calcom/.env.example

# ********** INDEX **********
#
# - LICENSE
# - DATABASE
# - SHARED
#   - NEXTAUTH
# - E-MAIL SETTINGS

# - LICENSE *************************************************************************************************
# Set this value to 'agree' to accept our license:
# LICENSE: https://github.com/calendso/calendso/blob/main/LICENSE
#
# Summary of terms:
# - The codebase has to stay open source, whether it was modified or not
# - You can not repackage or sell the codebase
# - Acquire a commercial license to remove these terms by visiting: cal.com/sales
NEXT_PUBLIC_LICENSE_CONSENT=''
# ***********************************************************************************************************

# - DATABASE ************************************************************************************************
# ⚠️ ⚠️ ⚠️ DATABASE_URL got moved to `packages/prisma/.env.example` ⚠️ ⚠️ ⚠️
# ***********************************************************************************************************

# - SHARED **************************************************************************************************
NEXT_PUBLIC_WEBAPP_URL='http://localhost:3000'
# Change to 'http://localhost:3001' if running the website simultaneously
NEXT_PUBLIC_WEBSITE_URL='http://localhost:3000'

# To enable SAML login, set both these variables
# @see https://github.com/calcom/cal.com/tree/main/packages/ee#setting-up-saml-login
# SAML_DATABASE_URL="postgresql://postgres:@localhost:5450/cal-saml"
SAML_DATABASE_URL=
# SAML_ADMINS='pro@example.com'
SAML_ADMINS=
# If you use Heroku to deploy Postgres (or use self-signed certs for Postgres) then uncomment the follow line.
# @see https://devcenter.heroku.com/articles/connecting-heroku-postgres#connecting-in-node-js
# PGSSLMODE='no-verify'
PGSSLMODE=

#   - NEXTAUTH
# @see: https://github.com/calendso/calendso/issues/263
# @see: https://next-auth.js.org/configuration/options#nextauth_url
# Required for Vercel hosting - set NEXTAUTH_URL to equal your NEXT_PUBLIC_WEBAPP_URL
# NEXTAUTH_URL='http://localhost:3000'
NEXTAUTH_URL=
# @see: https://next-auth.js.org/configuration/options#nextauth_secret
# You can use: `openssl rand -base64 32` to generate one
NEXTAUTH_SECRET=
# Used for cross-domain cookie authentication
NEXTAUTH_COOKIE_DOMAIN=.example.com

# Remove this var if you don't want Cal to collect anonymous usage
NEXT_PUBLIC_TELEMETRY_KEY=js.2pvs2bbpqq1zxna97wcml.oi2jzirnbj1ev4tc57c5r

# ApiKey for cronjobs
CRON_API_KEY='0cc0e6c35519bba620c9360cfe3e68d0'

# Application Key for symmetric encryption and decryption
# must be 32 bytes for AES256 encryption algorithm
# You can use: `openssl rand -base64 24` to generate one
CALENDSO_ENCRYPTION_KEY=

# Intercom Config
NEXT_PUBLIC_INTERCOM_APP_ID=

# Zendesk Config
NEXT_PUBLIC_ZENDESK_KEY=

# Help Scout Config
NEXT_PUBLIC_HELPSCOUT_KEY=

# This is used so we can bypass emails in auth flows for E2E testing
# Set it to "1" if you need to run E2E tests locally
NEXT_PUBLIC_IS_E2E=

# Used for internal billing system
NEXT_PUBLIC_STRIPE_PRO_PLAN_PRODUCT=
NEXT_PUBLIC_STRIPE_PRO_PLAN_PRICE=
NEXT_PUBLIC_STRIPE_PREMIUM_PLAN_PRICE=
NEXT_PUBLIC_STRIPE_FREE_PLAN_PRICE=

# Use for internal Public API Keys and optional
API_KEY_PREFIX=cal_
# ***********************************************************************************************************

# - E-MAIL SETTINGS *****************************************************************************************
# Cal uses nodemailer (@see https://nodemailer.com/about/) to provide email sending. As such we are trying to
# allow access to the nodemailer transports from the .env file. E-mail templates are accessible within lib/emails/
# Configures the global From: header whilst sending emails.
EMAIL_FROM='notifications@yourselfhostedcal.com'

# Configure SMTP settings (@see https://nodemailer.com/smtp/).
# Note: The below configuration for Office 365 has been verified to work.
EMAIL_SERVER_HOST='smtp.office365.com'
EMAIL_SERVER_PORT=587
EMAIL_SERVER_USER='<office365_emailAddress>'
# Keep in mind that if you have 2FA enabled, you will need to provision an App Password.
EMAIL_SERVER_PASSWORD='<office365_password>'

