mirror of
https://github.com/LogicLabs-OU/OpenArchiver.git
synced 2026-04-05 16:22:01 +02:00
0c42b30c9e
* OpenAPI root url fix
* Journaling OSS setup
* feat: add preserve-original-file mode for email ingestion for GoBD compliance
- Add `preserveOriginalFile` option to ingestion sources and connectors
- Stream original EML/MBOX/PST emails to temp files instead of holding
full buffers in memory, reducing memory allocation during ingestion
- Skip attachment binary extraction and EML re-serialization when
preserve mode is enabled; use raw file on disk as source of truth
- Update `EmailObject` to use `tempFilePath` instead of in-memory `eml`
buffer across all connectors (EML, MBOX, PST)
- Add new database migration (0032) for `preserve_original_file` column
- Add frontend UI toggle with tooltip (tippy.js) for the new option
- Replace console.warn calls with structured pino logger in connectors
* add isjournaled property to archived_email
* feat(ingestion): add unmerge ingestion source functionality
Introduces the ability to detach a child ingestion source from its
merge group, making it a standalone root source. Changes include:
- Add `unmerge` controller method with auth and error handling
- Add POST `/v1/ingestion-sources/{id}/unmerge` route with OpenAPI docs
- Implement `IngestionService.unmerge` backend logic
- Add unmerge UI action and handler in the frontend ingestion view
- Fix bulk delete to also remove children of deleted root sources
- Update docs with new API operation and merging sources user guide
* code formatting
* Database migration file for enum `partially_active`
* Error handling improvement
127 lines
5.6 KiB
Plaintext
127 lines
5.6 KiB
Plaintext
|
|
# --- Application Settings ---
|
|
# Set to 'production' for production environments
|
|
NODE_ENV=development
|
|
PORT_BACKEND=4000
|
|
PORT_FRONTEND=3000
|
|
# The public-facing URL of your application. This is used by the backend to configure CORS.
|
|
APP_URL=http://localhost:3000
|
|
# This is used by the SvelteKit Node adapter to determine the server's public-facing URL.
|
|
# It should always be set to the value of APP_URL.
|
|
ORIGIN=$APP_URL
|
|
# The frequency of continuous email syncing. Default is every minutes, but you can change it to another value based on your needs.
|
|
SYNC_FREQUENCY='* * * * *'
|
|
# Set to 'true' to include Junk and Trash folders in the email archive. Defaults to false.
|
|
ALL_INCLUSIVE_ARCHIVE=false
|
|
# Number of mailbox jobs that run concurrently in the ingestion worker. Increase on servers with more RAM.
|
|
INGESTION_WORKER_CONCURRENCY=5
|
|
|
|
# --- Docker Compose Service Configuration ---
|
|
# These variables are used by docker-compose.yml to configure the services. Leave them unchanged if you use Docker services for Postgresql, Valkey (Redis) and Meilisearch. If you decide to use your own instances of these services, you can substitute them with your own connection credentials.
|
|
|
|
# PostgreSQL
|
|
POSTGRES_DB=open_archive
|
|
POSTGRES_USER=admin
|
|
POSTGRES_PASSWORD=password
|
|
DATABASE_URL="postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@postgres:5432/${POSTGRES_DB}"
|
|
|
|
# Meilisearch
|
|
MEILI_MASTER_KEY=aSampleMasterKey
|
|
MEILI_HOST=http://meilisearch:7700
|
|
# The number of emails to batch together for indexing. Defaults to 500.
|
|
MEILI_INDEXING_BATCH=500
|
|
|
|
|
|
# Redis (We use Valkey, which is Redis-compatible and open source)
|
|
REDIS_HOST=valkey
|
|
REDIS_PORT=6379
|
|
REDIS_PASSWORD=defaultredispassword
|
|
# If you run Valkey service from Docker Compose, set the REDIS_TLS_ENABLED variable to false.
|
|
REDIS_TLS_ENABLED=false
|
|
# Redis username. Only required if not using the default user.
|
|
REDIS_USER=notdefaultuser
|
|
|
|
|
|
# --- Storage Settings ---
|
|
# Choose your storage backend. Valid options are 'local' or 's3'.
|
|
STORAGE_TYPE=local
|
|
# The maximum request body size the SvelteKit frontend server will accept (including file uploads via streaming).
|
|
# Accepts a numeric value in bytes, or a unit suffix: K (kilobytes), M (megabytes), G (gigabytes).
|
|
# Set to 'Infinity' to remove the limit entirely (recommended for archiving large PST/Mbox files).
|
|
# Examples: 512K, 100M, 5G, Infinity. Defaults to 512K if not set.
|
|
# For very large files (multi-GB), consider using the "Local Path" ingestion option which bypasses this limit entirely.
|
|
BODY_SIZE_LIMIT=100M
|
|
|
|
# --- Local Storage Settings ---
|
|
# The path inside the container where files will be stored.
|
|
# This is mapped to a Docker volume for persistence.
|
|
# This is not an optional variable, it is where the Open Archiver service stores application data. Set this even if you are using S3 storage.
