greenlight-2.14.4/sample.env
2023-02-13 23:17:00 +08:00

374 lines
12 KiB
Bash

# Create a Secret Key for Rails
#
# You can generate a secure one through the Greenlight docker image
# with the command.
#
# docker run --rm bigbluebutton/greenlight:v2 bundle exec rake secret
#
SECRET_KEY_BASE=
# The endpoint and secret for your BigBlueButton server.
# Set these if you are running GreenLight on a single BigBlueButton server.
# You can retrive these by running the following command on your BigBlueButton server:
#
# bbb-conf --secret
#
BIGBLUEBUTTON_ENDPOINT=
BIGBLUEBUTTON_SECRET=
# The endpoint and "SECRET_KEY_BASE" for your Greenlight v3 instance.
# Set these if you are trying to migrate your resources to v3.
# Example:
#V3_ENDPOINT=https://v3.greenlight.test/
#V3_SECRET_KEY_BASE=
V3_ENDPOINT=
V3_SECRET_KEY_BASE=
# The hostname that the application is accessible from.
#
# Used to protect against various HTTP header attacks
# Should be in the form of "domain.com"
#
SAFE_HOSTS=
# Google Login Provider (optional)
#
# For in-depth steps on setting up a Google Login Provider, see:
#
# https://docs.bigbluebutton.org/greenlight/gl-config.html#google-oauth2
#
# The GOOGLE_OAUTH2_HD variable is used to limit sign-ins to a particular set of Google Apps hosted
# domains. This can be a string with separating commas such as, 'domain.com, example.com' or
# a string that specifies a single domain restriction such as, 'domain.com'.
# If left blank, GreenLight will allow sign-in from all Google Apps hosted domains.
GOOGLE_OAUTH2_ID=
GOOGLE_OAUTH2_SECRET=
GOOGLE_OAUTH2_HD=
# Twitter Login Provider (optional)
#
# Twitter Authentication is deprecated and will be phased out in a future release.
# Microsoft Office365 Login Provider (optional)
#
# For in-depth steps on setting up a Office 365 Login Provider, see:
#
# https://docs.bigbluebutton.org/greenlight/gl-config.html#office365-oauth2
#
OFFICE365_KEY=
OFFICE365_SECRET=
OFFICE365_HD=
# OpenID Connect Provider (optional)
#
# For in-depth steps on setting up a OpenID Connect Login Provider, see:
#
# https://docs.bigbluebutton.org/greenlight/gl-config.html#openid-connect
#
OPENID_CONNECT_CLIENT_ID=
OPENID_CONNECT_CLIENT_SECRET=
OPENID_CONNECT_ISSUER=
OPENID_CONNECT_HD=
OPENID_CONNECT_UID_FIELD=
# OAUTH2_REDIRECT allows you to specify the redirect_url passed to oauth on sign in.
# It is useful for cases when Greenlight is deployed behind a Network Load Balancer or proxy
OAUTH2_REDIRECT=
# LDAP Login Provider (optional)
#
# You can enable LDAP authentication by providing values for the variables below.
# Configuring LDAP authentication will take precedence over all other providers.
# For information about setting up LDAP, see:
#
# https://docs.bigbluebutton.org/greenlight/gl-config.html#ldap-auth
#
# LDAP_SERVER=ldap.example.com
# LDAP_PORT=389
# LDAP_METHOD=plain
# LDAP_UID=uid
# LDAP_BASE=dc=example,dc=com
# LDAP_AUTH=simple
# LDAP_BIND_DN=cn=admin,dc=example,dc=com
# LDAP_PASSWORD=password
# LDAP_ROLE_FIELD=ou
# LDAP_FILTER=(&(attr1=value1)(attr2=value2))
# LDAP_ATTRIBUTE_MAPPING=name=displayName;uid=uid; (See link above for more details)
LDAP_SERVER=
LDAP_PORT=
LDAP_METHOD=
LDAP_UID=
LDAP_BASE=
LDAP_BIND_DN=
LDAP_AUTH=
LDAP_PASSWORD=
LDAP_ROLE_FIELD=
LDAP_FILTER=
LDAP_ATTRIBUTE_MAPPING=
# Set this to true if you want GreenLight to support user signup and login without
# Omniauth. For more information, see:
#
# https://docs.bigbluebutton.org/greenlight/gl-overview.html#accounts-and-profile
#
ALLOW_GREENLIGHT_ACCOUNTS=true
# "hosted domain" part of the Email-Address required for signup for a greenlight account
# domain.com matches also mail.domain.com
# @domain.com does NOT match @mail.domain.com
# multiple domains can be separated by comma (with no whitespace!)
#GREENLIGHT_ACCOUNT_HD=@domain.com,subdomain-allowed.net
# To enable reCaptcha on the user sign up, define these 2 keys
# You can obtain these keys by registering your domain using the following url:
#
# https://www.google.com/recaptcha/admin
#
RECAPTCHA_SITE_KEY=
RECAPTCHA_SECRET_KEY=
# To enable Google Analytics on your site, set this key to the Google Analytics Property Tracking ID
#
# https://analytics.google.com/analytics/web/
#
GOOGLE_ANALYTICS_TRACKING_ID=
