# your domain, e.g https://example.com APP_URL=http://localhost:3000 PORT=3000 # minimum of 32 characters. Generate one with: openssl rand -hex 32 APP_SECRET=REPLACE_WITH_LONG_SECRET JWT_TOKEN_EXPIRES_IN=30d DATABASE_URL="postgresql://postgres:password@localhost:5432/docmost?schema=public" REDIS_URL=redis://127.0.0.1:6379 # options: local | s3 STORAGE_DRIVER=local # S3 driver config AWS_S3_ACCESS_KEY_ID= AWS_S3_SECRET_ACCESS_KEY= AWS_S3_REGION= AWS_S3_BUCKET= AWS_S3_ENDPOINT= AWS_S3_FORCE_PATH_STYLE= # default: 50mb FILE_UPLOAD_SIZE_LIMIT= # options: smtp | postmark MAIL_DRIVER=smtp MAIL_FROM_ADDRESS=hello@example.com MAIL_FROM_NAME=Docmost # SMTP driver config SMTP_HOST=127.0.0.1 SMTP_PORT=587 SMTP_USERNAME= SMTP_PASSWORD= SMTP_SECURE=false SMTP_IGNORETLS=false # Postmark driver config POSTMARK_TOKEN= # for custom drawio server DRAWIO_URL= # Gotenberg URL for server-side PDF export GOTENBERG_URL= DISABLE_TELEMETRY=false # Enable debug logging in production (default: false) DEBUG_MODE=false # Log database queries DEBUG_DB=false # Log http requests LOG_HTTP=false # ─── Branding (AcadeDoc selfhost) ──────────────────────────────────── # Override the visible product name (UI, emails, PWA manifest). # Leave unset to keep the upstream "Docmost" default for pure selfhosters. BRAND_NAME=AcadeDoc # Optional: absolute URL to a custom logo asset served by your CDN or nginx. # Default: the built-in Docmost favicon (no override needed for development). # BRAND_LOGO_URL=/branding/acadedoc-logo.svg # Optional CSS hex colors. Drives the Mantine theme at runtime (no rebuild). # Default values match the Acadenice brand palette. BRAND_PRIMARY_COLOR=#2563eb BRAND_ACCENT_COLOR=#7c3aed # ─── SMTP Brevo (recommande pour AcadeDoc) ───────────────────── # Compte Brevo : https://app.brevo.com/settings/keys/smtp # Pas le mot de passe du compte — generer une "SMTP key" dans le dashboard. # Plan free Brevo : 300 emails/jour (suffisant pour usage interne). # # MAIL_DRIVER=smtp # SMTP_HOST=smtp-relay.brevo.com # SMTP_PORT=587 # SMTP_USERNAME= # SMTP_PASSWORD= # SMTP_SECURE=false # SMTP_IGNORETLS=false # # MAIL_FROM_ADDRESS=noreply@acadenice.fr # MAIL_FROM_NAME=AcadeDoc # (MAIL_FROM_NAME defaults to BRAND_NAME if unset) # ─── OIDC (Authentik) — Bloc 4b ────────────────────────────────────── # Disabled by default. Set OIDC_ENABLED=true and fill the block below # to expose /api/auth/oidc/login and the SSO button on the login page. # # OIDC_ENABLED=true # OIDC_ISSUER=https://auth.example.com/application/o/docadenice/ # OIDC_CLIENT_ID= # OIDC_CLIENT_SECRET= # OIDC_REDIRECT_URI=http://localhost:3000/api/auth/oidc/callback # Authentik : 'groups' n'est pas un scope standard — les groups arrivent # dans le claim 'groups' du scope 'profile' par defaut. # OIDC_SCOPES=openid email profile # OIDC_PROVIDER_NAME=Authentik # # Just-in-time provisioning for unknown emails. Strict by default — set # to true to auto-create a user in the default workspace on first login. # OIDC_AUTO_PROVISION=false # OIDC_DEFAULT_WORKSPACE_ID=