2026-03-31 07:35:12 +08:00
|
|
|
PORT=3000
|
2026-03-19 06:58:08 +08:00
|
|
|
NODE_ENV=development
|
2026-03-31 00:19:01 +08:00
|
|
|
DEBUG=false
|
feat: notifications, audit logging, and admin improvements
- Add centralized notification service with webhook (Discord/Slack) and
email (SMTP) support, triggered for trip invites, booking changes,
collab messages, and trip reminders
- Webhook sends one message per event (group channel); email sends
individually per trip member, excluding the actor
- Discord invite notifications now include the invited user's name
- Add LOG_LEVEL env var (info/debug) controlling console and file output
- INFO logs show user email, action, and IP for audit events; errors
for HTTP requests
- DEBUG logs show every request with full body/query (passwords redacted),
audit details, notification params, and webhook payloads
- Add persistent trek.log file logging with 10MB rotation (5 files)
in /app/data/logs/
- Color-coded log levels in Docker console output
- Timestamps without timezone name (user sets TZ via Docker)
- Add Test Webhook and Save buttons to admin notification settings
- Move notification event toggles to admin panel
- Add daily trip reminder scheduler (9 AM, timezone-aware)
- Wire up booking create/update/delete and collab message notifications
- Add i18n keys for notification UI across all 13 languages
Made-with: Cursor
2026-03-31 20:01:33 +08:00
|
|
|
LOG_LEVEL=info
|
2026-03-31 07:35:12 +08:00
|
|
|
|
|
|
|
|
# REQUIRED for production — generate with: openssl rand -hex 32
|
|
|
|
|
JWT_SECRET=CHANGEME_GENERATE_WITH_openssl_rand_hex_32
|
|
|
|
|
|
|
|
|
|
# Timezone (defaults to system timezone)
|
|
|
|
|
# TZ=UTC
|
|
|
|
|
|
|
|
|
|
# CORS — comma-separated origins (leave unset for same-origin in production, allow-all in development)
|
|
|
|
|
# ALLOWED_ORIGINS=https://trek.example.com
|
|
|
|
|
|
|
|
|
|
# Force HTTPS redirect (set to true behind TLS-terminating proxy)
|
|
|
|
|
# FORCE_HTTPS=true
|
|
|
|
|
|
|
|
|
|
# Trust proxy (set to number of proxy hops, e.g. 1 for single reverse proxy)
|
|
|
|
|
# TRUST_PROXY=1
|
|
|
|
|
|
|
|
|
|
# Application URL (used for OIDC callback validation)
|
|
|
|
|
# APP_URL=https://trek.example.com
|
|
|
|
|
|
|
|
|
|
# Demo mode (enables demo login, disables registration)
|
|
|
|
|
# DEMO_MODE=false
|
|
|
|
|
|
|
|
|
|
# --- OIDC / SSO ---
|
|
|
|
|
# OIDC_ISSUER=https://auth.example.com
|
|
|
|
|
# OIDC_CLIENT_ID=
|
|
|
|
|
# OIDC_CLIENT_SECRET=
|
|
|
|
|
# OIDC_DISPLAY_NAME=SSO
|
|
|
|
|
# OIDC_ONLY=false
|
|
|
|
|
# OIDC_ADMIN_CLAIM=groups
|
|
|
|
|
# OIDC_ADMIN_VALUE=app-trek-admins
|