bookwyrm/.env.example

# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY="7(2w1sedok=aznpq)ta1mc4i%4h=xx@hxwx*o57ctsuml0x%fr"

# SECURITY WARNING: don't run with debug turned on in production!
DEBUG=false
USE_HTTPS=true

DOMAIN=your.domain.here
EMAIL=your@email.here

# Instance default language (see options at bookwyrm/settings.py "LANGUAGES"
LANGUAGE_CODE="en-us"
# Used for deciding which editions to prefer
DEFAULT_LANGUAGE="English"

## Leave unset to allow all hosts
# ALLOWED_HOSTS="localhost,127.0.0.1,[::1]"

MEDIA_ROOT=images/

# Database configuration
PGPORT=5432
POSTGRES_PASSWORD=securedbypassword123
POSTGRES_USER=bookwyrm
POSTGRES_DB=bookwyrm
POSTGRES_HOST=db

# Redis activity stream manager
MAX_STREAM_LENGTH=200
REDIS_ACTIVITY_HOST=redis_activity
REDIS_ACTIVITY_PORT=6379
REDIS_ACTIVITY_PASSWORD=redispassword345
# Optional, use a different redis database (defaults to 0)
# REDIS_ACTIVITY_DB_INDEX=0
# Alternatively specify the full redis url, i.e. if you need to use a unix:// socket
# REDIS_ACTIVITY_URL=

# Redis as celery broker
REDIS_BROKER_HOST=redis_broker
REDIS_BROKER_PORT=6379
REDIS_BROKER_PASSWORD=redispassword123
# Optional, use a different redis database (defaults to 0)
# REDIS_BROKER_DB_INDEX=0
# Alternatively specify the full redis url, i.e. if you need to use a unix:// socket
# REDIS_BROKER_URL=

# Monitoring for celery
FLOWER_PORT=8888
FLOWER_USER=admin
FLOWER_PASSWORD=changeme

# Email config
EMAIL_HOST=smtp.mailgun.org
EMAIL_PORT=587
EMAIL_HOST_USER=mail@your.domain.here
EMAIL_HOST_PASSWORD=emailpassword123
EMAIL_USE_TLS=true
EMAIL_USE_SSL=false
EMAIL_SENDER_NAME=admin
# defaults to DOMAIN
EMAIL_SENDER_DOMAIN=

# Query timeouts
SEARCH_TIMEOUT=5
QUERY_TIMEOUT=5

# Thumbnails Generation
ENABLE_THUMBNAIL_GENERATION=true

# S3 configuration
USE_S3=false
AWS_ACCESS_KEY_ID=
AWS_SECRET_ACCESS_KEY=

# Commented are example values if you use a non-AWS, S3-compatible service
# AWS S3 should work with only AWS_STORAGE_BUCKET_NAME and AWS_S3_REGION_NAME
# non-AWS S3-compatible services will need AWS_STORAGE_BUCKET_NAME,
# along with both AWS_S3_CUSTOM_DOMAIN and AWS_S3_ENDPOINT_URL

# AWS_STORAGE_BUCKET_NAME=        # "example-bucket-name"
# AWS_S3_CUSTOM_DOMAIN=None       # "example-bucket-name.s3.fr-par.scw.cloud"
# AWS_S3_REGION_NAME=None         # "fr-par"
# AWS_S3_ENDPOINT_URL=None        # "https://s3.fr-par.scw.cloud"

# Commented are example values if you use Azure Blob Storage
# USE_AZURE=true
# AZURE_ACCOUNT_NAME=     # "example-account-name"
# AZURE_ACCOUNT_KEY=      # "base64-encoded-access-key"
# AZURE_CONTAINER=        # "example-blob-container-name"
# AZURE_CUSTOM_DOMAIN=    # "example-account-name.blob.core.windows.net"

