infrastructure/roles/mastodon/templates/mastodon.env.j2

114 lines
3.7 KiB
Text
Raw Normal View History

{{ ansible_managed | comment }}
# Redis
# -----
REDIS_URL=unix:///run/redis/redis.sock
# PostgreSQL
# ----------
DB_HOST=/var/run/postgresql
DB_USER=postgres
DB_NAME=postgres
DB_PASS={{ mastodon_postgres_password }}
DB_PORT=5432
# Elasticsearch
# ------------------------
ES_ENABLED=true
ES_HOST=backend-mastodon-elasticsearch
ES_PORT=9200
# Federation
# ----------
# This identifies your server and cannot be changed safely later
# ----------
LOCAL_DOMAIN={{ mastodon_config.local_domain }}
{% if mastodon_config.web_domain is defined %}
# Use this only if you need to run mastodon on a different domain than the one used for federation.
# You can read more about this option on https://github.com/tootsuite/documentation/blob/master/Running-Mastodon/Serving_a_different_domain.md
# DO *NOT* USE THIS UNLESS YOU KNOW *EXACTLY* WHAT YOU ARE DOING.
WEB_DOMAIN={{ mastodon_config.web_domain }}
{% endif %}
# Use this if you want to have several aliases handler@example1.com
# handler@example2.com etc. for the same user. LOCAL_DOMAIN should not
# be added. Comma separated values
# ALTERNATE_DOMAINS=example1.com,example2.com
# Secrets
# -------
# Make sure to use `bundle exec rails secret` to generate secrets
# -------
SECRET_KEY_BASE={{ mastodon_config.secret_key_base }}
OTP_SECRET={{ mastodon_config.otp_secret }}
# Encryption secrets
# ------------------
# Must be available (and set to same values) for all server processes
# These are private/secret values, do not share outside hosting environment
# Use `bin/rails db:encryption:init` to generate fresh secrets
# Do not change these secrets once in use, as this would cause data loss and other issues
# ------------------
ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY={{ mastodon_config.ar_enc_deterministic_key }}
ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT={{ mastodon_config.ar_enc_derivation_salt }}
ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY={{ mastodon_config.ar_enc_primary_key }}
# Web Push
# --------
# Generate with `bundle exec rails mastodon:webpush:generate_vapid_key`
# --------
VAPID_PRIVATE_KEY={{ mastodon_config.vapid_private_key }}
VAPID_PUBLIC_KEY={{ mastodon_config.vapid_public_key }}
# Registrations
# ------------
{% if mastodon_config.single_user_mode is defined %}
# Single user mode will disable registrations and redirect frontpage to the first profile
SINGLE_USER_MODE={{ mastodon_config.single_user_mode | bool | lower }}
{% endif %}
# Prevent registrations with following e-mail domains
# EMAIL_DOMAIN_BLACKLIST=example1.com|example2.de|etc
# Only allow registrations with the following e-mail domains
# EMAIL_DOMAIN_WHITELIST=example1.com|example2.de|etc
# Optionally change default language
# DEFAULT_LOCALE=de
# Sending mail
# ------------
SMTP_SERVER={{ mastodon_config.smtp_server }}
SMTP_PORT={{ mastodon_config.smtp_port | default(587) }}
SMTP_LOGIN={{ mastodon_config.smtp_login }}
SMTP_PASSWORD={{ mastodon_config.smtp_password }}
SMTP_FROM_ADDRESS={{ mastodon_config.smtp_from_address }}
#SMTP_REPLY_TO=
#SMTP_DOMAIN= # defaults to LOCAL_DOMAIN
#SMTP_DELIVERY_METHOD=smtp # delivery method can also be sendmail
#SMTP_AUTH_METHOD=plain
#SMTP_CA_FILE=/etc/ssl/certs/ca-certificates.crt
#SMTP_OPENSSL_VERIFY_MODE=peer
#SMTP_ENABLE_STARTTLS_AUTO=true
#SMTP_TLS=true
# File storage (optional)
# -----------------------
# S3 (Minio Config (optional) Please check Minio instance for details)
# The attachment host must allow cross origin request from WEB_DOMAIN or
# LOCAL_DOMAIN if WEB_DOMAIN is not set. For example, the server may have the
# following header field:
# -----------------------
# S3_ENABLED=true
# S3_BUCKET=
# AWS_ACCESS_KEY_ID=
# AWS_SECRET_ACCESS_KEY=
# S3_REGION=
# S3_PROTOCOL=https
# S3_HOSTNAME=
# S3_ENDPOINT=
# S3_SIGNATURE_VERSION=