# This is a sample configuration file. You can generate your configuration # with the `rake mastodon:setup` interactive setup wizard, but to customize # your setup even further, you'll need to edit it manually. This sample does # not demonstrate all available configuration options. Please look at # https://docs.joinmastodon.org/admin/config/ for the full documentation. # Note that this file accepts slightly different syntax depending on whether # you are using `docker-compose` or not. In particular, if you use # `docker-compose`, the value of each declared variable will be taken verbatim, # including surrounding quotes. # See: https://github.com/mastodon/mastodon/issues/16895 # Federation # ---------- # This identifies your server and cannot be changed safely later # ---------- # LOCAL_DOMAIN is set in env.secrets #WEB_DOMAIN=social.example.com # Redis # ----- REDIS_HOST=mastodon-redis REDIS_PORT=6379 # PostgreSQL # ---------- DB_HOST=mastodon-db DB_NAME=mastodon_production DB_USER=mastodon DB_PASS=mastodon DB_PORT=5432 # Elasticsearch (optional) # ------------------------ ES_ENABLED=true ES_HOST=mastodon-es ES_PORT=9200 # Authentication for ES (optional) ES_USER=elastic ES_PASS=password # Secrets # ------- # Make sure to use `rake secret` to generate secrets # ------- # written to env.secrets #SECRET_KEY_BASE=abcdef1234 #OTP_SECRET=99991234 # Web Push # -------- # Generate with `rake mastodon:webpush:generate_vapid_key` # -------- # written to env.secrets #VAPID_PRIVATE_KEY= #VAPID_PUBLIC_KEY= # Sending mail # ------------ # configured in env.secrets # File storage (optional) # ----------------------- #S3_ENABLED=true #S3_BUCKET=files.example.com #AWS_ACCESS_KEY_ID= #AWS_SECRET_ACCESS_KEY= #S3_ALIAS_HOST=files.example.com # Do not use sendfile since this is fronted by nginx RAILS_SERVE_STATIC_FILES=false # do not allow normal logins OMNIAUTH_ONLY=true # OIDC supported since https://github.com/mastodon/mastodon/pull/16221 OIDC_ENABLED=true OIDC_PROMPT=Keycloak OIDC_DISCOVERY=true OIDC_SCOPE=openid,profile OIDC_UID_FIELD=preferred_username OIDC_CLIENT_ID=mastodon OIDC_SECURITY_ASSUME_EMAIL_IS_VERIFIED=true # OIDC URLs are in env.secrets since they require env expansion # OIDC_CLIENT_SECRET is in env.secrets