7f7133f535
Document issuer, outpost, and header settings for Coolify, fail closed when AUTH_REQUIRED is true, and add harvester healthcheck per Coolify conventions.
21 lines
742 B
Text
21 lines
742 B
Text
# Bugsink (Sentry-compatible DSN from bugsink.aexoradao.com project settings)
|
|
BUGSINK_DSN=
|
|
|
|
# Authentik / OIDC (configured on Coolify proxy; app trusts forwarded headers)
|
|
AUTHENTIK_ISSUER=https://auth.aexoradao.com/application/o/quant-web/
|
|
OIDC_ISSUER=https://auth.aexoradao.com/application/o/quant-web/
|
|
AUTHENTIK_OUTPOST_URL=https://auth.aexoradao.com/outpost.goauthentik.io/auth/traefik
|
|
OIDC_CLIENT_ID=quant-web
|
|
AUTH_USERNAME_HEADER=X-Forwarded-User
|
|
AUTH_UID_HEADER=X-Authentik-Uid
|
|
AUTH_EMAIL_HEADER=X-Forwarded-Email
|
|
AUTH_REQUIRED=true
|
|
|
|
# Local dev only when AUTH_REQUIRED=false
|
|
DEV_USER=dev@local
|
|
|
|
# Core tickers (comma-separated)
|
|
CORE_TICKERS=SPY,QQQ,AAPL,MSFT,GOOGL,AMZN,NVDA,META,IWM,TLT
|
|
|
|
# Historical seed window (years)
|
|
SEED_YEARS=5
|