# You can leave this on "local". If you change it to production most console commands will ask for extra confirmation. # Never set it to "testing". APP_ENV=local # Set to true if you want to see debug information in error screens. APP_DEBUG=false # This should be your email address. # If you use Docker or similar, you can set this variable from a file by using SITE_OWNER_FILE SITE_OWNER=mail@example.com # The encryption key for your sessions. Keep this very secure. # Change it to a string of exactly 32 chars or use something like `php artisan key:generate` to generate it. # If you use Docker or similar, you can set this variable from a file by using APP_KEY_FILE APP_KEY=SomeRandomStringOf32CharsExactly # Firefly III will launch using this language (for new users and unauthenticated visitors) # For a list of available languages: https://github.com/firefly-iii/firefly-iii/tree/main/resources/lang # # If text is still in English, remember that not everything may have been translated. DEFAULT_LANGUAGE=en_US # The locale defines how numbers are formatted. # by default this value is the same as whatever the language is. DEFAULT_LOCALE= # Change this value to your preferred time zone. # Example: Europe/Amsterdam # For a list of supported time zones, see https://en.wikipedia.org/wiki/List_of_tz_database_time_zones TZ=Europe/Amsterdam # TRUSTED_PROXIES is a useful variable when using Docker and/or a reverse proxy. # Set it to ** and reverse proxies work just fine. TRUSTED_PROXIES=** # The log channel defines where your log entries go to. # Several other options exist. You can use 'single' for one big fat error log (not recommended). # Also available are 'syslog', 'errorlog' and 'stdout' which will log to the system itself. # A rotating log option is 'daily', creates 5 files that (surprise) rotate. # Default setting 'stack' will log to 'daily' and to 'stdout' at the same time. # - Docker + versions <= 4.8.1.8 and before: use "stdout" # - Docker + versions > 4.8.1.8 : use "docker_out" # - Docker + versions >= 5.1.1 : use "stack" # - For everything else (als not Docker) : use 'stack' LOG_CHANNEL=stack # Log level. You can set this from least severe to most severe: # debug, info, notice, warning, error, critical, alert, emergency # If you set it to debug your logs will grow large, and fast. If you set it to emergency probably # nothing will get logged, ever. APP_LOG_LEVEL=notice # Database credentials. Make sure the database exists. I recommend a dedicated user for Firefly III # For other database types, please see the FAQ: https://docs.firefly-iii.org/support/faq # If you use Docker or similar, you can set these variables from a file by appending them with _FILE # Use "pgsql" for PostgreSQL # Use "mysql" for MySQL and MariaDB. # Use "sqlite" for SQLite. DB_CONNECTION=pgsql DB_HOST=db DB_PORT=5432 DB_DATABASE=firefly DB_USERNAME=firefly DB_PASSWORD=firefly # MySQL supports SSL. You can configure it here. # If you use Docker or similar, you can set these variables from a file by appending them with _FILE MYSQL_USE_SSL=false MYSQL_SSL_VERIFY_SERVER_CERT=true # You need to set at least of these options MYSQL_SSL_CAPATH=/etc/ssl/certs/ MYSQL_SSL_CA= MYSQL_SSL_CERT= MYSQL_SSL_KEY= MYSQL_SSL_CIPHER= # PostgreSQL supports SSL. You can configure it here. # If you use Docker or similar, you can set these variables from a file by appending them with _FILE # We don't need to configure this, as this setup will be run behind Nginx PGSQL_SSL_MODE=prefer PGSQL_SSL_ROOT_CERT=null PGSQL_SSL_CERT=null PGSQL_SSL_KEY=null PGSQL_SSL_CRL_FILE=null # If you're looking for performance improvements, you could install memcached. CACHE_DRIVER=redis SESSION_DRIVER=redis # If you set either of these to 'redis', you might want to update these settings too # If you use Docker or similar, you can set REDIS_HOST_FILE, REDIS_PASSWORD_FILE or # REDIS_PORT_FILE to set the value from a file instead of from an environment variable # can be tcp, unix or http REDIS_SCHEME=tcp # use only when using 'unix' for REDIS_SCHEME. Leave empty otherwise. REDIS_PATH= # use only when using 'tcp' or 'http' for REDIS_SCHEME. Leave empty otherwise. REDIS_HOST=redis REDIS_PORT=6379 REDIS_PASSWORD=null # always use quotes and make sure redis db "0" and "1" exists. Otherwise change accordingly. REDIS_DB="0" REDIS_CACHE_DB="1" # Cookie