190 lines
6 KiB
Django/Jinja
190 lines
6 KiB
Django/Jinja
# Service dependencies
|
|
# You may set REDIS_URL instead for more advanced options
|
|
# You may also set REDIS_NAMESPACE to share Redis between multiple Mastodon servers
|
|
REDIS_HOST={{ redis_host }}
|
|
REDIS_PORT={{ redis_port }}
|
|
# You may set DATABASE_URL instead for more advanced options
|
|
DB_HOST={{ db_host }}
|
|
DB_USER={{ db_user }}
|
|
DB_NAME={{ db_name }}
|
|
DB_PASS={{ db_pass }}
|
|
DB_PORT={{ db_port }}
|
|
|
|
# Federation
|
|
# Note: Changing LOCAL_DOMAIN or LOCAL_HTTPS at a later time will cause unwanted side effects.
|
|
# LOCAL_DOMAIN should *NOT* contain the protocol part of the domain e.g https://example.com.
|
|
LOCAL_DOMAIN={{ local_domain }}
|
|
LOCAL_HTTPS={{ local_https }}
|
|
|
|
{% if web_domain %}
|
|
WEB_DOMAIN={{ web_domain }}
|
|
{% endif %}
|
|
|
|
{% if alternate_domains %}
|
|
ALTERNATE_DOMAINS={{ alternate_domains }}
|
|
{% endif %}
|
|
|
|
# Application secrets
|
|
# Generate each with the `RAILS_ENV=production bundle exec rake secret` task (`docker-compose run --rm web rake secret` if you use docker compose)
|
|
PAPERCLIP_SECRET={{ paperclip_secret }}
|
|
SECRET_KEY_BASE={{ secret_key_base }}
|
|
OTP_SECRET={{ otp_secret }}
|
|
|
|
# VAPID keys (used for push notifications
|
|
# You can generate the keys using the following command (first is the private key, second is the public one)
|
|
# You should only generate this once per instance. If you later decide to change it, all push subscription will
|
|
# be invalidated, requiring the users to access the website again to resubscribe.
|
|
#
|
|
# Generate with `RAILS_ENV=production bundle exec rake mastodon:webpush:generate_vapid_key` task (`docker-compose run --rm web rake mastodon:webpush:generate_vapid_key` if you use docker compose)
|
|
#
|
|
# For more information visit https://rossta.net/blog/using-the-web-push-api-with-vapid.html
|
|
VAPID_PRIVATE_KEY={{ vapid_private_key }}
|
|
VAPID_PUBLIC_KEY=({ vapid_public_key })
|
|
|
|
{% if single_user_mode %}
|
|
# Registrations
|
|
# Single user mode will disable registrations and redirect frontpage to the first profile
|
|
SINGLE_USER_MODE=true
|
|
{% endif %}
|
|
{% if email_domain_blacklist %}
|
|
# Prevent registrations with following e-mail domains
|
|
EMAIL_DOMAIN_BLACKLIST={{ email_domain_blacklist }}
|
|
{% endif %}
|
|
{% if email_domain_whitelist %}
|
|
# Only allow registrations with the following e-mail domains
|
|
EMAIL_DOMAIN_WHITELIST={{ email_domain_whitelist }}
|
|
{% endif %}
|
|
|
|
# Optionally change default language
|
|
DEFAULT_LOCALE={{ default_locale }}
|
|
|
|
# E-mail configuration
|
|
# Note: Mailgun and SparkPost (https://sparkpo.st/smtp) each have good free tiers
|
|
# If you want to use an SMTP server without authentication (e.g local Postfix relay)
|
|
# then set SMTP_AUTH_METHOD and SMTP_OPENSSL_VERIFY_MODE to 'none' and
|
|
# *comment* SMTP_LOGIN and SMTP_PASSWORD (leaving them blank is not enough).
|
|
SMTP_SERVER={{ smtp_server }}
|
|
SMTP_PORT={{ smtp_port }}
|
|
SMTP_LOGIN={{ smtp_login }}
|
|
SMTP_PASSWORD={{ smtp_password }}
|
|
SMTP_FROM_ADDRESS={{ smtp_from_address }}
|
|
|
|
{% if smtp_domain %}
|
|
SMTP_DOMAIN={{ smtp_domain }}
|
|
{% endif %}
|
|
{% if smtp_delivery_method %}
|
|
SMTP_DELIVERY_METHOD={{ smtp_delivery_method }}
|
|
{% endif %}
|
|
{% if smtp_auth_method %}
|
|
SMTP_AUTH_METHOD={{ smtp_auth_method }}
|
|
{% endif %}
|
|
{% if smtp_ca_file is defined %}
|
|
SMTP_CA_FILE={{ smtp_ca_file }}
|
|
{% endif %}
|
|
{% if smtp_openssl_verify_mode %}
|
|
SMTP_OPENSSL_VERIFY_MODE={{ smtp_openssl_verify_mode }}
|
|
{% endif %}
|
|
{% if smtp_enable_starttls_auto %}
|
|
SMTP_ENABLE_STARTTLS_AUTO={{ smtp_enable_starttls_auto }}
|
|
{% endif %}
|
|
{% if smtp_tls %}
|
|
SMTP_TLS={{ smtp_tls }}
|
|
{% endif %}
|
|
|
|
{% if paperclip_root_path %}
|
|
# Optional user upload path and URL (images, avatars). Default is :rails_root/public/system. If you set this variable, you are responsible for making your HTTP server (eg. nginx) serve these files.