# Preview image generation can be computing and storage intensive
ENABLE_PREVIEW_IMAGES=False

# Specify RGB tuple or RGB hex strings,
# or use_dominant_color_light / use_dominant_color_dark
PREVIEW_BG_COLOR=use_dominant_color_light
# Change to #FFF if you use use_dominant_color_dark
PREVIEW_TEXT_COLOR=#363636
PREVIEW_IMG_WIDTH=1200
PREVIEW_IMG_HEIGHT=630
PREVIEW_DEFAULT_COVER_COLOR=#002549

# Below are example keys if you want to enable automatically
# sending telemetry to an OTLP-compatible service. Many of
# the main monitoring apps have OLTP collectors, including
# NewRelic, DataDog, and Honeycomb.io - consult their
# documentation for setup instructions, and what exactly to
# put below!
#
# Service name is an arbitrary tag that is attached to any
# data sent, used to distinguish different sources. Useful
# for sending prod and dev metrics to the same place and
# keeping them separate, for instance!

# API endpoint for your provider
OTEL_EXPORTER_OTLP_ENDPOINT=
# Any headers required, usually authentication info
OTEL_EXPORTER_OTLP_HEADERS=
# Service name to identify your app
OTEL_SERVICE_NAME=

# Set HTTP_X_FORWARDED_PROTO ONLY to true if you know what you are doing.
# Only use it if your proxy is "swallowing" if the original request was made
# via https. Please refer to the Django-Documentation and assess the risks
# for your instance:
# https://docs.djangoproject.com/en/3.2/ref/settings/#secure-proxy-ssl-header
HTTP_X_FORWARDED_PROTO=false

# TOTP settings
# TWO_FACTOR_LOGIN_VALIDITY_WINDOW sets the number of codes either side
# which will be accepted.
TWO_FACTOR_LOGIN_VALIDITY_WINDOW=2
TWO_FACTOR_LOGIN_MAX_SECONDS=60

# Additional hosts to allow in the Content-Security-Policy, "self" (should be DOMAIN)
# and AWS_S3_CUSTOM_DOMAIN (if used) are added by default.
# Value should be a comma-separated list of host names.
CSP_ADDITIONAL_HOSTS=
move some configuration into environment vars 2020-02-15 21:45:44 +00:00			`# SECURITY WARNING: keep the secret key used in production secret!`
Use ENV variables in fr-dev This allows folks to rename their database and still use the dev scripts 2020-11-19 21:01:39 +00:00			`SECRET_KEY="7(2w1sedok=aznpq)ta1mc4i%4h=xx@hxwx*o57ctsuml0x%fr"`
move some configuration into environment vars 2020-02-15 21:45:44 +00:00
			`# SECURITY WARNING: don't run with debug turned on in production!`
Easier to deploy by avoiding merge conflicts in production 2021-03-30 13:28:13 +00:00			`DEBUG=false`
Rename MEDIA_PATH to MEDIA_FULL_URL and handle protocol 2021-06-19 15:09:53 +00:00			`USE_HTTPS=true`
move some configuration into environment vars 2020-02-15 21:45:44 +00:00
Dockerize app 2020-03-22 18:21:19 +00:00			`DOMAIN=your.domain.here`
Easier to deploy by avoiding merge conflicts in production 2021-03-30 13:28:13 +00:00			`EMAIL=your@email.here`
move some configuration into environment vars 2020-02-15 21:45:44 +00:00
spelling: default Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> 2023-04-04 15:13:05 +00:00			`# Instance default language (see options at bookwyrm/settings.py "LANGUAGES"`
Makes default language configurable 2022-01-21 00:04:42 +00:00			`LANGUAGE_CODE="en-us"`
Set preferred language 2021-04-29 17:40:49 +00:00			`# Used for deciding which editions to prefer`
			`DEFAULT_LANGUAGE="English"`

