generated from thegrind/laravel-dockerized
6.7 KiB
6.7 KiB
Environment Variables
AuthentiKate is configured through environment variables. This page covers all available configuration options.
Core Application Settings
APP_URL
Required - The URL where AuthentiKate is accessible.
APP_URL=https://auth.yourdomain.com
::: warning This URL must match exactly how users access AuthentiKate. OAuth redirects and JWT tokens depend on this value. :::
APP_ENV
Default: production
APP_ENV=production # or 'local' for development
APP_DEBUG
Default: false
APP_DEBUG=false # Set to 'true' only for debugging
::: danger
Never set APP_DEBUG=true in production as it exposes sensitive information.
:::
APP_KEY
Auto-generated - Laravel application key for encryption.
APP_KEY=base64:generated-key-here
The key is automatically generated on first run. Do not change this after deployment as it will invalidate existing sessions and tokens.
Database Configuration
SQLite (Default)
DB_CONNECTION=sqlite
DB_DATABASE=/var/www/html/storage/database/database.sqlite
PostgreSQL
DB_CONNECTION=pgsql
DB_HOST=postgres
DB_PORT=5432
DB_DATABASE=authentikate
DB_USERNAME=authentikate
DB_PASSWORD=secure_password
MySQL/MariaDB
DB_CONNECTION=mysql
DB_HOST=mysql
DB_PORT=3306
DB_DATABASE=authentikate
DB_USERNAME=authentikate
DB_PASSWORD=secure_password
Email Configuration
Email is used for user invitations, password resets, and verification.
SMTP
MAIL_MAILER=smtp
MAIL_HOST=smtp.gmail.com
MAIL_PORT=587
MAIL_USERNAME=your-email@gmail.com
MAIL_PASSWORD=your-app-password
MAIL_ENCRYPTION=tls
MAIL_FROM_ADDRESS=auth@yourdomain.com
MAIL_FROM_NAME="AuthentiKate"
Common SMTP Providers
Gmail
MAIL_MAILER=smtp
MAIL_HOST=smtp.gmail.com
MAIL_PORT=587
MAIL_USERNAME=your-email@gmail.com
MAIL_PASSWORD=your-app-password # Use App Password, not regular password
MAIL_ENCRYPTION=tls
Outlook/Hotmail
MAIL_MAILER=smtp
MAIL_HOST=smtp-mail.outlook.com
MAIL_PORT=587
MAIL_USERNAME=your-email@outlook.com
MAIL_PASSWORD=your-password
MAIL_ENCRYPTION=tls
SendGrid
MAIL_MAILER=smtp
MAIL_HOST=smtp.sendgrid.net
MAIL_PORT=587
MAIL_USERNAME=apikey
MAIL_PASSWORD=your-sendgrid-api-key
MAIL_ENCRYPTION=tls
Mailgun
MAIL_MAILER=smtp
MAIL_HOST=smtp.mailgun.org
MAIL_PORT=587
MAIL_USERNAME=your-mailgun-username
MAIL_PASSWORD=your-mailgun-password
MAIL_ENCRYPTION=tls
Disable Email
MAIL_MAILER=log # Emails will be written to logs instead of sent
Cache Configuration
Redis (Recommended for Production)
CACHE_DRIVER=redis
REDIS_HOST=redis
REDIS_PORT=6379
REDIS_PASSWORD=your-redis-password
File Cache (Default)
CACHE_DRIVER=file
Database Cache
CACHE_DRIVER=database
Session Configuration
Redis Sessions (Recommended for Production)
SESSION_DRIVER=redis
SESSION_LIFETIME=120 # Minutes
File Sessions (Default)
SESSION_DRIVER=file
SESSION_LIFETIME=120
Database Sessions
SESSION_DRIVER=database
Security Settings
SSL/HTTPS
# Force HTTPS redirects
FORCE_HTTPS=true
# Set secure cookie settings
SESSION_SECURE_COOKIE=true
SANCTUM_STATEFUL_DOMAINS=auth.yourdomain.com
CORS Configuration
