1dd6664968
- Reorganize OTHER OPTIONAL CONFIGURATIONS section alphabetically by service name - Improve user experience for finding specific service configurations - Add clarifying comments for Authelia admin account variables - Generalize AUTHELIA_ADMIN_PASSWORD to use DEFAULT_PASSWORD variable
144 lines
4.3 KiB
Plaintext
144 lines
4.3 KiB
Plaintext
# EZ-Homelab .env template file - Copy to .env and fill in your values
|
|
|
|
# ################################
|
|
# #### REQUIRED CONFIGURATION ####
|
|
|
|
# User and Group IDs for file permissions (get with: id -u and id -g)
|
|
PUID=1000
|
|
PGID=1000
|
|
TZ=America/New_York
|
|
|
|
# Servers configuration
|
|
SERVER_IP=192.168.1.100 # This server
|
|
SERVER_HOSTNAME=debian
|
|
|
|
# If deploying with option 3: Remote Core Server
|
|
# the REMOTE_SERVER is where the Core Stack (Traefik) is running
|
|
REMOTE_SERVER_IP=your.remote.ip.address
|
|
REMOTE_SERVER_HOSTNAME=your-remote-server
|
|
REMOTE_SERVER_USER=${DEFAULT_USER}
|
|
REMOTE_SERVER_PASSWORD=${DEFAULT_PASSWORD}
|
|
|
|
# Domain Configuration
|
|
DUCKDNS_SUBDOMAINS=yourdomain # Without .duckdns.org
|
|
DOMAIN=${DUCKDNS_SUBDOMAINS}.duckdns.org
|
|
DUCKDNS_TOKEN=your-duckdns-token
|
|
|
|
# Default credentials (used by multiple services for easier setup)
|
|
DEFAULT_USER=admin
|
|
DEFAULT_PASSWORD=changeme
|
|
DEFAULT_EMAIL=admin@example.com
|
|
|
|
# FOLDER PATHS
|
|
USERDIR=/opt/stacks # all docker-compose stacks
|
|
MEDIADIR=/mnt/media # Large media files on separate drive
|
|
DOWNLOADDIR=/mnt/downloads # Downloads on separate drive
|
|
PROJECTDIR=~/projects # User's projects folder
|
|
|
|
# ##########################################
|
|
# #### NOTEABLE OPTIONAL CONFIGURATIONS ####
|
|
|
|
# Surfshark OpenVPN (RECOMMENDED)
|
|
# Wireguard options are below and commented out
|
|
SURFSHARK_USERNAME=your-surfshark-username
|
|
SURFSHARK_PASSWORD=your-surfshark-password
|
|
VPN_SERVER_COUNTRIES=Netherlands # Preferred VPN server location
|
|
|
|
# Email credentials for services that need SMTP
|
|
SMTP_EMAIL_PASSWORD=your-email-app-password
|
|
SMTP_EMAIL_SERVER=smtp.gmail.com # change if not using Gmail
|
|
SMTP_EMAIL_PORT=587
|
|
SMTP_EMAIL_FROM=${DEFAULT_EMAIL}
|
|
SMTP_EMAIL_SECURITY=starttls
|
|
|
|
# ACME Email for Let's Encrypt certificates
|
|
ACME_EMAIL=${DEFAULT_EMAIL}
|
|
|
|
# Authelia Admin Account
|
|
# Used by ez-homelab.sh for easy deployment
|
|
# Not used by the Authelia container directly
|
|
ADMIN_EMAIL=${DEFAULT_EMAIL} # Used for admin user account
|
|
AUTHELIA_ADMIN_USER=${DEFAULT_USER}
|
|
