{{ ansible_managed | comment }} # Redis # ----- REDIS_URL=unix:///run/redis/redis.sock # PostgreSQL # ---------- DB_HOST=/var/run/postgresql DB_USER=postgres DB_NAME=postgres DB_PASS={{ mastodon_postgres_password }} DB_PORT=5432 # Elasticsearch # ------------------------ ES_ENABLED=true ES_HOST=backend-mastodon-elasticsearch ES_PORT=9200 # Federation # ---------- # This identifies your server and cannot be changed safely later # ---------- LOCAL_DOMAIN={{ mastodon_config.local_domain }} {% if mastodon_config.web_domain is defined %} # Use this only if you need to run mastodon on a different domain than the one used for federation. # You can read more about this option on https://github.com/tootsuite/documentation/blob/master/Running-Mastodon/Serving_a_different_domain.md # DO *NOT* USE THIS UNLESS YOU KNOW *EXACTLY* WHAT YOU ARE DOING. WEB_DOMAIN={{ mastodon_config.web_domain }} {% endif %} # Use this if you want to have several aliases handler@example1.com # handler@example2.com etc. for the same user. LOCAL_DOMAIN should not # be added. Comma separated values # ALTERNATE_DOMAINS=example1.com,example2.com # Secrets # ------- # Make sure to use `bundle exec rails secret` to generate secrets # ------- SECRET_KEY_BASE={{ mastodon_config.secret_key_base }} OTP_SECRET={{ mastodon_config.otp_secret }} # Encryption secrets # ------------------ # Must be available (and set to same values) for all server processes # These are private/secret values, do not share outside hosting environment # Use `bin/rails db:encryption:init` to generate fresh secrets # Do not change these secrets once in use, as this would cause data loss and other issues # ------------------ ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY={{ mastodon_config.ar_enc_deterministic_key }} ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT={{ mastodon_config.ar_enc_derivation_salt }} ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY={{ mastodon_config.ar_enc_primary_key }} # Web Push # -------- # Generate with `bundle exec rails mastodon:webpush:generate_vapid_key` # -------- VAPID_PRIVATE_KEY={{ mastodon_config.vapid_private_key }} VAPID_PUBLIC_KEY={{ mastodon_config.vapid_public_key }} # Registrations # ------------ {% if mastodon_config.single_user_mode is defined %} # Single user mode will disable registrations and redirect frontpage to the first profile SINGLE_USER_MODE={{ mastodon_config.single_user_mode | bool | lower }} {% endif %} # Prevent registrations with following e-mail domains # EMAIL_DOMAIN_BLACKLIST=example1.com|example2.de|etc # Only allow registrations with the following e-mail domains # EMAIL_DOMAIN_WHITELIST=example1.com|example2.de|etc # Optionally change default language # DEFAULT_LOCALE=de # Sending mail # ------------ SMTP_SERVER={{ mastodon_config.smtp_server }} SMTP_PORT={{ mastodon_config.smtp_port | default(587) }} SMTP_LOGIN={{ mastodon_config.smtp_login }} SMTP_PASSWORD={{ mastodon_config.smtp_password }} SMTP_FROM_ADDRESS={{ mastodon_config.smtp_from_address }} #SMTP_REPLY_TO= #SMTP_DOMAIN= # defaults to LOCAL_DOMAIN #SMTP_DELIVERY_METHOD=smtp # delivery method can also be sendmail #SMTP_AUTH_METHOD=plain #SMTP_CA_FILE=/etc/ssl/certs/ca-certificates.crt #SMTP_OPENSSL_VERIFY_MODE=peer #SMTP_ENABLE_STARTTLS_AUTO=true #SMTP_TLS=true # File storage (optional) # ----------------------- # S3 (Minio Config (optional) Please check Minio instance for details) # The attachment host must allow cross origin request from WEB_DOMAIN or # LOCAL_DOMAIN if WEB_DOMAIN is not set. For example, the server may have the # following header field: # ----------------------- # S3_ENABLED=true # S3_BUCKET= # AWS_ACCESS_KEY_ID= # AWS_SECRET_ACCESS_KEY= # S3_REGION= # S3_PROTOCOL=https # S3_HOSTNAME= # S3_ENDPOINT= # S3_SIGNATURE_VERSION=