move some configuration into environment vars 2020-02-15 21:45:44 +00:00			`## Leave unset to allow all hosts`
Dockerize app 2020-03-22 18:21:19 +00:00			`# ALLOWED_HOSTS="localhost,127.0.0.1,[::1]"`
move some configuration into environment vars 2020-02-15 21:45:44 +00:00
consistent formatting in .env.example 2020-03-27 20:27:32 +00:00			`MEDIA_ROOT=images/`
Dockerize app 2020-03-22 18:21:19 +00:00
Make search timeouts configurable 2022-01-07 15:42:05 +00:00			`# Database configuration`
Correctly use custom postgres ports 2021-09-22 15:13:31 +00:00			`PGPORT=5432`
Cleans up .env and settings files Some outdated stuff doesn't need to be in there 2021-06-07 19:53:57 +00:00			`POSTGRES_PASSWORD=securedbypassword123`
Updates default state of .env file 2022-11-15 20:31:47 +00:00			`POSTGRES_USER=bookwyrm`
			`POSTGRES_DB=bookwyrm`
Move database host to .env 2020-03-29 00:23:43 +00:00			`POSTGRES_HOST=db`
move some configuration into environment vars 2020-02-15 21:45:44 +00:00
Adds redis image for activity streams 2021-03-22 17:44:42 +00:00			`# Redis activity stream manager`
Adds stream length to .env 2021-03-24 15:29:12 +00:00			`MAX_STREAM_LENGTH=200`
Adds redis image for activity streams 2021-03-22 17:44:42 +00:00			`REDIS_ACTIVITY_HOST=redis_activity`
			`REDIS_ACTIVITY_PORT=6379`
Easier to deploy by avoiding merge conflicts in production 2021-03-30 13:28:13 +00:00			`REDIS_ACTIVITY_PASSWORD=redispassword345`
use REDIS_x_DB_INDEX instead of REDIS_x_DB, add optional setting to example env file 2022-01-13 16:15:24 +00:00			`# Optional, use a different redis database (defaults to 0)`
			`# REDIS_ACTIVITY_DB_INDEX=0`
Add support for specifying redis url to support unix sockets 2023-01-14 22:52:54 +00:00			`# Alternatively specify the full redis url, i.e. if you need to use a unix:// socket`
			`# REDIS_ACTIVITY_URL=`
Adds redis image for activity streams 2021-03-22 17:44:42 +00:00
Easier to deploy by avoiding merge conflicts in production 2021-03-30 13:28:13 +00:00			`# Redis as celery broker`
Add REDIS_BROKER_HOST to example env This might avoid future confusion when somebody wants to run this dockerless for example, given that in the settings module this gets the default value of `redis_broker` when not set. 2022-12-27 10:29:09 +00:00			`REDIS_BROKER_HOST=redis_broker`
Easier to deploy by avoiding merge conflicts in production 2021-03-30 13:28:13 +00:00			`REDIS_BROKER_PORT=6379`
			`REDIS_BROKER_PASSWORD=redispassword123`
use REDIS_x_DB_INDEX instead of REDIS_x_DB, add optional setting to example env file 2022-01-13 16:15:24 +00:00			`# Optional, use a different redis database (defaults to 0)`
			`# REDIS_BROKER_DB_INDEX=0`
Add support for specifying redis url to support unix sockets 2023-01-14 22:52:54 +00:00			`# Alternatively specify the full redis url, i.e. if you need to use a unix:// socket`
			`# REDIS_BROKER_URL=`
Easier to deploy by avoiding merge conflicts in production 2021-03-30 13:28:13 +00:00
Make search timeouts configurable 2022-01-07 15:42:05 +00:00			`# Monitoring for celery`
Easier to deploy by avoiding merge conflicts in production 2021-03-30 13:28:13 +00:00			`FLOWER_PORT=8888`
Don't use my name as the default flower user 2022-02-17 20:18:35 +00:00			`FLOWER_USER=admin`
Easier to deploy by avoiding merge conflicts in production 2021-03-30 13:28:13 +00:00			`FLOWER_PASSWORD=changeme`
Move to redis and fix a bunch of things 2020-03-31 23:31:33 +00:00
Make search timeouts configurable 2022-01-07 15:42:05 +00:00			`# Email config`
removed quotes from the host - fixes connecting to smtp server 2021-11-07 14:06:20 +00:00			`EMAIL_HOST=smtp.mailgun.org`
Adds email config 2020-09-23 22:44:47 +00:00			`EMAIL_PORT=587`
			`EMAIL_HOST_USER=mail@your.domain.here`
			`EMAIL_HOST_PASSWORD=emailpassword123`
			`EMAIL_USE_TLS=true`
Sets SSL to false per default for tests 2021-04-09 11:37:35 +00:00			`EMAIL_USE_SSL=false`
Configure email sender from .env file 2022-01-06 01:35:42 +00:00			`EMAIL_SENDER_NAME=admin`
			`# defaults to DOMAIN`
			`EMAIL_SENDER_DOMAIN=`
Easier to deploy by avoiding merge conflicts in production 2021-03-30 13:28:13 +00:00
Make search timeouts configurable 2022-01-07 15:42:05 +00:00			`# Query timeouts`
Much shorter search timeout 2022-08-04 19:16:12 +00:00			`SEARCH_TIMEOUT=5`
Make search timeouts configurable 2022-01-07 15:42:05 +00:00			`QUERY_TIMEOUT=5`

