ADMIN_USERNAME | "myadmin" | Admin username for the dashboard |
ADMIN_PASSWORD | "S3curePwd!" | Admin password for the dashboard |
ADMIN_ROLES | "admin,waf_manager" | Admin roles |
JWT_SECRET | "change_me_to_a_long_random_string" | JWT secret |
RUST_LOG | "debug" | Log level |
IP2REGION_DB | "config/ip2region_v4.xdb" | Path to IP database file, data from the ip2region project |
FIRST_BLOCK_SECRET | "your-custom-first-block-secret" | Encryption key used for POW configuration |
DEFENSE_TOKEN_SECRET | "your-custom-defense-token-secret" | Encryption key used for POW configuration |
MAX_REQUEST_BODY_SIZE | "104857600" | Maximum request body size in bytes (default: 100MB). You can set a larger value for large file uploads (for example, "524288000" for 500MB) |
CRYPTO_JS_SRC | "assets/crypto-js.min.js" | CDN source for CRYPTO_JS_SRC library. Useful for low-bandwidth servers by replacing the JS library in the loading page to save bandwidth |
WAF_MINIMAL_REDIRECT | "true" | Enable minimal redirect (for low-bandwidth anti-traffic scenarios). When enabled, the block page returns tiny HTML and redirects with JS to the loading page, dropping clients that cannot execute JS and reducing bandwidth usage |
SMTP_SERVER | "smtp.example.com" | Notification email for automatic certificate renewal (sent on both success and failure). Required |
SMTP_PORT | "587" | Optional. Uses default port if unset |
SMTP_USERNAME | "noreply@example.com" | Optional. If set, password authentication is enabled automatically |
SMTP_PASSWORD | "secret" | Optional. Used together with SMTP_USERNAME |
SMTP_FROM | "noreply@example.com" | Optional. Falls back to SMTP_USERNAME or no-reply@localhost. Recipients come from site config auto_cert_email; no email is sent if empty |
