From 84d65ce5f2e99c3fdc670cdc043be7289c707fd5 Mon Sep 17 00:00:00 2001 From: cellarspoon Date: Wed, 5 Jan 2022 18:22:14 +0100 Subject: [PATCH] refactor: attempt to tame long env var config --- .env.sample | 127 +++++++++------------------------------------------- 1 file changed, 21 insertions(+), 106 deletions(-) diff --git a/.env.sample b/.env.sample index 7d19931..957cbd3 100644 --- a/.env.sample +++ b/.env.sample @@ -8,99 +8,33 @@ LETS_ENCRYPT_ENV=production # –––––––––––––––– REQUIRED –––––––––––––––– -# Generate a hex-encoded 32-byte random key. You should use `openssl rand -hex 32` -# in your terminal to generate a random value. -SECRET_KEY=generate_a_new_key +SECRET_SECRET_KEY_VERSION=v1 # length=32 +SECRET_UTILS_SECRET_VERSION=v1 # length=32 -# Generate a unique random key. The format is not important but you could still use -# `openssl rand -hex 32` in your terminal to produce this. -UTILS_SECRET=generate_a_new_key +SECRET_AWS_SECRET_ACCESS_KEY=v1 -# For production point these at your databases, in development the default -# should work out of the box. -# Uncomment this to disable SSL for connecting to Postgres -# PGSSLMODE=disable - -# URL should point to the fully qualified, publicly accessible URL. If using a -# proxy the port in URL and PORT may be different. - -# See [documentation](docs/SERVICES.md) on running a separate collaboration -# server, for normal operation this does not need to be set. -COLLABORATION_URL= - -# To support uploading of images for avatars and document attachments an -# s3-compatible storage must be provided. AWS S3 is recommended for redundency -# however if you want to keep all file storage local an alternative such as -# minio (https://github.com/minio/minio) can be used. - -# A more detailed guide on setting up S3 is available here: -# => https://wiki.generaloutline.com/share/125de1cc-9ff6-424b-8415-0d58c809a40f -# -AWS_ACCESS_KEY_ID=get_a_key_from_aws -AWS_SECRET_ACCESS_KEY=get_the_secret_of_above_key -AWS_REGION=xx-xxxx-x -AWS_S3_UPLOAD_BUCKET_URL=http://s3:4569 -AWS_S3_UPLOAD_BUCKET_NAME=bucket_name_here +AWS_ACCESS_KEY_ID= +AWS_REGION= +AWS_S3_UPLOAD_BUCKET_URL= +AWS_S3_UPLOAD_BUCKET_NAME= AWS_S3_UPLOAD_MAX_SIZE=26214400 AWS_S3_FORCE_PATH_STYLE=true AWS_S3_ACL=private -# –––––––––––––– AUTHENTICATION –––––––––––––– - -# Third party signin credentials, at least ONE OF EITHER Google, Slack, -# or Microsoft is required for a working installation or you'll have no sign-in -# options. - -# To configure Slack auth, you'll need to create an Application at -# => https://api.slack.com/apps -# -# When configuring the Client ID, add a redirect URL under "OAuth & Permissions": -# https:///auth/slack.callback -SLACK_KEY=get_a_key_from_slack -SLACK_SECRET=get_the_secret_of_above_key - -# To configure Google auth, you'll need to create an OAuth Client ID at -# => https://console.cloud.google.com/apis/credentials -# -# When configuring the Client ID, add an Authorized redirect URI: -# https:///auth/google.callback -GOOGLE_CLIENT_ID= -GOOGLE_CLIENT_SECRET= - -# To configure Microsoft/Azure auth, you'll need to create an OAuth Client. See -# the guide for details on setting up your Azure App: -# => https://wiki.generaloutline.com/share/dfa77e56-d4d2-4b51-8ff8-84ea6608faa4 -AZURE_CLIENT_ID= -AZURE_CLIENT_SECRET= -AZURE_RESOURCE_APP_ID= - -# To configure generic OIDC auth, you'll need some kind of identity provider. -# See documentation for whichever IdP you use to acquire the following info: -# Redirect URI is https:///auth/oidc.callback OIDC_CLIENT_ID= OIDC_CLIENT_SECRET= OIDC_AUTH_URI= OIDC_TOKEN_URI= OIDC_USERINFO_URI= - -# Specify which claims to derive user information from -# Supports any valid JSON path with the JWT payload OIDC_USERNAME_CLAIM=preferred_username - -# Display name for OIDC authentication -OIDC_DISPLAY_NAME="OpenID Connect" - -# Space separated auth scopes. +OIDC_DISPLAY_NAME="My Cool OpenId Connect Provider" OIDC_SCOPES="openid profile email" - # –––––––––––––––– OPTIONAL –––––––––––––––– -# If using a Cloudfront/Cloudflare distribution or similar it can be set below. -# This will cause paths to javascript, stylesheets, and images to be updated to -# the hostname defined in CDN_URL. In your CDN configuration the origin server -# should be set to the same as URL. -CDN_URL= +TEAM_LOGO= + +DEFAULT_LANGUAGE=en_US # Auto-redirect to https in production. The default is true but you may set to # false if you can be sure that SSL is terminated at an external loadbalancer. @@ -126,34 +60,15 @@ DEBUG=http # set, all domains are allowed by default when using Google OAuth to signin ALLOWED_DOMAINS= -# For a complete Slack integration with search and posting to channels the -# following configs are also needed, some more details -# => https://wiki.generaloutline.com/share/be25efd1-b3ef-4450-b8e5-c4a4fc11e02a -# -SLACK_VERIFICATION_TOKEN=your_token -SLACK_APP_ID=A0XXXXXXX -SLACK_MESSAGE_ACTIONS=true - -# Optionally enable google analytics to track pageviews in the knowledge base -GOOGLE_ANALYTICS_ID= - -# Optionally enable Sentry (sentry.io) to track errors and performance -SENTRY_DSN= - +# TODO: setup compose.smtp.yml # To support sending outgoing transactional emails such as "document updated" or # "you've been invited" you'll need to provide authentication for an SMTP server -SMTP_HOST= -SMTP_PORT= -SMTP_USERNAME= -SMTP_PASSWORD= -SMTP_FROM_EMAIL= -SMTP_REPLY_EMAIL= -SMTP_TLS_CIPHERS= -SMTP_SECURE=true - -# Custom logo that displays on the authentication screen, scaled to height: 60px -# TEAM_LOGO=https://example.com/images/logo.png - -# The default interface language. See translate.getoutline.com for a list of -# available language codes and their rough percentage translated. -DEFAULT_LANGUAGE=en_US +#SMTP_ENABLED=1 +#SMTP_HOST= +#SMTP_PORT= +#SMTP_USERNAME= +#SMTP_PASSWORD= +#SMTP_FROM_EMAIL= +#SMTP_REPLY_EMAIL= +#SMTP_TLS_CIPHERS= +#SMTP_SECURE=true