.env

COMPOSE_PROJECT_NAME=ps
COMPOSE_FILE=docker-compose.yml
COMPOSE_PROFILES=databox,expose,notify,uploader,db,report,tools,mailhog,dashboard,soketi

# Leave empty if 443, include ':' otherwise
HTTPS_PORT_PREFIX=${HTTPS_PORT_PREFIX:-}
TRAEFIK_HTTPS_PORT=443
TRAEFIK_HTTP_PORT=80
TRAEFIK_PROVIDERS_FILE_FILENAME=/etc/traefik/dynamic_conf.yaml

# Generate: echo $(htpasswd -nb admin <password-here>)
# gG2dLohfNrfcSeRHivm3
ADMIN_BASIC_AUTH_USER='admin:$apr1$NQnkSxTR$EvypdHPASANYEW5F4et7a/'

# Lets encrypt
LETS_ENCRYPT_ENABLED=
LETS_ENCRYPT_CONTACT_EMAIL=contact@acme.com
LETS_ENCRYPT_PROVIDER=
#LETS_ENCRYPT_CA_SERVER=https://acme-v02.api.letsencrypt.org/directory
LETS_ENCRYPT_CA_SERVER=https://acme-staging-v02.api.letsencrypt.org/directory

PHRASEA_DOMAIN="${PHRASEA_DOMAIN:-phrasea.local}"
DASHBOARD_CLIENT_URL=https://dashboard.${PHRASEA_DOMAIN}${HTTPS_PORT_PREFIX}
S3_ENDPOINT=https://minio.${PHRASEA_DOMAIN}${HTTPS_PORT_PREFIX}
UPLOADER_API_URL=https://api-uploader.${PHRASEA_DOMAIN}${HTTPS_PORT_PREFIX}
EXPOSE_API_URL=https://api-expose.${PHRASEA_DOMAIN}${HTTPS_PORT_PREFIX}
DATABOX_API_URL=https://api-databox.${PHRASEA_DOMAIN}${HTTPS_PORT_PREFIX}
NOTIFY_API_URL=https://api-notify.${PHRASEA_DOMAIN}${HTTPS_PORT_PREFIX}
DATABOX_CLIENT_URL=https://databox.${PHRASEA_DOMAIN}${HTTPS_PORT_PREFIX}
EXPOSE_CLIENT_URL=https://expose.${PHRASEA_DOMAIN}${HTTPS_PORT_PREFIX}
UPLOADER_CLIENT_URL=https://uploader.${PHRASEA_DOMAIN}${HTTPS_PORT_PREFIX}
ZIPPY_URL=https://zippy.${PHRASEA_DOMAIN}${HTTPS_PORT_PREFIX}
MINIO_CONSOLE_URL=https://minio-console.${PHRASEA_DOMAIN}${HTTPS_PORT_PREFIX}
MAILHOG_URL=https://mailhog.${PHRASEA_DOMAIN}${HTTPS_PORT_PREFIX}
PGADMIN_URL=https://pgadmin.${PHRASEA_DOMAIN}${HTTPS_PORT_PREFIX}
PHPMYADMIN_URL=https://pma.${PHRASEA_DOMAIN}${HTTPS_PORT_PREFIX}
RABBITMQ_CONSOLE_URL=https://rabbitmq-console.${PHRASEA_DOMAIN}${HTTPS_PORT_PREFIX}
TRAEFIK_CONSOLE_URL=https://traefik-console.${PHRASEA_DOMAIN}${HTTPS_PORT_PREFIX}
SOKETI_USAGE_URL=https://soketi-usage.${PHRASEA_DOMAIN}${HTTPS_PORT_PREFIX}/usage
ELASTICHQ_URL=https://elastichq.${PHRASEA_DOMAIN}${HTTPS_PORT_PREFIX}
DATABOX_INDEXER_URL=https://databox-indexer.${PHRASEA_DOMAIN}${HTTPS_PORT_PREFIX}

