mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-07-04 08:02:02 +02:00
130 lines
4.9 KiB
Django/Jinja
130 lines
4.9 KiB
Django/Jinja
# Copy this file to .env, then update it with your own settings
|
|
|
|
|
|
######################################################
|
|
# Instance configuration #
|
|
######################################################
|
|
|
|
# The name for your instance
|
|
MOBILIZON_INSTANCE_NAME={{ applications[application_id].titel }}
|
|
|
|
# Your domain
|
|
MOBILIZON_INSTANCE_HOST={{ domains | get_domain(application_id) }}
|
|
|
|
# The IP to listen on (defaults to 0.0.0.0)
|
|
# MOBILIZON_INSTANCE_LISTEN_IP
|
|
|
|
# The port to listen on (defaults to 4000). Point your reverse proxy on this port.
|
|
MOBILIZON_INSTANCE_PORT={{ mobilizon_exposed_docker_port }}
|
|
|
|
# Whether registrations are opened or closed. Can be changed in the admin settings UI as well.
|
|
# Make sure to moderate actively your instance if registrations are opened.
|
|
MOBILIZON_INSTANCE_REGISTRATIONS_OPEN=false
|
|
|
|
# From which email will the emails be sent
|
|
MOBILIZON_INSTANCE_EMAIL={{ users["no-reply"].email }}
|
|
|
|
# To which email with the replies be sent
|
|
MOBILIZON_REPLY_EMAIL={{ users["administrator"].email }}
|
|
|
|
# The loglevel setting.
|
|
# You can find accepted values here: https://hexdocs.pm/logger/Logger.html#module-levels
|
|
# Defaults to error
|
|
MOBILIZON_LOGLEVEL={% if enable_debug | bool %}debug{% else %}error{% endif %}
|
|
|
|
######################################################
|
|
# Database settings #
|
|
######################################################
|
|
|
|
# The values below will be given to both the PostGIS (PostgreSQL) and Mobilizon containers
|
|
# Use the next settings if you plan to use an existing external database
|
|
|
|
# The Mobilizon Database username. Defaults to $POSTGRES_USER.
|
|
# Change if using an external database.
|
|
MOBILIZON_DATABASE_USERNAME={{ database_username }}
|
|
|
|
# The Mobilizon Database password. Defaults to $POSTGRES_PASSWORD.
|
|
# Change if using an external database.
|
|
MOBILIZON_DATABASE_PASSWORD={{ database_password }}
|
|
|
|
# The Mobilizon Database name. Defaults to $POSTGRES_DB.
|
|
# Change if using an external database.
|
|
MOBILIZON_DATABASE_DBNAME={{ database_name }}
|
|
|
|
# The Mobilizon database host. Useful if using an external database.
|
|
MOBILIZON_DATABASE_HOST={{ database_host }}
|
|
|
|
# The Mobilizon database port. Useful if using an external database.
|
|
MOBILIZON_DATABASE_PORT={{ database_port }}
|
|
|
|
# Whether to use SSL to connect to the Mobilizon database. Useful if using an external database.
|
|
# MOBILIZON_DATABASE_SSL=false
|
|
|
|
######################################################
|
|
# Secrets #
|
|
######################################################
|
|
|
|
# A secret key used as a base to generate secrets for encrypting and signing data.
|
|
# Make sure it's long enough (~64 characters should be fine)
|
|
# You can run `openssl rand -base64 48` to generate such a secret
|
|
MOBILIZON_INSTANCE_SECRET_KEY_BASE={{ applications[application_id].secret_key_base }}
|
|
|
|
# A secret key used as a base to generate JWT tokens
|
|
# Make sure it's long enough (~64 characters should be fine)
|
|
# You can run `openssl rand -base64 48` to generate such a secret
|
|
MOBILIZON_INSTANCE_SECRET_KEY={{ applications[application_id].secret_key }}
|
|
|
|
|
|
######################################################
|
|
# Email settings #
|
|
######################################################
|
|
|
|
# The SMTP server
|
|
# Defaults to localhost
|
|
MOBILIZON_SMTP_SERVER={{system_email.host}}
|
|
MOBILIZON_SMTP_PORT={{system_email.port}}
|
|
MOBILIZON_SMTP_USERNAME={{ users['no-reply'].email }}
|
|
MOBILIZON_SMTP_PASSWORD={{ users['no-reply'].mailu_token }}
|
|
|
|
# Whether to use SSL for SMTP.
|
|
# Boolean
|
|
# Defaults to false
|
|
MOBILIZON_SMTP_SSL=false
|
|
|
|
# Whether to use TLS for SMTP.
|
|
# Allowed values: always (TLS), never (Clear) and if_available (STARTTLS)
|
|
# Make sure to match the port value as well
|
|
# Defaults to "if_available"
|
|
MOBILIZON_SMTP_TLS={% if system_email.tls %}TLS{% elif system_email.start_tls %}STARTTLS{% else %}Clear{% endif %}
|
|
|
|
{% if applications | is_feature_enabled('oidc',application_id) %}
|
|
####################################
|
|
# ▶️ Mobilizon OIDC Configuration
|
|
####################################
|
|
|
|
AUTHENTICATION_STRATEGIES=open_id_connect
|
|
|
|
# Display name of the OIDC login button
|
|
UEBERAUTH_OPENID_CONNECT_DISPLAY_NAME="{{ oidc.button_text }}"
|
|
|
|
# Use discovery to automatically fetch OIDC provider settings
|
|
UEBERAUTH_OPENID_CONNECT_DISCOVERY_DOCUMENT={{ oidc.client.discovery_document }}
|
|
|
|
# OIDC OAuth2 client credentials
|
|
UEBERAUTH_OPENID_CONNECT_CLIENT_ID={{ oidc.client.id }}
|
|
UEBERAUTH_OPENID_CONNECT_CLIENT_SECRET={{ oidc.client.secret }}
|
|
|
|
# Redirect URI for the OIDC callback
|
|
UEBERAUTH_OPENID_CONNECT_REDIRECT_URI={{ mobilizon_oidc_callback_url }}
|
|
|
|
# Scope and response type for OIDC
|
|
UEBERAUTH_OPENID_CONNECT_SCOPE=openid email profile
|
|
UEBERAUTH_OPENID_CONNECT_RESPONSE_TYPE=code
|
|
|
|
# Claim/field used to uniquely identify the user
|
|
UEBERAUTH_OPENID_CONNECT_UID_FIELD={{ oidc.attributes.username }}
|
|
|
|
# Optional email verification behavior
|
|
UEBERAUTH_OPENID_CONNECT_ASSUME_EMAIL_IS_VERIFIED=true
|
|
{% endif %}
|