-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.env.example
More file actions
44 lines (37 loc) · 1.41 KB
/
.env.example
File metadata and controls
44 lines (37 loc) · 1.41 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
# SHIELD API base URL (load balancer / proxy endpoint)
SHIELD_BASE_URL=http://localhost:8080
SHIELD_HEALTH_PATH=/actuator/info
# Auto-start SHIELD stack if health check fails.
SHIELD_AUTOSTART=true
# Auto-stop only if ShieldGuard started the stack.
SHIELD_AUTOSTOP=false
# Path settings for SHIELD runtime commands.
SHIELD_PROJECT_DIR=..
SHIELD_RUN_SCRIPT=../run.sh
SHIELD_INSTANCES=1
SHIELD_PROXY=haproxy
SHIELD_ENV_FILE=../dev.env
# Startup polling.
SHIELD_STARTUP_TIMEOUT_MS=240000
SHIELD_POLL_INTERVAL_MS=4000
# Root credential inputs.
# If SHIELD_ROOT_PASSWORD is empty, ShieldGuard will read credential from SHIELD_ROOT_CREDENTIAL_FILE.
SHIELD_ROOT_LOGIN_ID=root
SHIELD_ROOT_PASSWORD=
SHIELD_ROOT_CREDENTIAL_FILE=../root-bootstrap-credential.txt
# Used only when root password change is required by SHIELD.
SHIELD_ROOT_EMAIL=root@shield.local
SHIELD_ROOT_MOBILE=+911234567890
# Optional pre-provisioned tenant admin credentials.
# Useful when root onboarding is intentionally blocked in strict/prod-like environments.
SHIELD_ADMIN_EMAIL=
SHIELD_ADMIN_PASSWORD=
# Optional SG-0001 OTP/lockout controls.
# If SHIELD_OTP_TEST_CODE is unset, ShieldGuard can attempt local DB override via docker exec + psql.
SHIELD_OTP_TEST_CODE=
SHIELD_LOCAL_POSTGRES_CONTAINER=
SHIELD_POSTGRES_DB=shield
SHIELD_POSTGRES_USER=shield
SHIELD_LOGIN_OTP_MAX_ATTEMPTS=5
SHIELD_USER_LOCKOUT_MAX_FAILED_ATTEMPTS=5
SHIELD_USER_LOCKOUT_DURATION_MINUTES=30