ansible-role-docker_mastodon/templates/.env.production

96 lines
3.2 KiB
Text
Raw Normal View History

2022-05-29 12:20:38 +02:00
# {{ ansible_managed }}
# Federation
# ----------
# This identifies your server and cannot be changed safely later
# ----------
LOCAL_DOMAIN={{ docker_mastodon_local_domain }}
WEB_DOMAIN={{ docker_mastodon_fqdn }}
# Redis
# -----
REDIS_HOST=redis
REDIS_PORT=6379
# PostgreSQL
# ----------
DB_HOST=db
DB_USER={{ docker_mastodon_db_user }}
DB_NAME={{ docker_mastodon_db_name }}
DB_PASS={{ docker_mastodon_db_password }}
DB_PORT=5432
# Elasticsearch (optional)
# ------------------------
ES_ENABLED=false
ES_HOST=localhost
ES_PORT=9200
# Authentication for ES (optional)
ES_USER=elastic
ES_PASS=password
# Secrets
# -------
2024-10-22 10:55:56 +02:00
# Make sure to use `bundle exec rake secret` to generate secrets
2022-05-29 12:20:38 +02:00
# -------
SECRET_KEY_BASE={{ docker_mastodon_secret_key_base }}
OTP_SECRET={{ docker_mastodon_otp_secret }}
2024-10-22 10:55:56 +02:00
# Encryption secrets
# ------------------
# Must be available (and set to same values) for all server processes
# These are private/secret values, do not share outside hosting environment
# Use `bin/rails db:encryption:init` to generate fresh secrets
# Do not change these secrets once in use, as this would cause data loss and other issues
# ------------------
ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY={{ docker_mastodon_active_record_encryption_deterministic_key }}
ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT={{ docker_mastodon_active_record_encryption_key_derivation_salt }}
ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY={{ docker_mastodon_active_record_encryption_primary_key }}
2022-05-29 12:20:38 +02:00
# Web Push
# --------
2024-10-22 10:55:56 +02:00
# Generate with `bundle exec rake mastodon:webpush:generate_vapid_key`
2022-05-29 12:20:38 +02:00
# --------
VAPID_PRIVATE_KEY={{ docker_mastodon_vapid_private_key }}
VAPID_PUBLIC_KEY={{ docker_mastodon_vapid_public_key }}
# Sending mail
# ------------
SMTP_SERVER={{ docker_mastodon_mail_smtp_server }}
SMTP_PORT={{ docker_mastodon_mail_smtp_port }}
SMTP_LOGIN={{ docker_mastodon_mail_smtp_login }}
SMTP_PASSWORD={{ docker_mastodon_mail_smtp_password }}
SMTP_FROM_ADDRESS={{ docker_mastodon_mail_from }}
# File storage (optional)
# -----------------------
S3_ENABLED=false
S3_BUCKET=files.example.com
AWS_ACCESS_KEY_ID=
AWS_SECRET_ACCESS_KEY=
S3_ALIAS_HOST=files.example.com
2024-10-22 10:55:56 +02:00
# IP and session retention
# -----------------------
# Make sure to modify the scheduling of ip_cleanup_scheduler in config/sidekiq.yml
# to be less than daily if you lower IP_RETENTION_PERIOD below two days (172800).
# -----------------------
IP_RETENTION_PERIOD=31556952
SESSION_RETENTION_PERIOD=31556952
2022-05-29 12:20:38 +02:00
{% if docker_mastodon_oidc_enabled is true %}
# OpenID Connect configuration
# --------------------------
2022-05-30 19:02:22 +02:00
OIDC_ENABLED={{ docker_mastodon_oidc_enabled|string|lower }}
2022-05-29 12:20:38 +02:00
OIDC_DISPLAY_NAME={{ docker_mastodon_oidc_display_name }}
OIDC_ISSUER={{ docker_mastodon_oidc_issuer }}
2022-05-30 19:02:22 +02:00
OIDC_DISCOVERY={{ docker_mastodon_oidc_discovery|string|lower }}
2022-05-29 12:20:38 +02:00
OIDC_SCOPE="{{ docker_mastodon_oidc_scopes }}"
OIDC_UID_FIELD={{ docker_mastodon_oidc_uid_field }}
OIDC_CLIENT_ID={{ docker_mastodon_oidc_client_id }}
OIDC_CLIENT_SECRET={{ docker_mastodon_oidc_client_secret }}
OIDC_REDIRECT_URI={{ docker_mastodon_oidc_redirect_uri }}
2022-05-30 19:02:22 +02:00
OIDC_SECURITY_ASSUME_EMAIL_IS_VERIFIED={{ docker_mastodon_oidc_security_assume_email_is_verified|string|lower }}
2022-09-18 13:19:05 +02:00
{% endif %}
OMNIAUTH_ONLY={{ docker_mastodon_omniauth_only|string|lower }}