mirror of
https://github.com/Dokploy/templates.git
synced 2026-07-10 08:25:23 +02:00
Add a "# ..." comment string before every entry in config.env, grouped into labelled sections (Application, PostgreSQL, Redis, RabbitMQ, storage, proxy, runtime) with blank-line separators. Because Dokploy renders config.env entries verbatim into the generated .env, these comment strings carry the documentation into the deployed .env file (TOML # comments would be stripped at parse time and never reach it). Same pattern already used by discord-tickets, garage-with-ui, tooljet and rustfs. No variable values changed; all 39 vars preserved. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
114 lines
3.8 KiB
TOML
114 lines
3.8 KiB
TOML
[variables]
|
|
app_release = "v1.3.1"
|
|
main_domain = "${domain}"
|
|
postgres_password = "${password:32}"
|
|
minio_password = "${password:32}"
|
|
rabbitmq_password = "${password:32}"
|
|
secret_key = "${base64:48}"
|
|
live_secret_key = "${base64:48}"
|
|
|
|
[config]
|
|
env = [
|
|
"# ===== Application =====",
|
|
"# Plane image tag deployed for every service.",
|
|
"APP_RELEASE=${app_release}",
|
|
"# Public domain Plane is served on.",
|
|
"APP_DOMAIN=${main_domain}",
|
|
"# Full external URL of the instance (used to build links).",
|
|
"WEB_URL=https://${main_domain}",
|
|
"# Browser origins allowed to call the API (CORS).",
|
|
"CORS_ALLOWED_ORIGINS=https://${main_domain}",
|
|
"# Internal URL other services use to reach the API.",
|
|
"API_BASE_URL=http://plane-api:8000",
|
|
"# Django secret key: signs sessions and tokens. Keep it secret.",
|
|
"SECRET_KEY=${secret_key}",
|
|
"# Shared secret between the API and the realtime (live) server.",
|
|
"LIVE_SERVER_SECRET_KEY=${live_secret_key}",
|
|
"",
|
|
"# ===== PostgreSQL =====",
|
|
"# Database user.",
|
|
"POSTGRES_USER=plane",
|
|
"# Database password.",
|
|
"POSTGRES_PASSWORD=${postgres_password}",
|
|
"# Database name.",
|
|
"POSTGRES_DB=plane",
|
|
"# Port PostgreSQL listens on.",
|
|
"POSTGRES_PORT=5432",
|
|
"# Host the app and libpq tools connect to.",
|
|
"PGHOST=plane-db",
|
|
"# Default database for libpq tools.",
|
|
"PGDATABASE=plane",
|
|
"# On-disk location of the database files.",
|
|
"PGDATA=/var/lib/postgresql/data",
|
|
"# Full connection string (composed from the values above).",
|
|
"DATABASE_URL=postgresql://plane:${postgres_password}@plane-db:5432/plane",
|
|
"",
|
|
"# ===== Redis / Valkey (cache) =====",
|
|
"# Redis host.",
|
|
"REDIS_HOST=plane-redis",
|
|
"# Redis port.",
|
|
"REDIS_PORT=6379",
|
|
"# Full Redis connection URL.",
|
|
"REDIS_URL=redis://plane-redis:6379/",
|
|
"",
|
|
"# ===== RabbitMQ (task queue) =====",
|
|
"# Broker host.",
|
|
"RABBITMQ_HOST=plane-mq",
|
|
"# Broker port.",
|
|
"RABBITMQ_PORT=5672",
|
|
"# Broker user.",
|
|
"RABBITMQ_USER=plane",
|
|
"# Broker password.",
|
|
"RABBITMQ_PASSWORD=${rabbitmq_password}",
|
|
"# Broker virtual host.",
|
|
"RABBITMQ_VHOST=plane",
|
|
"# Full AMQP connection string (composed from the values above).",
|
|
"AMQP_URL=amqp://plane:${rabbitmq_password}@plane-mq:5672/plane",
|
|
"",
|
|
"# ===== Object storage (MinIO / S3) =====",
|
|
"# Use the bundled MinIO (1) instead of an external S3 provider (0).",
|
|
"USE_MINIO=1",
|
|
"# AWS region; leave empty when using MinIO.",
|
|
"AWS_REGION=",
|
|
"# S3 / MinIO access key.",
|
|
"AWS_ACCESS_KEY_ID=access-key",
|
|
"# S3 / MinIO secret key.",
|
|
"AWS_SECRET_ACCESS_KEY=${minio_password}",
|
|
"# S3 / MinIO endpoint URL.",
|
|
"AWS_S3_ENDPOINT_URL=http://plane-minio:9000",
|
|
"# Bucket used to store uploads.",
|
|
"AWS_S3_BUCKET_NAME=uploads",
|
|
"# Max upload size in bytes (default 5 MiB).",
|
|
"FILE_SIZE_LIMIT=5242880",
|
|
"# Set to 1 if the S3 / MinIO endpoint is served over HTTPS.",
|
|
"MINIO_ENDPOINT_SSL=0",
|
|
"",
|
|
"# ===== Caddy proxy =====",
|
|
"# Address the in-container Caddy listens on. Required: the proxy",
|
|
"# Caddyfile has no default and an empty value crashes it on boot.",
|
|
"SITE_ADDRESS=:80",
|
|
"# Peers allowed to set X-Forwarded-For / X-Real-IP. 'private_ranges'",
|
|
"# trusts only Dokploy's private upstream (Traefik) and blocks public",
|
|
"# IP spoofing. Use a narrower CIDR if exposing the proxy directly.",
|
|
"TRUSTED_PROXIES=private_ranges",
|
|
"",
|
|
"# ===== App runtime =====",
|
|
"# Django debug mode; keep 0 in production.",
|
|
"DEBUG=0",
|
|
"# Number of Gunicorn workers for the API.",
|
|
"GUNICORN_WORKERS=1",
|
|
"# Rate limit applied to API-key requests.",
|
|
"API_KEY_RATE_LIMIT=60/minute",
|
|
"# Comma-separated IPs allowed as webhook targets; empty allows all.",
|
|
"WEBHOOK_ALLOWED_IPS=",
|
|
"# Comma-separated hosts allowed as webhook targets; empty allows all.",
|
|
"WEBHOOK_ALLOWED_HOSTS=",
|
|
]
|
|
|
|
mounts = []
|
|
|
|
[[config.domains]]
|
|
serviceName = "proxy"
|
|
port = 80
|
|
host = "${main_domain}"
|