aboutsummaryrefslogtreecommitdiff
path: root/conf/.env.production.sample
diff options
context:
space:
mode:
Diffstat (limited to 'conf/.env.production.sample')
-rw-r--r--conf/.env.production.sample21
1 files changed, 16 insertions, 5 deletions
diff --git a/conf/.env.production.sample b/conf/.env.production.sample
index 7005b5d..2abf6c5 100644
--- a/conf/.env.production.sample
+++ b/conf/.env.production.sample
@@ -1,5 +1,5 @@
# This is a sample configuration file. You can generate your configuration
-# with the `rake mastodon:setup` interactive setup wizard, but to customize
+# with the `bundle exec rails mastodon:setup` interactive setup wizard, but to customize
# your setup even further, you'll need to edit it manually. This sample does
# not demonstrate all available configuration options. Please look at
# https://docs.joinmastodon.org/admin/config/ for the full documentation.
@@ -41,14 +41,25 @@ ES_ENABLED=false
# Secrets
# -------
-# Make sure to use `rake secret` to generate secrets
+# Make sure to use `bundle exec rails secret` to generate secrets
# -------
SECRET_KEY_BASE=__SECRET_KEY_BASE__
OTP_SECRET=__OTP_SECRET__
+# Encryption secrets
+# ------------------
+# Must be available (and set to same values) for all server processes
+# These are private/secret values, do not share outside hosting environment
+# Use `bin/rails db:encryption:init` to generate fresh secrets
+# Do not change these secrets once in use, as this would cause data loss and other issues
+# ------------------
+ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=__ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY__
+ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT=__ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT__
+ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY=__ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY__
+
# Web Push
# --------
-# Generate with `rake mastodon:webpush:generate_vapid_key`
+# Generate with `bundle exec rails mastodon:webpush:generate_vapid_key`
# --------
VAPID_PRIVATE_KEY=__VAPID_PRIVATE_KEY__
VAPID_PUBLIC_KEY=__VAPID_PUBLIC_KEY__
@@ -104,5 +115,5 @@ LDAP_TLS_NO_VERIFY=true
# Make sure to modify the scheduling of ip_cleanup_scheduler in config/sidekiq.yml
# to be less than daily if you lower IP_RETENTION_PERIOD below two days (172800).
# -----------------------
-IP_RETENTION_PERIOD=1209600
-SESSION_RETENTION_PERIOD=1209600
+IP_RETENTION_PERIOD=31556952
+SESSION_RETENTION_PERIOD=31556952
generated by cgit v1.2.3-70-g09d2 (git 2.51.2) at 2025-12-16 13:59:15 +0000