Fix: Rename stack.env to stack.env.example to prevent Portainer auto-load error

Portainer was trying to auto-load stack.env as an env file which caused parsing errors. Renamed to stack.env.example so users manually copy the values into Portainer UI instead. Also updated .env.example with cleaner format.
2026-02-03 12:20:23 +01:00 · 2026-02-03 12:20:23 +01:00 · fa8bde3940
parent d0a2273b71
commit fa8bde3940
3 changed files with 17 additions and 56 deletions
--- a/.env.example
+++ b/.env.example
@ -1,59 +1,20 @@
-# ============================================================================
-# LEMONSEC - Environment Configuration
-# Copy this file to .env and fill in your values
-# ============================================================================
+# LemonSec Environment Variables
+# Copy these values into Portainer UI when deploying

-# -----------------------------------------------------------------------------
-# Cloudflare DNS Configuration
-# -----------------------------------------------------------------------------
-# Your Cloudflare account email
+# Cloudflare DNS
 CF_API_EMAIL=your-email@example.com
-
-# Cloudflare Global API Key (from https://dash.cloudflare.com/profile/api-tokens)
-# OR use DNS API Token (more secure)
 CF_API_KEY=your-cloudflare-global-api-key
-# CF_DNS_API_TOKEN=your-cloudflare-dns-api-token

-# -----------------------------------------------------------------------------
-# Timezone
-# -----------------------------------------------------------------------------
+# TrueNAS Configuration
+TRUENAS_IP=192.168.1.100
+TRUENAS_NEXTCLOUD_PORT=9001
+
+# Authelia Secrets (generate with: openssl rand -hex 32)
+AUTHELIA_JWT_SECRET=replace-with-64-hex-chars
+AUTHELIA_SESSION_SECRET=replace-with-64-hex-chars
+AUTHELIA_STORAGE_KEY=replace-with-64-hex-chars
+
+# Optional
 TZ=Europe/Stockholm
-
-# -----------------------------------------------------------------------------
-# CrowdSec API Key
-# Generate after first CrowdSec start: docker exec crowdsec cscli bouncers add traefik-bouncer
-CROWDSEC_API_KEY=your-crowdsec-api-key-here
-
-# -----------------------------------------------------------------------------
-# Authelia Secrets
-# Generate these with: openssl rand -hex 32
-# -----------------------------------------------------------------------------
-AUTHELIA_JWT_SECRET=change-me-32-characters-min
-AUTHELIA_SESSION_SECRET=change-me-32-characters-min  
-AUTHELIA_STORAGE_KEY=change-me-32-characters-min
-
-# -----------------------------------------------------------------------------
-# Grafana
-# -----------------------------------------------------------------------------
-GRAFANA_ADMIN_USER=admin
-GRAFANA_ADMIN_PASSWORD=change-me-strong-password
-GRAFANA_OAUTH_SECRET=generate-with-authelia
-
-# -----------------------------------------------------------------------------
-# Tailscale Configuration
-# Your Tailscale IP for internal routing
-# Find with: tailscale ip -4
-# -----------------------------------------------------------------------------
-TAILSCALE_IP=100.x.x.x
-
-# -----------------------------------------------------------------------------
-# TrueNAS / External Services
-# -----------------------------------------------------------------------------
-TRUENAS_IP=192.168.x.x  # Your TrueNAS VM IP
-TRUENAS_NEXTCLOUD_PORT=9001  # Port where TrueNAS Nextcloud is exposed
-
-# -----------------------------------------------------------------------------
-# External Services (add your own)
-# -----------------------------------------------------------------------------
-# NEXTCLOUD_MYSQL_PASSWORD=...
-# VAULTWARDEN_ADMIN_TOKEN=...
+CROWDSEC_API_KEY=
+TAILSCALE_IP=
--- a/.gitignore
+++ b/.gitignore
@ -3,8 +3,8 @@
 .env.local
 .env.production

-# Keep stack.env as template for Portainer
-# stack.env is intentionally NOT ignored
+# stack.env is auto-loaded by Portainer - use stack.env.example as template
+stack.env

 # Secrets
 secrets/*.txt
--- a/stack.env.example
+++ b/stack.env.example