From aaa6f434a94dd5ca1a25068ac2596ff333afa9a5 Mon Sep 17 00:00:00 2001 From: Jan Biasi Date: Thu, 11 Jul 2024 18:35:43 +0200 Subject: [PATCH] feat: add security and storage access key env to twenty template --- templates/compose/twenty.yaml | 40 ++++++++++++++++++++++++++++------- 1 file changed, 32 insertions(+), 8 deletions(-) diff --git a/templates/compose/twenty.yaml b/templates/compose/twenty.yaml index aa340f669..f643b9623 100644 --- a/templates/compose/twenty.yaml +++ b/templates/compose/twenty.yaml @@ -12,13 +12,15 @@ services: - SERVER_URL=$SERVICE_FQDN_TWENTY - FRONT_BASE_URL=$SERVICE_FQDN_TWENTY - ENABLE_DB_MIGRATIONS=true - - SIGN_IN_PREFILLED=false + - CACHE_STORAGE_TYPE=${CACHE_STORAGE_TYPE:-redis} + - REDIS_HOST=redis + - REDIS_PORT=6379 - - STORAGE_TYPE=${STORAGE_TYPE:-local} - - STORAGE_S3_REGION=$STORAGE_S3_REGION - - STORAGE_S3_NAME=$STORAGE_S3_NAME - - STORAGE_S3_ENDPOINT=$STORAGE_S3_ENDPOINT + # https://twenty.com/developers/section/self-hosting/self-hosting-var#security + - API_RATE_LIMITING_TTL=${API_RATE_LIMITING_TTL:-100} + - API_RATE_LIMITING_LIMIT=${API_RATE_LIMITING_LIMIT:-100} + # https://twenty.com/developers/section/self-hosting/self-hosting-var#tokens - ACCESS_TOKEN_SECRET=$SERVICE_BASE64_32_ACCESS - LOGIN_TOKEN_SECRET=$SERVICE_BASE64_32_LOGIN - REFRESH_TOKEN_SECRET=$SERVICE_BASE64_32_REFRESH @@ -26,6 +28,26 @@ services: - POSTGRES_ADMIN_PASSWORD=$SERVICE_PASSWORD_POSTGRES - PG_DATABASE_URL=postgres://postgres:$SERVICE_PASSWORD_POSTGRES@postgres:5432/default + # https://twenty.com/developers/section/self-hosting/self-hosting-var#auth + - IS_SIGN_UP_DISABLED=${IS_SIGN_UP_DISABLED:-false} + - PASSWORD_RESET_TOKEN_EXPIRES_IN=${PASSWORD_RESET_TOKEN_EXPIRES_IN:-5m} + + # https://twenty.com/developers/section/self-hosting/self-hosting-var#workspace-cleaning + - WORKSPACE_INACTIVE_DAYS_BEFORE_NOTIFICATION=$WORKSPACE_INACTIVE_DAYS_BEFORE_NOTIFICATION + - WORKSPACE_INACTIVE_DAYS_BEFORE_DELETION=$WORKSPACE_INACTIVE_DAYS_BEFORE_DELETION + + # https://twenty.com/developers/section/self-hosting/self-hosting-var#captcha + - STORAGE_TYPE=${STORAGE_TYPE:-local} + - STORAGE_S3_REGION=$STORAGE_S3_REGION + - STORAGE_S3_NAME=$STORAGE_S3_NAME + - STORAGE_S3_ENDPOINT=$STORAGE_S3_ENDPOINT + - STORAGE_S3_ACCESS_KEY_ID=$STORAGE_S3_ACCESS_KEY_ID + - STORAGE_S3_SECRET_ACCESS_KEY=$STORAGE_S3_SECRET_ACCESS_KEY + + # https://twenty.com/developers/section/self-hosting/self-hosting-var#message-queue + - MESSAGE_QUEUE_TYPE=$MESSAGE_QUEUE_TYPE + + # https://twenty.com/developers/section/self-hosting/self-hosting-var#email - EMAIL_FROM_ADDRESS=$EMAIL_FROM_ADDRESS - EMAIL_FROM_NAME=$EMAIL_FROM_NAME - EMAIL_SYSTEM_ADDRESS=$EMAIL_SYSTEM_ADDRESS @@ -35,10 +57,12 @@ services: - EMAIL_SMTP_USER=$EMAIL_SMTP_USER - EMAIL_SMTP_PASSWORD=$EMAIL_SMTP_PASSWORD + # https://twenty.com/developers/section/self-hosting/self-hosting-var#debug-/-development + - SIGN_IN_PREFILLED=false + - DEBUG_MODE=${DEBUG_MODE:-false} + + # https://twenty.com/developers/section/self-hosting/self-hosting-var#telemetry - TELEMETRY_ENABLED=${TELEMETRY_ENABLED:-false} - - CACHE_STORAGE_TYPE=${CACHE_STORAGE_TYPE:-redis} - - REDIS_HOST=redis - - REDIS_PORT=6379 depends_on: postgres: condition: service_healthy