331 lines
13 KiB
Bash
331 lines
13 KiB
Bash
# You can leave this on "local". If you change it to production most console commands will ask for extra confirmation.
|
|
# Never set it to "testing".
|
|
APP_ENV=local
|
|
|
|
# Set to true if you want to see debug information in error screens.
|
|
APP_DEBUG=false
|
|
|
|
# This should be your email address.
|
|
# If you use Docker or similar, you can set this variable from a file by using SITE_OWNER_FILE
|
|
SITE_OWNER=mail@example.com
|
|
|
|
# The encryption key for your sessions. Keep this very secure.
|
|
# Change it to a string of exactly 32 chars or use something like `php artisan key:generate` to generate it.
|
|
# If you use Docker or similar, you can set this variable from a file by using APP_KEY_FILE
|
|
APP_KEY=SomeRandomStringOf32CharsExactly
|
|
|
|
# Firefly III will launch using this language (for new users and unauthenticated visitors)
|
|
# For a list of available languages: https://github.com/firefly-iii/firefly-iii/tree/main/resources/lang
|
|
#
|
|
# If text is still in English, remember that not everything may have been translated.
|
|
DEFAULT_LANGUAGE=en_US
|
|
|
|
# The locale defines how numbers are formatted.
|
|
# by default this value is the same as whatever the language is.
|
|
DEFAULT_LOCALE=
|
|
|
|
# Change this value to your preferred time zone.
|
|
# Example: Europe/Amsterdam
|
|
# For a list of supported time zones, see https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
|
|
TZ=Europe/Amsterdam
|
|
|
|
# TRUSTED_PROXIES is a useful variable when using Docker and/or a reverse proxy.
|
|
# Set it to ** and reverse proxies work just fine.
|
|
TRUSTED_PROXIES=**
|
|
|
|
# The log channel defines where your log entries go to.
|
|
# Several other options exist. You can use 'single' for one big fat error log (not recommended).
|
|
# Also available are 'syslog', 'errorlog' and 'stdout' which will log to the system itself.
|
|
# A rotating log option is 'daily', creates 5 files that (surprise) rotate.
|
|
# Default setting 'stack' will log to 'daily' and to 'stdout' at the same time.
|
|
|
|
# - Docker + versions <= 4.8.1.8 and before: use "stdout"
|
|
# - Docker + versions > 4.8.1.8 : use "docker_out"
|
|
# - Docker + versions >= 5.1.1 : use "stack"
|
|
# - For everything else (als not Docker) : use 'stack'
|
|
|
|
LOG_CHANNEL=stack
|
|
|
|
# Log level. You can set this from least severe to most severe:
|
|
# debug, info, notice, warning, error, critical, alert, emergency
|
|
