forked from MbinOrg/mbin
-
Notifications
You must be signed in to change notification settings - Fork 0
/
.env.example_docker
183 lines (162 loc) · 6.42 KB
/
.env.example_docker
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
# In all environments, the following files are loaded if they exist,
# the latter taking precedence over the former:
#
# * .env contains default values for the environment variables needed by the app
# * .env.local uncommitted file with local overrides
# * .env.$APP_ENV committed environment-specific defaults
# * .env.$APP_ENV.local uncommitted environment-specific overrides
#
# Real environment variables win over .env files.
#
# DO NOT DEFINE PRODUCTION SECRETS IN THIS FILE NOR IN ANY OTHER COMMITTED FILES.
#
# Run "composer dump-env prod" to compile .env files for production use (requires symfony/flex >=1.2).
# https://symfony.com/doc/current/best_practices.html#use-environment-variables-for-infrastructure-configuration
# Mbin variables
SERVER_NAME="mbin.domain.tdl, www:80"
KBIN_DOMAIN=mbin.domain.tdl
KBIN_TITLE=Mbin
KBIN_DEFAULT_LANG=en
KBIN_FEDERATION_ENABLED=true
KBIN_JS_ENABLED=true
KBIN_REGISTRATIONS_ENABLED=true
KBIN_API_ITEMS_PER_PAGE=25
KBIN_STORAGE_URL=https://mbin.domain.tdl/media
KBIN_META_TITLE="Mbin"
KBIN_META_DESCRIPTION="content aggregator, content voting, discussion and micro-blogging platform on the fediverse"
KBIN_META_KEYWORDS="mbin, content aggregator, open source, fediverse"
KBIN_HEADER_LOGO=false
KBIN_FEDERATION_PAGE_ENABLED=true
MBIN_DEFAULT_THEME=default
# If you are running Mbin behind a reverse proxy, uncomment the line below and adjust the proxy address/range below
# to your server's IP address if it does not already fall within the private IP spaces specified.
TRUSTED_PROXIES=::1,127.0.0.1,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
#TRUSTED_PROXIES=
# Max image filesize (in bytes)
# This should be set to <= `upload_max_filesize` and `post_max_size` in the server's php.ini file
MAX_IMAGE_BYTES=6000000
# possible values:
# 'enabled' => default mode downvotes are enabled
# 'hidden' => downvotes are counted and users can downvote, but the number is hidden
# 'disabled' => downvotes are ignored and the downvote button is hidden. They also do not count in the sorting
MBIN_DOWNVOTES_MODE=enabled
# Captcha (also enable in admin panel/settings)
KBIN_CAPTCHA_ENABLED=false
###> meteo-concept/hcaptcha-bundle ###
HCAPTCHA_SITE_KEY=
HCAPTCHA_SECRET=
###< meteo-concept/hcaptcha-bundle ###
# Redis
REDIS_PASSWORD=!ChangeThisRedisPass!
