|
|
|
|
# This is a sample configuration file. You can generate your configuration
|
|
|
|
|
# with the `rake mastodon:setup` interactive setup wizard, but to customize
|
|
|
|
|
# your setup even further, you'll need to edit it manually. This sample does
|
|
|
|
|
# not demonstrate all available configuration options. Please look at
|
|
|
|
|
# https://docs.joinmastodon.org/admin/config/ for the full documentation.
|
|
|
|
|
|
|
|
|
|
# Note that this file accepts slightly different syntax depending on whether
|
|
|
|
|
# you are using `docker-compose` or not. In particular, if you use
|
|
|
|
|
# `docker-compose`, the value of each declared variable will be taken verbatim,
|
|
|
|
|
# including surrounding quotes.
|
|
|
|
|
# See: https://github.com/mastodon/mastodon/issues/16895
|
|
|
|
|
|
|
|
|
|
# Federation
|
|
|
|
|
# ----------
|
|
|
|
|
# This identifies your server and cannot be changed safely later
|
|
|
|
|
# ----------
|
|
|
|
|
LOCAL_DOMAIN=social.hackerspace.zone
|
|
|
|
|
#WEB_DOMAIN=social.example.com
|
|
|
|
|
|
|
|
|
|
# Redis
|
|
|
|
|
# -----
|
|
|
|
|
REDIS_HOST=redis
|
|
|
|
|
REDIS_PORT=6379
|
|
|
|
|
|
|
|
|
|
# PostgreSQL
|
|
|
|
|
# ----------
|
|
|
|
|
DB_HOST=database
|
|
|
|
|
DB_USER=mastodon
|
|
|
|
|
DB_NAME=mastodon_production
|
|
|
|
|
DB_PASS=mastodon
|
|
|
|
|
DB_PORT=5432
|
|
|
|
|
|
|
|
|
|
# Elasticsearch (optional)
|
|
|
|
|
# ------------------------
|
|
|
|
|
ES_ENABLED=true
|
|
|
|
|
ES_HOST=es
|
|
|
|
|
ES_PORT=9200
|
|
|
|
|
# Authentication for ES (optional)
|
|
|
|
|
ES_USER=elastic
|
|
|
|
|
ES_PASS=password
|
|
|
|
|
|
|
|
|
|
# Secrets
|
|
|
|
|
# -------
|
|
|
|
|
# Make sure to use `rake secret` to generate secrets
|
|
|
|
|
# -------
|
|
|
|
|
SECRET_KEY_BASE=abcdef1234
|
|
|
|
|
OTP_SECRET=99991234
|
|
|
|
|
|
|
|
|
|
# Web Push
|
|
|
|
|
# --------
|
|
|
|
|
# Generate with `rake mastodon:webpush:generate_vapid_key`
|
|
|
|
|
# --------
|
|
|
|
|
VAPID_PRIVATE_KEY=
|
|
|
|
|
VAPID_PUBLIC_KEY=
|
|
|
|
|
|
|
|
|
|
# Sending mail
|
|
|
|
|
# ------------
|
|
|
|
|
SMTP_SERVER=smtp.mailgun.org
|
|
|
|
|
SMTP_PORT=587
|
|
|
|
|
SMTP_LOGIN=
|
|
|
|
|
SMTP_PASSWORD=
|
|
|
|
|
SMTP_FROM_ADDRESS=notifications@example.com
|
|
|
|
|
|
|
|
|
|
# File storage (optional)
|
|
|
|
|
# -----------------------
|
|
|
|
|
#S3_ENABLED=true
|
|
|
|
|
#S3_BUCKET=files.example.com
|
|
|
|
|
#AWS_ACCESS_KEY_ID=
|
|
|
|
|
#AWS_SECRET_ACCESS_KEY=
|
|
|
|
|
#S3_ALIAS_HOST=files.example.com
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
OMNIAUTH_ONLY=true
|
|
|
|
|
#SAML_ENABLED=true
|
|
|
|
|