DATABOX_WORKER_REPLICAS=1
EXPOSE_WORKER_REPLICAS=1
NOTIFY_WORKER_REPLICAS=1
UPLOADER_WORKER_REPLICAS=1

REPORT_API_URL=http://report-api

REGISTRY_NAMESPACE=alchemyfr/ps-
# Docker image TAG (used only for deployment)
DOCKER_TAG=latest

# App globals
# Symfony env var
APP_ENV=prod
# Enables some features for debugging applications
DEV_MODE=false

# Dashboard
DASHBOARD_CLIENT_ID=dashboard-app
DISPLAY_SERVICES_MENU=true

# Minio
MINIO_CONSOLE_PORT=8111
S3_USE_PATH_STYLE_ENDPOINT=true
S3_ACCESS_KEY=__CHANGE_ME_LDb7v4BfKXE5vTnslDvNyeWMlMmi
S3_SECRET_KEY=__CHANGE_ME_ZFA0x96WHJztksXrKUHYUA
# Can be used to support a single CloudFront distribution with multiple origins
S3_PATH_PREFIX=
S3_REGION=eu-west-3

# Auto redirect to identity provider when coming from a client app
AUTO_CONNECT_IDP=

# Databox
DATABOX_S3_BUCKET_NAME=databox
DATABOX_REQUEST_SIGNATURE_TTL=3600
DATABOX_UPLOADER_TARGET_SLUG=databox-uploader
DATABOX_RABBITMQ_VHOST=databox

DATABOX_CLOUD_FRONT_URL=
DATABOX_CLOUD_FRONT_REGION=eu-west-3
DATABOX_CLOUD_FRONT_PRIVATE_KEY=
DATABOX_CLOUD_FRONT_KEY_PAIR_ID=
DATABOX_CLOUD_FRONT_TTL=86400

DATABOX_SECRETS_PUBLIC_KEY=j0J1OtLTd78OVhVMEQwd+98EusYkAdN8VNhHIENLlWI=
DATABOX_SECRETS_SECRET_KEY=Y6cqN347d5ShtLCmR3DGE+A2Z+SBw4S1wOTTFrISF3M=

# OAuth client ID for Databox service
DATABOX_CLIENT_ID=databox-app

# Uploader
# OAuth client ID
UPLOADER_CLIENT_ID=uploader-app
ASSET_CONSUMER_COMMIT_URI=http://localhost:9999/api/v1/upload/enqueue/
ASSET_CONSUMER_ACCESS_TOKEN=define-me
UPLOADER_S3_BUCKET_NAME=uploader-deposit
UPLOADER_REQUEST_SIGNATURE_TTL=600
UPLOADER_DELETE_ASSET_GRACEFUL_TIME=30
UPLOADER_RABBITMQ_VHOST=uploader
UPLOADER_ALLOWED_FILE_TYPES='image/*(.jpg,.jpeg,.bmp,.tif,.gif,.png,.heic,.webp,.svg),application/*(.pdf,.doc,.docx,.xls,.xlsx,.odt),video/*(.mpg,.mpeg,.mov,.avi,.mp3,.mp2,.mp4,.m4v,.m4a,.mkv,.hevc)audio/*(.aac,.aiff,.wav)'

# For admin OAuth clients
EXPOSE_ADMIN_CLIENT_ID=expose-admin
EXPOSE_ADMIN_CLIENT_SECRET=__CHANGE_ME_cli3nt_s3cr3t

UPLOADER_ADMIN_CLIENT_ID=uploader-admin
UPLOADER_ADMIN_CLIENT_SECRET=__CHANGE_ME_cli3nt_s3cr3t

NOTIFY_ADMIN_CLIENT_ID=notify-admin
NOTIFY_ADMIN_CLIENT_SECRET=__CHANGE_ME_cli3nt_s3cr3t

DATABOX_ADMIN_CLIENT_ID=databox-admin
DATABOX_ADMIN_CLIENT_SECRET=__CHANGE_ME_cli3nt_s3cr3t

