-
Notifications
You must be signed in to change notification settings - Fork 4
/
.env.sample
84 lines (72 loc) · 3.23 KB
/
.env.sample
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
DSUITE_TLD=com
DSUITE_DOMAIN=example
DSUITE_FULL_DOMAIN=${DSUITE_DOMAIN}.${DSUITE_TLD}
DRONE_RPC_SECRET=<drone secret>
DRONE_SERVER_HOST=ci.${DSUITE_FULL_DOMAIN}
DRONE_SERVER_PROTO=https
DRONE_GITEA_SERVER=https://code.${DSUITE_FULL_DOMAIN}
# generate them by creating a OAuth app on gitea
# go to https://${DRONE_GITEA_SERVER}/user/settings/applications
# and add a new OAuth app with the url: ${DRONE_GITEA_SERVER}/login
DRONE_GITEA_CLIENT_ID=<oauth client id>
DRONE_GITEA_CLIENT_SECRET=<oauth client secret>
DRONE_RUNNER_CAPACITY=2
DRONE_RUNNER_NAME=drone-runner-1
LDAP_HOST=ldap
LDAP_PORT=389
LDAP_URL=ldaps://${LDAP_HOST}:${LDAP_PORT}/
LDAP_BASE_DN=ou=people,dc=multiverse
LDAP_LOGIN_ATTR=uid
LDAP_ORGANIZATION=Multiverse
LDAP_DOMAIN=multiverse
LDAP_ADMIN_PASSWORD=<ldap password>
LDAP_CONFIG_PASSWORD=<ldap config password>
# The ip/hostname in the docker network: the ldap service name
PHPLDAPADMIN_LDAP_HOSTS=ldap
PHPLDAPADMIN_SERVER_ADMIN=<ldap admin password>
LDAPWEB_BASEDN=${LDAP_BASE_DN}
LDAPWEB_USERFILTER_TEMPLATE=(&(uid=%s)(objectClass=posixAccount))
LDAPWEB_DN_TEMPLATE=uid=%s,ou=people,dc=multiverse
NEXTCLOUD_ADMIN_USER=<nextcloud local admin user>
NEXTCLOUD_ADMIN_PASSWORD=<nextcloud local admin password>
MYSQL_ROOT_PASSWORD=<nextcloud root password>
MYSQL_DATABASE=nextcloud
MYSQL_USER=nextcloud
MYSQL_PASSWORD=<nextcloud user password>
ENABLE_SPAMASSASSIN=1
ENABLE_CLAMAV=1
# fail2ban disabled at first as it could hinder you setting it up at first
ENABLE_FAIL2BAN=0
ENABLE_POSTGREY=1
ENABLE_SASLAUTHD=1
ENABLE_LDAP=1
SSL_TYPE=letsencrypt
ONE_DIR=1
DMS_DEBUG=1
LDAP_SEARCH_BASE=${LDAP_BASE_DN}
LDAP_BIND_DN=cn=mailacct,ou=apps,dc=${DSUITE_DOMAIN},dc=${DSUITE_TLD},dc=multiverse
LDAP_BIND_PW=<ldap mail account password>
LDAP_QUERY_FILTER_USER=(&(mail=%s)(memberof=cn=mail,ou=apps,dc=${DSUITE_DOMAIN},dc=${DSUITE_TLD},dc=multiverse))
LDAP_QUERY_FILTER_GROUP=(&(mailGroupMember=%s)(memberof=cn=mail,ou=apps,dc=${DSUITE_DOMAIN},dc=${DSUITE_TLD},dc=multiverse))
LDAP_QUERY_FILTER_ALIAS=(&(mailAlias=%s)(memberof=cn=mail,ou=apps,dc=${DSUITE_DOMAIN},dc=${DSUITE_TLD},dc=multiverse))
LDAP_QUERY_FILTER_DOMAIN=(&(|(mail=*@%s)(mailalias=*@%s))(memberof=cn=mail,ou=apps,dc=${DSUITE_DOMAIN},dc=${DSUITE_TLD},dc=multiverse))
DOVECOT_PASS_FILTER=(&(objectClass=inetOrgPerson)(mail=%u)(memberof=cn=mail,ou=apps,dc=${DSUITE_DOMAIN},dc=${DSUITE_TLD},dc=multiverse))
DOVECOT_USER_FILTER=(&(objectClass=inetOrgPerson)(mail=%u)(memberof=cn=mail,ou=apps,dc=${DSUITE_DOMAIN},dc=${DSUITE_TLD},dc=multiverse))
DOVECOT_USER_ATTRS=homeDirectory=home
SASLAUTHD_MECHANISMS=ldap
SASLAUTHD_LDAP_SERVER=${LDAP_HOST}
SASLAUTHD_LDAP_SEARCH_BASE=${LDAP_BASE_DN}
SASLAUTHD_LDAP_BIND_DN=${LDAP_BIND_DN}
SASLAUTHD_LDAP_PASSWORD=${LDAP_BIND_PW}
SASLAUTHD_LDAP_FILTER=(&(objectClass=inetOrgPerson)(mail=%U@%r)(memberof=cn=mail,ou=apps,dc=${DSUITE_DOMAIN},dc=${DSUITE_TLD},dc=multiverse))
POSTMASTER_ADDRESS=postmaster@${DSUITE_FULL_DOMAIN}
# backup via restic/bivac
RESTIC_PASSWORD=<restic password>
BIVAC_SERVER_PSK=<bivac server PSK>
# we don't backup the bivac volume itself
BIVAC_VOLUMES_BLACKLIST=dsuite_bivac-data
#BIVAC_TARGET_URL=s3://host/bucket
#BIVAC_TARGET_URL=sftp://user@host:port//bucket
BIVAC_TARGET_URL=/backup
AWS_ACCESS_KEY_ID=<aws access key id>
AWS_SECRET_ACCESS_KEY=<aws secret access key>