84 lines
3.1 KiB
Bash
84 lines
3.1 KiB
Bash
# Nextcloud
|
|
NEXTCLOUD_PORT=8080
|
|
NEXTCLOUD_ADMIN_USER=admin
|
|
NEXTCLOUD_ADMIN_PASSWORD=admin123
|
|
NEXTCLOUD_TRUSTED_DOMAINS=localhost 127.0.0.1 app
|
|
|
|
# PostgreSQL
|
|
POSTGRES_DB=nextcloud
|
|
POSTGRES_USER=nextcloud
|
|
POSTGRES_PASSWORD=nextcloudpass
|
|
|
|
# Redis
|
|
REDIS_PORT=6379
|
|
|
|
# Broker PostgreSQL
|
|
BROKER_DB_NAME=qortal_broker
|
|
BROKER_DB_USER=qortal_broker
|
|
BROKER_DB_PASSWORD=qortal_brokerpass
|
|
|
|
# Broker service
|
|
BROKER_PORT=3000
|
|
NEXTCLOUD_BASE_URL=http://app
|
|
# Optional: public URL reachable by the browser (used for logo assets on the broker login page).
|
|
NEXTCLOUD_PUBLIC_URL=http://localhost:8080
|
|
NEXTCLOUD_SERVICE_USER=admin
|
|
NEXTCLOUD_SERVICE_PASSWORD=admin123
|
|
BROKER_DATABASE_URL=postgresql://qortal_broker:qortal_brokerpass@broker_db:5432/qortal_broker
|
|
BROKER_INTERNAL_API_TOKEN=
|
|
# Optional comma-separated browser origins allowed for broker CORS (internal server-to-server calls do not use CORS).
|
|
BROKER_CORS_ALLOWED_ORIGINS=
|
|
# If using bundled External Auth (profile external-auth), set to http://external_auth:3191
|
|
QORTAL_EXTERNAL_AUTH_BASE_URL=http://gateway.docker.internal:3191
|
|
QORTAL_EXTERNAL_AUTH_APP_ID=
|
|
QORTAL_EXTERNAL_AUTH_APP_SECRET=
|
|
OIDC_ISSUER=http://broker:3000
|
|
OIDC_CLIENT_ID=nextcloud-local
|
|
OIDC_CLIENT_SECRET=dev-secret
|
|
OIDC_REDIRECT_URI_ALLOWLIST=http://localhost:8080/apps/user_oidc/code
|
|
OIDC_POLICY_MODE=link_only
|
|
OIDC_AUTO_PROVISION_GUARD=invite_or_allowlist
|
|
OIDC_INVITE_TTL_SECONDS=604800
|
|
OIDC_AUTH_REQUEST_TTL_SECONDS=600
|
|
OIDC_AUTH_CODE_TTL_SECONDS=120
|
|
OIDC_ACCESS_TOKEN_TTL_SECONDS=600
|
|
OIDC_ID_TOKEN_TTL_SECONDS=600
|
|
# Optional: override the logo shown on the OIDC login page.
|
|
# Defaults to ${NEXTCLOUD_BASE_URL}/apps/qortal_integration/img/QORT-logo-512.png
|
|
# OIDC_LOGIN_LOGO_URL=
|
|
# Optional: provide a persistent PEM key to avoid rotating signing keys on broker restarts.
|
|
# OIDC_PRIVATE_KEY_PEM=
|
|
# Optional: set a stable key ID if you provide your own key.
|
|
# OIDC_KEY_ID=
|
|
|
|
# External Auth container (optional)
|
|
EXTERNAL_AUTH_CONTEXT=../Qortal-External-Auth
|
|
EXTERNAL_AUTH_DOCKERFILE=Dockerfile
|
|
EXTERNAL_AUTH_PORT=3191
|
|
|
|
# Bundled Qortal node container (default)
|
|
QORTAL_NODE_CONTEXT=../qortal
|
|
QORTAL_NODE_DOCKERFILE=Dockerfile
|
|
QORTAL_NODE_GATEWAY_BIND_HOST=127.0.0.1
|
|
# Keep gateway as API-1 (e.g. 22391 -> 22390).
|
|
QORTAL_NODE_GATEWAY_HOST_PORT=12390
|
|
QORTAL_NODE_API_BIND_HOST=127.0.0.1
|
|
# Auto-selection script chooses API host port first.
|
|
QORTAL_NODE_API_HOST_PORT=12391
|
|
QORTAL_NODE_P2P_BIND_HOST=0.0.0.0
|
|
# Keep P2P as API+1 (e.g. 22391 -> 22392).
|
|
QORTAL_NODE_P2P_HOST_PORT=12392
|
|
QORTAL_NODE_QDN_BIND_HOST=0.0.0.0
|
|
# Keep QDN data as API+3 (e.g. 22391 -> 22394).
|
|
QORTAL_NODE_QDN_HOST_PORT=12394
|
|
|
|
# External Auth -> Qortal node URL (internal Docker network by default)
|
|
QORTAL_AUTH_NODE_URL=http://qortal_node:12391
|
|
# Optional Qortal node API key for external-auth when node restricts endpoints.
|
|
QORTAL_AUTH_NODE_API_KEY=
|
|
# auto: external-auth decides when header is required, paths: enforce for configured paths.
|
|
QORTAL_AUTH_NODE_API_KEY_MODE=auto
|
|
# If auto misses key-protected routes on your node, set mode=paths.
|
|
# Recommended path list when mode=paths (includes list endpoints used by Q-Apps).
|
|
QORTAL_AUTH_NODE_API_KEY_PATHS=/admin/,/transactions/process,/arbitrary/,/lists/
|