Skip to content

Commit

Permalink
Merge pull request #8 from beeb/captcha-docs
Browse files Browse the repository at this point in the history 
docs(configuration): new captcha env variables
  • Loading branch information
@wmnnd
wmnnd authored Jun 8, 2023
2 parents ecfc86a + 63d7fae commit db46511
Showing 1 changed file with 46 additions and 41 deletions.
87 changes: 46 additions & 41 deletions content/docs/configuration.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,66 +10,71 @@ When self-hosting Keila, you can configure most aspects of the application with
environment variables.

## Database

Configure the PostgreSQL database used by Keila:

| Variable | Required | Default | Description |
| ---------------- | -------- | ------- | --------------------------------------- |
| `DB_URL` | yes | - | URL following the schema `postgres://user:password@host/database` |
| `DB_ENABLE_SSL` | no | - | Use SSL/TLS for the database connection |
| Variable | Required | Default | Description |
| --------------- | -------- | ------- | ----------------------------------------------------------------- |
| `DB_URL` | yes | - | URL following the schema `postgres://user:password@host/database` |
| `DB_ENABLE_SSL` | no | - | Use SSL/TLS for the database connection |

## Root User

When you start Keila for the first time, a root user is created. If you don’t
specify otherwise, a user with a random password is created printed to
stdout.

| Variable | Required | Default | Description |
| ---------------- | -------- | ------- | --------------------------------------- |
| Variable | Required | Default | Description |
| ---------------- | -------- | ---------------- | ------------------------------- |
| `KEILA_USER` | | `root@localhost` | Email address for the root user |
| `KEILA_PASSWORD` | | *random* | Password for the root user |
| `KEILA_PASSWORD` | | _random_ | Password for the root user |

## URL
Configure publicly-visible URLs generated by Keila with the following variables:

Configure publicly-visible URLs generated by Keila with the following variables:

| Variable | Required | Default | Description |
| ------------- | -------- | ------- | --------------------------------------- |
| `URL_HOST` | yes | - | Domain of your Keila instance |
| `URL_PATH` | | `/` | Path of your Keila instance |
| `URL_SCHEMA` | | `http` | `http` or `https`. URL scheme of your Keila instance |
| `URL_PORT` | | `443` if `URL_SCHEMA` is `https`<br>value of `PORT` otherwise | Port of your Keila instance |
| Variable | Required | Default | Description |
| ------------ | -------- | ------------------------------------------------------------- | ---------------------------------------------------- |
| `URL_HOST` | yes | - | Domain of your Keila instance |
| `URL_PATH` | | `/` | Path of your Keila instance |
| `URL_SCHEMA` | | `http` | `http` or `https`. URL scheme of your Keila instance |
| `URL_PORT` | | `443` if `URL_SCHEMA` is `https`<br>value of `PORT` otherwise | Port of your Keila instance |

## Deployment

| Variable | Required | Default | Description |
| ---------------------- | -------- | ------- | ------------------------------ |
| `PORT` | | `4000` | Port on which Keila will listen |
| `SECRET_KEY_BASE` | yes | - | Strong secret with at least 64 characters. Can be generated with `head -c 48 /dev/urandom &#124; base64` |
| `HASHID_SALT` | | derived from `SECRET_KEY_BASE` | Salt for creating Hashids. [More information](https://hashids.org/) |
| `DISABLE_REGISTRATION` | | `false` | Disable user registration by setting this variable to `true` |
| `DISABLE_PRECEDENCE_HEADER` | | `false` | Disable the `Precedence: Bulk` header by settings this variable to `true` |
| `USER_CONTENT_DIR` | | `./uploads` | Path to a directory where user uploads will be stored. When deploying using containers, this should point to the path of a volume to make sure uploads are persisted. |
| `USER_CONTENT_BASE_URL`| | - | Base URL at which files in `USER_CONTENT_DIR` are available on the web. It’s recommended to set up a separate server (such as Nginx or Apache) to serve user content. If not set, Keila wil serve user content files directly. |
| Variable | Required | Default | Description |
| --------------------------- | -------- | ------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
| `PORT` | | `4000` | Port on which Keila will listen |
| `SECRET_KEY_BASE` | yes | - | Strong secret with at least 64 characters. Can be generated with `head -c 48 /dev/urandom &#124; base64` |
| `HASHID_SALT` | | derived from `SECRET_KEY_BASE` | Salt for creating Hashids. [More information](https://hashids.org/) |
| `DISABLE_REGISTRATION` | | `false` | Disable user registration by setting this variable to `true` |
| `DISABLE_PRECEDENCE_HEADER` | | `false` | Disable the `Precedence: Bulk` header by settings this variable to `true` |
| `USER_CONTENT_DIR` | | `./uploads` | Path to a directory where user uploads will be stored. When deploying using containers, this should point to the path of a volume to make sure uploads are persisted. |
| `USER_CONTENT_BASE_URL` | | - | Base URL at which files in `USER_CONTENT_DIR` are available on the web. It’s recommended to set up a separate server (such as Nginx or Apache) to serve user content. If not set, Keila wil serve user content files directly. |

