mirror of
https://github.com/btouchard/ackify-ce.git
synced 2026-02-07 22:39:46 -06:00
177 lines
6.5 KiB
Plaintext
177 lines
6.5 KiB
Plaintext
# ==========================================
|
|
# Ackify Community Edition Configuration
|
|
# ==========================================
|
|
|
|
# ==========================================
|
|
# Application Configuration
|
|
# ==========================================
|
|
ACKIFY_BASE_URL=https://your-domain.com
|
|
ACKIFY_ORGANISATION="Your Organization Name"
|
|
|
|
# ==========================================
|
|
# Database Configuration
|
|
# ==========================================
|
|
POSTGRES_PASSWORD=your_secure_password
|
|
ACKIFY_APP_PASSWORD=ackify_app_password
|
|
|
|
# ==========================================
|
|
# Security Configuration (Auto-generated)
|
|
# ==========================================
|
|
# Generate with: openssl rand -base64 32
|
|
ACKIFY_OAUTH_COOKIE_SECRET=your_base64_encoded_secret_key
|
|
|
|
# Generate with: openssl rand 64 | base64 -w 0
|
|
ACKIFY_ED25519_PRIVATE_KEY=your_base64_encoded_ed25519_private_key
|
|
|
|
# ==========================================
|
|
# Server Configuration
|
|
# ==========================================
|
|
ACKIFY_LISTEN_ADDR=:8080
|
|
ACKIFY_LOG_LEVEL=info
|
|
|
|
# ==========================================
|
|
# OAuth2 Authentication Configuration
|
|
# ==========================================
|
|
# At least ONE authentication method (OAuth or MagicLink) must be enabled
|
|
|
|
# Provider: google, github, gitlab, or leave empty for custom
|
|
ACKIFY_OAUTH_PROVIDER=google
|
|
|
|
# OAuth Client Credentials
|
|
ACKIFY_OAUTH_CLIENT_ID=your_oauth_client_id
|
|
ACKIFY_OAUTH_CLIENT_SECRET=your_oauth_client_secret
|
|
|
|
# Optional: Restrict to specific email domain (e.g., @company.com)
|
|
# ACKIFY_OAUTH_ALLOWED_DOMAIN=@your-organization.com
|
|
|
|
# Optional: Auto-login if OAuth session exists (default: false)
|
|
# ACKIFY_OAUTH_AUTO_LOGIN=true
|
|
|
|
# Optional: Custom OAuth provider configuration (only if ACKIFY_OAUTH_PROVIDER is empty)
|
|
# ACKIFY_OAUTH_AUTH_URL=https://your-provider.com/oauth/authorize
|
|
# ACKIFY_OAUTH_TOKEN_URL=https://your-provider.com/oauth/token
|
|
# ACKIFY_OAUTH_USERINFO_URL=https://your-provider.com/api/user
|
|
# ACKIFY_OAUTH_SCOPES=openid,email,profile
|
|
|
|
# Optional: Self-hosted GitLab URL (only if ACKIFY_OAUTH_PROVIDER=gitlab)
|
|
# ACKIFY_OAUTH_GITLAB_URL=https://gitlab.your-company.com
|
|
|
|
# Optional: Custom logout URL
|
|
# ACKIFY_OAUTH_LOGOUT_URL=https://your-provider.com/logout
|
|
|
|
# Optional: Force enable/disable OAuth (auto-detected by default)
|
|
# ACKIFY_AUTH_OAUTH_ENABLED=true
|
|
|
|
# ==========================================
|
|
# SMTP Configuration (Email Service)
|
|
# ==========================================
|
|
# SMTP is used for:
|
|
# - Sending signature reminders to expected signers
|
|
# - MagicLink authentication (passwordless email login)
|
|
|
|
# SMTP Server Configuration
|
|
# ACKIFY_MAIL_HOST=smtp.gmail.com
|
|
# ACKIFY_MAIL_PORT=587
|
|
# ACKIFY_MAIL_USERNAME=your-smtp-username
|
|
# ACKIFY_MAIL_PASSWORD=your-smtp-password
|
|
|
|
# Email Sender Configuration
|
|
# ACKIFY_MAIL_FROM=noreply@your-domain.com
|
|
# ACKIFY_MAIL_FROM_NAME=Your Organization Name
|
|
|
|
# SMTP Security Settings
|
|
# ACKIFY_MAIL_TLS=true
|
|
# ACKIFY_MAIL_STARTTLS=true
|
|
# ACKIFY_MAIL_INSECURE_SKIP_VERIFY=false
|
|
# ACKIFY_MAIL_TIMEOUT=10s
|
|
|
|
# Email Template Configuration
|
|
# ACKIFY_MAIL_TEMPLATE_DIR=templates
|
|
# ACKIFY_MAIL_DEFAULT_LOCALE=en
|
|
# ACKIFY_MAIL_SUBJECT_PREFIX=[Ackify]
|
|
|
|
# ==========================================
|
|
