Saltearse al contenido
ALTCHA ALTCHA ALTCHA

Configuration

Esta página aún no está disponible en tu idioma.

The application configuration can be adjusted using environment variables. This allows you to change database credentials and modify application settings and behavior.

Usage with Docker Compose

To change environment variables when using docker-compose, edit the docker-compose.env file and add or modify the variables as needed.

Terminal window
# Example of setting environment variables in docker-compose.env


# Database settings
POSTGRES_USER=your_database_user
POSTGRES_PASSWORD=your_database_password
POSTGRES_HOST=your_database_name


# Application settings
BASE_URL=http://localhost:3000

Available Variables

For a comprehensive list of all supported environment variables, refer to the env.ts file.

Commonly Used Variables

Below are some commonly used environment variables with descriptions:

  • AVAILABLE_REGIONS: Comma-separated list of available regions. Default: "".
  • BASE_URL: Base URL for the application, where the application will be accessible at. Can contain variable _region_ which will get replaced with the current REGION. Default: http://localhost.
  • LOG_LEVEL: Application log level (default: info, levels: debug|fatal|error|info|silent|trace|warn). Default: info.
  • PRIVACY_POLICY_URL: URL for privacy policy. Default: https://altcha.org/privacy-policy.
  • REGION: Default (current) region of the application. Default: "".
  • TERMS_OF_SERVICE_URL: URL for terms of service. Default: https://altcha.org/terms-of-service.

Database Configuration Variables

  • DATABASE_URL: URL for the database connection. Default: computed from POSTGRES_USER, POSTGRES_PASSWORD, POSTGRES_HOST, POSTGRES_DB.

License Information

  • LICENSE: Base64-encoded license key.
  • LICENSE_HIDE: Flag to hide license information (1: hide, 0: show). Default: 0.

Emergency Access Settings

  • EMERGENCY_ACCESS_DISABLED: Flag to enable emergency access (1: disabled, 0: enabled). Default: 0.
  • EMERGENCY_ACCESS_NOTIFY: Comma-separated list of emails to send the notification to when the emergency access is activated.
  • EMERGENCY_ACCESS_SECRET: Secret key for emergency access. The log-in page will be available at /app/emergency/[EMERGENCY_ACCESS_SECRET].

Job Scheduling Configurations

  • JOBS_DELETE_EXPIRED_DEVICED: Cron expression for deleting expired devices. Default: 0 2 * * *.
  • JOBS_DELETE_EXPIRED_RESPONSES: Cron expression for deleting expired responses. Default: 0 3 * * *.
  • JOBS_DELETE_EXPIRED_FILES: Cron expression for deleting expired files. Default: 0 4 * * *.
  • JOBS_DISABLED: Flag to disable job scheduling (1: disabled, 0: enabled). Default: 0.

Usage Limits

  • LIMIT_FREE_ACCOUNTS_PER_USER: Limit on the number of free accounts per user. Default: 3.

Node Configuration

  • NODE_ID: Unique identifier for the node. Default: computed from region and random bytes.

OAuth Configurations

  • OAUTH_GOOGLE_CLIENT_ID: Google OAuth client ID.
  • OAUTH_GOOGLE_CLIENT_SECRET: Google OAuth client secret.
  • OAUTH_GITHUB_CLIENT_ID: GitHub OAuth client ID.
  • OAUTH_GITHUB_CLIENT_SECRET: GitHub OAuth client secret.

Paddle Payment Gateway Configurations

  • PADDLE_API_KEY: Paddle API key.
  • PADDLE_CLIENT_TOKEN: Paddle client token.
  • PADDLE_ENV: Paddle environment (sandbox/production).
  • PADDLE_WEBHOOK_SECRET_KEY: Paddle webhook secret key.

Rate Limit Settings

  • RATE_LIMIT_L1: Level 1 rate limit (requests per minute). Default: 600/60.
  • RATE_LIMIT_L2: Level 2 rate limit (requests per minute). Default: 200/60.
  • RATE_LIMIT_L3: Level 3 rate limit (requests per minute). Default: 100/60.

Spam Filter API Configurations

  • SPAM_FILTER_HEADERS: Headers for spam filter requests.
  • SPAM_FILTER_URL: URL for the spam filter API.

Security Settings (JWT, HMAC)

  • DEVICE_COOKIE_EXPIRES: Device cookie expiration time. Default: 90d.
  • JWT_ISSUER: JWT issuer identifier. Default: AltchaForms.
  • PASSKEYS_DISABLED: Flag to disable passkeys (1: disabled, 0: enabled). Default: 0.
  • REGISTRATIONS_EMAIL_DNS_CHECK_DISABLED: Flag to disable DNS verification of email addresses, disabled by default (1: disabled, 0: enabled). Default: 1.
  • REGISTRATIONS_DISABLED: Flag to disable new registrations (1: disabled, 0: enabled). Default: 0.
  • SIGNING_SECRET: Secret key for signing JWTs and HMAC.

Email Configurations

  • SMTP_URL: SMTP server URL.
  • SMTP_SENDER: Default sender email address.

File Storage Settings

  • STORAGE_PROVIDER: Storage provider (e.g., ‘fs’, ‘s3’). Default: fs.
  • STORAGE_FS_DIR: Directory path for file system storage. Default: ./data.
  • STORAGE_S3_ACCESS_KEY_ID: AWS S3 access key ID.
  • STORAGE_S3_BUCKET: AWS S3 bucket name.
  • STORAGE_S3_ENDPOINT: AWS S3 endpoint URL.
  • STORAGE_S3_SECRET_ACCESS_KEY: AWS S3 secret access key.
  • STORAGE_S3_REGION: AWS S3 region.

Redis Configurations

  • REDIS_URL: Redis server URL.

User Access Recovery Settings

  • USER_RECOVERY_TOKEN_DELAY: Enforced delay for user recovery token requests. Default: 10min.
  • USER_RECOVERY_THROTTLE: Throttle time for user recovery requests. Default: 1h.

Webhook Configurations

  • WEBHOOKS_SECRET_TOKEN: Secret token for securing webhooks.