## System mailer

Keila needs to be able to send system emails, e.g. for registration and password
reset emails. Configure an SMTP sender for this purpose with the following
variables:

| Variable | Required | Default | Description ---- |
| ---------------------- | -------- | ------- | ---------------------------------- |
| `MAILER_TYPE` | | `smtp` | Currently only `smtp` is supported |
| `MAILER_SMTP_HOST` | yes | - | Hostname of the SMTP server |
| `MAILER_SMTP_PORT` | | `587` | Port of the SMTP server |
| `MAILER_SMTP_USER` | yes | - | Username for the SMTP server |
| `MAILER_SMTP_PASSWORD` | yes | - | Password for the SMTP server |
| `MAILER_SMTP_FROM_EMAIL` | | `MAILER_SMTP_USER` | FROM email address |

## hCaptcha
Keila uses hCaptcha to protect your sign-up forms. Configure hCaptcha with the
following variables:

| Variable | Required | Default | Description |
| --------------------- | -------- | ------- | ------------------------------- |
| `HCAPTCHA_SITE_KEY` | | - | hCaptcha site key |
| `HCAPTCHA_SECRET_KEY` | | `http` | hCaptcha secret key |
| `HCAPTCHA_URL` | | `https://hcaptcha.com/siteverify` | hCaptcha verification URL |
| Variable | Required | Default | Description |
| ------------------------ | -------- | ------------------ | ---------------------------------- |
| `MAILER_TYPE` | | `smtp` | Currently only `smtp` is supported |
| `MAILER_SMTP_HOST` | yes | - | Hostname of the SMTP server |
| `MAILER_SMTP_PORT` | | `587` | Port of the SMTP server |
| `MAILER_SMTP_USER` | yes | - | Username for the SMTP server |
| `MAILER_SMTP_PASSWORD` | yes | - | Password for the SMTP server |
| `MAILER_SMTP_FROM_EMAIL` | | `MAILER_SMTP_USER` | FROM email address |

## Captcha

Keila can use [hCaptcha](https://www.hcaptcha.com/) or [Friendly Captcha](https://friendlycaptcha.com/) to protect your
sign-up forms. Configure the captcha provider with the following variables:

| Variable | Required | Default | Description |
| -------------------- | -------- | ---------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
| `CAPTCHA_PROVIDER` | | `hcaptcha` | Captcha provider, one of `hcaptcha` or `friendly_captcha` |
| `CAPTCHA_SITE_KEY` | | - | Captcha provider site key |
| `CAPTCHA_SECRET_KEY` | | - | Captcha provider secret key |
| `CAPTCHA_URL` | | variable | Captcha provider verification URL, defaults to `https://hcaptcha.com/siteverify` for `hcaptcha` and `https://api.friendlycaptcha.com/api/v1/siteverify` for `friendly_captcha` |

0 comments on commit db46511

Please sign in to comment.