# Environment variables for the TRM directus service. # Copy to .env and fill in values for local development. # cp .env.example .env # # Required vars: DB_*, KEY, SECRET, ADMIN_EMAIL, ADMIN_PASSWORD, PUBLIC_URL. # .env is gitignored — never commit real credentials. # --------------------------------------------------------------------------- # Database connection — Postgres 16 + TimescaleDB + PostGIS # --------------------------------------------------------------------------- # Directus DB driver. Always "pg" for this service. DB_CLIENT=pg # Hostname of the Postgres container (matches the compose service name when # running via compose.dev.yaml; change to your host/IP for external Postgres). DB_HOST=db # Postgres port. DB_PORT=5432 # Database name. DB_DATABASE=directus # Postgres user. DB_USER=directus # Postgres password. DB_PASSWORD=directus # --------------------------------------------------------------------------- # Instance security — REQUIRED; generate fresh values for each environment. # # KEY: uuidgen (or openssl rand -hex 32) # SECRET: openssl rand -hex 64 # # IMPORTANT: two instances sharing the same KEY/SECRET will produce # colliding JWT tokens. Use distinct values per environment. # --------------------------------------------------------------------------- KEY=replace-with-a-random-uuid SECRET=replace-with-a-long-random-string # --------------------------------------------------------------------------- # Admin bootstrap # # Applied on first boot when the users table is empty. If the instance has # already been initialised these values are ignored — change the password via # the admin UI or Directus CLI instead. # --------------------------------------------------------------------------- ADMIN_EMAIL=admin@example.com ADMIN_PASSWORD=change-me-on-first-boot # --------------------------------------------------------------------------- # Public URL # # Used in password-reset emails, OAuth redirect URIs, and the Directus admin # UI's "share" links. Set to the externally reachable URL in staging/prod. # --------------------------------------------------------------------------- PUBLIC_URL=http://localhost:8055 # --------------------------------------------------------------------------- # Logging # --------------------------------------------------------------------------- # Log level: fatal | error | warn | info | debug | trace LOG_LEVEL=info # Log format: pretty (human-readable) | json (structured, for log aggregators) LOG_STYLE=pretty # --------------------------------------------------------------------------- # Cache (optional — disabled by default for local dev) # --------------------------------------------------------------------------- # Set to true to enable Directus's built-in response cache. # Requires a cache store (Redis or memory) when enabled. CACHE_ENABLED=false # --------------------------------------------------------------------------- # CORS (optional — disabled by default) # --------------------------------------------------------------------------- # Set to true to enable CORS headers. CORS_ENABLED=false # Allowed origin(s). Accepts a URL string, comma-separated list, or "true" # to reflect any origin (development only — never use "true" in production). # CORS_ORIGIN=http://localhost:3000 # --------------------------------------------------------------------------- # WebSockets (enabled by default — required for the SPA live channel) # --------------------------------------------------------------------------- # Set to false only when the SPA is not connected (e.g. API-only deployments). WEBSOCKETS_ENABLED=true