# Environment Variables Template # Copy this file to .env and fill in your values # NEVER commit .env to git! # User and Group IDs (get with: id -u and id -g) PUID=1000 PGID=1000 # Timezone (list: timedatectl list-timezones) TZ=America/New_York # Server IP address SERVER_IP=192.168.1.100 # Domain Configuration DOMAIN=yourdomain.duckdns.org # Your DuckDNS domain # Directory Paths USERDIR=/opt/stacks MEDIADIR=/mnt/media # Large media files on separate drive DOWNLOADDIR=/mnt/downloads # Downloads on separate drive PROJECTDIR=/home/username/projects # DuckDNS Configuration DUCKDNS_TOKEN=your-duckdns-token DUCKDNS_SUBDOMAINS=yourdomain # Without .duckdns.org # Let's Encrypt / ACME ACME_EMAIL=your-email@example.com # Authelia Secrets (generate with: openssl rand -hex 64) AUTHELIA_JWT_SECRET=your-jwt-secret-here-64-chars AUTHELIA_SESSION_SECRET=your-session-secret-here-64-chars AUTHELIA_STORAGE_ENCRYPTION_KEY=your-encryption-key-here-64-chars # SMTP for Authelia Notifications (optional) SMTP_USERNAME=your-email@example.com SMTP_PASSWORD=your-smtp-password # VPN Configuration (Surfshark) # Get WireGuard details from Surfshark dashboard SURFSHARK_PRIVATE_KEY=your-wireguard-private-key SURFSHARK_ADDRESSES=10.14.0.2/16 VPN_COUNTRY=Netherlands # Preferred VPN server location # Alternative: OpenVPN credentials (if not using WireGuard) # SURFSHARK_USERNAME=your-surfshark-username # SURFSHARK_PASSWORD=your-surfshark-password # Plex Configuration PLEX_CLAIM=claim-xxxxxxxxxx # Monitoring Passwords GRAFANA_ADMIN_PASSWORD=changeme # Code Server Passwords CODE_SERVER_PASSWORD=changeme CODE_SERVER_SUDO_PASSWORD=changeme # Database Credentials POSTGRES_USER=postgres POSTGRES_PASSWORD=changeme POSTGRES_DB=homelab PGADMIN_EMAIL=admin@example.com PGADMIN_PASSWORD=changeme # Jupyter Token JUPYTER_TOKEN=changeme # Pi-hole PIHOLE_PASSWORD=changeme # Watchtower Notifications (optional) # WATCHTOWER_NOTIFICATION_URL= # Cloudflare API (optional, for DNS challenge) # CF_DNS_API_TOKEN=your-cloudflare-api-token # Add your own variables below