Moritz
5b3eab4d5d
Documents ADMIN_EMAIL/PASSWORD, seed_admin, entrypoint; OIDC_ADMIN_GROUP_NAME, OIDC_GROUPS_CLAIM and role sync on register/sign-in.
32 lines
1.4 KiB
Text
32 lines
1.4 KiB
Text
# Production Environment Variables for docker-compose.prod.yml
|
|
# Copy this file to .env and fill in the actual values
|
|
|
|
# Required: Phoenix secrets (generate with: mix phx.gen.secret)
|
|
SECRET_KEY_BASE=changeme-run-mix-phx.gen.secret
|
|
TOKEN_SIGNING_SECRET=changeme-run-mix-phx.gen.secret
|
|
|
|
# Required: Hostname for URL generation
|
|
PHX_HOST=localhost
|
|
|
|
# Recommended: Association settings
|
|
ASSOCIATION_NAME="Sportsclub XYZ"
|
|
|
|
# Optional: Admin user (created/updated on container start via Release.seed_admin)
|
|
# In production, set these so the first admin can log in. Change password without redeploy:
|
|
# bin/mv eval "Mv.Release.seed_admin()" (with new ADMIN_PASSWORD or ADMIN_PASSWORD_FILE)
|
|
# ADMIN_EMAIL=admin@example.com
|
|
# ADMIN_PASSWORD=secure-password
|
|
# ADMIN_PASSWORD_FILE=/run/secrets/admin_password
|
|
|
|
# Optional: OIDC Configuration
|
|
# These have defaults in docker-compose.prod.yml, only override if needed
|
|
# OIDC_CLIENT_ID=mv
|
|
# OIDC_BASE_URL=http://localhost:8080/auth/v1
|
|
# OIDC_REDIRECT_URI=http://localhost:4001/auth/user/rauthy/callback
|
|
# OIDC_CLIENT_SECRET=your-rauthy-client-secret
|
|
|
|
# Optional: OIDC group → Admin role sync (e.g. Authentik groups from profile scope)
|
|
# If OIDC_ADMIN_GROUP_NAME is set, users in that group get Admin role on registration/sign-in.
|
|
# OIDC_GROUPS_CLAIM defaults to "groups" (JWT claim name for group list).
|
|
# OIDC_ADMIN_GROUP_NAME=admin
|
|
# OIDC_GROUPS_CLAIM=groups
|