Skip to content

Configuration

Environment variables

All configuration is done via environment variables. Copy .env.example and customize:

cp .env.example .env

Required

Variable Description
SSC_DB_PASSWORD PostgreSQL password
SSC_JWT_SECRET 32+ character random string for JWT signing
SSC_CSRF_SECRET 32+ character random string for CSRF protection

Domain and TLS

Variable Default Description
SSC_DOMAIN servasec.local Domain for the deployment
SSC_CADDYPATH ./caddy/data Caddy data directory (certificates)

Database

Variable Default Description
SSC_DB_HOST postgres Database hostname
SSC_DB_PORT 5432 Database port
SSC_DB_USER servasec Database user
SSC_DB_NAME servasec Database name
SSC_DB_SSLMODE disable PostgreSQL SSL mode

Security

Variable Default Description
SSC_JWT_ACCESS_TTL 15m Access token lifetime
SSC_JWT_REFRESH_TTL 7d Refresh token lifetime
SSC_RATE_LIMIT 100 Requests per minute per IP

Pro features

Variable Description
SSC_LICENSE_KEY JWT license key for Pro features
SSO_GITHUB_CLIENT_ID GitHub OAuth App client ID
SSO_GITHUB_CLIENT_SECRET GitHub OAuth App secret
SSO_GITLAB_CLIENT_ID GitLab OAuth App client ID
SSO_GITLAB_CLIENT_SECRET GitLab OAuth App secret
SSO_OIDC_CLIENT_ID Generic OIDC client ID
SSO_OIDC_CLIENT_SECRET Generic OIDC client secret
SSO_OIDC_ISSUER_URL OIDC issuer URL