463301b5db
feat: make MAIL FROM subdomain configurable via MAIL_FROM_SUBDOMAIN env
170 lines
6.6 KiB
Bash
170 lines
6.6 KiB
Bash
# ========================================
|
|
# Plunk Self-Hosting Configuration
|
|
# ========================================
|
|
|
|
# ========================================
|
|
# REQUIRED: Security & Database
|
|
# ========================================
|
|
DB_PASSWORD=changeme123
|
|
JWT_SECRET=
|
|
|
|
# ========================================
|
|
# REQUIRED: Domains
|
|
# ========================================
|
|
# Replace example.com with your domain
|
|
# Or use *.localhost for local testing
|
|
API_DOMAIN=api.example.com
|
|
DASHBOARD_DOMAIN=app.example.com
|
|
LANDING_DOMAIN=www.example.com
|
|
WIKI_DOMAIN=docs.example.com
|
|
|
|
# For local development: URIs for running services locally
|
|
# These are used by the applications at runtime
|
|
API_URI=http://localhost:8080
|
|
DASHBOARD_URI=http://localhost:3000
|
|
LANDING_URI=http://localhost:4000
|
|
WIKI_URI=http://localhost:1000
|
|
|
|
# NEXT_PUBLIC_* variables are used for client-side code and sitemap generation
|
|
# Use placeholder URLs that will be replaced at Docker container runtime
|
|
NEXT_PUBLIC_API_URI=https://next-api.useplunk.com
|
|
NEXT_PUBLIC_DASHBOARD_URI=https://next-app.useplunk.com
|
|
NEXT_PUBLIC_LANDING_URI=https://www.useplunk.com
|
|
NEXT_PUBLIC_WIKI_URI=https://next-wiki.useplunk.com
|
|
|
|
# Set to 'true' if using HTTPS in production (behind a reverse proxy/load balancer)
|
|
# This affects how application URIs are auto-generated from domain names
|
|
USE_HTTPS=false
|
|
|
|
# ========================================
|
|
# REQUIRED: AWS SES (Email Sending)
|
|
# ========================================
|
|
AWS_SES_REGION=us-east-1
|
|
AWS_SES_ACCESS_KEY_ID=
|
|
AWS_SES_SECRET_ACCESS_KEY=
|
|
|
|
# Configuration sets for email tracking
|
|
# SES_CONFIGURATION_SET: Default configuration with open/click tracking enabled
|
|
SES_CONFIGURATION_SET=plunk-configuration-set
|
|
|
|
# SES_CONFIGURATION_SET_NO_TRACKING: Optional configuration without tracking
|
|
# If not set, the tracking toggle will be hidden in project settings
|
|
# When set, projects can choose to disable email tracking
|
|
SES_CONFIGURATION_SET_NO_TRACKING=plunk-no-tracking-configuration-set
|
|
|
|
# Custom MAIL FROM subdomain — used to construct `<subdomain>.<your-domain>`
|
|
# when a domain is added. Defaults to `plunk`. Override when `plunk.<your-domain>`
|
|
# is already used for something else (e.g. an R2/CDN custom domain), since the
|
|
# MAIL FROM hostname needs MX + TXT records that can't coexist with a CNAME.
|
|
# Example: MAIL_FROM_SUBDOMAIN=emails → emails.<your-domain>
|
|
# MAIL_FROM_SUBDOMAIN=
|
|
|
|
# ========================================
|
|
# OPTIONAL: OAuth Login
|
|
# ========================================
|
|
GITHUB_OAUTH_CLIENT=
|
|
GITHUB_OAUTH_SECRET=
|
|
GOOGLE_OAUTH_CLIENT=
|
|
GOOGLE_OAUTH_SECRET=
|
|
|
|
# ========================================
|
|
# OPTIONAL: File Storage (Minio)
|
|
# ========================================
|
|
# Minio is included by default in Docker Compose
|
|
# These credentials match the Minio service configuration
|
|
# Leave defaults unless you're using external storage
|
|
MINIO_ROOT_USER=plunk
|
|
MINIO_ROOT_PASSWORD=plunkminiopass
|
|
MINIO_API_PORT=9000
|
|
MINIO_CONSOLE_PORT=9001
|
|
|
|
# S3-compatible storage configuration
|
|
# For self-hosted: uses internal Minio service (defaults work out of the box)
|
|
S3_ENDPOINT=http://minio:9000
|
|
S3_ACCESS_KEY_ID=plunk
|
|
S3_ACCESS_KEY_SECRET=plunkminiopass
|
|
S3_BUCKET=uploads
|
|
S3_PUBLIC_URL=http://localhost:9000/uploads
|
|
S3_FORCE_PATH_STYLE=true
