-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.env.example
More file actions
177 lines (129 loc) · 4.59 KB
/
Copy path.env.example
File metadata and controls
177 lines (129 loc) · 4.59 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
# ============================
# Full Server - Environment Configuration
# Copy this file to .env and adjust values for your deployment
# ============================
# ============================
# HBBR (Relay Server)
# ============================
# Maximum bandwidth per single client (Mb/s)
#SINGLE_BANDWIDTH=25
# Maximum total bandwidth for the relay server (Mb/s)
#TOTAL_BANDWIDTH=1000
# Bandwidth limit for blocked IPs (Mb/s)
#LIMIT_SPEED=50
# Threshold for bandwidth downgrade (percentage of TOTAL_BANDWIDTH)
#DOWNGRADE_THRESHOLD=66
# Delay before checking bandwidth downgrade (seconds)
#DOWNGRADE_START_CHECK=1800
# Relay server port
#HBBS_PORT=21117
# ============================
# HBBS (Rendezvous / Signal Server)
# ============================
# ID/Rendezvous server port
#HBBS_PORT=21116
# Path to the SQLite database file
#DB_URL=/data/db_v2.sqlite3
# Force all connections through relay (disable direct P2P)
#ALWAYS_USE_RELAY=N
# Comma-separated list of HBBR relay servers
#RELAY_SERVERS=
# List of rendezvous servers for client discovery
#RENDEZVOUS_SERVERS=
# Server serial number / identifier
#SERIAL=0
# UDP receive buffer size
#RMEM=8388608
# LAN mask for filtering connections (e.g. 192.168.0.0/16)
#MASK=
# URL for client software download
#SOFTWARE_URL=
# Encryption key (same on all clients and server)
#KEY=
# ============================
# s6-overlay (Service Manager)
# ============================
# Relay server address (for hbbs to announce to clients)
#RELAY=
# Require encryption for all connections (Y/N)
#ENCRYPTED_ONLY=N
# Require login for all clients (Y/N - requires Go API)
#MUST_LOGIN=N
# Timezone
#TZ=UTC
# ============================
# Go API (DeskForge — RustDesk-compatible API server)
# ============================
# API server listen address
#RUSTDESK_API_GIN_API_ADDR=0.0.0.0:21114
# Gin mode (release/debug/test)
#RUSTDESK_API_GIN_MODE=release
# Language for API responses (en, ru, fr, es, ko)
#RUSTDESK_API_LANG=en
# Enable web client (1=on, 0=off)
#RUSTDESK_API_APP_WEB_CLIENT=1
# Enable user registration (true/false)
#RUSTDESK_API_APP_REGISTER=false
# Enable Swagger documentation (1/0)
#RUSTDESK_API_APP_SHOW_SWAGGER=0
# JWT secret key (CHANGE THIS for production)
#RUSTDESK_API_JWT_KEY=
# JWT token expiry duration
#RUSTDESK_API_JWT_EXPIRE_DURATION=168h
# Database type: sqlite / mysql / postgresql
#RUSTDESK_API_GORM_TYPE=sqlite
# MySQL connection string (if using MySQL)
#RUSTDESK_API_MYSQL_ADDR=
#RUSTDESK_API_MYSQL_USERNAME=
#RUSTDESK_API_MYSQL_PASSWORD=
#RUSTDESK_API_MYSQL_DBNAME=
# PostgreSQL connection string (if using PostgreSQL)
#RUSTDESK_API_POSTGRESQL_HOST=
#RUSTDESK_API_POSTGRESQL_PORT=5432
#RUSTDESK_API_POSTGRESQL_USER=
#RUSTDESK_API_POSTGRESQL_PASSWORD=
#RUSTDESK_API_POSTGRESQL_DBNAME=postgres
#RUSTDESK_API_POSTGRESQL_SSLMODE=disable
# RustDesk server addresses (announced to clients)
#RUSTDESK_API_RUSTDESK_ID_SERVER=
#RUSTDESK_API_RUSTDESK_RELAY_SERVER=
#RUSTDESK_API_RUSTDESK_API_SERVER=
#RUSTDESK_API_RUSTDESK_WS_HOST=
# Path to the public key file (generated by hbbs on first run)
#RUSTDESK_API_KEY_FILE=/data/id_ed25519.pub
# Encryption key (same as HBBS KEY)
#RUSTDESK_API_RUSTDESK_KEY=
# Enable personal API (1=on, 0=off)
#RUSTDESK_API_RUSTDESK_PERSONAL=1
# Admin panel settings
#RUSTDESK_API_ADMIN_TITLE=DeskForge Admin
# Enable OAuth/OIDC providers
#RUSTDESK_API_OAUTH_GITHUB_CLIENT_ID=
#RUSTDESK_API_OAUTH_GITHUB_CLIENT_SECRET=
#RUSTDESK_API_OAUTH_GOOGLE_CLIENT_ID=
#RUSTDESK_API_OAUTH_GOOGLE_CLIENT_SECRET=
# LDAP configuration
#RUSTDESK_API_LDAP_ENABLE=false
#RUSTDESK_API_LDAP_URL=ldap://ldap.example.com:389
# Redis configuration (for caching)
#RUSTDESK_API_REDIS_ADDR=
#RUSTDESK_API_REDIS_PASSWORD=
# Cache type (memory/redis)
#RUSTDESK_API_CACHE_TYPE=memory
# Proxy for outgoing connections (OAuth etc.)
#RUSTDESK_API_PROXY_ENABLE=false
#RUSTDESK_API_PROXY_HOST=http://127.0.0.1:1080
# ============================
# Custom Client Builder
# ============================
# Build agents use shared Docker volumes for job tickets.
# Build output is written to rdgen-data:/output/{build_id}/
# No additional env vars are required for basic operation.
# Secret encryption key for data at rest (BUGS.md B-008).
# Encrypts the GitHub PAT, the workflow PayloadKey and permanent_password
# (stored inside custom_json) in the database with AES-256-GCM.
# Read directly from the environment (NOT via the RUSTDESK_API_ prefix).
# Use a long random value; keep it stable (rotating it makes existing
# encrypted rows unreadable). If unset, secrets are stored in plaintext.
# Must NOT reuse WORKFLOW_PAYLOAD_KEY (that one is shared with GitHub).
#SECRET_ENCRYPTION_KEY=