# Poznote Configuration
# Copy this file to .env and customize the values

# =============================================================================
# NETWORK CONFIGURATION
# =============================================================================

# Web Server Configuration
# Port on which Poznote will be accessible
HTTP_WEB_PORT=8040

# =============================================================================
# AUTHENTICATION OIDC CONFIGURATION
# =============================================================================

# OIDC / SSO Authentication
# Most OIDC settings are now configured from the admin UI:
# Settings > Admin Tools > OIDC / SSO
#
# Client ID, Client Secret, and the SSO-only login toggle remain in .env.
# All other settings (enabled, issuer, scopes, access control, etc.)
# are managed from the admin interface and stored in the database.

# Client ID from your OIDC application registration
POZNOTE_OIDC_CLIENT_ID=your_client_id

# Client secret from your OIDC application registration (keep this secure!)
POZNOTE_OIDC_CLIENT_SECRET=your_client_secret

# Disable username/password login (SSO only)
# Set to true to force SSO-only login via OIDC.
# Set to false (default) to allow normal username/password login.
POZNOTE_OIDC_DISABLE_NORMAL_LOGIN=false

# =============================================================================
# SETTINGS PAGE PROTECTION
# =============================================================================

# Optional password to protect access to the Settings page.
# When set, users must enter this password before accessing settings.
# Leave empty to allow unrestricted access (default).
POZNOTE_SETTINGS_PASSWORD=