mirror of
https://github.com/bookwyrm-social/bookwyrm.git
synced 2024-12-23 08:36:32 +00:00
d640e4ac96
- new setting to enable user exports defaults to False - add setting to enable and disable user exports - do not allow user exports when using s3 storage - do not serve non-image files from /images/ (requires update to nginx settings) - increase default file upload limit to 100MB to enable user exports to be imported (can be changed in .env)
142 lines
No EOL
4.6 KiB
Text
142 lines
No EOL
4.6 KiB
Text
# SECURITY WARNING: keep the secret key used in production secret!
|
|
SECRET_KEY="7(2w1sedok=aznpq)ta1mc4i%4h=xx@hxwx*o57ctsuml0x%fr"
|
|
|
|
# SECURITY WARNING: don't run with debug turned on in production!
|
|
DEBUG=false
|
|
USE_HTTPS=true
|
|
|
|
DOMAIN=your.domain.here
|
|
EMAIL=your@email.here
|
|
|
|
# Instance default language (see options at bookwyrm/settings.py "LANGUAGES"
|
|
LANGUAGE_CODE="en-us"
|
|
# Used for deciding which editions to prefer
|
|
DEFAULT_LANGUAGE="English"
|
|
|
|
## Leave unset to allow all hosts
|
|
# ALLOWED_HOSTS="localhost,127.0.0.1,[::1]"
|
|
|
|
MEDIA_ROOT=images/
|
|
|
|
# Database configuration
|
|
PGPORT=5432
|
|
POSTGRES_PASSWORD=securedbypassword123
|
|
POSTGRES_USER=bookwyrm
|
|
POSTGRES_DB=bookwyrm
|
|
POSTGRES_HOST=db
|
|
|
|
# Redis activity stream manager
|
|
MAX_STREAM_LENGTH=200
|
|
REDIS_ACTIVITY_HOST=redis_activity
|
|
REDIS_ACTIVITY_PORT=6379
|
|
REDIS_ACTIVITY_PASSWORD=redispassword345
|
|
# Optional, use a different redis database (defaults to 0)
|
|
# REDIS_ACTIVITY_DB_INDEX=0
|
|
# Alternatively specify the full redis url, i.e. if you need to use a unix:// socket
|
|
# REDIS_ACTIVITY_URL=
|
|
|
|
# Redis as celery broker
|
|
REDIS_BROKER_HOST=redis_broker
|
|
REDIS_BROKER_PORT=6379
|
|
REDIS_BROKER_PASSWORD=redispassword123
|
|
# Optional, use a different redis database (defaults to 0)
|
|
# REDIS_BROKER_DB_INDEX=0
|
|
# Alternatively specify the full redis url, i.e. if you need to use a unix:// socket
|
|
# REDIS_BROKER_URL=
|
|
|
|
# Monitoring for celery
|
|
FLOWER_PORT=8888
|
|
FLOWER_USER=admin
|
|
FLOWER_PASSWORD=changeme
|
|
|
|
# Email config
|
|
EMAIL_HOST=smtp.mailgun.org
|
|
EMAIL_PORT=587
|
|
EMAIL_HOST_USER=mail@your.domain.here
|
|
EMAIL_HOST_PASSWORD=emailpassword123
|
|
EMAIL_USE_TLS=true
|
|
EMAIL_USE_SSL=false
|
|
EMAIL_SENDER_NAME=admin
|
|
# defaults to DOMAIN
|
|
EMAIL_SENDER_DOMAIN=
|
|
|
|
# Query timeouts
|
|
SEARCH_TIMEOUT=5
|
|
QUERY_TIMEOUT=5
|
|
|
|
# Thumbnails Generation
|
|
ENABLE_THUMBNAIL_GENERATION=true
|
|
|
|
# S3 configuration
|
|
USE_S3=false
|
|
AWS_ACCESS_KEY_ID=
|
|
AWS_SECRET_ACCESS_KEY=
|
|
|
|
# Commented are example values if you use a non-AWS, S3-compatible service
|
|
# AWS S3 should work with only AWS_STORAGE_BUCKET_NAME and AWS_S3_REGION_NAME
|
|
# non-AWS S3-compatible services will need AWS_STORAGE_BUCKET_NAME,
|
