mila/.env.sample

TYPE=mila

DOMAIN=mila.example.com

#IMAGE_TAG=latest

## Domain aliases
#EXTRA_DOMAINS=', `www.mila.example.com`'

LETS_ENCRYPT_ENV=production

ENABLE_BACKUPS=true
COMPOSE_FILE="compose.yml"

# –––––––––––––––– REQUIRED ––––––––––––––––
SECRET_DB_PASSWORD_VERSION=v1
SECRET_SECRET_KEY_BASE_VERSION=v1      # length=64
SECRET_TOKEN_SIGNING_SECRET_VERSION=v1 # length=64
SECRET_ADMIN_PASSWORD_VERSION=v1

# Recommended: Association settings
ASSOCIATION_NAME="Sportsclub XYZ"

# Optional: Admin user (created/updated on container start via Release.seed_admin)
# Change password without redeploy: bin/mv eval "Mv.Release.seed_admin()"
ADMIN_EMAIL=admin@example.com
ADMIN_PASSWORD_FILE=/run/secrets/admin_password

# –––––––––––––––– OIDC (optional) ––––––––––––––––
# Uncomment to enable OIDC authentication
#COMPOSE_FILE="$COMPOSE_FILE:compose.oidc.yml"
#OIDC_CLIENT_ID=mila
#OIDC_BASE_URL=https://auth.example.com/application/o/mila
#OIDC_REDIRECT_URI=https://mila.example.com/auth/user/oidc/callback
#SECRET_OIDC_CLIENT_SECRET_VERSION=v1

# Optional: OIDC group → Admin role sync (e.g. Authentik groups from profile scope)
# If OIDC_ADMIN_GROUP_NAME is set, users in that group get Admin role on registration/sign-in.
# OIDC_ADMIN_GROUP_NAME=mv_admin
# OIDC_GROUPS_CLAIM=groups

# Optional: Show only OIDC sign-in on login page (hide password form)
# OIDC_ONLY=true

# –––––––––––––––– SMTP (optional) ––––––––––––––––
# Uncomment to enable outgoing mail; add compose.smtp.yml to COMPOSE_FILE
# COMPOSE_FILE="$COMPOSE_FILE:compose.smtp.yml"
# SMTP_HOST=smtp.example.com
# SMTP_PORT=587
# SMTP_USERNAME=no-reply@example.com
# SECRET_SMTP_PASSWORD_VERSION=v1
# SMTP_SSL=tls
# MAIL_FROM_NAME=Mila
# MAIL_FROM_EMAIL=no-reply@example.com

# Seed testing data for preview purpose
# RUN_DEV_SEEDS=true
# FORCE_SEEDS=true