2024-06-17 13:57:12 +02:00
|
|
|
APP_NAME=Lychee
|
|
|
|
APP_ENV=production
|
|
|
|
APP_KEY=
|
|
|
|
APP_DEBUG=false
|
|
|
|
# This MUST contain the host name up to the Top Level Domain (tld) e.g. .com, .org etc.
|
|
|
|
APP_URL=https://__DOMAIN__
|
|
|
|
APP_FORCE_HTTPS=false
|
|
|
|
|
|
|
|
# If using Lychee in a sub folder, specify the path after the tld here.
|
|
|
|
# For example for https://lychee.test/path/to/lychee
|
|
|
|
# Set APP_URL=https://lychee.test
|
|
|
|
# and APP_DIR=/path/to/lychee
|
|
|
|
# We (LycheeOrg) do not recommend the use of APP_DIR.
|
|
|
|
APP_DIR=__PATH__/
|
|
|
|
|
|
|
|
# enable or disable debug bar. By default it is disabled.
|
|
|
|
# Do note that this disable CSP!!
|
2024-06-19 11:21:28 +02:00
|
|
|
DEBUGBAR_ENABLED=false
|
2024-06-17 13:57:12 +02:00
|
|
|
|
|
|
|
# enable or disable the v5 layout.
|
|
|
|
LIVEWIRE_ENABLED=true
|
|
|
|
|
|
|
|
# enable or disable log viewer. By default it is enabled.
|
2024-06-19 11:21:28 +02:00
|
|
|
LOG_VIEWER_ENABLED=false
|
2024-06-17 13:57:12 +02:00
|
|
|
|
|
|
|
# enable s3 bucket (required in addition to needing AWS_ACCESS_KEY_ID)
|
|
|
|
# S3_ENABLED=true
|
|
|
|
|
|
|
|
# If you spread old links of to your albums in your Lychee instance starting with
|
|
|
|
# https://lychee.text/#albumID/PhotoId
|
|
|
|
# Set this value to true to enable redirection.
|
|
|
|
LEGACY_V4_REDIRECT=false
|
|
|
|
|
|
|
|
##############################################################################
|
|
|
|
# IMPORTANT: To migrate from Lychee v3 you *MUST* use the same MySQL/MariaDB #
|
|
|
|
# server as v3. #
|
|
|
|
##############################################################################
|
|
|
|
|
|
|
|
# Table prefix (e.g. lychee_) of a Lychee v3 instance for migration
|
|
|
|
DB_OLD_LYCHEE_PREFIX=
|
|
|
|
|
|
|
|
# DB_CONNECTION can be sqlite, mysql or pgsql. For sqlite the other entries are
|
|
|
|
# not required, but an existing sqlite3 database may be specified if desired. In
|
|
|
|
# this case, please use an absolute path. DB_DATABASE may be omitted but should
|
|
|
|
# *not* be left blank.
|
|
|
|
DB_CONNECTION=mysql
|
|
|
|
DB_HOST=127.0.0.1
|
|
|
|
DB_PORT=3306
|
|
|
|
DB_DATABASE=__DB_NAME__
|
|
|
|
DB_USERNAME=__DB_USER__
|
|
|
|
DB_PASSWORD=__DB_PWD__
|
|
|
|
DB_LOG_SQL=false
|
|
|
|
|
|
|
|
# List foreign keys in diagnostic page
|
|
|
|
DB_LIST_FOREIGN_KEYS=false
|
|
|
|
|
|
|
|
# Application timezone. If not specified, the server's default timezone is used.
|
|
|
|
# Requires a named timezone identifier.
|
|
|
|
# See https://www.php.net/manual/en/timezones.php for the list of supported timezones.
|
|
|
|
