Consolidate versions for easier extension (#495)

deployment/docker_compose/env.prod.template

@@ -1,10 +1,10 @@
 # Fill in the values and copy the contents of this file to .env in the deployment directory.
 # Some valid default values are provided where applicable, delete the variables which you don't set values for.
-# Only applicable when using the docker-compose.prod.yml compose file.
+# This is only necessary when using the docker-compose.prod.yml compose file.
 
 
-# Insert your OpenAI API key here, currently the only Generative AI endpoint for QA that we support is OpenAI
-# If not provided here, UI will prompt on setup
+# Insert your OpenAI API key here If not provided here, UI will prompt on setup.
+# This env variable takes precedence over UI settings.
 GEN_AI_API_KEY=
 # Choose between "openai-chat-completion" and "openai-completion"
 INTERNAL_MODEL_VERSION=openai-chat-completion
@@ -17,21 +17,12 @@ API_TYPE_OPENAI=
 API_VERSION_OPENAI=
 AZURE_DEPLOYMENT_ID=
 
-# Could be something like danswer.companyname.com. Requires additional setup if not localhost
+# Could be something like danswer.companyname.com
 WEB_DOMAIN=http://localhost:3000
 
-# If you want to make the postgres / typesense instances a little more secure, modify the below
-# Note that the postgres / typesense / qdrant containers do not expose any ports to the outside world,
-# so they are already unaccessible unless someone has ssh access to the machine that Danswer is running on
+# Default values here are what Postgres uses by default, feel free to change.
 POSTGRES_USER=postgres
 POSTGRES_PASSWORD=password
-TYPESENSE_API_KEY=typesense_api_key
-
-# Currently frontend page doesn't have basic auth, use OAuth if user auth is enabled.
-ENABLE_OAUTH=True
-# The two settings below are only required if ENABLE_OAUTH is true
-GOOGLE_OAUTH_CLIENT_ID=
-GOOGLE_OAUTH_CLIENT_SECRET=
 
 # If you want to setup a slack bot to answer questions automatically in Slack 
 # channels it is added to, you must specify the below. 
@@ -45,15 +36,25 @@ SECRET=
 # How long before user needs to reauthenticate, default to 1 day. (cookie expiration time)
 SESSION_EXPIRE_TIME_SECONDS=86400
 
-# used to specify a list of allowed user domains
+# The following are for configuring User Authentication, supported flows are:
+# disabled
+# simple (email/password + user account creation in Danswer)
+# google_oauth (login with google/gmail account)
+# oidc (only in Danswer enterprise edition)
+# saml (only in Danswer enterprise edition)
+AUTH_TYPE=
+
+# Set the two below to use with Google OAuth
+GOOGLE_OAUTH_CLIENT_ID=
+GOOGLE_OAUTH_CLIENT_SECRET=
+
+# OpenID Connect (OIDC)
+OPENID_CONFIG_URL=
+
+# SAML config directory for OneLogin compatible setups
+SAML_CONF_DIR=
+
+# used to specify a list of allowed user domains, only checked if user Auth is turned on
 # e.g. `VALID_EMAIL_DOMAINS=example.com,example.org` will only allow users
 # with an @example.com or an @example.org email
 VALID_EMAIL_DOMAINS=
-
-# Only relevant if using basic auth (not supported on frontend yet)
-REQUIRE_EMAIL_VERIFICATION=True
-# The four settings below are only required if REQUIRE_EMAIL_VERIFICATION is True
-SMTP_SERVER=
-SMTP_PORT=
-SMTP_USER=
-SMTP_PASS=