#SAML_IDP_SSO_TARGET_URL=https://login.hackerspace.zone/realms/hackerspace/protocol/saml
|
|
|
|
|
#SAML_ACS_URL=https://social.hackerspace.zone/auth/auth/saml/callback
|
|
|
|
|
#SAML_ISSUER=mastodon
|
|
|
|
|
#SAML_IDP_CERT=MIICnzCCAYcCBgGAiY+tazANBgkqhkiG9w0BAQsFADATMREwDwYDVQQDDAhtYXN0b2RvbjAeFw0yMjA1MDMxMDUzNTZaFw0zMjA1MDMxMDU1MzZaMBMxETAPBgNVBAMMCG1hc3RvZG9uMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+1QUockEX0Bx0EvkrHsX1cXjzNB3vOzpzHaIqSn2ztpQMxsCjWB8nHL4KDCdvXL4IrxRV4x1cT37r/oQsTbW8fplIfllMIQt5pnTSlacru3LX6smfS0xkhpolUp+JmHqnzJqw4/D+WI+dKQbMymWjZ32wI2SqoMI0t4j/c38S6dFgcaRrWcqR/B418F0Fsjs7FzyvjcOgUzPPmfdITmHvH4YDpdq1xsz/9FGwBLd4kgW2GEKWLFTDP9si275/kBuSPE1NGO32TWWSJX4YThkjJ5qDWv3WfxNhTrBpbmW8rUTpQhVFtE/L6dpxswNASNRx34JPwDRH1u971aQPfYaQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAP1+ssMQkSvPl4tctis5ccdD5KhtsbURppwCx96DjYGH9awI+XMhByV7fw/1Cm/KQteparldjzikflNxZySUmQ6IY67Vw6d+9T4FWuOPDy6jRdgU8nLBMeE/Xjb9Mn4ArXU29qXnCFaO9Nz0/yCOKTwv8VBY3XeixBzT/sIaSMEV8/KFY4707AZdr9SB9Rxtq88FC/BLETWY1dg9omx8kZqiM2aVhAW0jhej9urNBGab86o4Xv+v2Gvv8lsXVB0B7KfbFpV/fG/r2jBxXirVPcD0nzjbAzc3rSs+UgBqSNAO4Wb+IDlO0jYPqO4fw9hS22vZBsJ94GDXIH0t/PyQ5p
|
|
|
|
|
##SAML_IDP_CERT_FINGERPRINT=7B:53:95:6A:D6:FE:7E:E5:68:FE:9C:E1:68:51:BF:DD:F9:AF:63:F2
|
|
|
|
|
#SAML_NAME_IDENTIFIER_FORMAT=urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
|
|
|
|
|
##SAML_CERT=
|
|
|
|
|
##SAML_PRIVATE_KEY=
|
|
|
|
|
#SAML_SECURITY_WANT_ASSERTION_SIGNED=true
|
|
|
|
|
##SAML_SECURITY_WANT_ASSERTION_ENCRYPTED=true
|
|
|
|
|
#SAML_SECURITY_ASSUME_EMAIL_IS_VERIFIED=true
|
|
|
|
|
#SAML_ATTRIBUTES_STATEMENTS_UID=uid
|
|
|
|
|
#SAML_ATTRIBUTES_STATEMENTS_EMAIL=email
|
|
|
|
|
##SAML_ATTRIBUTES_STATEMENTS_FULL_NAME="urn:oid:2.16.840.1.113730.3.1.241"
|
|
|
|
|
#SAML_ATTRIBUTES_STATEMENTS_FIRST_NAME=first_name
|
|
|
|
|
#SAML_ATTRIBUTES_STATEMENTS_LAST_NAME=last_name
|
|
|
|
|
##SAML_UID_ATTRIBUTE=uid
|
|
|
|
|
##SAML_ATTRIBUTES_STATEMENTS_VERIFIED=
|
|
|
|
|
##SAML_ATTRIBUTES_STATEMENTS_VERIFIED_EMAIL=
|
|
|
|
|
#
|
|
|
|
|
|
|
|
|
|
# https://github.com/mastodon/mastodon/pull/16221
|
|
|
|
|
OIDC_ENABLED=true
|
|
|
|
|
OIDC_PROMPT=Keycloak
|
|
|
|
|
OIDC_DISPLAY_NAME=hackerspace.zone
|
|
|
|
|
OIDC_ISSUER=https://login.hackerspace.zone/realms/hackerspace
|
|
|
|
|
OIDC_REDIRECT_URI=https://social.hackerspace.zone/auth/auth/openid_connect/callback
|
|
|
|
|
OIDC_DISCOVERY=true
|
|
|
|
|
OIDC_SCOPE=openid,profile
|
|
|
|
|
OIDC_UID_FIELD=uid
|
|
|
|
|
OIDC_CLIENT_ID=mastodon
|
|
|
|
|
OIDC_SECURITY_ASSUME_EMAIL_IS_VERIFIED=true
|
|
|
|
|
OIDC_CLIENT_SECRET=abcdef12345
|
|
|
|
|
|
