# ============================================================================ # LEMONSEC - Environment Configuration # Copy this file to .env and fill in your values # ============================================================================ # ----------------------------------------------------------------------------- # Cloudflare DNS Configuration # ----------------------------------------------------------------------------- # Your Cloudflare account email CF_API_EMAIL=your-email@example.com # Cloudflare Global API Key (from https://dash.cloudflare.com/profile/api-tokens) # OR use DNS API Token (more secure) CF_API_KEY=your-cloudflare-global-api-key # CF_DNS_API_TOKEN=your-cloudflare-dns-api-token # ----------------------------------------------------------------------------- # Timezone # ----------------------------------------------------------------------------- TZ=Europe/Stockholm # ----------------------------------------------------------------------------- # CrowdSec API Key # Generate after first CrowdSec start: docker exec crowdsec cscli bouncers add traefik-bouncer CROWDSEC_API_KEY=your-crowdsec-api-key-here # ----------------------------------------------------------------------------- # Authelia Secrets # Generate these with: openssl rand -hex 32 # ----------------------------------------------------------------------------- AUTHELIA_JWT_SECRET=change-me-32-characters-min AUTHELIA_SESSION_SECRET=change-me-32-characters-min AUTHELIA_STORAGE_KEY=change-me-32-characters-min # ----------------------------------------------------------------------------- # Grafana # ----------------------------------------------------------------------------- GRAFANA_ADMIN_USER=admin GRAFANA_ADMIN_PASSWORD=change-me-strong-password GRAFANA_OAUTH_SECRET=generate-with-authelia # ----------------------------------------------------------------------------- # Tailscale Configuration # Your Tailscale IP for internal routing # Find with: tailscale ip -4 # ----------------------------------------------------------------------------- TAILSCALE_IP=100.x.x.x # ----------------------------------------------------------------------------- # TrueNAS / External Services # ----------------------------------------------------------------------------- TRUENAS_IP=192.168.x.x # Your TrueNAS VM IP TRUENAS_NEXTCLOUD_PORT=9001 # Port where TrueNAS Nextcloud is exposed # ----------------------------------------------------------------------------- # External Services (add your own) # ----------------------------------------------------------------------------- # NEXTCLOUD_MYSQL_PASSWORD=... # VAULTWARDEN_ADMIN_TOKEN=...