|
| 1 | +# Selfhosted Configuration |
| 2 | +# Copy this file to .env and configure with your values |
| 3 | + |
| 4 | +# ============================================================================= |
| 5 | +# REQUIRED: Base Domain Configuration |
| 6 | +# ============================================================================= |
| 7 | + |
| 8 | +# Your main domain name - all services will use subdomains of this |
| 9 | +# Example: if BASE_DOMAIN=example.com, services will be at service.example.com |
| 10 | +BASE_DOMAIN=your-domain.com |
| 11 | + |
| 12 | +# Wildcard domain for SSL certificate generation |
| 13 | +# This should match your BASE_DOMAIN with a wildcard prefix |
| 14 | +WILDCARD_DOMAIN=*.your-domain.com |
| 15 | + |
| 16 | +# ============================================================================= |
| 17 | +# REQUIRED: Cloudflare DNS Configuration |
| 18 | +# ============================================================================= |
| 19 | +# Required for automatic SSL certificate generation via DNS challenge |
| 20 | +# Get these from your Cloudflare account: https://dash.cloudflare.com/profile/api-tokens |
| 21 | + |
| 22 | +# Option 1: API Token (Recommended - more secure) |
| 23 | +CF_Token=your_cloudflare_api_token_here |
| 24 | + |
| 25 | +# Option 2: Email + API Key (Legacy) |
| 26 | +# CF_Email=your-email@example.com |
| 27 | +# CF_Key=your_global_api_key_here |
| 28 | + |
| 29 | +# ============================================================================= |
| 30 | +# OPTIONAL: Docker User Configuration |
| 31 | +# ============================================================================= |
| 32 | +# Set these to match your user to avoid permission issues with mounted volumes |
| 33 | +# Run: id $(whoami) to get your values |
| 34 | + |
| 35 | +# Your user ID |
| 36 | +UID=1000 |
| 37 | + |
| 38 | +# Your group ID |
| 39 | +GID=1000 |
| 40 | + |
| 41 | +# ============================================================================= |
| 42 | +# OPTIONAL: SSH Configuration |
| 43 | +# ============================================================================= |
| 44 | +# Used for Docker Swarm multi-node deployments |
| 45 | + |
| 46 | +# SSH key file for remote access (default: ~/.ssh/selfhosted_rsa) |
| 47 | +# SSH_KEY_FILE=/home/user/.ssh/selfhosted_rsa |
| 48 | + |
| 49 | +# SSH connection timeout in seconds |
| 50 | +# SSH_TIMEOUT=5 |
| 51 | + |
| 52 | +# ============================================================================= |
| 53 | +# OPTIONAL: Service-Specific Domain Overrides |
| 54 | +# ============================================================================= |
| 55 | +# By default, services use: service-name.BASE_DOMAIN |
| 56 | +# Uncomment and modify these to customize individual service domains |
| 57 | + |
| 58 | +# Core Services |
| 59 | +# DOMAIN_HOMEPAGE=dashboard.your-domain.com |
| 60 | + |
| 61 | +# Finance |
| 62 | +# DOMAIN_BUDGET=budget.your-domain.com # Actual Budget |
| 63 | + |
| 64 | +# Media Services |
| 65 | +# DOMAIN_PHOTOPRISM=photos.your-domain.com |
| 66 | +# DOMAIN_EMBY=media.your-domain.com |
| 67 | +# DOMAIN_RADARR=movies.your-domain.com |
| 68 | +# DOMAIN_SONARR=tv.your-domain.com |
| 69 | +# DOMAIN_DELUGE=torrents.your-domain.com |
| 70 | +# DOMAIN_QBITTORRENT=qbt.your-domain.com |
| 71 | +# DOMAIN_PROWLARR=indexers.your-domain.com |
| 72 | + |
| 73 | +# Collaboration & Productivity |
| 74 | +# DOMAIN_CRYPTPAD=docs.your-domain.com |
| 75 | +# DOMAIN_CRYPTPAD_SANDBOX=sandbox-docs.your-domain.com |
| 76 | +# DOMAIN_LIBRECHAT=chat.your-domain.com |
| 77 | + |
| 78 | +# Smart Home & Management |
| 79 | +# DOMAIN_HOMEASSISTANT=home.your-domain.com |
| 80 | +# DOMAIN_PORTAINER_AGENT=containers.your-domain.com |
| 81 | + |
| 82 | +# ============================================================================= |
| 83 | +# OPTIONAL: Volume Configuration |
| 84 | +# ============================================================================= |
| 85 | +# Configure data storage paths for services |
| 86 | +# Default paths assume you have external storage mounted at /media/external |
| 87 | + |
| 88 | +# Media storage path (for Emby, PhotoPrism, etc.) |
| 89 | +# MEDIA_ROOT=/media/external |
| 90 | + |
| 91 | +# Downloads path (for torrents, etc.) |
| 92 | +# DOWNLOADS_ROOT=/media/external/downloads |
| 93 | + |
| 94 | +# ============================================================================= |
| 95 | +# SECURITY NOTES |
| 96 | +# ============================================================================= |
| 97 | +# 1. Never commit the actual .env file to version control |
| 98 | +# 2. Use strong, unique passwords for all services |
| 99 | +# 3. Regularly rotate API tokens and certificates |
| 100 | +# 4. Consider using Docker secrets for production deployments |
| 101 | +# 5. Ensure your domain's DNS points to your server |
0 commit comments