# {{ ansible_managed }}

# Federation
# ----------
# This identifies your server and cannot be changed safely later
# ----------
LOCAL_DOMAIN={{ docker_mastodon_local_domain }}
WEB_DOMAIN={{ docker_mastodon_fqdn }}

# Redis
# -----
REDIS_HOST=redis
REDIS_PORT=6379

# PostgreSQL
# ----------
DB_HOST=db
DB_USER={{ docker_mastodon_db_user }}
DB_NAME={{ docker_mastodon_db_name }}
DB_PASS={{ docker_mastodon_db_password }}
DB_PORT=5432

# Elasticsearch (optional)
# ------------------------
ES_ENABLED=false
ES_HOST=localhost
ES_PORT=9200
# Authentication for ES (optional)
ES_USER=elastic
ES_PASS=password

# Secrets
# -------
# Make sure to use `rake secret` to generate secrets
# -------
SECRET_KEY_BASE={{ docker_mastodon_secret_key_base }}
OTP_SECRET={{ docker_mastodon_otp_secret }}

# Web Push
# --------
# Generate with `rake mastodon:webpush:generate_vapid_key`
# --------
VAPID_PRIVATE_KEY={{ docker_mastodon_vapid_private_key }}
VAPID_PUBLIC_KEY={{ docker_mastodon_vapid_public_key }}

# Sending mail
# ------------
SMTP_SERVER={{ docker_mastodon_mail_smtp_server }}
SMTP_PORT={{ docker_mastodon_mail_smtp_port }}
SMTP_LOGIN={{ docker_mastodon_mail_smtp_login }}
SMTP_PASSWORD={{ docker_mastodon_mail_smtp_password }}
SMTP_FROM_ADDRESS={{ docker_mastodon_mail_from }}

# File storage (optional)
# -----------------------
S3_ENABLED=false
S3_BUCKET=files.example.com
AWS_ACCESS_KEY_ID=
AWS_SECRET_ACCESS_KEY=
S3_ALIAS_HOST=files.example.com


{% if docker_mastodon_oidc_enabled is true %}
# OpenID Connect configuration
# --------------------------
OIDC_ENABLED={{ docker_mastodon_oidc_enabled|string|lower }}
OIDC_DISPLAY_NAME={{ docker_mastodon_oidc_display_name }}
OIDC_ISSUER={{ docker_mastodon_oidc_issuer }}
OIDC_DISCOVERY={{ docker_mastodon_oidc_discovery|string|lower }}
OIDC_SCOPE="{{ docker_mastodon_oidc_scopes }}"
OIDC_UID_FIELD={{ docker_mastodon_oidc_uid_field }}
OIDC_CLIENT_ID={{ docker_mastodon_oidc_client_id }}
OIDC_CLIENT_SECRET={{ docker_mastodon_oidc_client_secret }}
OIDC_REDIRECT_URI={{ docker_mastodon_oidc_redirect_uri }}
OIDC_SECURITY_ASSUME_EMAIL_IS_VERIFIED={{ docker_mastodon_oidc_security_assume_email_is_verified|string|lower }}
{% endif %}
OMNIAUTH_ONLY={{ docker_mastodon_omniauth_only|string|lower }}