49 lines
1.7 KiB
Bash
49 lines
1.7 KiB
Bash
# .env file for Semaphore with OpenID Connect
|
|
|
|
# --- Database Configuration ---
|
|
# Use a strong password for the database
|
|
POSTGRES_HOST=database
|
|
POSTGRES_USER=semaphore
|
|
POSTGRES_PASSWORD=your_strong_db_password
|
|
POSTGRES_DB=semaphore
|
|
|
|
# --- Semaphore Configuration ---
|
|
# Generate a random string for database encryption
|
|
# You can use a tool like "openssl rand -base64 32" to generate a string.
|
|
SEMAPHORE_DATABASE_ENCRYPTION=CHANGE_THIS_TO_A_RANDOM_STRING
|
|
|
|
# A user to be created on first start (if the database is empty)
|
|
SEMAPHORE_DEFAULT_USER=admin
|
|
SEMAPHORE_DEFAULT_EMAIL=admin@example.com
|
|
SEMAPHORE_DEFAULT_PASSWORD=your_secure_admin_password
|
|
|
|
# The port where Semaphore will listen
|
|
SEMAPHORE_PORT=3000
|
|
|
|
# The URL of your Semaphore instance. This is required for OpenID.
|
|
# Replace with the actual URL where you will access Semaphore.
|
|
SEMAPHORE_URL=http://localhost:3000
|
|
|
|
# --- OpenID Connect Configuration ---
|
|
# Enable OpenID Connect authentication
|
|
SEMAPHORE_OIDC_ENABLED=true
|
|
|
|
# Your OpenID provider's discovery URL.
|
|
# Example: https://accounts.google.com/.well-known/openid-configuration
|
|
SEMAPHORE_OIDC_DISCOVERY_URL=YOUR_OPENID_DISCOVERY_URL
|
|
|
|
# The client ID you get from your OpenID provider
|
|
SEMAPHORE_OIDC_CLIENT_ID=YOUR_CLIENT_ID
|
|
|
|
# The client secret you get from your OpenID provider
|
|
SEMAPHORE_OIDC_CLIENT_SECRET=YOUR_CLIENT_SECRET
|
|
|
|
# A list of OpenID users who will have admin privileges in Semaphore.
|
|
# The value should be the subject (sub) or email of the user.
|
|
# You can list multiple users separated by a comma, e.g., "user1,user2".
|
|
SEMAPHORE_OIDC_ADMIN_USERS=admin@example.com
|
|
|
|
# The scope to request from the OpenID provider.
|
|
# "openid" and "email" are standard. You may need more depending on your provider.
|
|
SEMAPHORE_OIDC_SCOPE=openid email
|