settings. Should not be necessary to change these. # If you use Docker or similar, you can set COOKIE_DOMAIN_FILE to set # the value from a file instead of from an environment variable COOKIE_PATH="/" COOKIE_DOMAIN= COOKIE_SECURE=false # If you want Firefly III to mail you, update these settings # For instructions, see: https://docs.firefly-iii.org/advanced-installation/email # If you use Docker or similar, you can set these variables from a file by appending them with _FILE MAIL_MAILER=log MAIL_HOST=null MAIL_PORT=2525 MAIL_FROM=changeme@example.com MAIL_USERNAME=null MAIL_PASSWORD=null MAIL_ENCRYPTION=null # Other mail drivers: # If you use Docker or similar, you can set these variables from a file by appending them with _FILE MAILGUN_DOMAIN= MAILGUN_SECRET= # If you are on EU region in mailgun, use api.eu.mailgun.net, otherwise use api.mailgun.net # If you use Docker or similar, you can set this variable from a file by appending it with _FILE MAILGUN_ENDPOINT=api.mailgun.net # If you use Docker or similar, you can set these variables from a file by appending them with _FILE MANDRILL_SECRET= SPARKPOST_SECRET= # Firefly III can send you the following messages SEND_REGISTRATION_MAIL=true SEND_ERROR_MESSAGE=true SEND_LOGIN_NEW_IP_WARNING=true # These messages contain (sensitive) transaction information: SEND_REPORT_JOURNALS=true # Set a Mapbox API key here (see mapbox.com) so there might be a map available at various places. # If you use Docker or similar, you can set this variable from a file by appending it with _FILE MAPBOX_API_KEY= # The map will default to this location: MAP_DEFAULT_LAT=51.983333 MAP_DEFAULT_LONG=5.916667 MAP_DEFAULT_ZOOM=6 # Firefly III has two options for user authentication. "eloquent" is the default, # and "ldap" for LDAP servers. # For full instructions on these settings please visit: # https://docs.firefly-iii.org/advanced-installation/authentication # If you use Docker or similar, you can set this variable from a file by appending it with _FILE LOGIN_PROVIDER=eloquent # It's also possible to change the way users are authenticated. You could use Authelia for example. # Authentication via the REMOTE_USER header is supported. Change the value below to "remote_user_guard". # # This will also allow Windows SSO. # # If you do this please read the documentation for instructions and warnings: # https://docs.firefly-iii.org/advanced-installation/authentication # # This function is available in Firefly III v5.3.0 and higher. AUTHENTICATION_GUARD=web # If the guard is changed, Firefly III uses the 'REMOTE_USER' header as per RFC 3875. # You can also use another header, like AUTH_USER when using Windows SSO. # Some systems use X-Auth headers. In that case, use HTTP_X_AUTH_USERNAME or HTTP_X_AUTH_EMAIL # Depending on your system, REMOTE_USER may need to be changed to HTTP_REMOTE_USER # # If this header is 'unexpectedly empty', check out the documentation. # https://docs.firefly-iii.org/advanced-installation/authentication # AUTHENTICATION_GUARD_HEADER=REMOTE_USER # # Firefly III uses email addresses as user identifiers. When you're using an external authentication guard # that doesn't do this, Firefly III is incapable of emailing you. Messages sent to "Bill Gates" always fail. # # However, if you set this value, Firefly III will store the value from this header as the user's backup # email address and use it to communicate. So user "Bill Gates" could still have # the email address "bill@microsoft.com". # # Example value: AUTHENTICATION_GUARD_EMAIL=HTTP_X_AUTH_EMAIL # AUTHENTICATION_GUARD_EMAIL= # It's impossible to log out users who's authentication is handled by an external system. # Enter a custom URL here that will force a logout (your authentication provider can tell you). # Setting this variable only works when AUTHENTICATION_GUARD != web # CUSTOM_LOGOUT_URI= # LDAP connection configuration # OpenLDAP, FreeIPA or ActiveDirectory # # If you use Docker or similar, you can set this variable from a file by appending it with _FILE ADLDAP_CONNECTION_SCHEME=OpenLDAP ADLDAP_AUTO_CONNECT=true # LDAP connection settings # You can set the following variables from a file by appending them with _FILE: # ADLDAP_CONTROLLERS, ADLDAP_PORT, ADLDAP_BASEDN ADLDAP_CONTROLLERS= ADLDAP_PORT=389 ADLDAP_TIMEOUT=5 ADLDAP_BASEDN="" ADLDAP_FOLLOW_REFFERALS=false # SSL/TLS settings ADLDAP_USE_SSL=false ADLDAP_USE_TLS=false ADLDAP_SSL_CACERTDIR= ADLDAP_SSL_CACERTFILE= ADLDAP_SSL_CERTFILE= ADLDAP_SSL_KEYFILE= ADLDAP_SSL_CIPHER_SUITE= ADLDAP_SSL_REQUIRE_CERT= # You can set the following variables from a file by appending them with _FILE: ADLDAP_ADMIN_USERNAME= ADLDAP_ADMIN_PASSWORD= # You can set the following variables from a file by appending them with _FILE: ADLDAP_ACCOUNT_PREFIX= ADLDAP_ACCOUNT_SUFFIX= # LDAP authentication settings. ADLDAP_PASSWORD_SYNC=false ADLDAP_LOGIN_FALLBACK=false ADLDAP_DISCOVER_FIELD=distinguishedname ADLDAP_AUTH_FIELD=distinguishedname # field to sync as local username. # You can set the following variable from a file by appending it with _FILE: ADLDAP_SYNC_FIELD=userprincipalname # You can disable the X-Frame-Options header if it interferes with tools like # Organizr. This is at your own risk. Applications running in frames run the risk # of leaking information to their parent frame. DISABLE_FRAME_HEADER=false # You can disable the Content Security Policy header when you're using an ancient browser # or any version of Microsoft Edge / Internet Explorer (which amounts to the same thing really) # This leaves you with the risk of not being able to stop XSS bugs should they ever surface. # This is at your own risk. DISABLE_CSP_HEADER=false # If you wish to track your own behavior over Firefly III, set valid analytics tracker information here. # Nobody uses this except for me on the demo site. But hey, feel free to use this if you want to. # Do not prepend the TRACKER_URL with http:// or https:// # The only tracker supported is Matomo. # You can set the following variables from a file by appending them with _FILE: TRACKER_SITE_ID= TRACKER_URL= # Firefly III can collect telemetry on how you use Firefly III. This is opt-in. # In order to allow this, change the following variable to true. # To read more about this feature, go to this page: https://docs.firefly-iii.org/support/telemetry SEND_TELEMETRY=false # You can fine tune the start-up of a Docker container by editing these environment variables. # Use this at your own risk. Disabling certain checks and features may result in lost of inconsistent data. # However if you know what you're doing you can significantly speed up container start times. # Set each value to true to enable, or false to disable. # Check if the SQLite database exists. Can be skipped if you're not using SQLite. # Won't significantly speed up things. DKR_CHECK_SQLITE=true # Run database creation and migration commands. Disable this only if you're 100% sure the DB exists # and is up to date. DKR_RUN_MIGRATION=true # Run database upgrade commands. Disable this only when you're 100% sure your DB is up-to-date # with the latest fixes (outside of migrations!) DKR_RUN_UPGRADE=true # Verify database integrity. Includes all data checks and verifications. # Disabling this makes Firefly III assume your DB is intact. DKR_RUN_VERIFY=true # Run database reporting commands. When disabled, Firefly III won't go over your data to report current state. # Disabling this should have no impact on data integrity or safety but it won't warn you of possible issues. DKR_RUN_REPORT=true # Generate OAuth2 keys. # When disabled, Firefly III won't attempt to generate OAuth2 Passport keys. This won't be an issue, IFF (if and only if) # you had previously generated keys already and they're stored in your database for restoration. DKR_RUN_PASSPORT_INSTALL=true # Leave the following configuration vars as is. # Unless you like to tinker and know what you're doing. APP_NAME=FireflyIII ADLDAP_CONNECTION=default BROADCAST_DRIVER=log QUEUE_DRIVER=sync CACHE_PREFIX=firefly PUSHER_KEY= PUSHER_SECRET= PUSHER_ID= DEMO_USERNAME= DEMO_PASSWORD= IS_HEROKU=false FIREFLY_III_LAYOUT=v1 # # If you have trouble configuring your Firefly III installation, DON'T BOTHER setting this variable. # It won't work. It doesn't do ANYTHING. Don't believe the lies you read online. I'm not joking. # This configuration value WILL NOT HELP. # # This variable is ONLY used in some of the emails Firefly III sends around. Nowhere else. # So when configuring anything WEB related this variable doesn't do anything. Nothing # # If you're stuck I understand you get desperate but look SOMEWHERE ELSE. # APP_URL=http://localhost