# Allow CORS for your domains
CORS_ALLOWED_ORIGINS=https://yourdomain.com,https://app.yourdomain.com
Logging
Log Level
LOG_LEVEL=info # debug, info, notice, warning, error, critical, alert, emergency
Log Channel
LOG_CHANNEL=stack # single, daily, slack, syslog, errorlog
Daily Log Rotation
LOG_CHANNEL=daily
LOG_DAILY_DAYS=14 # Keep logs for 14 days
Queue Configuration
For background job processing:
Redis Queue
QUEUE_CONNECTION=redis
Database Queue
QUEUE_CONNECTION=database
Sync Queue (Default)
QUEUE_CONNECTION=sync # Process jobs immediately
OAuth/OIDC Settings
Token Lifetimes
# Access token lifetime (in minutes)
OAUTH_ACCESS_TOKEN_LIFETIME=60
# Refresh token lifetime (in days)
OAUTH_REFRESH_TOKEN_LIFETIME=30
# Authorization code lifetime (in minutes)
OAUTH_AUTHORIZATION_CODE_LIFETIME=10
JWT Configuration
# JWT algorithm (default: RS256)
JWT_ALGORITHM=RS256
# Key paths (automatically set)
OAUTH_PRIVATE_KEY_PATH=storage/oauth/private.pem
OAUTH_PUBLIC_KEY_PATH=storage/oauth/public.pem
Performance Settings
PHP Configuration
# Memory limit
PHP_MEMORY_LIMIT=256M
# Upload limits
PHP_UPLOAD_MAX_FILESIZE=10M
PHP_POST_MAX_SIZE=10M
# Execution time
PHP_MAX_EXECUTION_TIME=300
Application Optimization
# Enable optimizations for production
APP_OPTIMIZE=true
# Cache configuration
CONFIG_CACHE=true
ROUTE_CACHE=true
VIEW_CACHE=true
Development Settings
These should only be used in development environments:
APP_ENV=local
APP_DEBUG=true
LOG_LEVEL=debug
# Disable HTTPS for local development
FORCE_HTTPS=false
SESSION_SECURE_COOKIE=false
Complete Production Example
Here's a complete environment configuration for production:
# Application
APP_ENV=production
APP_DEBUG=false
APP_URL=https://auth.yourdomain.com
FORCE_HTTPS=true
# Database
DB_CONNECTION=pgsql
DB_HOST=postgres
DB_DATABASE=authentikate
DB_USERNAME=authentikate
DB_PASSWORD=secure_database_password
# Email
MAIL_MAILER=smtp
MAIL_HOST=smtp.gmail.com
MAIL_PORT=587
MAIL_USERNAME=auth@yourdomain.com
MAIL_PASSWORD=gmail_app_password
MAIL_ENCRYPTION=tls
MAIL_FROM_ADDRESS=auth@yourdomain.com
MAIL_FROM_NAME="Your Company Auth"
# Cache & Sessions
CACHE_DRIVER=redis
SESSION_DRIVER=redis
REDIS_HOST=redis
REDIS_PASSWORD=secure_redis_password
# Security
SESSION_SECURE_COOKIE=true
SESSION_LIFETIME=120
SANCTUM_STATEFUL_DOMAINS=yourdomain.com
# Performance
LOG_LEVEL=warning
LOG_CHANNEL=daily
LOG_DAILY_DAYS=30
Docker Compose Integration
Add environment variables to your docker-compose.yml:
services:
authentikate:
image: authentikate/authentikate:latest
environment:
- APP_URL=https://auth.yourdomain.com
- APP_ENV=production
- DB_CONNECTION=pgsql
- DB_HOST=postgres
- MAIL_MAILER=smtp
- MAIL_HOST=smtp.gmail.com
# ... other variables
env_file:
- .env # Or load from file
Environment File
Create a .env file for easier management:
# Create environment file
cat > .env << 'EOF'
APP_URL=https://auth.yourdomain.com
APP_ENV=production
DB_CONNECTION=pgsql
# ... other settings
EOF
# Reference in docker-compose.yml
services:
authentikate:
env_file: .env
::: tip
Keep your .env file secure and never commit it to version control.
:::