|
# along with both AWS_S3_CUSTOM_DOMAIN and AWS_S3_ENDPOINT_URL
|
|
|
|
# AWS_STORAGE_BUCKET_NAME= # "example-bucket-name"
|
|
# AWS_S3_CUSTOM_DOMAIN=None # "example-bucket-name.s3.fr-par.scw.cloud"
|
|
# AWS_S3_REGION_NAME=None # "fr-par"
|
|
# AWS_S3_ENDPOINT_URL=None # "https://s3.fr-par.scw.cloud"
|
|
|
|
# Commented are example values if you use Azure Blob Storage
|
|
# USE_AZURE=true
|
|
# AZURE_ACCOUNT_NAME= # "example-account-name"
|
|
# AZURE_ACCOUNT_KEY= # "base64-encoded-access-key"
|
|
# AZURE_CONTAINER= # "example-blob-container-name"
|
|
# AZURE_CUSTOM_DOMAIN= # "example-account-name.blob.core.windows.net"
|
|
|
|
# Preview image generation can be computing and storage intensive
|
|
ENABLE_PREVIEW_IMAGES=False
|
|
|
|
# Specify RGB tuple or RGB hex strings,
|
|
# or use_dominant_color_light / use_dominant_color_dark
|
|
PREVIEW_BG_COLOR=use_dominant_color_light
|
|
# Change to #FFF if you use use_dominant_color_dark
|
|
PREVIEW_TEXT_COLOR=#363636
|
|
PREVIEW_IMG_WIDTH=1200
|
|
PREVIEW_IMG_HEIGHT=630
|
|
PREVIEW_DEFAULT_COVER_COLOR=#002549
|
|
|
|
# Below are example keys if you want to enable automatically
|
|
# sending telemetry to an OTLP-compatible service. Many of
|
|
# the main monitoring apps have OLTP collectors, including
|
|
# NewRelic, DataDog, and Honeycomb.io - consult their
|
|
# documentation for setup instructions, and what exactly to
|
|
# put below!
|
|
#
|
|
# Service name is an arbitrary tag that is attached to any
|
|
# data sent, used to distinguish different sources. Useful
|
|
# for sending prod and dev metrics to the same place and
|
|
# keeping them separate, for instance!
|
|
|
|
# API endpoint for your provider
|
|
OTEL_EXPORTER_OTLP_ENDPOINT=
|
|
# Any headers required, usually authentication info
|
|
OTEL_EXPORTER_OTLP_HEADERS=
|
|
# Service name to identify your app
|
|
OTEL_SERVICE_NAME=
|
|
|
|
# Set HTTP_X_FORWARDED_PROTO ONLY to true if you know what you are doing.
|
|
# Only use it if your proxy is "swallowing" if the original request was made
|
|
# via https. Please refer to the Django-Documentation and assess the risks
|
|
# for your instance:
|
|
# https://docs.djangoproject.com/en/3.2/ref/settings/#secure-proxy-ssl-header
|
|
HTTP_X_FORWARDED_PROTO=false
|
|
|
|
# TOTP settings
|
|
# TWO_FACTOR_LOGIN_VALIDITY_WINDOW sets the number of codes either side
|
|
# which will be accepted.
|
|
TWO_FACTOR_LOGIN_VALIDITY_WINDOW=2
|
|
TWO_FACTOR_LOGIN_MAX_SECONDS=60
|
|
|
|
# Additional hosts to allow in the Content-Security-Policy, "self" (should be DOMAIN)
|
|
# and AWS_S3_CUSTOM_DOMAIN (if used) are added by default.
|
|
# Value should be a comma-separated list of host names.
|
|
CSP_ADDITIONAL_HOSTS=
|
|
# The last number here means "megabytes"
|
|
# Increase if users are having trouble uploading BookWyrm export files.
|
|
DATA_UPLOAD_MAX_MEMORY_SIZE = (1024**2 * 100) |