mirror of
https://github.com/Freika/dawarich.git
synced 2026-01-09 08:47:11 -05:00
b1393ee674
* Implement OmniAuth GitHub authentication * Fix omniauth GitHub scope to include user email access * Remove margin-bottom * Implement Google OAuth2 authentication * Implement OIDC authentication for Dawarich using omniauth_openid_connect gem. * Add patreon account linking and patron checking service * Update docker-compose.yml to use boolean values instead of strings * Add support for KML files * Add tests * Update changelog * Remove patreon OAuth integration * Move omniauthable to a concern * Update an icon in integrations * Update changelog * Update app version * Fix family location sharing toggle * Move family location sharing to its own controller * Update changelog * Implement basic tagging functionality for places, allowing users to categorize and label places with custom tags. * Add places management API and tags feature * Add some changes related to places management feature * Fix some tests * Fix sometests * Add places layer * Update places layer to use Leaflet.Control.Layers.Tree for hierarchical layer control * Rework tag form * Add hashtag * Add privacy zones to tags * Add notes to places and manage place tags * Update changelog * Update e2e tests * Extract tag serializer to its own file * Fix some tests * Fix tags request specs * Fix some tests * Fix rest of the tests * Revert some changes * Add missing specs * Revert changes in place export/import code * Fix some specs * Fix PlaceFinder to only consider global places when finding existing places * Fix few more specs * Fix visits creator spec * Fix last tests * Update place creating modal * Add home location based on "Home" tagged place * Save enabled tag layers * Some fixes * Fix bug where enabling place tag layers would trigger saving enabled layers, overwriting with incomplete data * Update migration to use disable_ddl_transaction! and add up/down methods * Fix tag layers restoration and filtering logic * Update OIDC auto-registration and email/password registration settings * Fix potential xss
208 lines
6.9 KiB
Text
208 lines
6.9 KiB
Text
# Dawarich Docker Compose Configuration
|
|
# Copy this file to .env and customize for your environment
|
|
|
|
# =============================================================================
|
|
# ENVIRONMENT CONFIGURATION
|
|
# =============================================================================
|
|
|
|
# Rails environment: development, staging, or production
|
|
RAILS_ENV=development
|
|
|
|
# =============================================================================
|
|
# DATABASE CONFIGURATION
|
|
# =============================================================================
|
|
|
|
# PostgreSQL credentials
|
|
POSTGRES_USER=postgres
|
|
POSTGRES_PASSWORD=password
|
|
|
|
# Database name
|
|
POSTGRES_DB=dawarich_development
|
|
|
|
# Database connection settings (used by Rails app)
|
|
DATABASE_HOST=dawarich_db
|
|
DATABASE_PORT=5432
|
|
DATABASE_USERNAME=postgres
|
|
DATABASE_PASSWORD=password
|
|
DATABASE_NAME=dawarich_development
|
|
|
|
# =============================================================================
|
|
# REDIS CONFIGURATION
|
|
# =============================================================================
|
|
|
|
# Redis connection URL
|
|
REDIS_URL=redis://dawarich_redis:6379
|
|
|
|
# =============================================================================
|
|
# APPLICATION SETTINGS
|
|
# =============================================================================
|
|
|
|
# Port to expose the application on
|
|
DAWARICH_APP_PORT=3000
|
|
|
|
# Application hosts (comma-separated)
|
|
# Development: localhost
|
|
# Production: your-domain.com,www.your-domain.com
|
|
APPLICATION_HOSTS=localhost,::1,127.0.0.1
|
|
|
|
# Application protocol (http or https)
|
|
APPLICATION_PROTOCOL=http
|
|
|
|
# Time zone
|
|
TIME_ZONE=Europe/London
|
|
|
|
# Minimum minutes spent in city for statistics
|
|
MIN_MINUTES_SPENT_IN_CITY=60
|
|
|
|
# Self-hosted flag (true for docker deployments)
|
|
SELF_HOSTED=true
|
|
|
|
# Store geodata (reverse geocoding results)
|
|
STORE_GEODATA=true
|
|
|
|
# Storage backend (local or s3)
|
|
STORAGE_BACKEND=local
|
|
|
|
# =============================================================================
|
|
# SECURITY
|
|
# =============================================================================
|
|
|
|
# Secret key base for production/staging
|
|
# Generate with: openssl rand -hex 64
|
|
# Leave empty for development
|
|
# REQUIRED for production and staging environments
|
|
SECRET_KEY_BASE=
|
|
|
|
# =============================================================================
|
|
# BACKGROUND JOBS
|
|
# =============================================================================
|
|
|
|
# Sidekiq concurrency (number of threads)
|
|
BACKGROUND_PROCESSING_CONCURRENCY=10
|
|
|
|
# =============================================================================
|
