107 lines
4.5 KiB
Plaintext
107 lines
4.5 KiB
Plaintext
# --- Docker Compose Settings ---
|
|
# Comma-separated list of optional service profiles to enable (e.g., lidarr,sabnzbd,adguardhome)
|
|
COMPOSE_PROFILES=
|
|
# Path separator for COMPOSE_FILE (use ';' for Windows)
|
|
COMPOSE_PATH_SEPARATOR=:
|
|
# Colon-separated list of compose files to use. Allows extending the base configuration.
|
|
COMPOSE_FILE=docker-compose.yml:adguardhome/docker-compose.yml:tandoor/docker-compose.yml:joplin/docker-compose.yml:homeassistant/docker-compose.yml:immich/docker-compose.yml
|
|
|
|
# --- Core System Settings ---
|
|
# Linux User ID. Find yours with `id -u`. Crucial for file permissions.
|
|
USER_ID=1000
|
|
# Linux Group ID. Find yours with `id -g`. Crucial for file permissions.
|
|
GROUP_ID=1000
|
|
# Your local timezone (e.g., America/New_York, Europe/London, Asia/Manila). See: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
|
|
TIMEZONE="America/New_York"
|
|
|
|
# --- Host Paths ---
|
|
# Base directory on host for storing service configuration files. '.' stores them in subdirectories within the project folder.
|
|
CONFIG_ROOT="."
|
|
# Main directory on host containing media libraries (movies, TV, music, books).
|
|
DATA_ROOT="/mnt/data"
|
|
# Directory on host for download clients (qBittorrent/SABnzbd). Should be on the same filesystem as DATA_ROOT for hardlinks.
|
|
DOWNLOAD_ROOT="/mnt/data/torrents"
|
|
# Upload location for Immich (if profile enabled)
|
|
IMMICH_UPLOAD_LOCATION="/mnt/data/photos"
|
|
|
|
# --- Tailscale Settings ---
|
|
# Required. Auth key from Tailscale Admin Console (Settings > Keys). Use a reusable or ephemeral key.
|
|
TAILSCALE_AUTHKEY=
|
|
# Desired hostname for this NAS within your Tailscale network.
|
|
TAILSCALE_HOSTNAME=tailscale-nas
|
|
# Required. Your Tailnet domain (e.g., your-tailnet-name.ts.net).
|
|
TAILSCALE_TAILNET_DOMAIN=your-tailnet.ts.net
|
|
# Optional tags to apply to the Tailscale node (e.g., tag:nas).
|
|
TAILSCALE_TAGS=tag:nas
|
|
# Enable Tailscale Funnel (public access) for HTTPS? Set to 'true' or 'false'. 'false' uses Serve (Tailnet only, recommended).
|
|
ENABLE_FUNNEL_HTTPS=false
|
|
|
|
# --- Primary Application Hostname ---
|
|
# Primary hostname used by Traefik/Authelia. Derived from Tailscale settings by default.
|
|
# Renamed from HOSTNAME to avoid collision with host system environment variable.
|
|
APP_HOSTNAME=${TAILSCALE_HOSTNAME}.${TAILSCALE_TAILNET_DOMAIN}
|
|
|
|
# --- Application Credentials ---
|
|
# qBittorrent Web UI Credentials (change default!)
|
|
QBITTORRENT_USERNAME=admin
|
|
QBITTORRENT_PASSWORD=adminadmin
|
|
# Calibre-Web Credentials (if profile enabled)
|
|
CALIBRE_USERNAME=admin
|
|
CALIBRE_PASSWORD=admin123
|
|
# Immich Database Password (if profile enabled)
|
|
IMMICH_DB_PASSWORD=postgres
|
|
|
|
# --- Homepage Settings ---
|
|
HOMEPAGE_VAR_TITLE="Docker-Compose NAS"
|
|
HOMEPAGE_VAR_SEARCH_PROVIDER=google
|
|
HOMEPAGE_VAR_HEADER_STYLE=boxed
|
|
# Weather Widget (Optional)
|
|
HOMEPAGE_VAR_WEATHER_CITY=
|
|
HOMEPAGE_VAR_WEATHER_LAT=
|
|
HOMEPAGE_VAR_WEATHER_LONG=
|
|
HOMEPAGE_VAR_WEATHER_UNIT=metric
|
|
|
|
# --- Authelia Settings ---
|
|
# Generate strong random secrets for these using tools like `openssl rand -hex 32`
|
|
AUTHELIA_JWT_SECRET= # Used for password reset functionality (also mapped to AUTHELIA_IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET in 4.38+)
|
|
AUTHELIA_SESSION_SECRET= # Secret for session cookies
|
|
AUTHELIA_STORAGE_ENCRYPTION_KEY= # For encrypting stored data
|
|
AUTHELIA_REDIS_PASSWORD= # Used as AUTHELIA_SESSION_REDIS_PASSWORD in 4.38+
|
|
|
|
# Note: The following variables are no longer needed with Authelia 4.38+ and the updated configuration
|
|
# They are preserved for backward compatibility but will be automatically mapped to the new structure
|
|
# AUTHELIA_SESSION_DOMAIN=${APP_HOSTNAME}
|
|
# AUTHELIA_DEFAULT_REDIRECT_URL=https://${APP_HOSTNAME}/home
|
|
|
|
# --- API Keys & Integration Tokens (Optional - Mainly for Homepage Widgets) ---
|
|
# Find API keys within each application's settings (usually Settings > General or Security)
|
|
SONARR_API_KEY=
|
|
RADARR_API_KEY=
|
|
LIDARR_API_KEY=
|
|
PROWLARR_API_KEY=
|
|
BAZARR_API_KEY=
|
|
JELLYFIN_API_KEY=
|
|
JELLYSEERR_API_KEY=
|
|
SABNZBD_API_KEY=
|
|
IMMICH_API_KEY=
|
|
HOMEASSISTANT_ACCESS_TOKEN=
|
|
# AdGuard Home Credentials (if profile enabled)
|
|
ADGUARD_USERNAME=
|
|
ADGUARD_PASSWORD=
|
|
|
|
# --- Optional Service Settings ---
|
|
# Decluttarr Settings (if profile enabled)
|
|
DECLUTTARR_TEST_RUN=True
|
|
DECLUTTARR_REMOVE_TIMER=60
|
|
DECLUTTARR_REMOVE_FAILED=True
|
|
DECLUTTARR_REMOVE_FAILED_IMPORTS=True
|
|
DECLUTTARR_REMOVE_METADATA_MISSING=True
|
|
DECLUTTARR_REMOVE_MISSING_FILES=True
|
|
DECLUTTARR_REMOVE_ORPHANS=True
|
|
|
|
# --- Other Hostnames (Optional Services) ---
|
|
# Set these if you need specific hostnames for these services (e.g., for Home Assistant integrations)
|
|
HOMEASSISTANT_HOSTNAME=
|
|
IMMICH_HOSTNAME=
|
|
ADGUARD_HOSTNAME=
|