kill-the-news/wrangler-example.toml

name = "kill-the-news"
main = "src/index.ts"
compatibility_date = "REPLACE_WITH_COMPATIBILITY_DATE"
compatibility_flags = ["nodejs_compat"]

# Global KV Namespace bindings
kv_namespaces = [
  { binding = "EMAIL_STORAGE", id = "REPLACE_WITH_YOUR_KV_NAMESPACE_ID", preview_id = "REPLACE_WITH_YOUR_PREVIEW_KV_NAMESPACE_ID" }
]

# Optional: R2 bucket for storing email attachment enclosures
# r2_buckets = [
#   { binding = "ATTACHMENT_BUCKET", bucket_name = "REPLACE_WITH_YOUR_BUCKET_NAME", preview_bucket_name = "REPLACE_WITH_YOUR_PREVIEW_BUCKET_NAME" }
# ]

# Import CSS files as text strings (inlined in HTML <style> tags)
[[rules]]
type = "Text"
globs = ["**/*.css"]
fallthrough = false

# Workers Observability (keeps config in sync with dashboard toggle)
[observability.logs]
enabled = true
invocation_logs = true

# Hourly cleanup: purge KV + R2 data for feeds whose TTL has expired
[triggers]
crons = ["0 * * * *"]

# Global Environment variables
[vars]
DOMAIN = "REPLACE_WITH_YOUR_DOMAIN" # Web domain (used for feed URLs and admin UI)

# Optional: email domain when it differs from the web domain
# Example: DOMAIN = "demo.example.com" but emails are @example.com
# EMAIL_DOMAIN = "REPLACE_WITH_YOUR_EMAIL_DOMAIN"

# Optional: size-based feed trimming threshold in bytes (default: 524288 = 512 KB)
# FEED_MAX_SIZE_BYTES = "524288"

# Optional: turn email attachments off even when an R2 bucket is bound.
# Unset (or any value other than "false") keeps attachments on whenever R2 is configured.
# ATTACHMENTS_ENABLED = "false"

# Optional: lock feed lifetime for all users (hours). When set, the TTL field in
# the admin UI is pre-filled and read-only. Remove to allow per-feed configuration.
# FEED_TTL_HOURS = "24"

# Optional: catch-all fallback forwarding. Inbound mail that isn't a feed (bad
# address or unknown feed) is forwarded here instead of dropped — lets you point
# a domain's catch-all at this worker without losing personal mail. The address
# MUST be a *verified* destination in Cloudflare Email Routing or forwarding fails.
# FALLBACK_FORWARD_ADDRESS = "you@example.com"

# Optional: external proxy auth (Authelia/Authentik)
# Comma-separated IPs of trusted reverse proxies
# PROXY_TRUSTED_IPS = "10.0.0.1"

# ── Worker secrets (never put these in [vars]) ──────────────────────────────
# PROXY_AUTH_SECRET must be set as a Worker secret, NOT in [vars]:
#   wrangler secret put PROXY_AUTH_SECRET
# WARNING: never add it to [vars] — it would be committed to version control.
# WARNING: disable the workers.dev subdomain in production when using proxy auth.

# Development environment
[env.dev]
workers_dev = true

# Production environment
[env.production]
workers_dev = false

kv_namespaces = [
  { binding = "EMAIL_STORAGE", id = "REPLACE_WITH_YOUR_KV_NAMESPACE_ID" }
]

# Optional: R2 bucket for storing email attachment enclosures
# r2_buckets = [
#   { binding = "ATTACHMENT_BUCKET", bucket_name = "REPLACE_WITH_YOUR_BUCKET_NAME" }
# ]

routes = [
  { pattern = "REPLACE_WITH_YOUR_DOMAIN", custom_domain = true },
  { pattern = "www.REPLACE_WITH_YOUR_DOMAIN", custom_domain = true }
]

[env.production.vars]
DOMAIN = "REPLACE_WITH_YOUR_DOMAIN"

# Demo environment (auto-deployed from main via GitHub Actions)
# Accessible at https://demo.kill-the.news
# Emails received at *@kill-the.news are routed here via Cloudflare Email Routing
[env.demo]
name = "kill-the-news-demo"
workers_dev = false

kv_namespaces = [
  { binding = "EMAIL_STORAGE", id = "REPLACE_WITH_DEMO_KV_NAMESPACE_ID" }
]

# R2 bucket for storing email attachment enclosures (demo)
r2_buckets = [
  { binding = "ATTACHMENT_BUCKET", bucket_name = "ktn-attachment-bucket-demo" }
]

routes = [
  { pattern = "demo.kill-the.news", custom_domain = true }
]

[env.demo.vars]
DOMAIN = "demo.kill-the.news"
EMAIL_DOMAIN = "kill-the.news" # Optional: email domain when it differs from the web domain
FEED_TTL_HOURS = "24"          # Demo: all feeds expire after 24 hours (UI field is locked)