nomad

HCL and Docker files for Nomad deployments
git clone https://git.in0rdr.ch/nomad.git
Log | Files | Refs | Pull requests |Archive

env.production.tmpl (2380B)

      1 # https://raw.githubusercontent.com/mastodon/mastodon/main/.env.production.sample 
      2 
      3 # Federation
      4 # ----------
      5 # This identifies your server and cannot be changed safely later
      6 # ----------
      7 LOCAL_DOMAIN=m.in0rdr.ch
      8 
      9 # Redis
     10 # -----
     11 REDIS_HOST={{ env "NOMAD_IP_redis" }}
     12 REDIS_PORT={{ env "NOMAD_HOST_PORT_redis" }}
     13 
     14 # PostgreSQL
     15 # ----------
     16 DB_HOST=postgres.lan
     17 DB_USER=mastodon
     18 DB_NAME=mastodon
     19 DB_PASS="{{with secret "kv/mastodon"}}{{index .Data.data.db_password}}{{end}}"
     20 DB_PORT=5432
     21 
     22 # Secrets
     23 # -------
     24 # Make sure to use `rake secret` to generate secrets
     25 # -------
     26 SECRET_KEY_BASE={{with secret "kv/mastodon"}}{{index .Data.data.secret_key_base}}{{end}}
     27 OTP_SECRET={{with secret "kv/mastodon"}}{{index .Data.data.otp_secret}}{{end}}
     28 
     29 # Web Push
     30 # --------
     31 # Generate with `rake mastodon:webpush:generate_vapid_key`
     32 # --------
     33 VAPID_PRIVATE_KEY={{with secret "kv/mastodon"}}{{index .Data.data.vapid_private_key}}{{end}}
     34 VAPID_PUBLIC_KEY={{with secret "kv/mastodon"}}{{index .Data.data.vapid_public_key}}{{end}}
     35 
     36 # Sending mail
     37 # ------------
     38 SMTP_SERVER=smtp.mailgun.org
     39 SMTP_PORT=587
     40 SMTP_LOGIN=postmaster@sandboxbba7fd32d470463d8a79b76645b9575c.mailgun.org
     41 SMTP_PASSWORD={{with secret "kv/mastodon"}}{{index .Data.data.smtp_password}}{{end}}
     42 SMTP_FROM_ADDRESS=no-reply@m.in0rdr.ch
     43 
     44 # IP and session retention
     45 # -----------------------
     46 # Make sure to modify the scheduling of ip_cleanup_scheduler in config/sidekiq.yml
     47 # to be less than daily if you lower IP_RETENTION_PERIOD below two days (172800).
     48 # -----------------------
     49 IP_RETENTION_PERIOD=31556952
     50 SESSION_RETENTION_PERIOD=31556952
     51 
     52 # Encryption secrets
     53 # ------------------
     54 # Must be available (and set to same values) for all server processes
     55 # These are private/secret values, do not share outside hosting environment
     56 # Use `bin/rails db:encryption:init` to generate fresh secrets
     57 # Do not change these secrets once in use, as this would cause data loss and other issues
     58 # ------------------
     59 ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY={{with secret "kv/mastodon"}}{{index .Data.data.ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY}}{{end}}
     60 ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT={{with secret "kv/mastodon"}}{{index .Data.data.ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT}}{{end}}
     61 ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY={{with secret "kv/mastodon"}}{{index .Data.data.ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY}}{{end}}