Environment Variables
All configuration is set via the .env file at /home/ubuntu/p/.env.
Required
| Variable | Description |
|---|---|
DATABASE_URL | PostgreSQL connection string |
AZURE_VAULT_URL | URL of your Azure Key Vault |
LEAF_KEY_NAME | Name of the leaf signing key in Key Vault |
JWT_SECRET | Secret used to sign JWT tokens |
Azure PKI
| Variable | Description |
|---|---|
ROOT_CERT_PATH | Path to the root CA certificate PEM file |
CHAIN_PEM_PATH | Path to the certificate chain PEM file |
Blockchain
| Variable | Description |
|---|---|
SEPOLIA_RPC_URL | Ethereum Sepolia RPC endpoint |
DEPLOYER_PRIVATE_KEY | Private key of the wallet that pays for gas |
CONTRACT_ADDRESS | Address of the on-chain registry contract |
Optional
| Variable | Default | Description |
|---|---|---|
BASE_DOWNLOAD_URL | http://localhost:8003/download | Public URL used in download links returned by the API |
ACCESS_TOKEN_EXPIRE_MINUTES | 15 | How long access tokens are valid |
REFRESH_TOKEN_EXPIRE_DAYS | 30 | How long refresh tokens are valid |
Example .env
ini
# Database
DATABASE_URL=postgresql://tauth:tauth123@localhost/tauth
# Azure Key Vault
AZURE_VAULT_URL=https://your-vault.vault.azure.net/
LEAF_KEY_NAME=leaf-test
ROOT_CERT_PATH=/home/ubuntu/p/tauth/tauth-c2pa-root.pem
CHAIN_PEM_PATH=/home/ubuntu/p/pki/tauth-sub-ca.pem
# JWT
JWT_SECRET=replace-with-a-random-64-char-string
# Blockchain
SEPOLIA_RPC_URL=https://sepolia.infura.io/v3/your-project-id
DEPLOYER_PRIVATE_KEY=0xabc123...
CONTRACT_ADDRESS=0xdef456...
# Download links
BASE_DOWNLOAD_URL=http://13.51.170.190:8003/downloadGenerating a JWT secret
bash
openssl rand -hex 32