57 lines
2.3 KiB
Bash
57 lines
2.3 KiB
Bash
# LemonSec Environment Variables for Portainer
|
|
# Copy these into Portainer's Environment Variables section when deploying
|
|
|
|
# ============================================================================
|
|
# REQUIRED - Cloudflare DNS
|
|
# ============================================================================
|
|
# Your Cloudflare account email
|
|
CF_API_EMAIL=your-email@example.com
|
|
|
|
# Cloudflare Global API Key (from https://dash.cloudflare.com/profile/api-tokens)
|
|
# Note: DNS API Token can also be used as CF_DNS_API_TOKEN
|
|
CF_API_KEY=your-cloudflare-global-api-key
|
|
|
|
# ============================================================================
|
|
# REQUIRED - TrueNAS Configuration
|
|
# ============================================================================
|
|
# IP address of your TrueNAS Scale VM
|
|
TRUENAS_IP=192.168.1.100
|
|
|
|
# Port where Nextcloud is exposed on TrueNAS
|
|
# Check: TrueNAS → Apps → Nextcloud → Node Port
|
|
TRUENAS_NEXTCLOUD_PORT=9001
|
|
|
|
# ============================================================================
|
|
# REQUIRED - Authelia Secrets
|
|
# Generate these with: openssl rand -hex 32
|
|
# Or use the setup script: ./setup.ps1 (on Windows)
|
|
# ============================================================================
|
|
AUTHELIA_JWT_SECRET=change-me-generate-with-openssl-rand-hex-32
|
|
AUTHELIA_SESSION_SECRET=change-me-generate-with-openssl-rand-hex-32
|
|
AUTHELIA_STORAGE_KEY=change-me-generate-with-openssl-rand-hex-32
|
|
|
|
# ============================================================================
|
|
# OPTIONAL - CrowdSec
|
|
# Generate after first deployment:
|
|
# docker exec crowdsec cscli bouncers add traefik-bouncer
|
|
# Then add the key here and redeploy
|
|
# ============================================================================
|
|
CROWDSEC_API_KEY=
|
|
|
|
# ============================================================================
|
|
# OPTIONAL - General Settings
|
|
# ============================================================================
|
|
# Timezone
|
|
TZ=Europe/Stockholm
|
|
|
|
# Tailscale IP (for internal entrypoint binding)
|
|
# Get with: tailscale ip -4
|
|
TAILSCALE_IP=
|
|
|
|
# ============================================================================
|
|
# OPTIONAL - Grafana (if using monitoring profile)
|
|
# ============================================================================
|
|
# GRAFANA_ADMIN_USER=admin
|
|
# GRAFANA_ADMIN_PASSWORD=change-me
|
|
# GRAFANA_OAUTH_SECRET=generate-with-authelia
|