25 lines
1.0 KiB
Plaintext
25 lines
1.0 KiB
Plaintext
# Cloudflare credentials (server-side only, never sent to browser)
|
|
CLOUDFLARE_ACCOUNT_ID=your_account_id_here
|
|
CLOUDFLARE_API_TOKEN=your_api_token_here
|
|
|
|
# Required API Token permissions:
|
|
# - Access: Apps and Policies Write (list + create Access apps)
|
|
# - Cloudflare Tunnel: Edit (create / configure / delete tunnels)
|
|
# - DNS: Edit (create CNAME records)
|
|
# - Zone: Read (lookup zone ID for a hostname)
|
|
|
|
# Optional: Cloudflare Access Service Token for fetching server metrics
|
|
# (Create one in Zero Trust > Settings > Service Auth)
|
|
CF_SERVICE_CLIENT_ID=
|
|
CF_SERVICE_CLIENT_SECRET=
|
|
|
|
# GitHub OAuth (create at https://github.com/settings/developers)
|
|
# Callback URL: https://your-domain.vercel.app/api/auth/callback/github
|
|
GITHUB_CLIENT_ID=
|
|
GITHUB_CLIENT_SECRET=
|
|
|
|
# Required for next-auth session encryption (run: openssl rand -base64 32)
|
|
NEXTAUTH_SECRET=
|
|
# Optional on Vercel — set to your production URL if self-hosting
|
|
# NEXTAUTH_URL=https://your-domain.vercel.app
|