4454744cba
- New HIY_ADMIN_USER / HIY_ADMIN_PASS env vars control access - Login page at /login with redirect-after-login support - Cookie-based sessions (HttpOnly, SameSite=Strict); cleared on restart - Auth middleware applied to all routes except /webhook/:app_id (HMAC) and /login - Auth is skipped when credentials are not configured (dev mode, warns at startup) - Logout link in both dashboard nav bars - Caddy admin port 2019 no longer published to the host in docker-compose https://claude.ai/code/session_01FKCW3FDjNFj6jve4niMFXH
28 lines
914 B
Text
28 lines
914 B
Text
# Copy to .env and fill in values before running locally with `cargo run`.
|
|
|
|
# Where HIY stores its SQLite database, build checkouts, and env files.
|
|
HIY_DATA_DIR=./data
|
|
|
|
# Address the server listens on.
|
|
HIY_ADDR=0.0.0.0:3000
|
|
|
|
# Path to the build script (relative to CWD when running the server binary).
|
|
HIY_BUILD_SCRIPT=./builder/build.sh
|
|
|
|
# Caddy admin API URL (used by build.sh to update routing).
|
|
CADDY_API_URL=http://localhost:2019
|
|
|
|
# Suffix appended to app names to form subdomains: myapp.<DOMAIN_SUFFIX>
|
|
# Use "localhost" for local dev, your real domain on the Pi.
|
|
DOMAIN_SUFFIX=localhost
|
|
|
|
# Email for Let's Encrypt registration (production only; ignored for localhost).
|
|
ACME_EMAIL=you@yourdomain.com
|
|
|
|
# Dashboard login credentials.
|
|
# Set both to enable authentication; leave unset only for local dev.
|
|
HIY_ADMIN_USER=admin
|
|
HIY_ADMIN_PASS=changeme
|
|
|
|
# Rust log filter.
|
|
RUST_LOG=hiy_server=debug,tower_http=info
|