AUTHELIA_ADMIN_EMAIL=${DEFAULT_EMAIL}
|
|
AUTHELIA_ADMIN_PASSWORD=generate-with-openssl-rand-hex-64
|
|
|
|
# SMTP for Authelia Notifications
|
|
SMTP_USERNAME=${SMTP_EMAIL_FROM}
|
|
SMTP_PASSWORD=${SMTP_EMAIL_PASSWORD}
|
|
|
|
# Let ez-homelab.sh generate these 3 unless you know what your doing
|
|
AUTHELIA_JWT_SECRET=generate-with-openssl-rand-hex-64
|
|
AUTHELIA_SESSION_SECRET=generate-with-openssl-rand-hex-64
|
|
AUTHELIA_STORAGE_ENCRYPTION_KEY=generate-with-openssl-rand-hex-64
|
|
|
|
# Surfshark WireGuard (OPTIONAL - Advanced users only)
|
|
# Get WireGuard details from Surfshark dashboard
|
|
# SURFSHARK_PRIVATE_KEY=your-wireguard-private-key
|
|
# SURFSHARK_ADDRESSES=10.14.0.2/16
|
|
|
|
# #######################################
|
|
# #### OTHER OPTIONAL CONFIGURATIONS ####
|
|
|
|
# BookStack
|
|
BOOKSTACK_DB_PASSWORD=${DEFAULT_PASSWORD}
|
|
BOOKSTACK_DB_ROOT_PASSWORD=${DEFAULT_PASSWORD}
|
|
|
|
# DATABASES - GENERAL
|
|
POSTGRES_USER=${DEFAULT_USER}
|
|
POSTGRES_PASSWORD=${DEFAULT_PASSWORD}
|
|
POSTGRES_DB=homelab
|
|
PGADMIN_EMAIL=${DEFAULT_EMAIL}
|
|
PGADMIN_PASSWORD=${DEFAULT_PASSWORD}
|
|
|
|
# Form.io
|
|
FORMIO_JWT_SECRET=${DEFAULT_PASSWORD}
|
|
FORMIO_DB_SECRET=${DEFAULT_PASSWORD}
|
|
|
|
# Gitea
|
|
GITEA_DB_PASSWORD=${DEFAULT_PASSWORD}
|
|
|
|
# GRAFANA
|
|
GRAFANA_ADMIN_PASSWORD=${DEFAULT_PASSWORD}
|
|
|
|
# Jupyter Notebook
|
|
JUPYTER_TOKEN=${DEFAULT_PASSWORD}
|
|
|
|
# MediaWiki
|
|
MEDIAWIKI_DB_PASSWORD=${DEFAULT_PASSWORD}
|
|
MEDIAWIKI_DB_ROOT_PASSWORD=${DEFAULT_PASSWORD}
|
|
|
|
# Nextcloud
|
|
NEXTCLOUD_ADMIN_USER=${DEFAULT_USER}
|
|
NEXTCLOUD_ADMIN_PASSWORD=${DEFAULT_PASSWORD}
|
|
NEXTCLOUD_DB_PASSWORD=${DEFAULT_PASSWORD}
|
|
NEXTCLOUD_DB_ROOT_PASSWORD=${DEFAULT_PASSWORD}
|
|
|
|
# Pi-hole
|
|
PIHOLE_PASSWORD=${DEFAULT_PASSWORD}
|
|
|
|
# qBittorrent
|
|
QBITTORRENT_USER=admin
|
|
QBITTORRENT_PASS=${DEFAULT_PASSWORD}
|
|
|
|
# Vaultwarden
|
|
BITWARDEN_ADMIN_TOKEN=${DEFAULT_PASSWORD}
|
|
BITWARDEN_INVITATIONS_ALLOWED=true
|
|
SMTP_HOST=${SMTP_EMAIL_SERVER}
|
|
SMTP_FROM=${SMTP_EMAIL_FROM}
|
|
SMTP_PORT=${SMTP_EMAIL_PORT}
|
|
SMTP_SECURITY=${SMTP_EMAIL_SECURITY}
|
|
|
|
# #### IMPORTANT ****************************
|
|
# #### SET TO FALSE AFTER CREATING USERS ####
|
|
BITWARDEN_SIGNUPS_ALLOWED=true
|
|
|
|
# VS Code Server
|
|
CODE_SERVER_PASSWORD=${DEFAULT_PASSWORD}
|
|
CODE_SERVER_SUDO_PASSWORD=${DEFAULT_PASSWORD}
|
|
|
|
# Watchtower Notifications (optional)
|
|
# WATCHTOWER_NOTIFICATION_URL=
|
|
|
|
# WordPress
|
|
WORDPRESS_DB_PASSWORD=${DEFAULT_PASSWORD}
|
|
WORDPRESS_DB_ROOT_PASSWORD=${DEFAULT_PASSWORD} |