# The following configuration for Gmail has been verified to work.
# EMAIL_SERVER_HOST='smtp.gmail.com'
# EMAIL_SERVER_PORT=465
# EMAIL_SERVER_USER='<gmail_emailAddress>'
## You will need to provision an App Password.
## @see https://support.google.com/accounts/answer/185833
# EMAIL_SERVER_PASSWORD='<gmail_app_password>'
# **********************************************************************************************************
The Dotenv Refactor (#2275) * dotenv refactoring * dotenv fixes * Env variables cleanup * Updates e2e variables * Moves environment file to types * Removes conflicting configs * Readds missing variables * Fixes * More fixes * Update .env.example * Update yarn.lock * Update turbo.json * Fixes e2e * Temp fix * disables cache for lint * Please work * I'm getting desperate here. * Matches node versions * Take 2 * Revert "Take 2" This reverts commit a735f47f2325c2040168e0cd99dea0fc357a791f. * Update .env.example 2022-03-26 00:39:38 +00:00			`# ******** INDEX ********`
			`#`
			`# - LICENSE`
			`# - DATABASE`
			`# - SHARED`
			`# - NEXTAUTH`
			`# - E-MAIL SETTINGS`

			`# - LICENSE *************************************************************************************************`
			`# Set this value to 'agree' to accept our license:`
			`# LICENSE: https://github.com/calendso/calendso/blob/main/LICENSE`
			`#`
			`# Summary of terms:`
			`# - The codebase has to stay open source, whether it was modified or not`
			`# - You can not repackage or sell the codebase`
			`# - Acquire a commercial license to remove these terms by visiting: cal.com/sales`
			`NEXT_PUBLIC_LICENSE_CONSENT=''`
			`# ***********************************************************************************************************`

			`# - DATABASE ************************************************************************************************`
			# ⚠️ ⚠️ ⚠️ DATABASE_URL got moved to `packages/prisma/.env.example` ⚠️ ⚠️ ⚠️
			`# ***********************************************************************************************************`

			`# - SHARED **************************************************************************************************`
			`NEXT_PUBLIC_WEBAPP_URL='http://localhost:3000'`
			`# Change to 'http://localhost:3001' if running the website simultaneously`
			`NEXT_PUBLIC_WEBSITE_URL='http://localhost:3000'`

			`# To enable SAML login, set both these variables`
			`# @see https://github.com/calcom/cal.com/tree/main/packages/ee#setting-up-saml-login`
			`# SAML_DATABASE_URL="postgresql://postgres:@localhost:5450/cal-saml"`
			`SAML_DATABASE_URL=`
			`# SAML_ADMINS='pro@example.com'`
			`SAML_ADMINS=`
			`# If you use Heroku to deploy Postgres (or use self-signed certs for Postgres) then uncomment the follow line.`
			`# @see https://devcenter.heroku.com/articles/connecting-heroku-postgres#connecting-in-node-js`
			`# PGSSLMODE='no-verify'`
			`PGSSLMODE=`

