feat: Add .env.example for configuration and update README with new features, setup, and API endpoints.

2026-01-06 05:22:54 +01:00
parent d05f8a0001
commit 9219a586b1
2 changed files with 225 additions and 78 deletions
--- a/.env.example
+++ b/.env.example
@@ -0,0 +1,83 @@
+# ============================================================================
+# K-Template Configuration
+# ============================================================================
+# Copy this file to .env and adjust values for your environment.
+# All values shown are defaults or examples.
+
+# ============================================================================
+# Server Configuration
+# ============================================================================
+HOST=127.0.0.1
+PORT=3000
+
+# ============================================================================
+# Database Configuration
+# ============================================================================
+# SQLite (default)
+DATABASE_URL=sqlite:data.db?mode=rwc
+
+# PostgreSQL (alternative - requires postgres feature)
+# DATABASE_URL=postgres://user:password@localhost:5432/mydb
+
+# Connection pool settings
+DB_MAX_CONNECTIONS=5
+DB_MIN_CONNECTIONS=1
+
+# ============================================================================
+# Authentication Mode
+# ============================================================================
+# Options: session, jwt, both
+#   - session: Cookie-based sessions (requires auth-axum-login feature)
+#   - jwt: Bearer token authentication (requires auth-jwt feature)
+#   - both: Support both methods (try JWT first, fall back to session)
+AUTH_MODE=jwt
+
+# ============================================================================
+# Session Configuration (for session/both modes)
+# ============================================================================
+# Must be at least 64 characters in production
+SESSION_SECRET=your-super-secret-key-must-be-at-least-64-characters-long-for-security
+
+# Set to true in production for HTTPS-only cookies
+SECURE_COOKIE=false
+
+# ============================================================================
+# JWT Configuration (for jwt/both modes)
+# ============================================================================
+# Must be at least 32 characters in production
+JWT_SECRET=your-jwt-secret-key-at-least-32-chars
+
+# Optional: JWT issuer and audience for token validation
+JWT_ISSUER=your-app-name
+JWT_AUDIENCE=your-app-audience
+
+# Token expiry in hours (default: 24)
+JWT_EXPIRY_HOURS=24
+
+# ============================================================================
+# OIDC Configuration (optional - requires auth-oidc feature)
+# ============================================================================
+# Your OIDC provider's issuer URL (e.g., Keycloak, Auth0, Zitadel)
+OIDC_ISSUER=https://your-oidc-provider.com
+
+# Client credentials from your OIDC provider
+OIDC_CLIENT_ID=your-client-id
+OIDC_CLIENT_SECRET=your-client-secret
+
+# Callback URL (must match what's configured in your OIDC provider)
+OIDC_REDIRECT_URL=http://localhost:3000/api/v1/auth/callback
+
+# Optional: Resource ID for audience verification
+# OIDC_RESOURCE_ID=your-resource-id
+
+# ============================================================================
+# CORS Configuration
+# ============================================================================
+# Comma-separated list of allowed origins
+CORS_ALLOWED_ORIGINS=http://localhost:5173,http://localhost:3000
+
+# ============================================================================
+# Production Mode
+# ============================================================================
+# Set to true/production/1 to enable production checks (secret length, etc.)
+PRODUCTION=false