48 lines
1.9 KiB
Plaintext
48 lines
1.9 KiB
Plaintext
# Reference list of environment variables / placeholders that Komodo should set for the containers.
|
|
# Fill these in your Komodo service/environment configuration (do NOT store secrets in VCS).
|
|
|
|
# Basic site
|
|
LOCAL_DOMAIN=masto.pcenicni.social
|
|
LOCAL_HTTPS=true # true since Pangolin terminates TLS
|
|
RAILS_ENV=production
|
|
PORT=3000
|
|
STREAMING_PORT=4000
|
|
|
|
# Database (Postgres)
|
|
DB_HOST=db
|
|
DB_PORT=5432
|
|
DB_NAME=mastodon_production
|
|
DB_USER=mastodon
|
|
# DB password: must be set securely in Komodo
|
|
DB_PASSWORD=__REPLACE_DB_PASSWORD__ # used by postgres service
|
|
DB_PASS=${DB_PASSWORD} # passed into Mastodon containers
|
|
|
|
# Redis
|
|
REDIS_URL=redis://redis:6379
|
|
# If you use a Redis password, set REDIS_URL accordingly (e.g. redis://:password@redis:6379)
|
|
|
|
# Mastodon secrets (generate securely)
|
|
SECRET_KEY_BASE=__REPLACE_SECRET_KEY_BASE__
|
|
OTP_SECRET=__REPLACE_OTP_SECRET__
|
|
VAPID_PUBLIC_KEY=__REPLACE_VAPID_PUBLIC_KEY__
|
|
VAPID_PRIVATE_KEY=__REPLACE_VAPID_PRIVATE_KEY__
|
|
|
|
# ActiveRecord encryption keys (required for Rails/Mastodon encrypted attributes)
|
|
# Generate strong random values (examples below generate hex strings).
|
|
# Komodo must set these three variables. Do NOT reuse or change them after data is written without a proper key-rotation plan.
|
|
ACTIVERECORD_ENCRYPTION_PRIMARY_KEY=__REPLACE_WITH_PRIMARY_KEY__ # 32 bytes (hex recommended)
|
|
ACTIVERECORD_ENCRYPTION_DETERMINISTIC_KEY=__REPLACE_WITH_DETERMINISTIC_KEY__ # 32 bytes (hex recommended)
|
|
ACTIVERECORD_ENCRYPTION_KEY_DERIVATION_SALT=__REPLACE_WITH_KEY_DERIVATION_SALT__ # 16 bytes (hex recommended)
|
|
|
|
# Mail / SMTP (placeholders; template uses Gmail STARTTLS)
|
|
SMTP_SERVER=smtp.gmail.com
|
|
SMTP_PORT=587
|
|
SMTP_LOGIN=notifications@example.com
|
|
SMTP_PASSWORD=__REPLACE_SMTP_PASSWORD__
|
|
SMTP_FROM_ADDRESS=notifications@example.com
|
|
SMTP_AUTH_METHOD=plain
|
|
SMTP_OPENSSL_VERIFY_MODE=require
|
|
|
|
# Misc
|
|
STREAMING_ENABLED=true
|
|
RAILS_SERVE_STATIC_FILES=true |