TYPE=hometown DOMAIN=mastodon.swarm-test.autonomic.zone # Enables WEB_DOMAIN if set (FOR FUTURE USE) # USER_DOMAIN= ## Domain aliases # EXTRA_DOMAINS=', `www.mastodon.example.com`' LETS_ENCRYPT_ENV=production # Please look at https://docs.joinmastodon.org/admin/config/ for the full documentation. # This example will exclude explanations to make the file simple. # Variables you *need* to change will me marked as such. # Most optional features are commented out/disabled and will need to be enabled by you after checking the documentation. # Federation # ---------- # DO NOT CHANGE DOMAIN VARIABLES AFTER DEPLOYMENT! WILL BREAK FEDERATION!! # if [ -z "$USER_DOMAIN" ] # then # LOCAL_DOMAIN=$DOMAIN # else # LOCAL_DOMAIN=$USER_DOMAIN # WEB_DOMAIN=$DOMAIN # fi LOCAL_DOMAIN=$DOMAIN # WEB_DOMAIN=$DOMAIN # ALTERNATE_DOMAINS=$EXTRA_DOMAINS AUTHORIZED_FETCH=false LIMITED_FEDERATION_MODE=false # Deployment # ---------- RAILS_ENV=production RAILS_SERVE_STATIC_FILES=true # might need this for traefik, need to test # TRUSTED_PROXY_IP= # External Services # ================= # PostgreSQL # ---------- DB_HOST=db DB_USER=mastodon DB_NAME=mastodon_production DB_PORT=5432 # Redis # ----- REDIS_HOST=redis REDIS_PORT=6379 # REDIS_URL= # REDIS_NAMESPACE= # CACHE_REDIS_HOST= # CACHE_REDIS_PORT= # CACHE_REDIS_URL= # CACHE_REDIS_NAMESPACE= # ElasticSearch # -------------------------------------- ES_ENABLED=true ES_HOST=es ES_PORT=9200 # StatsD (CURRENTLY NOT SUPPORTED) # ------------------------------- # STATSD_ADDR # STATSD_NAMESPACE # Secrets # ======= SECRET_KEY_BASE_VERSION=v1 SECRET_OTP_SECRET_VERSION=v1 SECRET_VAPID_PRIVATE_KEY_VERSION=v1 SECRET_DB_PASSWORD_VERSION=v1 SECRET_SMTP_PASSWORD_VERSION=v1 # Web Push # ======== # VAPID_PUBLIC_KEY= # Limits # ====== SINGLE_USER_MODE=false # EMAIL_DOMAIN_ALLOWLIST= # EMAIL_DOMAIN_DENYLIST= DEFAULT_LOCALE=en # MAX_SESSION_ACTIVATIONS= # USER_ACTIVE_DAYS= # Sending mail # ============ # SMTP_SERVER= # SMTP_PORT= # SMTP_LOGIN= # SMTP_FROM_ADDRESS= # SMTP_DOMAIN= # SMTP_DELIVERY_METHOD= # SMTP_AUTH_METHOD= # SMTP_CA_FILE= # SMTP_OPENSSL_VERIFY_MODEv # SMTP_ENABLE_STARTTLS_AUTO= # SMTP_TLS= # SMTP_SSL= # File storage (optional) # ======================= # CDN_HOST= # Papercllp (CURRENTLY NOT SUPPORTED) # ---------------------------------- # PAPERCLIP_ROOT_PATH= # PAPERCLIP_ROOT_URL= # S3 and AWS # ---------- # S3_ENABLED= # S3_BUCKET= # AWS_ACCESS_KEY_ID= # AWS_SECRET_ACCESS_KEY= # S3_REGION= # S3_PROTOCOL= # S3_HOSTNAME= # S3_ENDPOINT= # S3_SIGNATURE_VERSION= # S3_OVERRIDE_PATH_STYLE= # S3_OPEN_TIMEOUT= # S3_READ_TIMEOUT= # External Authentication # ======================= # OAUTH_REDIRECT_AT_SIGN_IN= # LDAP # ---- # LDAP_ENABLED= # LDAP_HOST= # LDAP_PORT= # LDAP_METHOD= # LDAP_BASE= # LDAP_BIND_DN= # LDAP_PASSWORDv # LDAP_UID= # LDAP_SEARCH_FILTER= # LDAP_MAIL= # LDAP_UID_CONVERSTION_ENABLED= # SAML # ---- # SAML_ENABLED= # SAML_ACS_URL= # SAML_ISSUER= # SAML_IDP_SSO_TARGET_URL= # SAML_IDP_CERT= # SAML_IDP_CERT_FINGERPRINT= # SAML_NAME_IDENTIFIER_FORMAT= # SAML_CERT= # SAML_SECURITY_WANT_ASSERTION_SIGNED= # SAML_SECURITY_WANT_ASSERTION_ENCRYPTED= # SAML_SECURITY_ASSUME_EMAIL_IS_VERIFIED= # SAML_ATTRIBUTES_STATEMENTS_UID= # SAML_ATTRIBUTES_STATEMENTS_EMAIL= # SAML_ATTRIBUTES_STATEMENTS_FULL_NAME= # SAML_ATTRIBUTES_STATEMENTS_FIRST_NAME= # SAML_ATTRIBUTES_STATEMENTS_LAST_NAME= # SAML_UID_ATTRIBUTE= # SAML_ATTRIBUTES_STATEMENTS_VERIFIED= # SAML_ATTRIBUTES_STATEMENTS_VERIFIED_EMAIL= # OpenID Connect # -------------- # COMPOSE_FILE="compose.yml:compose.oidc.yml" # OIDC_ENABLED=true # OIDC_DISPLAY_NAME= # OIDC_ISSUER= # OIDC_DISCOVERY= # OIDC_CLIENT_AUTH_METHOD # OIDC_SCOPE= # OIDC_RESPONSE_TYPE= # OIDC_RESPONSE_MODE= # OIDC_DISPLAY= # OIDC_PROMPT= # OIDC_SEND_NONCE= # OIDC_SEND_SCOPE_TO_TOKEN_ENDPOINT= # OIDC_IDP_LOGOUT_REDIRECT_URI= # OIDC_UID_FIELD= # OIDC_CLIENT_ID= # OIDC_REDIRECT_URI= # OIDC_HTTP_SCHEME= # OIDC_HOST= # OIDC_PORT= # OIDC_AUTH_ENDPOINT= # OIDC_TOKEN_ENDPOINT= # OIDC_USER_INFO_ENDPOINT= # OIDC_JWKS_URI= # OIDC_END_SESSION_ENDPOINT= # OIDC_SECURITY_ASSUME_EMAIL_IS_VERIFIED= # SECRET_OIDC_CLIENT_SECRET_VERSION=v1 # Hidden services (Not Supported) # =============================== # http_proxy= # yes, this should be lowercase # ALLOW_ACCESS_TO_HIDDEN_SERVICE=