refactor: remove unused backup services and update environment configurations
This commit is contained in:
parent
810d7e0cb9
commit
03b9a3183b
5 changed files with 10 additions and 188 deletions
|
|
@ -1,14 +1,12 @@
|
|||
# SETTINGS from env.template
|
||||
# Misc configuration
|
||||
PUBLIC_DOMAIN=sso.base23.de
|
||||
COMPOSE_PROJECT_NAME=sso-base23-de
|
||||
PUBLIC_DOMAIN=sso.s1q.dev
|
||||
COMPOSE_PROJECT_NAME=sso-s1q-dev
|
||||
|
||||
# Server Versions
|
||||
AUTHENTIK_TAG=2025.6.4
|
||||
POSTGRES_TAG=16.9-alpine
|
||||
REDIS_TAG=8.0-alpine
|
||||
RESTICKER_TAG=0.0.2-restic0.17.0
|
||||
NGINX_UNPRIVILEGED_TAG=1.27.2-bookworm
|
||||
|
||||
# Error reporting & Logging
|
||||
AUTHENTIK_ERROR_REPORTING__ENABLED=true
|
||||
|
|
@ -16,16 +14,16 @@ AUTHENTIK_LOG_LEVEL=warning
|
|||
|
||||
# Email configuration
|
||||
# SMTP Host Emails are sent to
|
||||
AUTHENTIK_EMAIL__HOST=mail.base23.de
|
||||
AUTHENTIK_EMAIL__HOST=mail.s1q.dev
|
||||
AUTHENTIK_EMAIL__PORT=25
|
||||
AUTHENTIK_EMAIL__USERNAME=sso@base23.de
|
||||
AUTHENTIK_EMAIL__USERNAME=smtp@s1q.dev
|
||||
# Use StartTLS
|
||||
AUTHENTIK_EMAIL__USE_TLS=true
|
||||
# Use SSL
|
||||
AUTHENTIK_EMAIL__USE_SSL=false
|
||||
AUTHENTIK_EMAIL__TIMEOUT=10
|
||||
# Email address authentik will send from, should have a correct @domain
|
||||
AUTHENTIK_EMAIL__FROM=sso@base23.de
|
||||
AUTHENTIK_EMAIL__FROM=sso@s1q.dev
|
||||
|
||||
# Exposed ports for Authentik -- Ports are note exposed due to traefik setup
|
||||
# COMPOSE_PORT_HTTP=80
|
||||
|
|
@ -42,28 +40,3 @@ GEOIPUPDATE_ACCOUNT_ID=1093308
|
|||
# PostgreSQL configuration
|
||||
PG_USER=authentik
|
||||
PG_DB=authentik
|
||||
|
||||
|
||||
# Nginx configuration
|
||||
NGINX_HTTP_PORT=8080
|
||||
NGINX_HTTPS_PORT=8443
|
||||
NGINX_RESOLVER=127.0.0.11
|
||||
NGINX_SERVERNAME=sso.base23.de
|
||||
|
||||
# NGINX SSL Config for nginx 1.27.2, intermediate config, OpenSSL 3.0.14
|
||||
NGINX_SSL_SESSION_TIMEOUT=1d
|
||||
NGINX_SSL_SESSION_CACHE='shared:MozSSL:10m' # about 40000 sessions
|
||||
NGINX_SSL_PROTOCOLS='TLSv1.2 TLSv1.3'
|
||||
NGINX_SSL_CIPHERS='ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305'
|
||||
NGINX_SSL_PREFER_SERVER_CIPHERS=off
|
||||
NGINX_HEADER_STRICT_TRANSPORT_SECURITY='"max-age=63072000" always'
|
||||
NGINX_SSL_STAPLING=on
|
||||
NGINX_SSL_STAPLING_VERIFY=on
|
||||
|
||||
|
||||
# Restic configuration
|
||||
RESTIC_REPO_USER=u291924-sub4
|
||||
RESTIC_REPO_ADDRESS=cloud.backup.base23.de
|
||||
RESTIC_REPO_PORT=22
|
||||
RESTIC_TAG=sso.base23.de
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue