91 lines
2.6 KiB
Markdown
91 lines
2.6 KiB
Markdown
# Configuring Capsul-Flask
|
||
|
||
Create a `.env` file to set up the application configuration:
|
||
|
||
```
|
||
cp .env.sample .env
|
||
nano .env
|
||
```
|
||
|
||
You can enter any environment variables referenced in [`__init__.py`](../capsulflask/__init__.py) to this file.
|
||
|
||
For example you may enter your SMTP credentials like this:
|
||
```
|
||
MAIL_USERNAME=forest@nullhex.com
|
||
MAIL_DEFAULT_SENDER=forest@nullhex.com
|
||
MAIL_PASSWORD=**************
|
||
```
|
||
|
||
## <a name="example"></a>Example configuration from capsul.org (production):
|
||
|
||
```
|
||
#LOG_LEVEL=DEBUG
|
||
|
||
BASE_URL="https://capsul.org"
|
||
|
||
# hub url is used by the SPOKE_MODE to contact the hub. Since this server is the hub,
|
||
# this is fine. In fact it runs into problems (routing related?) when I set it to capsul.org.
|
||
# similarly the baikal "spoke" (set up in the hosts table in the db) has "http://localhost:5000" as the https_url
|
||
HUB_URL="http://localhost:5000"
|
||
|
||
HUB_MODE_ENABLED="t"
|
||
SPOKE_MODE_ENABLED="t"
|
||
HUB_MODEL="capsul-flask"
|
||
SPOKE_MODEL="shell-scripts"
|
||
SPOKE_HOST_ID="baikal"
|
||
SPOKE_HOST_TOKEN="<redacted>"
|
||
HUB_TOKEN="<redacted>"
|
||
|
||
# smtp.. see https://flask-mail.readthedocs.io/en/latest/#configuring-flask-mail
|
||
MAIL_SERVER="smtp.nullhex.com"
|
||
|
||
# MAIL_USE_SSL means SMTP with STARTTLS
|
||
MAIL_USE_SSL=true
|
||
|
||
# MAIL_USE_TLS means SMTP wrapped in TLS
|
||
MAIL_USE_TLS=false
|
||
|
||
MAIL_PORT="465"
|
||
MAIL_USERNAME="capsul@nullhex.com"
|
||
MAIL_PASSWORD="<redacted>"
|
||
MAIL_DEFAULT_SENDER="capsul@nullhex.com"
|
||
|
||
# stripe
|
||
STRIPE_SECRET_KEY="sk_live_<redacted>"
|
||
STRIPE_PUBLISHABLE_KEY="pk_live_tGDHY7kBwqC71b4F0N7LZdGl00GZOw0iNJ"
|
||
|
||
# internal
|
||
SECRET_KEY="<redacted>"
|
||
POSTGRES_CONNECTION_PARAMETERS="sslmode=verify-full sslrootcert=letsencrypt-root-ca.crt host=postgres.cyberia.club port=5432 ...<redacted>"
|
||
|
||
|
||
# btcpay server
|
||
BTCPAY_URL="https://beeteeceepae2.cyberia.club"
|
||
BTCPAY_PRIVATE_KEY='-----BEGIN EC PRIVATE KEY-----\n<redacted>\n-----END EC PRIVATE KEY-----'
|
||
```
|
||
|
||
## <a name="config_that_lives_in_db"></a>Configuration-type-stuff that lives in the database
|
||
|
||
- `hosts` table:
|
||
- `id` (corresponds to `SPOKE_HOST_ID` in the config)
|
||
- `https_url`
|
||
- `token` (corresponds to `SPOKE_HOST_TOKEN` in the config)
|
||
- `os_images` table:
|
||
- `id`
|
||
- `template_image_file_name`
|
||
- `description`
|
||
- `deprecated`
|
||
- `vm_sizes` table:
|
||
- `id`
|
||
- `dollars_per_month`
|
||
- `memory_mb`
|
||
- `vcpus`
|
||
- `bandwidth_gb_per_month`
|
||
|
||
## <a name="docker_secrets"></a>Loading variables from files (docker secrets)
|
||
|
||
To support [Docker Secrets](https://docs.docker.com/engine/swarm/secrets/), you can also load secret values from files – for example, to load `MAIL_PASSWORD` from `/run/secrets/mail_password`, set
|
||
```sh
|
||
MAIL_PASSWORD_FILE=/run/secrets/mail_password
|
||
```
|