# If you set it to debug your logs will grow large, and fast. If you set it to emergency probably
|
|
# nothing will get logged, ever.
|
|
APP_LOG_LEVEL=notice
|
|
|
|
# Database credentials. Make sure the database exists. I recommend a dedicated user for Firefly III
|
|
# For other database types, please see the FAQ: https://docs.firefly-iii.org/support/faq
|
|
# If you use Docker or similar, you can set these variables from a file by appending them with _FILE
|
|
# Use "pgsql" for PostgreSQL
|
|
# Use "mysql" for MySQL and MariaDB.
|
|
# Use "sqlite" for SQLite.
|
|
DB_CONNECTION=pgsql
|
|
DB_HOST=db
|
|
DB_PORT=5432
|
|
DB_DATABASE=firefly
|
|
DB_USERNAME=firefly
|
|
DB_PASSWORD=firefly
|
|
|
|
# MySQL supports SSL. You can configure it here.
|
|
# If you use Docker or similar, you can set these variables from a file by appending them with _FILE
|
|
MYSQL_USE_SSL=false
|
|
MYSQL_SSL_VERIFY_SERVER_CERT=true
|
|
# You need to set at least of these options
|
|
MYSQL_SSL_CAPATH=/etc/ssl/certs/
|
|
MYSQL_SSL_CA=
|
|
MYSQL_SSL_CERT=
|
|
MYSQL_SSL_KEY=
|
|
MYSQL_SSL_CIPHER=
|
|
|
|
# PostgreSQL supports SSL. You can configure it here.
|
|
# If you use Docker or similar, you can set these variables from a file by appending them with _FILE
|
|
# We don't need to configure this, as this setup will be run behind Nginx
|
|
PGSQL_SSL_MODE=prefer
|
|
PGSQL_SSL_ROOT_CERT=null
|
|
PGSQL_SSL_CERT=null
|
|
PGSQL_SSL_KEY=null
|
|
PGSQL_SSL_CRL_FILE=null
|
|
|
|
# If you're looking for performance improvements, you could install memcached.
|
|
CACHE_DRIVER=redis
|
|
SESSION_DRIVER=redis
|
|
|
|
# If you set either of these to 'redis', you might want to update these settings too
|
|
# If you use Docker or similar, you can set REDIS_HOST_FILE, REDIS_PASSWORD_FILE or
|
|
# REDIS_PORT_FILE to set the value from a file instead of from an environment variable
|
|
|
|
# can be tcp, unix or http
|
|
REDIS_SCHEME=tcp
|
|
|
|
# use only when using 'unix' for REDIS_SCHEME. Leave empty otherwise.
|
|
REDIS_PATH=
|
|
|
|
# use only when using 'tcp' or 'http' for REDIS_SCHEME. Leave empty otherwise.
|
|
REDIS_HOST=redis
|
|
REDIS_PORT=6379
|
|
|
|
REDIS_PASSWORD=null
|
|
# always use quotes and make sure redis db "0" and "1" exists. Otherwise change accordingly.
|
|
REDIS_DB="0"
|
|
REDIS_CACHE_DB="1"
|
|
|
|
# Cookie settings. Should not be necessary to change these.
|
|
# If you use Docker or similar, you can set COOKIE_DOMAIN_FILE to set
|
|
# the value from a file instead of from an environment variable
|
|
COOKIE_PATH="/"