# MagicLink Authentication Configuration
|
|
# ==========================================
|
|
# MagicLink provides passwordless authentication via email
|
|
# Auto-enabled when ACKIFY_MAIL_HOST is configured
|
|
|
|
# Optional: Force disable MagicLink even if SMTP is configured
|
|
# ACKIFY_AUTH_MAGICLINK_ENABLED=false
|
|
|
|
# ==========================================
|
|
# Admin Configuration
|
|
# ==========================================
|
|
# Comma-separated list of admin email addresses
|
|
# Admins have access to document management and reminder features
|
|
# ACKIFY_ADMIN_EMAILS=admin@your-domain.com,admin2@your-domain.com
|
|
|
|
# Document Creation Restriction
|
|
# When enabled, only admins can create new documents
|
|
# ACKIFY_ONLY_ADMIN_CAN_CREATE=false
|
|
|
|
# ==========================================
|
|
# Document Storage Configuration
|
|
# ==========================================
|
|
# Enable document storage to allow users to upload documents directly
|
|
# Storage types: local, s3 (leave empty to disable)
|
|
|
|
# ACKIFY_STORAGE_TYPE=local
|
|
# ACKIFY_STORAGE_MAX_SIZE_MB=50
|
|
|
|
# Local storage (when ACKIFY_STORAGE_TYPE=local)
|
|
# ACKIFY_STORAGE_LOCAL_PATH=/data/documents
|
|
|
|
# S3-compatible storage (when ACKIFY_STORAGE_TYPE=s3)
|
|
# Works with AWS S3, MinIO, Wasabi, DigitalOcean Spaces, etc.
|
|
# ACKIFY_STORAGE_S3_ENDPOINT=https://s3.amazonaws.com
|
|
# ACKIFY_STORAGE_S3_BUCKET=ackify-documents
|
|
# ACKIFY_STORAGE_S3_ACCESS_KEY=your_access_key
|
|
# ACKIFY_STORAGE_S3_SECRET_KEY=your_secret_key
|
|
# ACKIFY_STORAGE_S3_REGION=us-east-1
|
|
# ACKIFY_STORAGE_S3_USE_SSL=true
|
|
|
|
# ==========================================
|
|
# Telemetry Configuration
|
|
# ==========================================
|
|
# Anonymous usage metrics to help improve Ackify
|
|
# - GDPR compliant (no personal data collected)
|
|
# - Business metrics only: documents, signatures, webhooks, reminders count
|
|
# - Non-intrusive (background collection)
|
|
# Set to true to help us improve Ackify!
|
|
ACKIFY_TELEMETRY=false
|
|
|
|
# Data directory for identity file (IMPORTANT: must be a host bind mount to survive container recreation)
|
|
# Default: /data/telemetry (mounted from ./telemetry on host)
|
|
# ACKIFY_TELEMETRY_DATA_DIR=/data/telemetry
|
|
|
|
# ==========================================
|
|
# CONFIGURATION INSTRUCTIONS
|
|
# ==========================================
|
|
|
|
# 1. Run the interactive installation script:
|
|
# bash <(curl -fsSL https://raw.githubusercontent.com/btouchard/ackify-ce/main/install/install.sh)
|
|
|
|
# 2. Or manually generate secure secrets:
|
|
# ACKIFY_OAUTH_COOKIE_SECRET=$(openssl rand -base64 32)
|
|
# ACKIFY_ED25519_PRIVATE_KEY=$(openssl rand 64 | base64 -w 0)
|
|
|
|
# 3. OAuth2 Provider Setup:
|
|
# GOOGLE: Create OAuth credentials at https://console.cloud.google.com/
|
|
# GITHUB: Create OAuth app at https://github.com/settings/developers
|
|
# GITLAB: Create OAuth app at https://gitlab.com/-/profile/applications
|
|
# CUSTOM: Use your own OAuth provider with custom URLs
|
|
|
|
# 4. SMTP Setup (for email reminders and MagicLink):
|
|
# GMAIL: Use App Password from https://myaccount.google.com/apppasswords
|
|
# SMTP2GO: Get credentials from https://www.smtp2go.com/
|
|
# SendGrid: Use API key from https://app.sendgrid.com/settings/api_keys
|
|
# Mailgun: Get credentials from https://app.mailgun.com/
|
|
|
|
# 5. Authentication Methods:
|
|
# - OAuth: Requires ACKIFY_OAUTH_CLIENT_ID and ACKIFY_OAUTH_CLIENT_SECRET
|
|
# - MagicLink: Requires ACKIFY_MAIL_HOST configuration
|
|
# - At least ONE method must be enabled
|
|
|
|
# 6. Start Ackify:
|
|
# docker compose up -d |