|
# MONITORING & LOGGING
|
|
# =============================================================================
|
|
|
|
# Prometheus exporter settings
|
|
PROMETHEUS_EXPORTER_ENABLED=false
|
|
PROMETHEUS_EXPORTER_HOST=0.0.0.0
|
|
PROMETHEUS_EXPORTER_PORT=9394
|
|
PROMETHEUS_EXPORTER_HOST_SIDEKIQ=dawarich_app
|
|
|
|
# Uncomment to expose Prometheus port
|
|
# PROMETHEUS_PORT=9394
|
|
|
|
# Rails logging
|
|
RAILS_LOG_TO_STDOUT=true
|
|
|
|
# Docker logging settings
|
|
LOG_MAX_SIZE=100m
|
|
LOG_MAX_FILE=5
|
|
|
|
# =============================================================================
|
|
# RESOURCE LIMITS
|
|
# =============================================================================
|
|
|
|
# CPU and memory limits for the app container
|
|
APP_CPU_LIMIT=0.50
|
|
APP_MEMORY_LIMIT=4G
|
|
|
|
# =============================================================================
|
|
# EXAMPLE CONFIGURATIONS BY ENVIRONMENT
|
|
# =============================================================================
|
|
|
|
# --- DEVELOPMENT ---
|
|
# RAILS_ENV=development
|
|
# POSTGRES_DB=dawarich_development
|
|
# DATABASE_NAME=dawarich_development
|
|
# APPLICATION_HOSTS=localhost,::1,127.0.0.1
|
|
# APPLICATION_PROTOCOL=http
|
|
# SECRET_KEY_BASE=
|
|
# SELF_HOSTED=true
|
|
|
|
# --- STAGING ---
|
|
# RAILS_ENV=staging
|
|
# POSTGRES_DB=dawarich_staging
|
|
# DATABASE_NAME=dawarich_staging
|
|
# APPLICATION_HOSTS=staging.example.com
|
|
# APPLICATION_PROTOCOL=https
|
|
# SECRET_KEY_BASE=your-generated-secret-key
|
|
# SELF_HOSTED=true
|
|
|
|
# --- PRODUCTION ---
|
|
# RAILS_ENV=production
|
|
# POSTGRES_DB=dawarich_production
|
|
# DATABASE_NAME=dawarich_production
|
|
# APPLICATION_HOSTS=dawarich.example.com,www.dawarich.example.com
|
|
# APPLICATION_PROTOCOL=https
|
|
# SECRET_KEY_BASE=your-generated-secret-key
|
|
# SELF_HOSTED=true
|
|
# PROMETHEUS_EXPORTER_ENABLED=true
|
|
|
|
# =============================================================================
|
|
# Example of configuration for OpenID Connect (OIDC) authentication
|
|
#
|
|
# =============================================================================
|
|
|
|
# Generic OpenID Connect (for Authelia, Authentik, Keycloak, etc.)
|
|
# Option 1: Using OIDC Discovery (Recommended)
|
|
# Set OIDC_ISSUER to your provider's issuer URL (e.g., https://auth.example.com)
|
|
# The provider must support OpenID Connect Discovery (.well-known/openid-configuration)
|
|
OIDC_CLIENT_ID=client_id_example
|
|
OIDC_CLIENT_SECRET=client_secret_example
|
|
OIDC_ISSUER=https://authentik.yourdomain.com/application/o/dawarich/
|
|
OIDC_REDIRECT_URI=https://your-dawarich-url.com/users/auth/openid_connect/callback
|
|
|
|
# OIDC Provider Name
|
|
# Custom display name for your OIDC provider shown on the sign-in page
|
|
# Default: "Openid Connect" (if not specified)
|
|
# Examples: "Authelia", "Authentik", "Keycloak", "Company SSO"
|
|
OIDC_PROVIDER_NAME=Authentik
|
|
|
|
# OIDC Auto-Registration
|
|
# Controls whether new users are automatically created when signing in with OIDC
|
|
# Set to 'false' to require administrators to pre-create user accounts
|
|
# When disabled, OIDC users must have an existing account (matching email) to sign in
|
|
# Default: true (automatically create new users)
|
|
OIDC_AUTO_REGISTER=true
|
|
|
|
# Authentication Methods Control
|
|
# Control which authentication methods are available in self-hosted mode
|
|
#
|
|
# ALLOW_EMAIL_PASSWORD_REGISTRATION - Allow users to register with email/password
|
|
# Default: false (disabled in self-hosted mode, only family invitations allowed)
|
|
# Set to 'true' to allow public email/password registration alongside OIDC
|
|
ALLOW_EMAIL_PASSWORD_REGISTRATION=false
|
|
|
|
# Option 2: Manual Endpoint Configuration (if discovery is not supported)
|
|
# Use this if your provider doesn't support OIDC discovery
|
|
# OIDC_CLIENT_ID=
|
|
# OIDC_CLIENT_SECRET=
|
|
# OIDC_HOST=auth.example.com
|
|
# OIDC_SCHEME=https
|
|
# OIDC_PORT=443
|
|
# OIDC_AUTHORIZATION_ENDPOINT=/authorize
|
|
# OIDC_TOKEN_ENDPOINT=/token
|
|
# OIDC_USERINFO_ENDPOINT=/userinfo
|
|
# OIDC_REDIRECT_URI=https://yourdomain.com/users/auth/openid_connect/callback
|
|
|
|
# Example configurations:
|
|
#
|
|
# Authelia:
|
|
# OIDC_ISSUER=https://auth.example.com
|
|
# OIDC_CLIENT_ID=your-client-id
|
|
# OIDC_CLIENT_SECRET=your-client-secret
|
|
# OIDC_REDIRECT_URI=https://dawarich.example.com/users/auth/openid_connect/callback
|
|
#
|
|
# Authentik:
|
|
# OIDC_ISSUER=https://authentik.example.com/application/o/dawarich/
|
|
# OIDC_CLIENT_ID=your-client-id
|
|
# OIDC_CLIENT_SECRET=your-client-secret
|
|
# OIDC_REDIRECT_URI=https://dawarich.example.com/users/auth/openid_connect/callback
|
|
#
|
|
# Keycloak:
|
|
# OIDC_ISSUER=https://keycloak.example.com/realms/your-realm
|
|
# OIDC_CLIENT_ID=dawarich
|
|
# OIDC_CLIENT_SECRET=your-client-secret
|
|
# OIDC_REDIRECT_URI=https://dawarich.example.com/users/auth/openid_connect/callback
|