-
Notifications
You must be signed in to change notification settings - Fork 5
Expand file tree
/
Copy path.env.example
More file actions
63 lines (49 loc) · 2.07 KB
/
.env.example
File metadata and controls
63 lines (49 loc) · 2.07 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
# =============================================================================
# usulnet — Environment Configuration
# =============================================================================
#
# Setup:
# cp .env.example .env
# nano .env # change ALL values marked CHANGE_ME
# docker compose up -d
#
# =============================================================================
# =============================================================================
# REQUIRED — Change these before starting
# =============================================================================
# PostgreSQL password
# Generate: openssl rand -base64 24 | tr -dc 'a-zA-Z0-9' | head -c 32
DB_PASSWORD=CHANGE_ME_GENERATE_RANDOM_PASSWORD
# JWT secret for authentication tokens (64 hex characters)
# Generate: openssl rand -hex 32
JWT_SECRET=CHANGE_ME_GENERATE_WITH_OPENSSL_RAND_HEX_32
# Encryption key for sensitive data at rest (64 hex characters)
# Generate: openssl rand -hex 32
ENCRYPTION_KEY=CHANGE_ME_GENERATE_WITH_OPENSSL_RAND_HEX_32
# =============================================================================
# Optional — Defaults work for most deployments
# =============================================================================
# usulnet image tag
USULNET_VERSION=latest
# Operation mode: master | agent
USULNET_MODE=master
# Exposed ports (usulnet app)
USULNET_HTTP_PORT=8080
USULNET_HTTPS_PORT=7443
# Nginx reverse proxy ports
NGINX_HTTP_PORT=80
NGINX_HTTPS_PORT=443
# Nginx ACME email for Let's Encrypt certificates (required for SSL)
# USULNET_NGINX_ACME_EMAIL=admin@example.com
# Database
DB_USER=usulnet
DB_NAME=usulnet
# Host terminal (web terminal into the Docker host via nsenter)
HOST_TERMINAL_ENABLED=true
HOST_TERMINAL_USER=nobody_usulnet
# =============================================================================
# Agent — Only needed with --profile agent
# =============================================================================
# Token the agent uses to authenticate with the master
# Generate: openssl rand -hex 32
# AGENT_TOKEN=CHANGE_ME