|
|
|
|
# ========================================
|
|
# OPTIONAL: Notifications (ntfy.sh)
|
|
# ========================================
|
|
# Plunk includes a self-hosted ntfy.sh server for system notifications
|
|
# You can access the ntfy web UI at http://localhost:8080 (or your configured NTFY_PORT)
|
|
# Subscribe to the topic 'plunk-notifications' to receive notifications
|
|
|
|
# Port for ntfy web UI and API (default: 8080)
|
|
NTFY_PORT=8080
|
|
|
|
# Ntfy topic URL - Uses internal ntfy service by default
|
|
# To use external ntfy.sh or your own server, change this URL
|
|
# Examples:
|
|
# - Self-hosted (default): http://ntfy/plunk-notifications
|
|
# - Public ntfy.sh: https://ntfy.sh/your-unique-topic-name
|
|
# - Custom server: https://your-ntfy-server.com/your-topic
|
|
NTFY_URL=http://ntfy/plunk-notifications
|
|
|
|
# ========================================
|
|
# OPTIONAL: SMTP Server
|
|
# ========================================
|
|
# The SMTP relay server allows sending emails via SMTP protocol
|
|
# TLS certificates can be mounted via:
|
|
# 1. Traefik acme.json (requires SMTP_DOMAIN to select the right cert)
|
|
# 2. PEM files (privkey.pem and fullchain.pem)
|
|
|
|
# SMTP domain - Required if using Traefik acme.json with multiple certificates
|
|
# Optional if using PEM files
|
|
SMTP_DOMAIN=smtp.example.com
|
|
|
|
# SMTP Ports (defaults work for most setups)
|
|
# PORT_SECURE=465 # SMTPS (implicit TLS)
|
|
# PORT_SUBMISSION=587 # SMTP Submission (STARTTLS)
|
|
|
|
# Maximum recipients per email (default: 5)
|
|
# MAX_RECIPIENTS=5
|
|
|
|
# ========================================
|
|
# OPTIONAL: Platform emails
|
|
# ========================================
|
|
# Your Plunk instance will send emails if you provide a Plunk API key and a from address
|
|
# These emails include system notifications, for example when your project hits billing limits
|
|
|
|
# PLUNK_API_KEY=
|
|
# PLUNK_FROM_ADDRESS=
|
|
|
|
# ========================================
|
|
# OPTIONAL: Security Settings
|
|
# ========================================
|
|
# Controls whether projects are automatically disabled when bounce/complaint rate thresholds are exceeded
|
|
# When enabled (default), projects exceeding security limits will be automatically suspended
|
|
# When disabled, violations will be logged and notifications sent, but projects won't be auto-disabled
|
|
# Recommended for self-hosters: false (manage project status manually)
|
|
# Default: true
|
|
# AUTO_PROJECT_DISABLE=false
|
|
|
|
# ========================================
|
|
# OPTIONAL: Self-Hosting User Management
|
|
# ========================================
|
|
# Controls whether new user signups are allowed
|
|
# When enabled (true), the signup endpoint will reject new user registration attempts
|
|
# Useful for private instances or when you want to manually manage users
|
|
# Default: false
|
|
# DISABLE_SIGNUPS=false
|
|
|
|
# ========================================
|
|
# OPTIONAL: SES Sending Rate
|
|
# ========================================
|
|
# Caps the email-worker's send rate (messages per second) for the SES sandbox or
|
|
# manually-throttled accounts. When unset, the worker probes the AWS account at
|
|
# startup via ses:GetSendQuota; if that call is denied or transiently fails,
|
|
# the worker silently falls back to 14/sec which may exceed sandbox limits and
|
|
# trigger SES throttling errors. Set this explicitly to avoid the silent fallback.
|
|
# Default: unset (auto-detect, falls back to 14)
|
|
# EMAIL_RATE_LIMIT_PER_SECOND=1
|
|
|
|
# ========================================
|
|
# ADVANCED (rarely needed)
|
|
# ========================================
|
|
# NGINX_PORT=80
|