|
|
# Make sure the user that runs the Open Archiver service has read and write access to this path.
|
|
# Important: It is recommended to create this path manually before installation, otherwise you may face permission and ownership problems.
|
|
STORAGE_LOCAL_ROOT_PATH=/var/data/open-archiver
|
|
|
|
# --- S3-Compatible Storage Settings ---
|
|
# These are only used if STORAGE_TYPE is 's3'.
|
|
STORAGE_S3_ENDPOINT=
|
|
STORAGE_S3_BUCKET=
|
|
STORAGE_S3_ACCESS_KEY_ID=
|
|
STORAGE_S3_SECRET_ACCESS_KEY=
|
|
STORAGE_S3_REGION=
|
|
# Set to 'true' for MinIO and other non-AWS S3 services
|
|
STORAGE_S3_FORCE_PATH_STYLE=false
|
|
|
|
# --- Storage Encryption ---
|
|
# IMPORTANT: Generate a secure, random 32-byte hex string for this key.
|
|
# You can use `openssl rand -hex 32` to generate a key.
|
|
# This key is used for AES-256 encryption of files at rest.
|
|
# This is an optional variable, if not set, files will not be encrypted.
|
|
STORAGE_ENCRYPTION_KEY=
|
|
|
|
# --- Security & Authentication ---
|
|
|
|
# Enable or disable deletion of emails and ingestion sources. Defaults to false.
|
|
ENABLE_DELETION=false
|
|
|
|
# Rate Limiting
|
|
# The window in milliseconds for which API requests are checked. Defaults to 60000 (1 minute).
|
|
RATE_LIMIT_WINDOW_MS=60000
|
|
# The maximum number of API requests allowed from an IP within the window. Defaults to 100.
|
|
RATE_LIMIT_MAX_REQUESTS=100
|
|
|
|
|
|
|
|
# JWT
|
|
# IMPORTANT: Change this to a long, random, and secret string in your .env file
|
|
JWT_SECRET=a-very-secret-key-that-you-should-change
|
|
JWT_EXPIRES_IN="7d"
|
|
|
|
|
|
# Master Encryption Key for sensitive data (Such as Ingestion source credentials and passwords)
|
|
# IMPORTANT: Generate a secure, random 32-byte hex string for this
|
|
# You can use `openssl rand -hex 32` to generate a key.
|
|
ENCRYPTION_KEY=
|
|
|
|
# Apache Tika Integration
|
|
# ONLY active if TIKA_URL is set
|
|
TIKA_URL=http://tika:9998
|
|
|
|
|
|
# Enterprise features (Skip this part if you are using the open-source version)
|
|
|
|
# Batch size for managing retention policy lifecycle. (This number of emails will be checked each time when retention policy scans the database. Adjust based on your system capability.)
|
|
RETENTION_BATCH_SIZE=1000
|
|
|
|
# --- SMTP Journaling (Enterprise only) ---
|
|
# The port the embedded SMTP journaling listener binds to inside the container.
|
|
# This is the port your MTA (Exchange, MS365, Postfix, etc.) will send journal reports to.
|
|
# The docker-compose.yml maps this same port on the host side by default.
|
|
SMTP_JOURNALING_PORT=2525
|
|
# The domain used to generate routing addresses for journaling sources.
|
|
# Each source gets a unique address like journal-<id>@<domain>.
|
|
# Set this to the domain/subdomain whose MX record points to this server.
|
|
SMTP_JOURNALING_DOMAIN=journal.yourdomain.com
|
|
# Maximum number of waiting jobs in the journal queue before the SMTP listener
|
|
# returns 4xx temporary failures (backpressure). The MTA will retry automatically.
|
|
JOURNAL_QUEUE_BACKPRESSURE_THRESHOLD=10000
|
|
#BullMQ worker concurrency for processing journaled emails. Increase on servers with more CPU cores.
|
|
JOURNAL_WORKER_CONCURRENCY=3 |