update name, project refference and synchronization

data/gowebmail.conf.example

@@ -0,0 +1,90 @@
+# GoMail Configuration
+# =====================
+# Auto-generated and updated on each startup.
+# Edit freely — your values are always preserved.
+# Environment variables (or GOMAIL_<KEY>) override values here.
+#
+
+# --- Server ---
+# Public hostname of this GoMail instance (no port, no protocol).
+# Examples: localhost | mail.example.com | 192.168.1.10
+# Used to build BASE_URL and OAuth redirect URIs automatically.
+# Also used in security checks to reject requests with unexpected Host headers.
+HOSTNAME = localhost
+
+# Address and port to listen on. Format: [host]:port
+#   :8080          — all interfaces, port 8080
+#   0.0.0.0:8080   — all interfaces (explicit)
+#   127.0.0.1:8080 — localhost only
+LISTEN_ADDR = :8080
+
+# Public URL of this instance (no trailing slash). Leave blank to auto-build
+# from HOSTNAME and LISTEN_ADDR port (recommended).
+#   Auto-build examples:
+#     HOSTNAME=localhost       + :8080  → http://localhost:8080
+#     HOSTNAME=mail.example.com + :443  → https://mail.example.com
+#     HOSTNAME=mail.example.com + :8080 → http://mail.example.com:8080
+# Override here only if you need a custom path prefix or your proxy rewrites the URL.
+BASE_URL = 
+
+# Set to true when GoMail is served over HTTPS (directly or via proxy).
+# Marks session cookies as Secure so browsers only send them over TLS.
+SECURE_COOKIE = false
+
+# How long a login session lasts, in seconds. Default: 604800 (7 days).
+SESSION_MAX_AGE = 604800
+
+# Comma-separated list of IP addresses or CIDR ranges of trusted reverse proxies.
+# Requests from these IPs may set X-Forwarded-For and X-Forwarded-Proto headers,
+# which GoMail uses to determine the real client IP and whether TLS is in use.
+#   Examples:
+#     127.0.0.1                        (loopback only — Nginx/Traefik on same host)
+#     10.0.0.0/8,172.16.0.0/12         (private networks)
+#     192.168.1.50,192.168.1.51         (specific IPs)
+#   Leave blank to disable proxy trust (requests are taken at face value).
+#   NOTE: Do not add untrusted IPs — clients could spoof their source address.
+TRUSTED_PROXIES = 
+
+# --- Storage ---
+# Path to the SQLite database file.
+DB_PATH = ./data/gowebmail.db
+
+# AES-256 key protecting all sensitive data at rest (emails, tokens, MFA secrets).
+# Must be exactly 64 hex characters (= 32 bytes). Auto-generated on first run.
+# NOTE: Back this up. Losing it makes the entire database permanently unreadable.
+# openssl rand -hex 32
+ENCRYPTION_KEY = 2cf005ce1ed023ad59da92523bc437ec70fb0d2520f977711216fbb5f356fa97
+
+# Secret used to sign session cookies. Auto-generated on first run.
+# Changing this invalidates all active sessions (everyone gets logged out).
+SESSION_SECRET = c6502e203937358815053f7849e6da8c376253a4f9a38def54d750219c65660e
+
+# --- Gmail / Google OAuth2 ---
+# Create at: https://console.cloud.google.com/apis/credentials
+#   Application type : Web application
+#   Required scope   : https://mail.google.com/
+#   Redirect URI     : <BASE_URL>/auth/gmail/callback
+GOOGLE_CLIENT_ID = 
+
+GOOGLE_CLIENT_SECRET = 
+
+# Override the Gmail OAuth redirect URL. Leave blank to auto-derive from BASE_URL.
+# Must exactly match what is registered in Google Cloud Console.
+GOOGLE_REDIRECT_URL = 
+
+# --- Outlook / Microsoft 365 OAuth2 ---
+# Register at: https://portal.azure.com/#blade/Microsoft_AAD_RegisteredApps
+#   Required API permissions : IMAP.AccessAsUser.All, SMTP.Send, offline_access, openid, email
+#   Redirect URI             : <BASE_URL>/auth/outlook/callback
+MICROSOFT_CLIENT_ID = 
+
+MICROSOFT_CLIENT_SECRET = 
+
+# Use 'common' to allow any Microsoft account,
+# or your Azure tenant ID to restrict to one organisation.
+MICROSOFT_TENANT_ID = common
+
+# Override the Outlook OAuth redirect URL. Leave blank to auto-derive from BASE_URL.
+# Must exactly match what is registered in Azure.
+MICROSOFT_REDIRECT_URL = 
+