# Set this to true if you want GreenLight to send verification emails upon
# the creation of a new account
#
# ALLOW_MAIL_NOTIFICATIONS=true
#
# The notifications are sent using sendmail, unless the SMTP_SERVER variable is set.
# In that case, make sure the rest of the variables are properly set.
#
# SMTP_SERVER=smtp.gmail.com
# SMTP_PORT=587
# SMTP_DOMAIN=gmail.com
# SMTP_USERNAME=<youremail@gmail.com>
# SMTP_PASSWORD=<yourpassword>
# SMTP_AUTH=plain
# SMTP_STARTTLS_AUTO=true
#
# enable SMTPS: SMTP over direct TLS connection; usually port 465
# SMTP_TLS=true
#
# If your mail server has a self-signed certificate, you'll also need to include the line below.
# Please note that enable this presents its own security risks and should not be done unless necessary.
# SMTP_OPENSSL_VERIFY_MODE=none
#
SMTP_SERVER=
SMTP_PORT=
SMTP_DOMAIN=
SMTP_USERNAME=
SMTP_PASSWORD=
SMTP_AUTH=
SMTP_STARTTLS_AUTO=
# Specify the email address that all mail is sent from
SMTP_SENDER=
# Specify the recipient for test emails (needed for providers like Microsoft, who are very
# strict about RFC 2606)
SMTP_TEST_RECIPIENT=notifications@example.com
# Prefix for the applications root URL.
# Useful for deploying the application to a subdirectory, which is highly recommended
# if deploying on a BigBlueButton server. Keep in mind that if you change this, you'll
# have to update your authentication callback URL's to reflect this change.
#
# The recommended prefix is "/b".
#
RELATIVE_URL_ROOT=/b
# Specify which settings you would like the users to configure on room creation
# or edit after the room has been created
# By default, all settings are turned OFF.
#
# Current settings available:
# mute-on-join: Automatically mute users by default when they join a room
# require-moderator-approval: Require moderators to approve new users before they can join the room
# anyone-can-start: Allows anyone with the join url to start the room in BigBlueButton
# all-join-moderator: All users join as moderators in BigBlueButton
# recording: Sessions are recorded
ROOM_FEATURES=mute-on-join,require-moderator-approval,anyone-can-start,all-join-moderator,recording
# Specify the maximum number of records to be sent to the BigBlueButton API in one call
# Default is set to 25 records
PAGINATION_NUMBER=25
# Specify the maximum number of rows that should be displayed per page for a paginated table
# Default is set to 25 rows
NUMBER_OF_ROWS=25
# Specify if you want to display the Google Calendar button
# ENABLE_GOOGLE_CALENDAR_BUTTON=true|false
ENABLE_GOOGLE_CALENDAR_BUTTON=
# Set the application into Maintenance Mode
#
# Current options supported:
# true: Renders an error page that does not allow users to access any of the features in the application
# false: Application runs normally
MAINTENANCE_MODE=false
# Displays a flash that appears to inform the user of a scheduled maintenance window
# This variable should contain ONLY the date and time of the scheduled maintenance
#
# Ex: MAINTENANCE_WINDOW=Friday August 18 6pm-10pm EST
MAINTENANCE_WINDOW=
# The link to the Report an Issue button that appears on the 500 page and in the Account Dropdown
#
# Defaults to the Github Issues Page for Greenlight
# Button can be disabled by setting the value to blank
#
# REPORT_ISSUE_URL=https://github.com/bigbluebutton/greenlight/issues/new
# The link to the Need help? button that appears on the Account Dropdown
#
# Defaults to the Greenlight documentation
# Button can be disabled by setting the value to blank
HELP_URL=https://docs.bigbluebutton.org/greenlight/gl-overview.html
# Change the default language
#
# By default, Greenlight will appear in the same language as that specific user's browser.
# The user can override this by going into their profile and changing the language.
# You can override the default language to a specific language instead of the browser's language by setting
# the variable below. To find the correct value, visit: https://github.com/bigbluebutton/greenlight/tree/v2/config/locales
# and find the code that matches the language you want. Ex: For Arabic -> DEFAULT_LOCALE=ar, For Italian -> DEFAULT_LOCALE=it
