-
Notifications
You must be signed in to change notification settings - Fork 8
/
.env-dist
76 lines (62 loc) · 3.2 KB
/
.env-dist
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
NEXTCLOUD_TRAEFIK_HOST=nc.example.com
# The name of this instance. If there is only one instance, use 'default'.
NEXTCLOUD_INSTANCE=
# Docker image
NEXTCLOUD_IMAGE=nextcloud:apache
## Make secure passphrases: openssl rand -base64 45
NEXTCLOUD_DATABASE_PASSWORD=change_me_insecure_password
NEXTCLOUD_BACKUP_ENCRYPTION_PASSWORD=change_me_insecure_password
# Filter access by IP address source range (CIDR):
##Disallow all access: 0.0.0.0/32
##Allow all access: 0.0.0.0/0
NEXTCLOUD_IP_SOURCERANGE=0.0.0.0/0
# HTTP Basic Authentication:
# Use `make config` to fill this in properly, or set this to blank to disable.
NEXTCLOUD_HTTP_AUTH=
# OAUTH2
# Set to `true` to use OpenID/OAuth2 authentication via the
# traefik-forward-auth service in d.rymcg.tech.
# Using OpenID/OAuth2 will require login to access your app,
# but it will not affect what a successfully logged-in person can do in your
# app. If your app has built-in authentication and can check the user
# header that traefik-forward-auth sends, then your app can limit what the
# logged-in person can do in the app. But if your app can't check the user
# header, or if your app doesn't have built-in authentication at all, then
# any person with an account on your Gitea server can log into your app and
# have full access.
NEXTCLOUD_OAUTH2=
# In addition to Oauth2 authentication, you can configure basic authorization
# by entering which authorization group can log into your app. You create
# groups of email addresses in the `traefik` folder by running `make groups`.
NEXTCLOUD_OAUTH2_AUTHORIZED_GROUP=
# Mutual TLS (mTLS):
# Set true or false. If true, all clients must present a certificate signed by Step-CA:
NEXTCLOUD_MTLS_AUTH=false
# Enter a comma separated list of client domains allowed to connect via mTLS.
# Wildcards are allowed and encouraged on a per-app basis:
NEXTCLOUD_MTLS_AUTHORIZED_CERTS=*.clients.nextcloud.example.com
## Schedule to backup app data (not Primary Storage)
NEXTCLOUD_APP_BACKUP_SCHEDULE=@daily
## Database backup schedule:
## See https://pkg.go.dev/github.com/robfig/cron?utm_source=godoc#hdr-Predefined_schedules
NEXTCLOUD_DATABASE_BACKUP_SCHEDULE=@daily
## Delete old backup files older than this value:
NEXTCLOUD_DATABASE_BACKUP_DELETE_OLDER_THAN=3 months ago
## By default, Primary Storage is stored in the `nextcloud_data` docker volume.
## Optionally, you can store this data externally in an S3 Bucket instead.
## Values can be "Docker Volume" or "S3 Bucket"
NEXTCLOUD_PRIMARY_STORAGE=Docker Volume
## S3 Bucket for Primary Storage (these are ignored if NEXTCLOUD_PRIMARY_STORAGE=Docker Volume)
NEXTCLOUD_OBJECTSTORE_S3_HOST=s3.example.com
NEXTCLOUD_OBJECTSTORE_S3_BUCKET=your_nextcloud_bucket
NEXTCLOUD_OBJECTSTORE_S3_KEY=your_s3_access_id
NEXTCLOUD_OBJECTSTORE_S3_SECRET=your_s3_secret_key
## S3 Bucket for Backups:
NEXTCLOUD_BACKUP_S3_HOST=s3.example.com
NEXTCLOUD_BACKUP_S3_BUCKET=your_db_backup_bucket
NEXTCLOUD_BACKUP_S3_KEY=your_s3_access_id
NEXTCLOUD_BACKUP_S3_SECRET=your_s3_secret_key
## Backup container source code to build images from:
NEXTCLOUD_BACKUP_APP_GIT_SRC=https://github.com/lobaro/restic-backup-docker.git#v1.3.2
NEXTCLOUD_BACKUP_POSTGRES_GIT_SRC=https://github.com/enigmacurry/postgresql-backup-s3.git#master
NEXTCLOUD_EXTRA_VOLUME_NAME=