# Don't use a timezone offset (like +01:00) or a timezone abbreviation (like CEST)
|
|
|
|
TIMEZONE=__TIMEZONE__
|
|
|
|
|
|
|
|
# Visibility of directories and (media) files in LYCHEE_UPLOADS
|
|
|
|
# Possible values are:
|
|
|
|
#
|
|
|
|
# - private: world group has neither read nor write access
|
|
|
|
# - public: world group has read access but no write access (the default)
|
|
|
|
# - world: world group has read and write access
|
|
|
|
#
|
|
|
|
# The default should suffice for most installations.
|
|
|
|
# For improved security, change this setting to "private".
|
|
|
|
# Some rare setups may require directories and files to be world writeable.
|
|
|
|
# In this case, use "world" here.
|
|
|
|
# USE WITH PRECAUTIONS: world writeable files and folders may be a SECURITY RISK.
|
|
|
|
# LYCHEE_IMAGE_VISIBILITY=public
|
|
|
|
|
|
|
|
# folders in which the files will be stored
|
|
|
|
LYCHEE_UPLOADS="__DATA_DIR__/uploads/"
|
|
|
|
LYCHEE_DIST="__INSTALL_DIR__/public/dist/"
|
2024-06-18 23:13:52 +02:00
|
|
|
LYCHEE_SYM="__INSTALL_DIR__/public/sym/"
|
2024-06-17 13:57:12 +02:00
|
|
|
# url to access those files
|
|
|
|
# LYCHEE_UPLOADS_URL="uploads/"
|
|
|
|
# LYCHEE_DIST_URL="dist/"
|
|
|
|
# LYCHEE_SYM_URL="sym/"
|
|
|
|
|
|
|
|
# Support for token based authentication used by API requests. Enabled by default.
|
|
|
|
# ENABLE_TOKEN_AUTH=true
|
|
|
|
|
|
|
|
CACHE_DRIVER=file
|
|
|
|
SESSION_DRIVER=file
|
|
|
|
SESSION_LIFETIME=120
|
|
|
|
# `sync` if jobs needs to be executed live (default) or `database` if they can be defered.
|
|
|
|
QUEUE_CONNECTION=sync
|
|
|
|
|
|
|
|
SECURITY_HEADER_HSTS_ENABLE=false
|
|
|
|
SECURITY_HEADER_CSP_CONNECT_SRC=
|
|
|
|
SECURITY_HEADER_SCRIPT_SRC_ALLOW=
|
|
|
|
SESSION_SECURE_COOKIE=false
|
|
|
|
|
|
|
|
REDIS_HOST=127.0.0.1
|
|
|
|
REDIS_PASSWORD=null
|
|
|
|
REDIS_PORT=6379
|
|
|
|
|
2024-06-18 23:39:00 +02:00
|
|
|
MAIL_DRIVER=smtp
|
|
|
|
MAIL_HOST=localhost
|
|
|
|
MAIL_PORT=25
|
|
|
|
MAIL_USERNAME=__APP__
|
|
|
|
MAIL_PASSWORD=__MAIL_PWD__
|
|
|
|
MAIL_ENCRYPTION=false
|
|
|
|
MAIL_FROM_NAME=lychee
|
|
|
|
MAIL_FROM_ADDRESS=lychee@__DOMAIN__
|
2024-06-17 13:57:12 +02:00
|
|
|
|
|
|
|
# The trusted proxies if Lychee is behind a reverse proxy
|
|
|
|
# Accepted values:
|
|
|
|
# - `null`: no proxy
|
|
|
|
# - `*`: any proxy
|
|
|
|
# - <ip address>[,<ip address>]: a comma-seperated list of IP addresses
|
|
|
|
TRUSTED_PROXIES=null
|
|
|
|
|
|
|
|
# Comma-separated list of class names of diagnostics checks that should be skipped.
|
|
|
|
#SKIP_DIAGNOSTICS_CHECKS=
|
|
|
|
|
|
|
|
VITE_PUSHER_APP_KEY="${PUSHER_APP_KEY}"
|
|
|
|
VITE_PUSHER_APP_CLUSTER="${PUSHER_APP_CLUSTER}"