# DEFAULT_LOCALE=
# Force a redirect to HTTPS and make cookies secure.
# WARNING: Only set this to false for a development environment.
ENABLE_SSL=true
# Comment this out to send logs to STDOUT in production instead of log/production.log .
#
# RAILS_LOG_TO_STDOUT=true
#
# When using docker-compose the logs can be sent to an centralized repository like PaperTrail
# just by using the built in driver. Make sure to add to docker-compose.yml the next lines:
#
# logging:
# driver: $LOG_DRIVER
# options:
# syslog-address: $LOG_ADDRESS
# tag: $LOG_TAG
#
# And set this variables up:
#
# LOG_DRIVER=syslog
# LOG_ADDRESS=udp://logs4.papertrailapp.com:[99999]
# LOG_TAG=greenlight.example.com:v2
#
# Check docker-compose and papertrail documentation for encrypting and
# protecting access to the log repository.
# https://docs.docker.com/config/containers/logging/syslog/#options
# https://help.papertrailapp.com/kb/configuration/encrypting-remote-syslog-with-tls-ssl/
#
# For sending logs to a remote aggregator enable these variables:
#
# RAILS_LOG_REMOTE_NAME=logxx.papertrailapp.com
# RAILS_LOG_REMOTE_PORT=9999
# RAILS_LOG_REMOTE_TAG=greenlight
# Specify the log level
# Allowed values are: debug|info|warn|error|fatal|unknown
# For details, see: https://docs.ruby-lang.org/en/master/Logger.html
#RAILS_LOG_LEVEL=info
# Database settings
#
# Greenlight may work out of the box with sqlite3, but for production it is recommended to use postgresql.
# In such case, these variables must be included:
#
# DB_ADAPTER=postgresql
# DB_HOST=postgres.example.com
# DB_PORT=5432
# DB_NAME=greenlight_production
# DB_USERNAME=postgres
# DB_PASSWORD=password
#
# The ActionCable-Workers require 4 connections. So, when using postgres as the CABLE_ADAPTER
# make sure the Database can handle the overall connection count calculated as follows:
# ( RAILS_MAX_THREADS + 4 ) * WEB_CONCURRENCY
# So DB_POOL_SIZE should be set to RAILS_MAX_THREADS + 4
#
# DB_POOL_SIZE=9
#
# Additionally, there may be cases where the database has errors so the old db connections became stale.
# In order to overcome the lost of connections, it is recommended to add a timeout.
#
# DB_CONNECT_TIMEOUT=5
# DB_READ_TIMEOUT=120
#
# For deployments based on the docker-compose script also included, the HOST should be set with the Docker container id.
#
DB_ADAPTER=postgresql
DB_HOST=db
DB_PORT=5432
DB_NAME=greenlight_production
DB_USERNAME=postgres
DB_PASSWORD=password
# Use postgresql to handle ActionCable connections by default
CABLE_ADAPTER=postgresql
# Specify the default registration to be used by Greenlight until an administrator sets the
# registration method
# Allowed values are:
# open - For open registration
# invite - For invite only registration
# approval - For approve/decline registration
DEFAULT_REGISTRATION=open
# Preupload Presentation Storage
#
# By default, if Preupload Presentation is enabled for rooms, presentations are uploaded locally to ~/greenlight/storage
# If you prefer to use AWS S3 or GCS Storage, you can set the variables below
#
# For AWS S3:
# AWS_ACCESS_KEY_ID=
# AWS_SECRET_ACCESS_KEY=
# AWS_REGION=
# AWS_BUCKET=
#
# For S3-compatible API:
# S3_ENDPOINT=
# S3_ACCESS_KEY_ID=
# S3_SECRET_ACCESS_KEY=
# S3_REGION=
# S3_BUCKET=
#
# For GCS Storage:
# GCS_PROJECT_ID=
# GCS_PRIVATE_KEY_ID=
# GCS_PRIVATE_KEY=
# GCS_CLIENT_EMAIL=
# GCS_CLIENT_ID=
# GCS_CLIENT_CERT=
# GCS_PROJECT=
# GCS_BUCKET=
# Web server settings
#
# The size of the thread pool per worker used by Greenlight's web server.
# For details, see: https://github.com/puma/puma#thread-pool
# Default: 5
#
# If you change this value please correct the DB_POOL_SIZE to RAILS_MAX_THREADS + 4 (ActionCable-Workers)
#RAILS_MAX_THREADS=5
# The amount of workers (separate processes) used by the web server.
# For details, see: https://github.com/puma/puma#clustered-mode
# Default: 1
#WEB_CONCURRENCY=1
# Max avatar image size (bytes)
# Default: 100000
MAX_AVATAR_SIZE=100000
# Due CCVE-2015-9284, this setting needs to be enabled for omniauth to respond GET requests.
# ENABLE_OMNIAUTH_GET=true|<false>
ENABLE_OMNIAUTH_GET=false