docker-compose environment for the entire v.st system https://v.st/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
env/mastodon/env.production

109 lines
3.9 KiB

# This is a sample configuration file. You can generate your configuration
# with the `rake mastodon:setup` interactive setup wizard, but to customize
# your setup even further, you'll need to edit it manually. This sample does
# not demonstrate all available configuration options. Please look at
# https://docs.joinmastodon.org/admin/config/ for the full documentation.
# Note that this file accepts slightly different syntax depending on whether
# you are using `docker-compose` or not. In particular, if you use
# `docker-compose`, the value of each declared variable will be taken verbatim,
# including surrounding quotes.
# See: https://github.com/mastodon/mastodon/issues/16895
# Federation
# ----------
# This identifies your server and cannot be changed safely later
# ----------
LOCAL_DOMAIN=social.hackerspace.zone
#WEB_DOMAIN=social.example.com
# Redis
# -----
REDIS_HOST=redis
REDIS_PORT=6379
# PostgreSQL
# ----------
DB_HOST=database
DB_USER=mastodon
DB_NAME=mastodon_production
DB_PASS=mastodon
DB_PORT=5432
# Elasticsearch (optional)
# ------------------------
ES_ENABLED=true
ES_HOST=es
ES_PORT=9200
# Authentication for ES (optional)
ES_USER=elastic
ES_PASS=password
# Secrets
# -------
# Make sure to use `rake secret` to generate secrets
# -------
SECRET_KEY_BASE=abcdef1234
OTP_SECRET=99991234
# Web Push
# --------
# Generate with `rake mastodon:webpush:generate_vapid_key`
# --------
VAPID_PRIVATE_KEY=
VAPID_PUBLIC_KEY=
# Sending mail
# ------------
SMTP_SERVER=smtp.mailgun.org
SMTP_PORT=587
SMTP_LOGIN=
SMTP_PASSWORD=
SMTP_FROM_ADDRESS=notifications@example.com
# File storage (optional)
# -----------------------
#S3_ENABLED=true
#S3_BUCKET=files.example.com
#AWS_ACCESS_KEY_ID=
#AWS_SECRET_ACCESS_KEY=
#S3_ALIAS_HOST=files.example.com
OMNIAUTH_ONLY=true
#SAML_ENABLED=true
#SAML_IDP_SSO_TARGET_URL=https://login.hackerspace.zone/realms/hackerspace/protocol/saml
#SAML_ACS_URL=https://social.hackerspace.zone/auth/auth/saml/callback
#SAML_ISSUER=mastodon
#SAML_IDP_CERT=MIICnzCCAYcCBgGAiY+tazANBgkqhkiG9w0BAQsFADATMREwDwYDVQQDDAhtYXN0b2RvbjAeFw0yMjA1MDMxMDUzNTZaFw0zMjA1MDMxMDU1MzZaMBMxETAPBgNVBAMMCG1hc3RvZG9uMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+1QUockEX0Bx0EvkrHsX1cXjzNB3vOzpzHaIqSn2ztpQMxsCjWB8nHL4KDCdvXL4IrxRV4x1cT37r/oQsTbW8fplIfllMIQt5pnTSlacru3LX6smfS0xkhpolUp+JmHqnzJqw4/D+WI+dKQbMymWjZ32wI2SqoMI0t4j/c38S6dFgcaRrWcqR/B418F0Fsjs7FzyvjcOgUzPPmfdITmHvH4YDpdq1xsz/9FGwBLd4kgW2GEKWLFTDP9si275/kBuSPE1NGO32TWWSJX4YThkjJ5qDWv3WfxNhTrBpbmW8rUTpQhVFtE/L6dpxswNASNRx34JPwDRH1u971aQPfYaQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAP1+ssMQkSvPl4tctis5ccdD5KhtsbURppwCx96DjYGH9awI+XMhByV7fw/1Cm/KQteparldjzikflNxZySUmQ6IY67Vw6d+9T4FWuOPDy6jRdgU8nLBMeE/Xjb9Mn4ArXU29qXnCFaO9Nz0/yCOKTwv8VBY3XeixBzT/sIaSMEV8/KFY4707AZdr9SB9Rxtq88FC/BLETWY1dg9omx8kZqiM2aVhAW0jhej9urNBGab86o4Xv+v2Gvv8lsXVB0B7KfbFpV/fG/r2jBxXirVPcD0nzjbAzc3rSs+UgBqSNAO4Wb+IDlO0jYPqO4fw9hS22vZBsJ94GDXIH0t/PyQ5p
##SAML_IDP_CERT_FINGERPRINT=7B:53:95:6A:D6:FE:7E:E5:68:FE:9C:E1:68:51:BF:DD:F9:AF:63:F2
#SAML_NAME_IDENTIFIER_FORMAT=urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
##SAML_CERT=
##SAML_PRIVATE_KEY=
#SAML_SECURITY_WANT_ASSERTION_SIGNED=true
##SAML_SECURITY_WANT_ASSERTION_ENCRYPTED=true
#SAML_SECURITY_ASSUME_EMAIL_IS_VERIFIED=true
#SAML_ATTRIBUTES_STATEMENTS_UID=uid
#SAML_ATTRIBUTES_STATEMENTS_EMAIL=email
##SAML_ATTRIBUTES_STATEMENTS_FULL_NAME="urn:oid:2.16.840.1.113730.3.1.241"
#SAML_ATTRIBUTES_STATEMENTS_FIRST_NAME=first_name
#SAML_ATTRIBUTES_STATEMENTS_LAST_NAME=last_name
##SAML_UID_ATTRIBUTE=uid
##SAML_ATTRIBUTES_STATEMENTS_VERIFIED=
##SAML_ATTRIBUTES_STATEMENTS_VERIFIED_EMAIL=
#
# https://github.com/mastodon/mastodon/pull/16221
OIDC_ENABLED=true
OIDC_PROMPT=Keycloak
OIDC_DISPLAY_NAME=hackerspace.zone
OIDC_ISSUER=https://login.hackerspace.zone/realms/hackerspace
OIDC_REDIRECT_URI=https://social.hackerspace.zone/auth/auth/openid_connect/callback
OIDC_DISCOVERY=true
OIDC_SCOPE=openid,profile
OIDC_UID_FIELD=uid
OIDC_CLIENT_ID=mastodon
OIDC_SECURITY_ASSUME_EMAIL_IS_VERIFIED=true
OIDC_CLIENT_SECRET=abcdef12345