Add env var to enable/disable thumbnail generation 2021-06-07 17:52:25 +00:00			`# Thumbnails Generation`
Enable thumbnail generation in example environment This makes the example environment more similar to the setting in the django-tests.yml GitHub workflow. It also ensures thumbnail generation is tested by default. 2022-12-26 13:23:19 +00:00			`ENABLE_THUMBNAIL_GENERATION=true`
Add env var to enable/disable thumbnail generation 2021-06-07 17:52:25 +00:00
Use S3 as static and media storage TODO - [ ] Write some documentation for non-AWS, S3-compatible services - [ ] Make a management command to move existing media to the new S3 bucket - [ ] See if Nginx can reverse-proxy the S3 bucket in order to keep the files accessible through the domain name 2021-06-07 16:12:48 +00:00			`# S3 configuration`
			`USE_S3=false`
Better .env vars defaults 2021-08-01 09:47:39 +00:00			`AWS_ACCESS_KEY_ID=`
			`AWS_SECRET_ACCESS_KEY=`

			`# Commented are example values if you use a non-AWS, S3-compatible service`
			`# AWS S3 should work with only AWS_STORAGE_BUCKET_NAME and AWS_S3_REGION_NAME`
			`# non-AWS S3-compatible services will need AWS_STORAGE_BUCKET_NAME,`
			`# along with both AWS_S3_CUSTOM_DOMAIN and AWS_S3_ENDPOINT_URL`

