# Application host name # # Examples: # * For local development: localhost:3000 # * For preproduction: staging.ds.example.org # * For production: ds.example.org APP_HOST="localhost:3000" # Rails key for signing sensitive data # See https://guides.rubyonrails.org/security.html # # For production you MUST generate a new key, and keep it secret. # Secrets must be long and random. Use bin/rails secret to get new unique secrets. SECRET_KEY_BASE="05a2d479d8e412198dabd08ef0eee9d6e180f5cbb48661a35fd1cae287f0a93d40b5f1da08f06780d698bbd458a0ea97f730f83ee780de5d4e31f649a0130cf0" # Secret key for One-Time-Password codes, used for 2-factors authentication OTP_SECRET_KEY="" # Database credentials DB_DATABASE="tps_development" DB_HOST="localhost" DB_POOL="" DB_USERNAME="tps_development" DB_PASSWORD="tps_development" # Protect access to the instance with a static login/password (useful for staging environments) BASIC_AUTH_ENABLED="disabled" BASIC_AUTH_USERNAME="" BASIC_AUTH_PASSWORD="" # ActiveStorage service to use for attached files. # Possible values: # - "local": store files on the local filesystem # - "amazon": store files remotely on an S3 storage service # - "openstack": store files remotely on an OpenStack storage service # # (See config/storage.yml for the configuration of each service.) ACTIVE_STORAGE_SERVICE="local" # Configuration for the OpenStack storage service (if enabled) FOG_OPENSTACK_API_KEY="" FOG_OPENSTACK_USERNAME="" FOG_OPENSTACK_URL="" FOG_OPENSTACK_REGION="" DS_PROXY_URL="" # SAML SAML_IDP_ENABLED="disabled" # External service: integration with HelpScout (optional) HELPSCOUT_MAILBOX_ID="" HELPSCOUT_CLIENT_ID="" HELPSCOUT_CLIENT_SECRET="" HELPSCOUT_WEBHOOK_SECRET="" # External service: external supervision SENTRY_ENABLED="disabled" SENTRY_CURRENT_ENV="development" SENTRY_DSN_RAILS="" SENTRY_DSN_JS="" # External service: Matomo web analytics MATOMO_ENABLED="disabled" MATOMO_COOKIE_DOMAIN="*.www.demarches-simplifiees.fr" MATOMO_DOMAIN="*.www.demarches-simplifiees.fr" MATOMO_ID="" MATOMO_HOST="matomo.example.org" # Alternate SMTP Provider: SendInBlue/DoList SENDINBLUE_CLIENT_KEY="" SENDINBLUE_SMTP_KEY="" SENDINBLUE_USER_NAME="" # SENDINBLUE_LOGIN_URL="https://app.sendinblue.com/account/saml/login/truc" # Alternate SMTP Provider: Mailtrap (mail catcher for staging environments) # When enabled, all emails will be sent using this provider MAILTRAP_ENABLED="disabled" MAILTRAP_USERNAME="" MAILTRAP_PASSWORD="" # Alternative SMTP Provider: Mailcatcher (Catches mail and serves it through a dream.) # When enabled, all emails will be sent using this provider MAILCATCHER_ENABLED="disabled" MAILCATCHER_HOST="" MAILCATCHER_PORT="" # External service: live chat for admins (specific to démarches-simplifiées.fr) CRISP_ENABLED="disabled" CRISP_CLIENT_KEY="" # API Entreprise credentials # https://api.gouv.fr/api/api-entreprise.html API_ENTREPRISE_KEY="" # Networks bypassing the email login token that verifies new devices, and rack-attack throttling TRUSTED_NETWORKS="" # External service: mesuring performance of the Rails app (specific to démarches-simplifiées.fr) SKYLIGHT_AUTHENTICATION_KEY="" # Enable or disable Lograge logs LOGRAGE_ENABLED="disabled" # Logs source for Lograge # # Examples: # * For local development: tps_local # * For preproduction: tps_staging # * For production: tps_prod LOGRAGE_SOURCE="tps_local" # External service: timestamping a daily archive of dossiers status changes UNIVERSIGN_API_URL="https://ws.universign.eu/tsa/post/" UNIVERSIGN_USERPWD="" # External service: API Geo / Adresse API_ADRESSE_URL="https://api-adresse.data.gouv.fr" API_GEO_URL="https://geo.api.gouv.fr" # External service: API Education API_EDUCATION_URL="https://data.education.gouv.fr/api/records/1.0" # Encryption key for sensitive columns in the database ENCRYPTION_SERVICE_SALT="" # ActiveRecord encryption keys. Generate them with bin/rails db:encryption:init (you can omit deterministic_key) AR_ENCRYPTION_PRIMARY_KEY="" AR_ENCRYPTION_KEY_DERIVATION_SALT="" # Salt for invisible_captcha session data. # Must be the same value for all app instances behind a load-balancer. INVISIBLE_CAPTCHA_SECRET="kikooloool" # Clamav antivirus usage CLAMAV_ENABLED="disabled" # Siret number used for API Entreprise, by default we use SIRET from dinum API_ENTREPRISE_DEFAULT_SIRET="put_your_own_siret" # Date from which email validation requires a TLD in email adresses. # This change had been introduced by : cc53946d221d6f64c365ad6c6c4c544802eb94b4 # Records (users, …) created before this date won't be affected. See #9978 # To set a date, we recommend using *the day after* you have deployed this commit, # so existing records won't be invalid. STRICT_EMAIL_VALIDATION_STARTS_ON="2024-02-19" # Weasyprint endpoint generating attestations v2 # See https://github.com/demarches-simplifiees/weasyprint_server WEASYPRINT_URL="http://127.0.0.1:5000/pdf"