blob: cf1a3bc923e928b58897c42629b4100dccda94fe (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
|
#Copyright (c) Vaughn Nugent
#Licensed under the GNU AGPLv3
version: '3.6'
services:
cmnext:
build:
context: .
image: vnuge/cmnext
container_name: cmnext
restart: unless-stopped
volumes:
- ./data:/app/data
- ./assets:/app/usr/assets:ro
#uncomment to use your own ssl certs, otherwise a build-time cert will be used
#- ./ssl/cert.pem:/app/ssl/cert.pem:ro
#- ./ssl/key.pem:/app/ssl/key.pem:ro
ports:
- 8080:8080
environment:
CHANNEL_INDEX_FILE: "channels.json" #required, should leave default unless you know what you are doing
MAX_CONTENT_LENGTH: 204800000 #200MB max upload size
MAX_LOGIN_ATTEMPS: "10" #max login attempts before user account is locked out
#SQL Config
SQL_LIB_PATH: "VNLib.Plugins.Extensions.Sql.SQLite.dll"
SQL_CONNECTION_STRING: "Data Source=data/cmnext.db;" #when using a password, simply leave the password field blank
#storage backend setup
STORAGE_TYPE: "s3" #s3 | ftp
STORAGE_CUSTOM_ASSEMBLY: "" #optional path to a custom storage assembly
STORAGE_SERVER_ADDRESS: "" #s3 or ftp server address
STORAGE_USERNAME: "" #s3 client id or ftp username
STORAGE_BUCKET: "" #s3 bucket or ftp root directory
STORAGE_USE_SSL: "true" #force ssl for connections
S3_REGION: "" #optional s3 region when using s3 storage
#HC Vault client config
#HC_VAULT_ADDR: ""
#HC_VAULT_TOKEN: ""
#HC_VAULT_TRUST_CERT: "false"
#VNCACHE (default to memory only)
CACHE_ASM_PATH: "VNLib.Data.Caching.Providers.VNCache.dll"
MEMCACHE_ONLY: "true"
REDIS_CONNECTION_STRING: ""
#at least one node required if MEMCACHE_ONLY is false
VNCACHE_INITIAL_NODES: "[]"
#SECRETS
# All secrets may be a raw value, read from a file,
# an environment variable, or a vault path
# file://mysecret.txt reads the secret from a file (case sensitive)
# env://MY_SECRET reads the secret from an environment variable (case sensitive)
# vault://kv/data/secret?secret=value reads the value of the mysecret key in the secret/data path
PASSWORD_PEPPER: "" #Must be a base64 encoded value, of realtivley any size
DATABASE_PASSWORD: "" #overrides the 'Password' field in the SQL connection string
REDIS_PASSWORD: "" #only required if using a password protected redis server
#if MEMCACHE_ONLY is false, then the following keys are required to connect to a VNCACHE cluster
VNCACHE_CLIENT_PRIVATE_KEY: ""
VNCACHE_CACHE_PUBLIC_KEY: ""
#REQUIRED s3 or ftp secret key
STORAGE_SECRET: ""
#HTTP
HTTP_DOWNSTREAM_SERVERS: '[]' #a comma separated list of downstream (proxy) server ip addresses
HTTP_TRACE_ON: "false" #enable http trace logging, requires you to set --debug to SERVER_ARGS variable below
#Very Verbose plugin logging, required --debug CLI flag, prints literally everything to the logger (it's annoying)
DEBUG_PLUGINS: "false"
SERVER_ARGS: ""
|