gui.do
Barazo Docker Compose templates for self-hosting
barazo.forum
1# Barazo Environment Configuration
2#
3# Copy this file to .env (production) or .env.dev (development) and edit values.
4# Lines starting with # are comments. Uncomment to override defaults.
5#
6# SECURITY: Never commit .env files containing real secrets.
7
8# ==============================================================================
9# Community Identity
10# ==============================================================================
11
12# Display name for your forum community
13COMMUNITY_NAME="My Community"
14
15# Domain where your forum is hosted (used by Caddy for SSL)
16# COMMUNITY_DOMAIN="forum.example.com"
17
18# AT Protocol DID for your community (created during setup)
19# COMMUNITY_DID="did:plc:xxxx"
20
21# Deployment mode: "single" for one community, "global" for aggregator
22COMMUNITY_MODE="single"
23
24# Hosting mode: "selfhosted" (full admin control) or "saas" (platform fields immutable)
25HOSTING_MODE="selfhosted"
26
27# ==============================================================================
28# Database (PostgreSQL 16 + pgvector)
29# ==============================================================================
30
31# PostgreSQL superuser credentials (used to create the database)
32POSTGRES_USER="barazo"
33POSTGRES_PASSWORD="CHANGE_ME"
34POSTGRES_DB="barazo"
35
36# Host port mapping (change if 5432 is already in use)
37# POSTGRES_PORT="5432"
38
39# Application database URL (used by barazo-api)
40# Uses the application role with INSERT/UPDATE/DELETE/SELECT privileges
41DATABASE_URL="postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@postgres:5432/${POSTGRES_DB}"
42
43# Migration database URL (reserved for beta -- not used in alpha)
44# Will use a migration role with DDL privileges when proper migrations are needed
45# MIGRATION_DATABASE_URL="postgresql://barazo_migrator:CHANGE_ME@postgres:5432/${POSTGRES_DB}"
46
47# ==============================================================================
48# Cache (Valkey -- Redis-compatible)
49# ==============================================================================
50
51# Valkey password (optional in dev, required in production)
52# VALKEY_PASSWORD="CHANGE_ME"
53
54# Host port mapping (change if 6379 is already in use)
55# VALKEY_PORT="6379"
56
57# Cache URL (used by barazo-api)
58VALKEY_URL="redis://valkey:6379"
59
60# ==============================================================================
61# AT Protocol (Firehose via Tap)
62# ==============================================================================
63
64# Relay URL for the AT Protocol firehose
65TAP_RELAY_URL="https://bsky.network"
66
67# Host port mapping for Tap admin API (change if 2480 is already in use)
68# TAP_PORT="2480"
69
70# Tap admin password (for dev/debug access to Tap admin API)
71TAP_ADMIN_PASSWORD="tap_dev_secret"
72
73# ==============================================================================
74# AT Protocol (OAuth)
75# ==============================================================================
76
77# OAuth client ID (your forum's public URL)
78# OAUTH_CLIENT_ID="https://forum.example.com"
79
80# OAuth callback URL
81# OAUTH_REDIRECT_URI="https://forum.example.com/api/auth/callback"
82
83# ==============================================================================
84# Frontend (Next.js)
85# ==============================================================================
86
87# Internal API URL for server-side rendering (Docker service name)
88# Only needed if the default (http://localhost:3000) doesn't work in your setup
89# API_INTERNAL_URL="http://barazo-api:3000"
90
91# Public site URL
92# NEXT_PUBLIC_SITE_URL="https://forum.example.com"
93
94# ==============================================================================
95# Search (Optional Semantic Search)
96# ==============================================================================
97
98# When set, enables hybrid semantic search alongside full-text search.
99# Example: "http://ollama:11434/api/embeddings" for local Ollama
100# EMBEDDING_URL=""
101
102# Embedding vector dimensions (must match your model; default matches nomic-embed-text)
103# AI_EMBEDDING_DIMENSIONS="768"
104
105# ==============================================================================
106# Encryption
107# ==============================================================================
108
109# AES-256-GCM master key for encrypting BYOK API keys at rest.
110# Required if users will store their own AI provider keys.
111# Generate with: openssl rand -base64 32
112# AI_ENCRYPTION_KEY=""
113
114# ==============================================================================
115# Cross-Posting
116# ==============================================================================
117
118# Enable Frontpage cross-posting (Bluesky cross-posting is always available)
119# FEATURE_CROSSPOST_FRONTPAGE="false"
120
121# ==============================================================================
122# Plugins
123# ==============================================================================
124
125# Set to "false" to disable all plugins
126# PLUGINS_ENABLED="true"
127
128# npm registry URL for plugin installation (default: public npm registry)
129# PLUGIN_REGISTRY_URL="https://registry.npmjs.org"
130
131# ==============================================================================
132# Monitoring
133# ==============================================================================
134
135# GlitchTip/Sentry DSN for error reporting (optional)
136# GLITCHTIP_DSN=""
137
138# Log level: trace, debug, info, warn, error, fatal
139LOG_LEVEL="info"
140
141# ==============================================================================
142# Backups (Production only)
143# ==============================================================================
144
145# Public key for encrypting backups with age (recommended over GPG)
146# Generate a keypair with: age-keygen -o key.txt
147# BACKUP_PUBLIC_KEY=""