			`# - NEXTAUTH`
			`# @see: https://github.com/calendso/calendso/issues/263`
Feature: Verify login on signup with magic link. (#2122) * manual migration to rename verificationtoken, maybe it could be dropped and create a new table instead if we're not using it, will consult @zomars * feat: rename verificationRequest --> verificationToken in schema.prisma * fix: rename verificationRequest -> verificationToken in the codebase * feat: add default cookies for next-auth * fix: moves @lib/serverConfig to @calcom/lib so it can be called by website too * fix: make self-certificate work in dev env by not rejecting tls in serverConfig * fix verificationTokenToken typo Co-authored-by: Omar López <zomars@me.com> * Adds domain: .cal.com if not dev env in cookies * Adds default-cookies to apps/web, and nextauth_domain to turbo website build deps"a * update NEXTAUTH_DOMAIN to NEXTAUTH_COOKIE_DOMAIN * Updates website submodule * Removes deprecated env vars * Consolidates auth logic in one place * Updates website module * Signup fixes * Build fixes * Updates example * Updates example * Fixes * Fix Email Verification * fix: move csrf-token cookiePrefix from __Host -> __Secure * Removes console log * Fixes link in email template * Removed irrelevant coment * Testing with a 32 bit secret * Fixes for cookien in E2E * E2E fixes * Fixes Stripe tests locally * Temp fix for E2E Co-authored-by: Agusti Fernandez Pardo <git@agusti.me> Co-authored-by: kodiakhq[bot] <49736102+kodiakhq[bot]@users.noreply.github.com> Co-authored-by: Omar López <zomars@me.com> Co-authored-by: Hariom Balhara <hariombalhara@gmail.com> 2022-04-21 20:32:25 +00:00			`# @see: https://next-auth.js.org/configuration/options#nextauth_url`
			`# Required for Vercel hosting - set NEXTAUTH_URL to equal your NEXT_PUBLIC_WEBAPP_URL`
The Dotenv Refactor (#2275) * dotenv refactoring * dotenv fixes * Env variables cleanup * Updates e2e variables * Moves environment file to types * Removes conflicting configs * Readds missing variables * Fixes * More fixes * Update .env.example * Update yarn.lock * Update turbo.json * Fixes e2e * Temp fix * disables cache for lint * Please work * I'm getting desperate here. * Matches node versions * Take 2 * Revert "Take 2" This reverts commit a735f47f2325c2040168e0cd99dea0fc357a791f. * Update .env.example 2022-03-26 00:39:38 +00:00			`# NEXTAUTH_URL='http://localhost:3000'`
			`NEXTAUTH_URL=`
Feature: Verify login on signup with magic link. (#2122) * manual migration to rename verificationtoken, maybe it could be dropped and create a new table instead if we're not using it, will consult @zomars * feat: rename verificationRequest --> verificationToken in schema.prisma * fix: rename verificationRequest -> verificationToken in the codebase * feat: add default cookies for next-auth * fix: moves @lib/serverConfig to @calcom/lib so it can be called by website too * fix: make self-certificate work in dev env by not rejecting tls in serverConfig * fix verificationTokenToken typo Co-authored-by: Omar López <zomars@me.com> * Adds domain: .cal.com if not dev env in cookies * Adds default-cookies to apps/web, and nextauth_domain to turbo website build deps"a * update NEXTAUTH_DOMAIN to NEXTAUTH_COOKIE_DOMAIN * Updates website submodule * Removes deprecated env vars * Consolidates auth logic in one place * Updates website module * Signup fixes * Build fixes * Updates example * Updates example * Fixes * Fix Email Verification * fix: move csrf-token cookiePrefix from __Host -> __Secure * Removes console log * Fixes link in email template * Removed irrelevant coment * Testing with a 32 bit secret * Fixes for cookien in E2E * E2E fixes * Fixes Stripe tests locally * Temp fix for E2E Co-authored-by: Agusti Fernandez Pardo <git@agusti.me> Co-authored-by: kodiakhq[bot] <49736102+kodiakhq[bot]@users.noreply.github.com> Co-authored-by: Omar López <zomars@me.com> Co-authored-by: Hariom Balhara <hariombalhara@gmail.com> 2022-04-21 20:32:25 +00:00			`# @see: https://next-auth.js.org/configuration/options#nextauth_secret`
			# You can use: `openssl rand -base64 32` to generate one
			`NEXTAUTH_SECRET=`
The Dotenv Refactor (#2275) * dotenv refactoring * dotenv fixes * Env variables cleanup * Updates e2e variables * Moves environment file to types * Removes conflicting configs * Readds missing variables * Fixes * More fixes * Update .env.example * Update yarn.lock * Update turbo.json * Fixes e2e * Temp fix * disables cache for lint * Please work * I'm getting desperate here. * Matches node versions * Take 2 * Revert "Take 2" This reverts commit a735f47f2325c2040168e0cd99dea0fc357a791f. * Update .env.example 2022-03-26 00:39:38 +00:00			`# Used for cross-domain cookie authentication`
			`NEXTAUTH_COOKIE_DOMAIN=.example.com`

			`# Remove this var if you don't want Cal to collect anonymous usage`
			`NEXT_PUBLIC_TELEMETRY_KEY=js.2pvs2bbpqq1zxna97wcml.oi2jzirnbj1ev4tc57c5r`

			`# ApiKey for cronjobs`
			`CRON_API_KEY='0cc0e6c35519bba620c9360cfe3e68d0'`

			`# Application Key for symmetric encryption and decryption`
			`# must be 32 bytes for AES256 encryption algorithm`
			# You can use: `openssl rand -base64 24` to generate one
			`CALENDSO_ENCRYPTION_KEY=`

			`# Intercom Config`
			`NEXT_PUBLIC_INTERCOM_APP_ID=`

			`# Zendesk Config`
			`NEXT_PUBLIC_ZENDESK_KEY=`

			`# Help Scout Config`
			`NEXT_PUBLIC_HELPSCOUT_KEY=`

			`# This is used so we can bypass emails in auth flows for E2E testing`
			`# Set it to "1" if you need to run E2E tests locally`
			`NEXT_PUBLIC_IS_E2E=`