REDIS_DNS=redis://${REDIS_PASSWORD}@redis:6379
# S3 storage (optional)
S3_KEY=
S3_SECRET=
S3_BUCKET=
S3_REGION=
S3_ENDPOINT=
S3_VERSION=
# Only let admins generate oauth clients
KBIN_ADMIN_ONLY_OAUTH_CLIENTS=false
# oAuth (optional)
OAUTH_AZURE_ID=
OAUTH_AZURE_SECRET=
# If you want people from an enterprise to connect your instance, set the tenant id here.
# If you want people from anywhere to connect with either their personnal or professionnal microsoft account, use "common"
OAUTH_AZURE_TENANT=
OAUTH_FACEBOOK_ID=
OAUTH_FACEBOOK_SECRET=
OAUTH_GOOGLE_ID=
OAUTH_GOOGLE_SECRET=
OAUTH_DISCORD_ID=
OAUTH_DISCORD_SECRET=
OAUTH_GITHUB_ID=
OAUTH_GITHUB_SECRET=
OAUTH_KEYCLOAK_ID=
OAUTH_KEYCLOAK_SECRET=
OAUTH_KEYCLOAK_URI=
OAUTH_KEYCLOAK_REALM=
OAUTH_KEYCLOAK_VERSION=
OAUTH_SIMPLELOGIN_ID=
OAUTH_SIMPLELOGIN_SECRET=
OAUTH_ZITADEL_ID=
OAUTH_ZITADEL_SECRET=
OAUTH_ZITADEL_BASE_URL=
OAUTH_AUTHENTIK_ID=
OAUTH_AUTHENTIK_SECRET=
OAUTH_AUTHENTIK_BASE_URL=
OAUTH_PRIVACYPORTAL_ID=
OAUTH_PRIVACYPORTAL_SECRET=
# If true, sign ins and sign ups will only be possible through the OAuth providers configured above
SSO_ONLY_MODE=
# image exif cleaning options
# available value: none, sanitize, scrub
# can be set differently for user uploaded and external media
EXIF_CLEAN_MODE_UPLOADED=sanitize
EXIF_CLEAN_MODE_EXTERNAL=none
# path to exiftool binary, leave blank for auto PATH search
EXIF_EXIFTOOL_PATH=
# max execution time for exiftool in seconds, defaults to 10 seconds
EXIF_EXIFTOOL_TIMEOUT=10
###> symfony/framework-bundle ###
APP_ENV=prod
APP_SECRET=!CHANGE_SECRET!
###< symfony/framework-bundle ###
###> doctrine/doctrine-bundle ###
# Format described at https://www.doctrine-project.org/projects/doctrine-dbal/en/latest/reference/configuration.html#connecting-using-a-url
POSTGRES_HOST=db:5432
POSTGRES_DB=kbin
POSTGRES_USER=kbin
POSTGRES_PASSWORD=!ChangeThisPostgresPass!
# IMPORTANT: You MUST configure your PostgreSQL server version!
POSTGRES_VERSION=13
DATABASE_URL="postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}/${POSTGRES_DB}?serverVersion=${POSTGRES_VERSION}&charset=utf8"
###< doctrine/doctrine-bundle ###
###> symfony/messenger ###
# Choose one of the transports below
RABBITMQ_PASSWORD=!ChangeThisRabbitPass!
MESSENGER_TRANSPORT_DSN=amqp://kbin:${RABBITMQ_PASSWORD}@rabbitmq:5672/%2f/messages
#MESSENGER_TRANSPORT_DSN=doctrine://default
#MESSENGER_TRANSPORT_DSN=redis://${REDIS_PASSWORD}@${REDIS_HOST}/messages
###< symfony/messenger ###
###> symfony/mailer ###
# See https://symfony.com/doc/current/mailer.html#using-built-in-transports
# MAILER_DSN=sendmail://default # Use sendmail when you are using Postfix
MAILER_DSN=smtp://mailserver # Use a SMTP Docker service called 'mailserver' (see compose.yml)
# Explicitly url encode any character in username and password
# %40 = @
# Gmail:
# MAILER_DSN=gmail+smtp://user%40domain.com:pass@default
# Our own SMTP server:
# MAILER_DSN=smtp://user%40domain.com:[email protected]:port
###< symfony/mailer ###
###> symfony/mailgun-mailer ###
# MAILER_DSN=mailgun://KEY:DOMAIN@default?region=us
# MAILER_DSN=mailgun+smtp://[email protected]:key@default?region=us
###< symfony/mailgun-mailer ###
###> symfony/mercure-bundle ###
# See https://symfony.com/doc/current/mercure.html#configuration
# The URL of the Mercure hub, used by the app to publish updates (can be a local URL)
# Assuming you are running Mercure Caddy on port 3000
MERCURE_URL=http://www:80/.well-known/mercure
# The public URL of the Mercure hub, used by the browser to connect
MERCURE_PUBLIC_URL=https://${KBIN_DOMAIN}/.well-known/mercure
# The secret used to sign the JWTs
MERCURE_JWT_SECRET="!ChangeThisMercureHubJWTSecretKey!"
###< symfony/mercure-bundle ###
###> nelmio/cors-bundle ###
CORS_ALLOW_ORIGIN="^https?://(${KBIN_DOMAIN}|127\.0\.0\.1)(:[0-9]+)?$"
###< nelmio/cors-bundle ###
###> symfony/lock ###
# Choose one of the stores below
# postgresql+advisory://db_user:db_password@localhost/db_name
LOCK_DSN=flock
###< symfony/lock ###
###> league/oauth2-server-bundle ###
OAUTH_PRIVATE_KEY=
OAUTH_PUBLIC_KEY=
OAUTH_PASSPHRASE=
OAUTH_ENCRYPTION_KEY=
###< league/oauth2-server-bundle ###