Files
mygo/config.example.yaml
T
ld 5eeb37389b fix(config): harden default JWT secret
Replace known development JWT secret placeholders with an ephemeral runtime secret during config loading.

Return LoadInfo so startup can warn when token persistence depends on a stable configured secret.

Update config docs and tests for default, legacy placeholder, custom, env, and empty secret behavior.
2026-07-05 13:25:44 +08:00

36 lines
817 B
YAML

server:
host: 0.0.0.0
port: 10086
database:
driver: sqlite3
sqlite:
path: data/mygo.db
postgres:
host: localhost
port: 5432
user: mygo
password: mygo
dbname: mygo
sslmode: disable
storage:
driver: local
local:
path: data/files
# Max upload file size in bytes. 0 = unlimited
max_upload_size: 104857600 # 100 MB
log:
level: info # terminal: debug, info, warn, error
file_path: "" # empty = no file logging
file_level: debug # file: debug, info, warn, error
jwt:
# Development placeholder. MyGO replaces this with an ephemeral runtime
# secret at startup; set a stable value for production.
secret: dev-secret-do-not-use-in-production
access_ttl: 15m
refresh_ttl: 168h