			`# Used for internal billing system`
			`NEXT_PUBLIC_STRIPE_PRO_PLAN_PRODUCT=`
			`NEXT_PUBLIC_STRIPE_PRO_PLAN_PRICE=`
			`NEXT_PUBLIC_STRIPE_PREMIUM_PLAN_PRICE=`
			`NEXT_PUBLIC_STRIPE_FREE_PLAN_PRICE=`
Feature: Adds api keys to cal.com webapp (#2277) * feat: add ApiKey model for new Api auth, owned by a user * fix: remove metadata:Json and add note:String instead in new apiKey model * fix: rename apiKey to apiKeys in moder User relation in schema.prisma * feat: add hashedKey to apiKey and lastUsedAt datetime to keep track of usage of keys and makiung them securely stored in db * fix 30 day -> 30 days in expiresAt * feat: api keys frontend in security page * adds hashedKey to api key model, add frontend api keys in security page * Make frontend work to create api keys with or without expiry, note, defaults to 1 month expiry * remove migration for now, add env.example to swagger, sync api * feat: hashed api keys * fix: minor refactor and cleanup in apiKeys generator * add api key success modal * sync apps/api * feat: We have API Keys in Security =) * remove swagger env from pr * apps api sync * remove comments in password section * feat: migration for api keys schema * sync api w main * delete apps/api * add back apps/api * make min date and disabled optional props in datepicker * feat fix type check errors * fix : types * fix: rmeove renaming of verificationrequest token indexes in migration * fix: remove extra div * Fixes for feedback in PR * fix button /> * fix: rename weird naming of translation for you_will_only_view_it_once * fix: remove ternary and use && to avoid null for false * fix sync apps/api with main not old commit * fix empty className * fix: remove unused imports * fix remove commented jsx fragment close * fix rename editing * improve translations * feat: adds beta tag in security tab under api keys * fix: use api keys everywhere * fix: cleanup code in api keys * fix: use watch and controller for neverexpires/datepicker * Fixes: improve api key never expires * add back change password h2 title section in security page * fix update env API_KEY_ prefix default to cal_ * fix: improve eidt api keys modal * fix: update edit mutation in viewer.apiKeys * Update apps/web/ee/components/apiKeys/ApiKeyListItem.tsx Co-authored-by: Alex van Andel <me@alexvanandel.com> * fix: item: any to pass build Co-authored-by: Agusti Fernandez Pardo <git@agusti.me> Co-authored-by: kodiakhq[bot] <49736102+kodiakhq[bot]@users.noreply.github.com> Co-authored-by: Omar López <zomars@me.com> Co-authored-by: Alex van Andel <me@alexvanandel.com> 2022-04-16 02:58:34 +00:00
			`# Use for internal Public API Keys and optional`
			`API_KEY_PREFIX=cal_`
The Dotenv Refactor (#2275) * dotenv refactoring * dotenv fixes * Env variables cleanup * Updates e2e variables * Moves environment file to types * Removes conflicting configs * Readds missing variables * Fixes * More fixes * Update .env.example * Update yarn.lock * Update turbo.json * Fixes e2e * Temp fix * disables cache for lint * Please work * I'm getting desperate here. * Matches node versions * Take 2 * Revert "Take 2" This reverts commit a735f47f2325c2040168e0cd99dea0fc357a791f. * Update .env.example 2022-03-26 00:39:38 +00:00			`# ***********************************************************************************************************`

			`# - E-MAIL SETTINGS *****************************************************************************************`
			`# Cal uses nodemailer (@see https://nodemailer.com/about/) to provide email sending. As such we are trying to`
			`# allow access to the nodemailer transports from the .env file. E-mail templates are accessible within lib/emails/`
			`# Configures the global From: header whilst sending emails.`
			`EMAIL_FROM='notifications@yourselfhostedcal.com'`

			`# Configure SMTP settings (@see https://nodemailer.com/smtp/).`
			`# Note: The below configuration for Office 365 has been verified to work.`
			`EMAIL_SERVER_HOST='smtp.office365.com'`
			`EMAIL_SERVER_PORT=587`
			`EMAIL_SERVER_USER='<office365_emailAddress>'`
			`# Keep in mind that if you have 2FA enabled, you will need to provision an App Password.`
			`EMAIL_SERVER_PASSWORD='<office365_password>'`

			`# The following configuration for Gmail has been verified to work.`
			`# EMAIL_SERVER_HOST='smtp.gmail.com'`
			`# EMAIL_SERVER_PORT=465`
			`# EMAIL_SERVER_USER='<gmail_emailAddress>'`
			`## You will need to provision an App Password.`
			`## @see https://support.google.com/accounts/answer/185833`
			`# EMAIL_SERVER_PASSWORD='<gmail_app_password>'`
			`# **********************************************************************************************************`