|
|
PAPERCLIP_ROOT_PATH={{ paperclip_root_path }}
|
|
{% endif %}
|
|
{% if paperclip_root_url %}
|
|
PAPERCLIP_ROOT_URL={{ paperclip_root_url }}
|
|
{% endif %}
|
|
|
|
{% if cdn_host %}
|
|
# Optional asset host for multi-server setups
|
|
CDN_HOST={{ cdn_host }}
|
|
{% endif %}
|
|
|
|
{% if s3_enabled %}
|
|
S3_ENABLED={{ s3_enabled }}
|
|
{% endif %}
|
|
{% if s3_bucket %}
|
|
S3_BUCKET={{ s3_bucket }}
|
|
{% endif %}
|
|
{% if aws_access_key_id %}
|
|
AWS_ACCESS_KEY_ID={{ aws_access_key_id }}
|
|
{% endif %}
|
|
{% if aws_secret_access_key %}
|
|
AWS_SECRET_ACCESS_KEY={{ aws_secret_access_key }}
|
|
{% endif %}
|
|
{% if s3_region %}
|
|
S3_REGION={{ s3_region }}
|
|
{% endif %}
|
|
{% if s3_protocol %}
|
|
S3_PROTOCOL={{ s3_protocol }}
|
|
{% endif %}
|
|
{% if s3_hostname %}
|
|
S3_HOSTNAME={{ s3_hostname }}
|
|
{% endif %}
|
|
{% if s3_endpoint %}
|
|
S3_ENDPOINT={{ s3_endpoint }}
|
|
{% endif %}
|
|
{% if s3_signature_version %}
|
|
S3_SIGNATURE_VERSION={{ s3_signature_version }}
|
|
{% endif %}
|
|
|
|
{% if swift_enabled %}
|
|
SWIFT_ENABLED={{ swift_enabled }}
|
|
{% endif %}
|
|
{% if swift_username %}
|
|
SWIFT_USERNAME={{ swift_username }}
|
|
{% endif %}
|
|
{% if swift_tenant %}
|
|
# For Keystone V3, the value for SWIFT_TENANT should be the project name
|
|
SWIFT_TENANT=
|
|
{% endif %}
|
|
{% if swift_password %}
|
|
SWIFT_PASSWORD={{ swift_password }}
|
|
{% endif %}
|
|
{% if swift_auth_url %}
|
|
# Keystone V2 and V3 URLs are supported. Use a V3 URL if possible to avoid
|
|
# issues with token rate-limiting during high load.
|
|
SWIFT_AUTH_URL={{ swift_auth_url }}
|
|
{% endif %}
|
|
{% if swift_container %}
|
|
SWIFT_CONTAINER={{ swift_container }}
|
|
{% endif %}
|
|
{% if swift_object_url %}
|
|
SWIFT_OBJECT_URL={{ swift_object_url }}
|
|
{% endif %}
|
|
{% if swift_region %}
|
|
SWIFT_REGION={{ swift_region }}
|
|
{% endif %}
|
|
{% if swift_domain_name %}
|
|
# Defaults to 'default'
|
|
# SWIFT_DOMAIN_NAME={{ swift_domain_name }}
|
|
{% endif %}
|
|
{% if swift_cache_ttl %}
|
|
# Defaults to 60 seconds. Set to 0 to disable
|
|
# SWIFT_CACHE_TTL={{ swift_cache_ttl }}
|
|
{% endif %}
|
|
|
|
{% if s3_cloudfront_host %}
|
|
# Optional alias for S3 if you want to use Cloudfront or Cloudflare in front
|
|
S3_CLOUDFRONT_HOST={{ s3_cloudfront_host }}
|
|
{% endif %}
|
|
{% if streaming_api_base_url %}
|
|
# Streaming API integration
|
|
# STREAMING_API_BASE_URL={{ streaming_api_base_url }}
|
|
{% endif %}
|
|
|
|
{% if prepared_statements %}
|
|
# Advanced settings
|
|
# If you need to use pgBouncer, you need to disable prepared statements:
|
|
# PREPARED_STATEMENTS={{ prepared_statements }}
|
|
{% endif %}
|
|
|
|
{% if streaming_cluster_num %}
|
|
# Cluster number setting for streaming API server.
|
|
# If you comment out following line, cluster number will be `numOfCpuCores - 1`.
|
|
STREAMING_CLUSTER_NUM=1
|
|
{% endif %}
|