|
|
COOKIE_DOMAIN=
|
|
COOKIE_SECURE=false
|
|
|
|
# If you want Firefly III to mail you, update these settings
|
|
# For instructions, see: https://docs.firefly-iii.org/advanced-installation/email
|
|
# If you use Docker or similar, you can set these variables from a file by appending them with _FILE
|
|
MAIL_MAILER=log
|
|
MAIL_HOST=null
|
|
MAIL_PORT=2525
|
|
MAIL_FROM=changeme@example.com
|
|
MAIL_USERNAME=null
|
|
MAIL_PASSWORD=null
|
|
MAIL_ENCRYPTION=null
|
|
|
|
# Other mail drivers:
|
|
# If you use Docker or similar, you can set these variables from a file by appending them with _FILE
|
|
MAILGUN_DOMAIN=
|
|
MAILGUN_SECRET=
|
|
|
|
|
|
# If you are on EU region in mailgun, use api.eu.mailgun.net, otherwise use api.mailgun.net
|
|
# If you use Docker or similar, you can set this variable from a file by appending it with _FILE
|
|
MAILGUN_ENDPOINT=api.mailgun.net
|
|
|
|
# If you use Docker or similar, you can set these variables from a file by appending them with _FILE
|
|
MANDRILL_SECRET=
|
|
SPARKPOST_SECRET=
|
|
|
|
# Firefly III can send you the following messages
|
|
SEND_REGISTRATION_MAIL=true
|
|
SEND_ERROR_MESSAGE=true
|
|
SEND_LOGIN_NEW_IP_WARNING=true
|
|
|
|
# These messages contain (sensitive) transaction information:
|
|
SEND_REPORT_JOURNALS=true
|
|
|
|
# Set a Mapbox API key here (see mapbox.com) so there might be a map available at various places.
|
|
# If you use Docker or similar, you can set this variable from a file by appending it with _FILE
|
|
MAPBOX_API_KEY=
|
|
|
|
# The map will default to this location:
|
|
MAP_DEFAULT_LAT=51.983333
|
|
MAP_DEFAULT_LONG=5.916667
|
|
MAP_DEFAULT_ZOOM=6
|
|
|
|
# Firefly III has two options for user authentication. "eloquent" is the default,
|
|
# and "ldap" for LDAP servers.
|
|
# For full instructions on these settings please visit:
|
|
# https://docs.firefly-iii.org/advanced-installation/authentication
|
|
# If you use Docker or similar, you can set this variable from a file by appending it with _FILE
|
|
LOGIN_PROVIDER=eloquent
|
|
|
|
# It's also possible to change the way users are authenticated. You could use Authelia for example.
|
|
# Authentication via the REMOTE_USER header is supported. Change the value below to "remote_user_guard".
|
|
#
|
|
# This will also allow Windows SSO.
|
|
#
|
|
# If you do this please read the documentation for instructions and warnings:
|
|
# https://docs.firefly-iii.org/advanced-installation/authentication
|
|
#
|
|
# This function is available in Firefly III v5.3.0 and higher.
|
|
AUTHENTICATION_GUARD=web
|
|
|
|
# If the guard is changed, Firefly III uses the 'REMOTE_USER' header as per RFC 3875.
|
|
# You can also use another header, like AUTH_USER when using Windows SSO.
|
|
# Some systems use X-Auth headers. In that case, use HTTP_X_AUTH_USERNAME or HTTP_X_AUTH_EMAIL
|
|
# Depending on your system, REMOTE_USER may need to be changed to HTTP_REMOTE_USER
|
|
#
|
|
# If this header is 'unexpectedly empty', check out the documentation.
|
|
# https://docs.firefly-iii.org/advanced-installation/authentication
|
|
#
|
|
AUTHENTICATION_GUARD_HEADER=REMOTE_USER
|
|
|
|
#
|
|
# Firefly III uses email addresses as user identifiers. When you're using an external authentication guard
|
|
# that doesn't do this, Firefly III is incapable of emailing you. Messages sent to "Bill Gates" always fail.
|
|
#
|
|
# However, if you set this value, Firefly III will store the value from this header as the user's backup
|
|
# email address and use it to communicate. So user "Bill Gates" could still have
|
|
# the email address "bill@microsoft.com".
|
|
#
|
|
# Example value: AUTHENTICATION_GUARD_EMAIL=HTTP_X_AUTH_EMAIL
|
|
#
|
|
AUTHENTICATION_GUARD_EMAIL=
|
|
|
|
|
|
# It's impossible to log out users who's authentication is handled by an external system.
|
|
# Enter a custom URL here that will force a logout (your authentication provider can tell you).
|
|
# Setting this variable only works when AUTHENTICATION_GUARD != web
|
|
#
|
|
CUSTOM_LOGOUT_URI=
|
|
|
|
# LDAP connection configuration
|
|
# OpenLDAP, FreeIPA or ActiveDirectory
|
|
# # If you use Docker or similar, you can set this variable from a file by appending it with _FILE
|
|
ADLDAP_CONNECTION_SCHEME=OpenLDAP
|
|
ADLDAP_AUTO_CONNECT=true
|
|
|
|
# LDAP connection settings
|
|
# You can set the following variables from a file by appending them with _FILE:
|
|
# ADLDAP_CONTROLLERS, ADLDAP_PORT, ADLDAP_BASEDN
|
|
ADLDAP_CONTROLLERS=
|
|
ADLDAP_PORT=389
|
|
ADLDAP_TIMEOUT=5
|
|
ADLDAP_BASEDN=""