KEYCLOAK_URL="${KEYCLOAK_URL:-https://keycloak.$PHRASEA_DOMAIN$HTTPS_PORT_PREFIX}"
KEYCLOAK_REALM_NAME="${KEYCLOAK_REALM_NAME:-phrasea}"

# Expose
# OAuth client ID for Expose service
EXPOSE_CLIENT_ID=expose-app
EXPOSE_S3_BUCKET_NAME=expose
EXPOSE_REQUEST_SIGNATURE_TTL=3600
EXPOSE_SIDEBAR_DEFAULT_OPEN=true
EXPOSE_CLIENT_LOGO_URL=
EXPOSE_CLIENT_LOGO_ALT=
EXPOSE_CLOUD_FRONT_URL=
EXPOSE_RABBITMQ_VHOST=expose
EXPOSE_CLOUD_FRONT_REGION=eu-west-3
EXPOSE_CLOUD_FRONT_PRIVATE_KEY=
EXPOSE_CLOUD_FRONT_KEY_PAIR_ID=
EXPOSE_CLOUD_FRONT_TTL=86400
EXPOSE_DISABLE_INDEX_PAGE=0
EXPOSE_MATOMO_SITE_ID=1

# Notify
NOTIFY_RABBITMQ_VHOST=notify

# RabbitMQ
RABBITMQ_HOST=rabbitmq
RABBITMQ_PORT=5672
RABBITMQ_USER=__CHANGE_ME_3b1wnDcU3z
RABBITMQ_PASSWORD=__CHANGE_ME_klvA23rVuZY2
RABBITMQ_SSL=false

# DB
POSTGRES_HOST=db
POSTGRES_PORT=5432
POSTGRES_USER=__CHANGE_ME_QmkpoE6I42px1
POSTGRES_PASSWORD=__CHANGE_ME_n0EQbOzeEQC1
# don't use .local in email https://github.com/pgadmin-org/pgadmin4/issues/6222
PGADMIN_DEFAULT_EMAIL=admin@phrasea.io
PGADMIN_DEFAULT_PASSWORD=__CHANGE_ME_eTRPkJOyniPHmZ
DB_DEV_PORT=5432

# Deprecated
AUTH_DB_NAME=auth

DATABOX_DB_NAME=databox
EXPOSE_DB_NAME=expose
NOTIFY_DB_NAME=notify
UPLOADER_DB_NAME=uploader

MARIADB_ROOT_PASSWORD=__CHANGE_ME_9s0EQbeEn0EQbQC1
MARIADB_USER=__CHANGE_ME_oBiOsCDSY
MARIADB_PASSWORD=__CHANGE_ME_pfdir56eEQC1
MARIADB_HOST=mariadb
MARIADB_PORT=3306

# Dev
MAILER_DSN=smtp://mailhog:1025
MAIL_FROM=noreply@${PHRASEA_DOMAIN}

# Configurator
CONFIGURATOR_DB_NAME=configurator
CONFIGURATOR_S3_BUCKET_NAME=static

# Mailhog
MAILHOG_PORT=8125

# Matomo
MATOMO_MYSQL_ROOT_PASSWORD=__CHANGE_ME_JDQm8ooetgjd6q8
MATOMO_DATABASE_DBNAME=matomo
MATOMO_DATABASE_USERNAME=matomo
MATOMO_DATABASE_PASSWORD=__CHANGE_ME_DyFTHnJO0smgU
MATOMO_SUPER_USER_USERNAME=admin@phrasea.local
MATOMO_SUPER_USER_PASSWORD=__CHANGE_ME_zBpJUAYDTu8

# Elasticsearch
ELASTICSEARCH_URL=http://elasticsearch:9200
ELASTICSEARCH_PORT=9200
ELASTICSEARCH_INDEX_PREFIX=

# Report
REPORT_DB_NAME=report

# Keycloak
KEYCLOAK_DB_NAME=keycloak
KEYCLOAK_ADMIN=admin
KEYCLOAK_ADMIN_PASSWORD=__CHANGE_ME_rTLDzTAFiFIQiHDm

DEFAULT_ADMIN_USERNAME=phrasea-admin
DEFAULT_ADMIN_PASSWORD=__CHANGE_ME_CAZ7B1ZP4os2kZPL