Use S3 as static and media storage TODO - [ ] Write some documentation for non-AWS, S3-compatible services - [ ] Make a management command to move existing media to the new S3 bucket - [ ] See if Nginx can reverse-proxy the S3 bucket in order to keep the files accessible through the domain name 2021-06-07 16:12:48 +00:00			`# AWS_STORAGE_BUCKET_NAME= # "example-bucket-name"`
			`# AWS_S3_CUSTOM_DOMAIN=None # "example-bucket-name.s3.fr-par.scw.cloud"`
			`# AWS_S3_REGION_NAME=None # "fr-par"`
			`# AWS_S3_ENDPOINT_URL=None # "https://s3.fr-par.scw.cloud"`
Merge remote-tracking branch 'upstream/main' into storage-s3 2021-06-19 09:53:05 +00:00
Example Settings and run black 2023-03-08 19:48:04 +00:00			`# Commented are example values if you use Azure Blob Storage`
			`# USE_AZURE=true`
			`# AZURE_ACCOUNT_NAME= # "example-account-name"`
			`# AZURE_ACCOUNT_KEY= # "base64-encoded-access-key"`
			`# AZURE_CONTAINER= # "example-blob-container-name"`
			`# AZURE_CUSTOM_DOMAIN= # "example-account-name.blob.core.windows.net"`
Merge branch 'main' into images-django-imagekit 2021-08-02 19:43:59 +00:00
Use global switch to enable/disable preview images 2021-05-28 15:00:07 +00:00			`# Preview image generation can be computing and storage intensive`
Updates default state of .env file 2022-11-15 20:31:47 +00:00			`ENABLE_PREVIEW_IMAGES=False`
Use global switch to enable/disable preview images 2021-05-28 15:00:07 +00:00
			`# Specify RGB tuple or RGB hex strings,`
			`# or use_dominant_color_light / use_dominant_color_dark`
			`PREVIEW_BG_COLOR=use_dominant_color_light`
			`# Change to #FFF if you use use_dominant_color_dark`
removing quotes as they are interpreted as part of a value 2021-12-12 08:53:55 +00:00			`PREVIEW_TEXT_COLOR=#363636`
Use global switch to enable/disable preview images 2021-05-28 15:00:07 +00:00			`PREVIEW_IMG_WIDTH=1200`
			`PREVIEW_IMG_HEIGHT=630`
removing quotes as they are interpreted as part of a value 2021-12-12 08:53:55 +00:00			`PREVIEW_DEFAULT_COVER_COLOR=#002549`
Copy config from prod branch to main 2022-02-05 02:34:17 +00:00
			`# Below are example keys if you want to enable automatically`
			`# sending telemetry to an OTLP-compatible service. Many of`
			`# the main monitoring apps have OLTP collectors, including`
			`# NewRelic, DataDog, and Honeycomb.io - consult their`
			`# documentation for setup instructions, and what exactly to`
			`# put below!`
			`#`
			`# Service name is an arbitrary tag that is attached to any`
			`# data sent, used to distinguish different sources. Useful`
			`# for sending prod and dev metrics to the same place and`
			`# keeping them separate, for instance!`

Removes inline comments that are causing erros 2022-02-19 05:07:39 +00:00			`# API endpoint for your provider`
			`OTEL_EXPORTER_OTLP_ENDPOINT=`
			`# Any headers required, usually authentication info`
			`OTEL_EXPORTER_OTLP_HEADERS=`
			`# Service name to identify your app`
			`OTEL_SERVICE_NAME=`
set HTTP_X_FORWARDED_PROTO in .env This fixes #2397. The description in .env is whith a warning and a link to the official documentation about what this setting is doing if set to true. 2022-11-19 16:54:44 +00:00
			`# Set HTTP_X_FORWARDED_PROTO ONLY to true if you know what you are doing.`
Apologies for my lack of coding skills 2022-11-20 16:57:03 +00:00			`# Only use it if your proxy is "swallowing" if the original request was made`
set HTTP_X_FORWARDED_PROTO in .env This fixes #2397. The description in .env is whith a warning and a link to the official documentation about what this setting is doing if set to true. 2022-11-19 16:54:44 +00:00			`# via https. Please refer to the Django-Documentation and assess the risks`
			`# for your instance:`
			`# https://docs.djangoproject.com/en/3.2/ref/settings/#secure-proxy-ssl-header`
			`HTTP_X_FORWARDED_PROTO=false`
Read TOTP variables from .env 2023-02-17 09:40:31 +00:00
			`# TOTP settings`
			`# TWO_FACTOR_LOGIN_VALIDITY_WINDOW sets the number of codes either side`
			`# which will be accepted.`
			`TWO_FACTOR_LOGIN_VALIDITY_WINDOW=2`
			`TWO_FACTOR_LOGIN_MAX_SECONDS=60`
Merge branch 'main' into totp-window 2023-02-27 07:21:39 +00:00
Add config variable for additional CSP hosts 2023-02-21 21:02:52 +00:00			`# Additional hosts to allow in the Content-Security-Policy, "self" (should be DOMAIN)`
			`# and AWS_S3_CUSTOM_DOMAIN (if used) are added by default.`
			`# Value should be a comma-separated list of host names.`
			`CSP_ADDITIONAL_HOSTS=`