3pp-mirror/rallly
1
0
Fork 0
mirror of https://github.com/lukevella/rallly.git synced 2025-06-12 23:51:51 +02:00
Code Issues Projects Releases Packages Wiki Activity
rallly/apps/docs/self-hosting/configuration.mdx
Luke Vella b557084d9c
📝 Update documentation (#1733)
2025-05-28 10:28:21 +01:00

186 lines
No EOL
5.3 KiB
Text
Raw Blame History

---
icon: gear
title: Configuration Options
description: Using environment variable to configure a self-hosted instance of Rallly.
---
## General
<ParamField path="NEXT_PUBLIC_BASE_URL" required>
The base url where this instance is accessible, including the scheme (eg.
`http://` or `https://`), the domain name, and optionally a port.
</ParamField>
<ParamField path="SECRET_PASSWORD" required>
A random 32-character secret key used to encrypt user sessions
</ParamField>
<ParamField path="SUPPORT_EMAIL" required>
This email will be shown as the contact email for support queries.
</ParamField>
<ParamField path="NOREPLY_EMAIL">
This email is used as the sender for all transactional emails. If not set,
`SUPPORT_EMAIL` will be used instead.
</ParamField>
<ParamField path="NOREPLY_EMAIL_NAME" default="Rallly">
This name is used as the sender name for all transactional emails.
</ParamField>
<ParamField path="INITIAL_ADMIN_EMAIL">
Specifies the email address of the first user who will be eligible to become an administrator. After the application starts, the user with this email address must navigate to `/control-panel` and click a button to claim their admin role.
</ParamField>
## Database
<ParamField path="DATABASE_URL" required>
Postgres database connection string
</ParamField>
## Email (SMTP)
<ParamField path="SMTP_HOST">The host address of your SMTP server</ParamField>
<ParamField path="SMTP_PORT" default="25 or 465">
The port of your SMTP server
</ParamField>
<ParamField path="SMTP_SECURE" default="false">
Set to "true" if SSL is enabled for your SMTP connection
</ParamField>
<ParamField path="SMTP_USER" default="">
The username (if auth is enabled on your SMTP server)
</ParamField>
<ParamField path="SMTP_PWD" default="">
The password (if auth is enabled on your SMTP server)
</ParamField>
<ParamField path="SMTP_TLS_ENABLED" default={"false"}>
Enable TLS for your SMTP connection
</ParamField>
## Auth
<ParamField path="ALLOWED_EMAILS">
Comma separated list of email addresses that are allowed to register and
login. Wildcard characters are supported. Example: Setting it to
`*@example.com` to allow anyone with a `@example.com` email address.
</ParamField>
### Google
<Accordion title="Setup">
1. Head over to the Credentials tab: https://console.developers.google.com/apis/credentials
2. Create a OAuth client ID. This will be your `GOOGLE_CLIENT_ID` and `GOOGLE_CLIENT_SECRET`
3. Set "Authorized redirect URIs" to include your full domain and end in the callback path:
```
https://<YOUR_DOMAIN>/api/auth/callback/google
```
</Accordion>
<ParamField path="GOOGLE_CLIENT_ID">
The client ID of your Google application
</ParamField>
<ParamField path="GOOGLE_CLIENT_SECRET">
The client secret of your Google application
</ParamField>
### Microsoft
<Accordion title="Setup">
Follow the instructions here to create a Microsoft Entra ID application: https://docs.microsoft.com/en-us/entra/identity-platform/quickstart-register-app
After creating the application, set the redirect URI to include your full domain and end in the callback path:
```
https://<YOUR_DOMAIN>/api/auth/callback/microsoft-entra-id
```
</Accordion>
<ParamField path="MICROSOFT_TENANT_ID">
The tenant ID of your Microsoft application
</ParamField>
<ParamField path="MICROSOFT_CLIENT_ID">
The client ID of your Microsoft application
</ParamField>
<ParamField path="MICROSOFT_CLIENT_SECRET">
The client secret of your Microsoft application
</ParamField>
### Custom SSO (OIDC)
<Accordion title="Setup">
Your OAuth 2.0 application needs to be configured with the following scopes:
- `openid`: Essential for OIDC to function, used to perform authentication.
- `profile`: Access to the user's personal information such as name and picture.
- `email`: Access to the user's email address.
Your identity provider should redirect the user back to the following URL:
```
https://<YOUR-DOMAIN>/api/auth/callback/oidc
```
</Accordion>
<ParamField path="OIDC_NAME" default="OpenID Connect">
The display name of your provider as it will be shown on the login page
</ParamField>
<ParamField path="OIDC_DISCOVERY_URL">
URL of the `.well-known/openid-configuration` endpoint for your OIDC provider
</ParamField>
<ParamField path="OIDC_CLIENT_ID">
The client ID of your OIDC application
</ParamField>
<ParamField path="OIDC_CLIENT_SECRET">
The client secret of your OIDC application
</ParamField>
<ParamField path="OIDC_NAME_CLAIM_PATH" default="name">
The path to the claim that contains the user's name
</ParamField>
<ParamField path="OIDC_EMAIL_CLAIM_PATH" default="email">
The path to the claim that contains the user's email address
</ParamField>
<ParamField path="OIDC_PICTURE_CLAIM_PATH" default="picture">
The path to the claim that contains the user's profile picture
</ParamField>
<Info>Use dot notation in `_CLAIM_PATH` fields to access nested objects.</Info>
## Storage (S3)
<ParamField path="S3_BUCKET_NAME">
The name of your S3 bucket
</ParamField>
<ParamField path="S3_ACCESS_KEY_ID">
The access key ID of your S3 server
</ParamField>
<ParamField path="S3_SECRET_ACCESS_KEY">
The secret access key of your S3 server
</ParamField>
<ParamField path="S3_ENDPOINT">
The endpoint of your S3 server. Can be left empty if using AWS S3.
</ParamField>
<ParamField path="S3_REGION">
The region of your S3 server. Can be left empty if using AWS S3.
</ParamField>
Reference in a new issue View git blame Copy permalink