# Keycloak2
KEYCLOAK2_DB_NAME=keycloak2
KEYCLOAK2_ADMIN=admin2
KEYCLOAK2_ADMIN_PASSWORD=__CHANGE_ME_wijk8OdBY4MW4rTc

# Zippy SVC
ZIPPY_CLIENT_ID=client
ZIPPY_CLIENT_SECRET=secret

# SAML IDP Test 1
SAML_URL=https://saml-idp.${PHRASEA_DOMAIN}/simplesaml
# SAML IDP Test 2
SAML2_URL=https://saml-idp2.${PHRASEA_DOMAIN}/simplesaml

TRUSTED_PROXIES=127.0.0.1,REMOTE_ADDR
PS_SUBNET=172.30.0.0/16
PS_GATEWAY_IP=172.30.0.1

# Xdebug
XDEBUG_SESSION=PHPSTORM
XDEBUG_ENABLED=0
PS_DEBUG_SERVER_NAME_PREFIX=docker-server-

# For dev who don't have SSH_AUTH_SOCK (avoid an empty volume name)
SSH_AUTH_SOCK=/dev/null

MAPBOX_TOKEN=define-me

UPLOAD_MAX_FILE_SIZE=4G

# Report ELK
ELK_VERSION=7.11.2

VERIFY_SSL=true

PHRASEANET_DOMAIN="${PHRASEANET_DOMAIN:-phraseanet.$PHRASEA_DOMAIN}"
PHRASEANET_URL=https://${PHRASEANET_DOMAIN}
PHRASEANET_VERIFY_SSL=true
PHRASEANET_APP_OAUTH_TOKEN=define-me

# Indexer
INDEXER_DATABOX_CLIENT_ID=indexer
INDEXER_DATABOX_CLIENT_SECRET=__CHANGE_ME_ad9m88kd8rih5
INDEXER_DATABOX_WORKSPACE_SLUG=
INDEXER_DATABOX_OWNER_ID=
INDEXER_DATABOX_CONCURRENCY=3
INDEXER_WATCH_DIR=/fs-watch
INDEXER_WATCH_DIR_PREFIX=fs
INDEXER_WATCH_SOURCE_DIR=./tmp
INDEXER_BUCKET_NAME=test-indexer
INDEXER_PHRASEANET_DATABOX=
INDEXER_PHRASEANET_COLLECTIONS=
INDEXER_PHRASEANET_SEARCH_QUERY=
INDEXER_PHRASEANET_SEARCH_ORDER=created_on,asc
INDEXER_CONFIG_FILE=config.json
INDEXER_IMPORT_FILES=0
INDEXER_RECORDS_COLLECTION_PATH=/
INDEXER_STORIES_COLLECTION_PATH=/stories

# Letsencrypt providers
LEGO_GANDIV5_API_KEY=
LEGO_OVH_ENDPOINT=ovh-eu
LEGO_OVH_APPLICATION_KEY=
LEGO_OVH_APPLICATION_SECRET=
LEGO_OVH_CONSUMER_KEY=
# route53
LEGO_AWS_ACCESS_KEY_ID=
LEGO_AWS_SECRET_ACCESS_KEY=
LEGO_AWS_REGION=
LEGO_AWS_HOSTED_ZONE_ID=
LEGO_AWS_ASSUME_ROLE_ARN=
LEGO_AWS_PROFILE=
LEGO_AWS_SDK_LOAD_CONFIG=

NEWRELIC_ENABLED=0
NEWRELIC_LICENSE_KEY=

PHP_SENTRY_DSN=
CLIENT_SENTRY_DSN=
SENTRY_ENVIRONMENT=prod
SENTRY_RELEASE=unknown

SOKETI_APP_ID=phrasea
SOKETI_KEY=__CHANGE_ME_hJBgAG4vnPrT58Ty
SOKETI_SECRET=__CHANGE_ME_A8PRgk5qpfLxkfLU