|
|
|
|
|
|
|
|
# Oauth token data
|
|
|
|
# XXX_REDIRECT_URI should be left as default unless you know exactly what you do.
|
|
|
|
|
|
|
|
# AMAZON_SIGNIN_CLIENT_ID=
|
|
|
|
# AMAZON_SIGNIN_SECRET=
|
|
|
|
# AMAZON_SIGNIN_REDIRECT_URI=/auth/amazon/redirect
|
|
|
|
|
|
|
|
# https://developer.okta.com/blog/2019/06/04/what-the-heck-is-sign-in-with-apple
|
|
|
|
# Note: the client secret used for "Sign In with Apple" is a JWT token that can have a maximum lifetime of 6 months.
|
|
|
|
# The article above explains how to generate the client secret on demand and you'll need to update this every 6 months.
|
|
|
|
# To generate the client secret for each request, see Generating A Client Secret For Sign In With Apple On Each Request.
|
|
|
|
# https://bannister.me/blog/generating-a-client-secret-for-sign-in-with-apple-on-each-request
|
|
|
|
# APPLE_CLIENT_ID=
|
|
|
|
# APPLE_CLIENT_SECRET=
|
|
|
|
# APPLE_REDIRECT_URI=/auth/apple/redirect
|
|
|
|
|
|
|
|
# FACEBOOK_CLIENT_ID=
|
|
|
|
# FACEBOOK_CLIENT_SECRET=
|
|
|
|
# FACEBOOK_REDIRECT_URI=/auth/facebook/redirect
|
|
|
|
|
|
|
|
# GITHUB_CLIENT_ID=
|
|
|
|
# GITHUB_CLIENT_SECRET=
|
|
|
|
# GITHUB_REDIRECT_URI=/auth/github/redirect
|
|
|
|
|
|
|
|
# GOOGLE_CLIENT_ID=
|
|
|
|
# GOOGLE_CLIENT_SECRET=
|
|
|
|
# GOOGLE_REDIRECT_URI=/auth/google/redirect
|
|
|
|
|
|
|
|
# MASTODON_DOMAIN=https://mastodon.social
|
|
|
|
# MASTODON_ID=
|
|
|
|
# MASTODON_SECRET=
|
|
|
|
# MASTODON_REDIRECT_URI=/auth/mastodon/redirect
|
|
|
|
|
|
|
|
# MICROSOFT_CLIENT_ID=
|
|
|
|
# MICROSOFT_CLIENT_SECRET=
|
|
|
|
# MICROSOFT_REDIRECT_URI=/auth/microsoft/redirect
|
|
|
|
|
|
|
|
# NEXTCLOUD_CLIENT_ID=
|
|
|
|
# NEXTCLOUD_CLIENT_SECRET=
|
|
|
|
# NEXTCLOUD_REDIRECT_URI=/auth/nextcloud/redirect
|
|
|
|
# NEXTCLOUD_BASE_URI=
|
|
|
|
|
|
|
|
# KEYCLOAK_CLIENT_ID=
|
|
|
|
# KEYCLOAK_CLIENT_SECRET=
|
|
|
|
# KEYCLOAK_REDIRECT_URI=/auth/keycloak/redirect
|
|
|
|
# KEYCLOAK_BASE_URL=
|
|
|
|
# KEYCLOAK_REALM=
|
|
|
|
|
|
|
|
# AWS support data
|
|
|
|
|
|
|
|
# AWS_ACCESS_KEY_ID=
|
|
|
|
# AWS_SECRET_ACCESS_KEY=
|
|
|
|
# AWS_DEFAULT_REGION=
|
|
|
|
# AWS_BUCKET=
|
|
|
|
# AWS_URL=
|
|
|
|
# AWS_ENDPOINT=
|
|
|
|
# AWS_IMAGE_VISIBILITY=
|
|
|
|
# AWS_USE_PATH_STYLE_ENDPOINT=
|