mirror of
https://github.com/Dokploy/templates.git
synced 2026-07-10 16:35:27 +02:00
docs(plane): document each env var as inline comments in template env
Add a "# ..." comment string before every entry in config.env, grouped into labelled sections (Application, PostgreSQL, Redis, RabbitMQ, storage, proxy, runtime) with blank-line separators. Because Dokploy renders config.env entries verbatim into the generated .env, these comment strings carry the documentation into the deployed .env file (TOML # comments would be stripped at parse time and never reach it). Same pattern already used by discord-tickets, garage-with-ui, tooljet and rustfs. No variable values changed; all 39 vars preserved. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -9,48 +9,99 @@ live_secret_key = "${base64:48}"
|
||||
|
||||
[config]
|
||||
env = [
|
||||
"# ===== Application =====",
|
||||
"# Plane image tag deployed for every service.",
|
||||
"APP_RELEASE=${app_release}",
|
||||
"# Public domain Plane is served on.",
|
||||
"APP_DOMAIN=${main_domain}",
|
||||
"# Full external URL of the instance (used to build links).",
|
||||
"WEB_URL=https://${main_domain}",
|
||||
"# Browser origins allowed to call the API (CORS).",
|
||||
"CORS_ALLOWED_ORIGINS=https://${main_domain}",
|
||||
"# Internal URL other services use to reach the API.",
|
||||
"API_BASE_URL=http://plane-api:8000",
|
||||
"# Django secret key: signs sessions and tokens. Keep it secret.",
|
||||
"SECRET_KEY=${secret_key}",
|
||||
"# Shared secret between the API and the realtime (live) server.",
|
||||
"LIVE_SERVER_SECRET_KEY=${live_secret_key}",
|
||||
"",
|
||||
"# ===== PostgreSQL =====",
|
||||
"# Database user.",
|
||||
"POSTGRES_USER=plane",
|
||||
"# Database password.",
|
||||
"POSTGRES_PASSWORD=${postgres_password}",
|
||||
"# Database name.",
|
||||
"POSTGRES_DB=plane",
|
||||
"# Port PostgreSQL listens on.",
|
||||
"POSTGRES_PORT=5432",
|
||||
"# Host the app and libpq tools connect to.",
|
||||
"PGHOST=plane-db",
|
||||
"# Default database for libpq tools.",
|
||||
"PGDATABASE=plane",
|
||||
"# On-disk location of the database files.",
|
||||
"PGDATA=/var/lib/postgresql/data",
|
||||
"# Full connection string (composed from the values above).",
|
||||
"DATABASE_URL=postgresql://plane:${postgres_password}@plane-db:5432/plane",
|
||||
"",
|
||||
"# ===== Redis / Valkey (cache) =====",
|
||||
"# Redis host.",
|
||||
"REDIS_HOST=plane-redis",
|
||||
"# Redis port.",
|
||||
"REDIS_PORT=6379",
|
||||
"# Full Redis connection URL.",
|
||||
"REDIS_URL=redis://plane-redis:6379/",
|
||||
"",
|
||||
"# ===== RabbitMQ (task queue) =====",
|
||||
"# Broker host.",
|
||||
"RABBITMQ_HOST=plane-mq",
|
||||
"# Broker port.",
|
||||
"RABBITMQ_PORT=5672",
|
||||
"# Broker user.",
|
||||
"RABBITMQ_USER=plane",
|
||||
"# Broker password.",
|
||||
"RABBITMQ_PASSWORD=${rabbitmq_password}",
|
||||
"# Broker virtual host.",
|
||||
"RABBITMQ_VHOST=plane",
|
||||
"# Full AMQP connection string (composed from the values above).",
|
||||
"AMQP_URL=amqp://plane:${rabbitmq_password}@plane-mq:5672/plane",
|
||||
"",
|
||||
"# ===== Object storage (MinIO / S3) =====",
|
||||
"# Use the bundled MinIO (1) instead of an external S3 provider (0).",
|
||||
"USE_MINIO=1",
|
||||
"# AWS region; leave empty when using MinIO.",
|
||||
"AWS_REGION=",
|
||||
"# S3 / MinIO access key.",
|
||||
"AWS_ACCESS_KEY_ID=access-key",
|
||||
"# S3 / MinIO secret key.",
|
||||
"AWS_SECRET_ACCESS_KEY=${minio_password}",
|
||||
"# S3 / MinIO endpoint URL.",
|
||||
"AWS_S3_ENDPOINT_URL=http://plane-minio:9000",
|
||||
"# Bucket used to store uploads.",
|
||||
"AWS_S3_BUCKET_NAME=uploads",
|
||||
"# Max upload size in bytes (default 5 MiB).",
|
||||
"FILE_SIZE_LIMIT=5242880",
|
||||
# Caddy proxy listen address + trusted proxies (required by the plane-proxy Caddyfile;
|
||||
# SITE_ADDRESS has no upstream default, so leaving it unset crashes the proxy).
|
||||
# TRUSTED_PROXIES=private_ranges trusts only Dokploy's private-network upstream (Traefik),
|
||||
# avoiding client-IP spoofing from 0.0.0.0/0. Set a narrower CIDR if exposing directly.
|
||||
"SITE_ADDRESS=:80",
|
||||
"TRUSTED_PROXIES=private_ranges",
|
||||
"# Set to 1 if the S3 / MinIO endpoint is served over HTTPS.",
|
||||
"MINIO_ENDPOINT_SSL=0",
|
||||
"",
|
||||
"# ===== Caddy proxy =====",
|
||||
"# Address the in-container Caddy listens on. Required: the proxy",
|
||||
"# Caddyfile has no default and an empty value crashes it on boot.",
|
||||
"SITE_ADDRESS=:80",
|
||||
"# Peers allowed to set X-Forwarded-For / X-Real-IP. 'private_ranges'",
|
||||
"# trusts only Dokploy's private upstream (Traefik) and blocks public",
|
||||
"# IP spoofing. Use a narrower CIDR if exposing the proxy directly.",
|
||||
"TRUSTED_PROXIES=private_ranges",
|
||||
"",
|
||||
"# ===== App runtime =====",
|
||||
"# Django debug mode; keep 0 in production.",
|
||||
"DEBUG=0",
|
||||
"# Number of Gunicorn workers for the API.",
|
||||
"GUNICORN_WORKERS=1",
|
||||
"# Rate limit applied to API-key requests.",
|
||||
"API_KEY_RATE_LIMIT=60/minute",
|
||||
"# Comma-separated IPs allowed as webhook targets; empty allows all.",
|
||||
"WEBHOOK_ALLOWED_IPS=",
|
||||
"# Comma-separated hosts allowed as webhook targets; empty allows all.",
|
||||
"WEBHOOK_ALLOWED_HOSTS=",
|
||||
]
|
||||
|
||||
|
||||
Reference in New Issue
Block a user