
OIDC_REDIRECT_URL=https://tmdb.example.com/callback
|
|
|
|
# Optional: restrict access to members of these Authentik groups
|
|
# (comma-separated). Requires a "groups" scope/claim mapping in Authentik.
|
|
# ALLOWED_GROUPS=watchlist,friends
|
|
|
|
# A long random secret used to sign issued access tokens. KEEP IT PRIVATE.
|
|
# Generate with: openssl rand -base64 48
|
|
SESSION_SECRET=change-me-to-a-long-random-string
|
|
|
|
# How long an issued desktop-app token stays valid (in days).
|
|
TOKEN_TTL_DAYS=90
|