-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy path.env.template
159 lines (141 loc) · 5.19 KB
/
.env.template
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
##########################################################################
## ##
## IMPORTANT NOTICE ##
## ##
## This configuration file contains sensitice information. Therefore, ##
## read access to this file MUST be properly restricted in producion ##
## environments. ##
## ##
## NEVER EVER use the same database or the same DB user credentials ##
## for development and production! ##
## ##
##########################################################################
#
# NODE.JS DEPLOYMENT MODE
#
# Set development or production flag for the application.
# Anything _NOT_ identical to 'production' is considered development.
#
# Default: development
#
#NODE_ENV=production
#####################
# #
# DATABASE SETUP #
# #
#####################
#
# MONGO DB SETUP
#
# The MongoDB connection URL. Obtain this from your MongoDB installation. This variable MUST
# be set; there is no default.
#
# EXAMPLE: "mongodb+srv://username:[email protected]"
#
DB_URL=""
#####################
# #
# SERVER OPTIONS #
# #
#####################
#
# LOGGING LEVEL
#
# Set the server logging level. Any of the following values is valid; in descending
# order of importance: [error, warn, info, http, verbose, debug, silly]
#
# Default: 'info'
#
#LOG_LEVEL=info
#
# Server port.
#
# The application binds to any IP address (i.e. 0.0.0.0) on the specified port.
#
# Default: 8443
#
#PORT=8443
#
# HTTPS CONFIGURATION
#
# The server enforces HTTPS as the sole connection method (HTTP is strictly forbitten).
# To configure HTTPS correctly, the following two variables must be set to point the certificate
# and the private key file.
#
# ATTENTION: These two files are sensitive by nature, so a production deployment MUST ensure
# that access rights are restricted accordingly.
#
# Default: 'cert.pem', and 'private_key', respectively
#
#HTTPS_CERT='cert.pem'
#HTTPS_KEY='private_key.pem'
#
# CORS WHITELIST
#
# A list of white space separated origins; used for all API calls as well as external widgets.
# Any site that wishes to connect and use the API must be whitelisted. 'localhost' needn't be
# whitelisted; it is hardcoded to be allowed.
#
# EXAMPLE: CORS_WHITELIST="https://www.cyberwatching.eu https://swforum.eu"
#
# Default: empty
#
#CORS_WHITELIST=""
#
# JWT CONFIGURATION
#
# These three values are required to operate a secure JWT based token authorisation system:
# JWTs are used for both API authorsation and browser based authorisation.
#
# The secret passphrase used to generate and sign JWTs
JWT_SECRET=Fifty_Wild_Horses_Stampede_The_Prairie
# The expiration date of the JWT token, given in hours. The maximum lifespan of a JWT is hardcoded
# to be 24 hours.
JWT_EXPIRES_IN=2
#
# GOOGLE ANALYTICS (GA)
#
# Setting the GA property variable will enable integration with Google Analytics.
# The async script provided on https://developers.google.com/analytics/devguides/collection/analyticsjs
# will be added to the UI pages (not the API) if ths variable is provided.
#
# Default: disabled
#
# Example: UA-12345-Y
#GA_PROPERTY=UA-XXXXX-Y
#
# RELEASE NOTES URL
#
# Provide a link to the release notes on GitHub here. If not set, no release notes link to the release notes
# will be set.
# Otherwise, "(View release notes") will be appended beneath the version infrmation
#
# Default: https://github.com/micheldrescher/cw-project-radar/releases
#
# Example: https://github.com/micheldrescher/cw-project-radar/releases
# RELEASE_NOTES_URL=""
##########################
# #
# DOMAIN CONFIGURATION #
# #
##########################
#
# Radar model configuration
#
# The maximum age of projects, in months
MODEL_MAX_AGE=36
# The names of the segments (against which projects classification is validated).
# The order of the names is important; segments are rendered clockwise with the first
# segment starting at the 12 o'clock position.
# A comma separated list of segment names, in double quotes
MODEL_SEGMENTS="Secure Systems, Verification & Assurance, Operational Risk, Identity & Privacy, Cybersecurity Governance, Human Aspects"
# Names of the rings of the radar. Used to validate radar ring location for projects/blips
# Order of names is important; rings start innermost across all segments.
# Semantic allocation of rings is application specific (and handled in code)
MODEL_RINGS="Adopt, Trial, Assess, Hold, Drop"
# The lifecycle stages of a project. While currently the same as the rings albeit in different order
# these may change into a different model in the future.
MODEL_LCYCLE="Assess, Trial, Adopt, Hold, Drop"
# Gradients used for the colouring of blips.
# Defaults are: #FF0000 (red), #FF8F00 (orange), #FFFF00 (yellow), #BFFF00 (light-green) and #00FF00 (lime)
GRADIENTS="#FF0000, #FF8F00, #FFFF00, #BFFF00, #00FF00"