mirror of
https://github.com/suitenumerique/messages.git
synced 2026-04-25 17:15:21 +02:00
a3ccc7a57b
- Scoped API-key channels with per-scope authorization, personal user channels (users/me/channels), encrypted channel secrets, API-key regeneration (API + admin UI), channel last-used tracking, and a raw email submission endpoint. - Provisioning mailbox lookup/listing API. - Stricter outbound MIME size checks, DKIM signing improvements, and hardened channel/permission validation. - Expanded end-to-end and unit coverage for channels, auth/scopes, provisioning, submission, metrics, and admin flows.
104 lines
2.9 KiB
Plaintext
104 lines
2.9 KiB
Plaintext
# App database configuration
|
|
DB_HOST=postgresql
|
|
DB_NAME=messages
|
|
DB_USER=user
|
|
DB_PASSWORD=pass
|
|
DB_PORT=5432
|
|
|
|
# Django
|
|
DJANGO_ALLOWED_HOSTS=*
|
|
DJANGO_SECRET_KEY=ThisIsAnExampleKeyForDevPurposeOnly
|
|
DJANGO_SETTINGS_MODULE=messages.settings
|
|
DJANGO_SUPERUSER_PASSWORD=admin
|
|
|
|
# Logging
|
|
# Set to DEBUG level for dev only
|
|
LOGGING_LEVEL_HANDLERS_CONSOLE=INFO
|
|
LOGGING_LEVEL_LOGGERS_ROOT=INFO
|
|
LOGGING_LEVEL_LOGGERS_APP=INFO
|
|
|
|
# Prometheus
|
|
ENABLE_PROMETHEUS=0
|
|
PROMETHEUS_API_KEY=ExamplePrometheusApiKey
|
|
|
|
# Python
|
|
PYTHONPATH=/app
|
|
|
|
# Messages settings
|
|
|
|
# Mail
|
|
DJANGO_EMAIL_BRAND_NAME="La Suite territoriale"
|
|
DJANGO_EMAIL_HOST="mailcatcher"
|
|
DJANGO_EMAIL_LOGO_IMG="http://localhost:8900/assets/logo-suite-numerique.png"
|
|
DJANGO_EMAIL_PORT=1025
|
|
|
|
# Media
|
|
STORAGES_STATICFILES_BACKEND=django.contrib.staticfiles.storage.StaticFilesStorage
|
|
AWS_S3_ENDPOINT_URL=http://objectstorage:9000
|
|
AWS_S3_ACCESS_KEY_ID=messages
|
|
AWS_S3_SECRET_ACCESS_KEY=password
|
|
AWS_S3_SIGNATURE_VERSION=s3v4
|
|
AWS_S3_DOMAIN_REPLACE=http://localhost:8906
|
|
MEDIA_BASE_URL=http://localhost:8902
|
|
|
|
# Message imports storage
|
|
STORAGE_MESSAGE_IMPORTS_ENDPOINT_URL=http://objectstorage:9000
|
|
STORAGE_MESSAGE_IMPORTS_BUCKET_NAME=msg-imports
|
|
STORAGE_MESSAGE_IMPORTS_ACCESS_KEY=st-messages
|
|
STORAGE_MESSAGE_IMPORTS_SECRET_KEY=password
|
|
STORAGE_MESSAGE_IMPORTS_EXPIRE_POLICY=600
|
|
|
|
# OIDC
|
|
OIDC_OP_JWKS_ENDPOINT=http://keycloak:8802/realms/messages/protocol/openid-connect/certs
|
|
OIDC_OP_AUTHORIZATION_ENDPOINT=http://localhost:8902/realms/messages/protocol/openid-connect/auth
|
|
OIDC_OP_TOKEN_ENDPOINT=http://keycloak:8802/realms/messages/protocol/openid-connect/token
|
|
OIDC_OP_USER_ENDPOINT=http://keycloak:8802/realms/messages/protocol/openid-connect/userinfo
|
|
OIDC_OP_LOGOUT_ENDPOINT=http://localhost:8902/realms/messages/protocol/openid-connect/logout
|
|
|
|
OIDC_RP_CLIENT_ID=messages
|
|
OIDC_RP_CLIENT_SECRET=ThisIsAnExampleKeyForDevPurposeOnly
|
|
OIDC_RP_SIGN_ALGO=RS256
|
|
OIDC_RP_SCOPES="openid email"
|
|
|
|
LOGIN_REDIRECT_URL=http://localhost:8900
|
|
LOGIN_REDIRECT_URL_FAILURE=http://localhost:8900
|
|
LOGOUT_REDIRECT_URL=http://localhost:8900
|
|
|
|
OIDC_REDIRECT_ALLOWED_HOSTS=["http://localhost:8902", "http://localhost:8900"]
|
|
OIDC_AUTH_REQUEST_EXTRA_PARAMS={"acr_values": "eidas1"}
|
|
|
|
# keycloak
|
|
IDENTITY_PROVIDER=keycloak
|
|
KEYCLOAK_REALM=messages
|
|
KEYCLOAK_URL=http://keycloak:8802
|
|
KEYCLOAK_CLIENT_ID=rest-api
|
|
KEYCLOAK_CLIENT_SECRET=ServiceAccountClientSecretForDev
|
|
KEYCLOAK_GROUP_PATH_PREFIX=/maildomain-
|
|
|
|
# Frontend
|
|
FRONTEND_THEME=dsfr
|
|
|
|
# Messages
|
|
MESSAGES_TESTDOMAIN=example.local
|
|
MESSAGES_TESTDOMAIN_MAPPING_BASEDOMAIN=example.com
|
|
MTA_OUT_MODE=relay
|
|
MTA_OUT_RELAY_HOST=mailcatcher:1025
|
|
MDA_API_SECRET=my-shared-secret-mda
|
|
SALT_KEY=ThisIsAnExampleSaltForDevPurposeOnly
|
|
|
|
# Rspamd
|
|
SPAM_CONFIG={"rspamd_url": "http://mpa:8010/_api", "rspamd_auth": ""}
|
|
|
|
# AI
|
|
AI_BASE_URL=
|
|
AI_API_KEY=
|
|
AI_MODEL=
|
|
|
|
# AI features
|
|
FEATURE_AI_SUMMARY=False
|
|
FEATURE_AI_AUTOLABELS=False
|
|
|
|
# Third-party services
|
|
# Drive - https://github.com/suitenumerique/drive
|
|
DRIVE_BASE_URL=
|