-
Notifications
You must be signed in to change notification settings - Fork 8
/
Copy path.env-dist
37 lines (31 loc) · 1.5 KB
/
.env-dist
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
TTRSS_TRAEFIK_HOST=ttrss.example.com
TTRSS_INSTANCE=
## If using the default HTTPS port (443) this should be left blank:
TTRSS_TRAEFIK_PORT=
## Set a secure passphrase for the database
## Use: openssl rand -base64 45
TTRSS_DB_PASS=change_me
TTRSS_IP_SOURCERANGE=0.0.0.0/0
TTRSS_HTTP_AUTH=
# OAUTH2
# Set to `true` to use OpenID/OAuth2 authentication via the
# traefik-forward-auth service in d.rymcg.tech.
# Using OpenID/OAuth2 will require login to access your app,
# but it will not affect what a successfully logged-in person can do in your
# app. If your app has built-in authentication and can check the user
# header that traefik-forward-auth sends, then your app can limit what the
# logged-in person can do in the app. But if your app can't check the user
# header, or if your app doesn't have built-in authentication at all, then
# any person with an account on your Gitea server can log into your app and
# have full access.
TTRSS_OAUTH2=
# In addition to Oauth2 authentication, you can configure basic authorization
# by entering which authorization group can log into your app. You create
# groups of email addresses in the `traefik` folder by running `make groups`.
TTRSS_OAUTH2_AUTHORIZED_GROUP=
# Mutual TLS (mTLS):
# Set true or false. If true, all clients must present a certificate signed by Step-CA:
TTRSS_MTLS_AUTH=false
# Enter a comma separated list of client domains allowed to connect via mTLS.
# Wildcards are allowed and encouraged on a per-app basis:
TTRSS_MTLS_AUTHORIZED_CERTS=*.clients.ttrss.example.com