|
|
ADLDAP_FOLLOW_REFFERALS=false
|
|
|
|
# SSL/TLS settings
|
|
ADLDAP_USE_SSL=false
|
|
ADLDAP_USE_TLS=false
|
|
ADLDAP_SSL_CACERTDIR=
|
|
ADLDAP_SSL_CACERTFILE=
|
|
ADLDAP_SSL_CERTFILE=
|
|
ADLDAP_SSL_KEYFILE=
|
|
ADLDAP_SSL_CIPHER_SUITE=
|
|
ADLDAP_SSL_REQUIRE_CERT=
|
|
|
|
# You can set the following variables from a file by appending them with _FILE:
|
|
ADLDAP_ADMIN_USERNAME=
|
|
ADLDAP_ADMIN_PASSWORD=
|
|
|
|
# You can set the following variables from a file by appending them with _FILE:
|
|
ADLDAP_ACCOUNT_PREFIX=
|
|
ADLDAP_ACCOUNT_SUFFIX=
|
|
|
|
# LDAP authentication settings.
|
|
ADLDAP_PASSWORD_SYNC=false
|
|
ADLDAP_LOGIN_FALLBACK=false
|
|
|
|
ADLDAP_DISCOVER_FIELD=distinguishedname
|
|
ADLDAP_AUTH_FIELD=distinguishedname
|
|
|
|
# field to sync as local username.
|
|
# You can set the following variable from a file by appending it with _FILE:
|
|
ADLDAP_SYNC_FIELD=userprincipalname
|
|
|
|
# You can disable the X-Frame-Options header if it interferes with tools like
|
|
# Organizr. This is at your own risk. Applications running in frames run the risk
|
|
# of leaking information to their parent frame.
|
|
DISABLE_FRAME_HEADER=false
|
|
|
|
# You can disable the Content Security Policy header when you're using an ancient browser
|
|
# or any version of Microsoft Edge / Internet Explorer (which amounts to the same thing really)
|
|
# This leaves you with the risk of not being able to stop XSS bugs should they ever surface.
|
|
# This is at your own risk.
|
|
DISABLE_CSP_HEADER=false
|
|
|
|
# If you wish to track your own behavior over Firefly III, set valid analytics tracker information here.
|
|
# Nobody uses this except for me on the demo site. But hey, feel free to use this if you want to.
|
|
# Do not prepend the TRACKER_URL with http:// or https://
|
|
# The only tracker supported is Matomo.
|
|
# You can set the following variables from a file by appending them with _FILE:
|
|
TRACKER_SITE_ID=
|
|
TRACKER_URL=
|
|
|
|
# Firefly III can collect telemetry on how you use Firefly III. This is opt-in.
|
|
# In order to allow this, change the following variable to true.
|
|
# To read more about this feature, go to this page: https://docs.firefly-iii.org/support/telemetry
|
|
SEND_TELEMETRY=false
|
|
|
|
# You can fine tune the start-up of a Docker container by editing these environment variables.
|
|
# Use this at your own risk. Disabling certain checks and features may result in lost of inconsistent data.
|
|
# However if you know what you're doing you can significantly speed up container start times.
|
|
# Set each value to true to enable, or false to disable.
|
|
|
|
# Check if the SQLite database exists. Can be skipped if you're not using SQLite.
|
|
# Won't significantly speed up things.
|
|
DKR_CHECK_SQLITE=true
|
|
|
|
# Run database creation and migration commands. Disable this only if you're 100% sure the DB exists
|
|
# and is up to date.
|
|
DKR_RUN_MIGRATION=true
|
|
|
|
# Run database upgrade commands. Disable this only when you're 100% sure your DB is up-to-date
|
|
# with the latest fixes (outside of migrations!)
|
|
DKR_RUN_UPGRADE=true
|
|
|
|
# Verify database integrity. Includes all data checks and verifications.
|
|
# Disabling this makes Firefly III assume your DB is intact.
|
|
DKR_RUN_VERIFY=true
|
|
|
|
# Run database reporting commands. When disabled, Firefly III won't go over your data to report current state.
|
|
# Disabling this should have no impact on data integrity or safety but it won't warn you of possible issues.
|
|
DKR_RUN_REPORT=true
|
|
|
|
# Generate OAuth2 keys.
|
|
# When disabled, Firefly III won't attempt to generate OAuth2 Passport keys. This won't be an issue, IFF (if and only if)
|
|
# you had previously generated keys already and they're stored in your database for restoration.
|
|
DKR_RUN_PASSPORT_INSTALL=true
|
|
|
|
# Leave the following configuration vars as is.
|
|
# Unless you like to tinker and know what you're doing.
|
|
APP_NAME=FireflyIII
|
|
ADLDAP_CONNECTION=default
|
|
BROADCAST_DRIVER=log
|
|
QUEUE_DRIVER=sync
|
|
CACHE_PREFIX=firefly
|
|
PUSHER_KEY=
|
|
PUSHER_SECRET=
|
|
PUSHER_ID=
|
|
DEMO_USERNAME=
|
|
DEMO_PASSWORD=
|
|
IS_HEROKU=false
|
|
FIREFLY_III_LAYOUT=v1
|
|
|
|
#
|
|
# If you have trouble configuring your Firefly III installation, DON'T BOTHER setting this variable.
|
|
# It won't work. It doesn't do ANYTHING. Don't believe the lies you read online. I'm not joking.
|
|
# This configuration value WILL NOT HELP.
|
|
#
|
|
# This variable is ONLY used in some of the emails Firefly III sends around. Nowhere else.
|
|
# So when configuring anything WEB related this variable doesn't do anything. Nothing
|
|
#
|
|
# If you're stuck I understand you get desperate but look SOMEWHERE ELSE.
|
|
#
|
|
APP_URL=http://localhost
|