-
Notifications
You must be signed in to change notification settings - Fork 279
/
Copy pathaleph.env.tmpl
137 lines (110 loc) · 4.41 KB
/
aleph.env.tmpl
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
# Aleph environment configuration
#
# This file is loaded by docker-compose and transformed into a set of
# environment variables inside the containers. These are, in turn, parsed
# by aleph and used to configure the system.
# Random string:
ALEPH_SECRET_KEY=
# Visible instance name in the UI
ALEPH_APP_TITLE=Aleph
# Name needs to be a slug, as it is used e.g. for the ES index, SQS queue name:
ALEPH_APP_NAME=aleph
ALEPH_UI_URL=http://localhost:8080/
# Set a static, app-wide message banner displayed at the top of every page.
# This can be useful to inform users about planned downtime etc.
# ALEPH_APP_BANNER="This is an app-wide message."
# Instead of defining a static message using the `ALEPH_APP_BANNER` variable,
# you can also define a JSON endpoint that Aleph will use to fetch app-wide
# messages to display at the top of every page.
# ALEPH_APP_MESSAGES_URL=https://example.org/messages.json
# ALEPH_URL_SCHEME=https
# ALEPH_FAVICON=https://investigativedashboard.org/static/favicon.ico
# ALEPH_LOGO=http://assets.pudo.org/img/logo_bigger.png
# Set email addresses, separated by colons, that will be made admin.
# Single-user mode disables authentication and authorization autologging in any user as admin
ALEPH_SINGLE_USER=false
# Login modalities
ALEPH_PASSWORD_LOGIN=true
# OAuth configuration
# Currently supported providers are Google, Facebook, Cognito and Azure AD OAuth
# Note that you do not need to fill out all fields in order to use it
ALEPH_OAUTH=false
ALEPH_OAUTH_KEY=
ALEPH_OAUTH_SECRET=
# You also need to provide an OpenID Connect (OIDC) configuration URL. Examples:
#
# Google:
# ALEPH_OAUTH_METADATA_URL=https://accounts.google.com/.well-known/openid-configuration
#
# KeyCloak/OCCRP:
# ALEPH_OAUTH_METADATA_URL=https://secure.occrp.org/auth/realms/general/.well-known/openid-configuration
#
# Azure:
# ALEPH_OAUTH_METADATA_URL=https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration
#
# Amazon Cognito:
# ALEPH_OAUTH_METADATA_URL=https://cognito-idp.{region}.amazonaws.com/{userPoolId}/.well-known/openid-configuration
# Where and how to store the underlying files:
# ARCHIVE_TYPE=file
# ARCHIVE_PATH=/data
# Or, if 'ALEPH_ARCHIVE_TYPE' configuration is 's3':
# ARCHIVE_TYPE=s3
# ARCHIVE_BUCKET=
# AWS_REGION=
# Leave these next two keys empty if you prefer IAM Role-based auth
# (see https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html#id1)
# AWS_ACCESS_KEY_ID=
# AWS_SECRET_ACCESS_KEY=
# To use an external ElasticSearch service:
# ALEPH_ELASTICSEARCH_URI=
# enable mtls for elasticsearch:
# ELASTICSEARCH_TLS_CA_CERTS=/certs/ca.crt
# ELASTICSEARCH_TLS_CLIENT_CERT=/certs/client.crt
# ELASTICSEARCH_TLS_CLIENT_KEY=/certs/client.key
# ELASTICSEARCH_TLS_VERIFY_CERTS=1
# 'scroll' parameter used on ES scan() calls on xref operations
# (how long a consistent view of the index should be maintained for scrolled search)
# ALEPH_XREF_SCROLL = 5m
# 'size' parameter used on ES scan() calls on xref operations
# size (per shard) of the batch send for each iteration of a scan
# ALEPH_XREF_SCROLL_SIZE = 1000
# To use an external Postgres service:
# ALEPH_DATABASE_URI=postgresql://<username>:<password>@<host>/<database>
# Define a different ftm entity store:
# FTM_STORE_URI=postgresql://<username>:<password>@<host>/<database>
# Queue mechanism
# REDIS_URL=redis://redis:6379/0
# RABBITMQ_URL=rabbitmq
# RABBITMQ_USERNAME=guest
# RABBITMQ_PASSWORD=guest
# Content options
ALEPH_OCR_DEFAULTS=eng
# ALEPH_LANGUAGES=en:de:fr:es:tr:ar ...
# Provide a valid email to send alerts from:
ALEPH_MAIL_FROM=
ALEPH_MAIL_HOST=
ALEPH_MAIL_USERNAME=
ALEPH_MAIL_PASSWORD=
ALEPH_MAIL_PORT=25
ALEPH_MAIL_TLS=true
ALEPH_MAIL_SSL=false
ALEPH_MAIL_DEBUG=false
# Debug mode (insecure)
ALEPH_DEBUG=false
# Read-only mode:
# ALEPH_MAINTENANCE=true
# Enable HTTP caching
# ALEPH_CACHE=true
# Configure logging
LOG_FORMAT=JSON # TEXT or JSON
# Sentry DSN for error reporting. Leave empty to disable
SENTRY_DSN=
# Sentry environment description, see https://docs.sentry.io/platforms/python/configuration/environments/
SENTRY_ENVIRONMENT=
# Number of threads to use in servicelayer workers.
# Set this to 0 to disable threads and use one worker per process.
# Non-zero values use as many threads as specified.
# If unset workers will use as many threads as there are logical CPUs installed.
# See https://docs.aleph.occrp.org/developers/installation/#scaling-workers
# WORKER_THREADS=