128 lines
4.7 KiB
Plaintext
128 lines
4.7 KiB
Plaintext
# ATCR Hold Service Configuration
|
|
# Copy this file to .env and fill in your values
|
|
|
|
# ==============================================================================
|
|
# Required Configuration
|
|
# ==============================================================================
|
|
|
|
# Hold service public URL (REQUIRED)
|
|
# The hostname becomes the hold name/record key
|
|
# Examples: https://hold1.atcr.io, http://127.0.0.1:8080
|
|
HOLD_PUBLIC_URL=http://127.0.0.1:8080
|
|
|
|
# ==============================================================================
|
|
# Storage Configuration
|
|
# ==============================================================================
|
|
|
|
# Storage driver type (s3, filesystem)
|
|
# Default: s3
|
|
#
|
|
# S3 Presigned URLs:
|
|
# When using S3 storage, presigned URLs are automatically enabled for direct
|
|
# client ↔ S3 transfers. This eliminates the hold service as a bandwidth
|
|
# bottleneck, reducing hold bandwidth by ~99% for push/pull operations.
|
|
# Falls back to proxy mode automatically for non-S3 drivers.
|
|
STORAGE_DRIVER=filesystem
|
|
|
|
# S3 Access Credentials
|
|
AWS_ACCESS_KEY_ID=your_access_key
|
|
AWS_SECRET_ACCESS_KEY=your_secret_key
|
|
|
|
# S3 Region
|
|
# For third-party S3 providers, this is ignored when S3_ENDPOINT is set,
|
|
# but must be a valid AWS region (e.g., us-east-1) to pass validation.
|
|
# Default: us-east-1
|
|
AWS_REGION=us-east-1
|
|
|
|
# S3 Bucket Name
|
|
S3_BUCKET=atcr-blobs
|
|
|
|
# S3 Endpoint (for S3-compatible services like Storj, Minio, UpCloud)
|
|
# Examples:
|
|
# - Storj: https://gateway.storjshare.io
|
|
# - UpCloud: https://[bucket-id].upcloudobjects.com
|
|
# - Minio: http://minio:9000
|
|
# Leave empty for AWS S3
|
|
# S3_ENDPOINT=https://gateway.storjshare.io
|
|
|
|
# For filesystem driver:
|
|
# STORAGE_DRIVER=filesystem
|
|
# STORAGE_ROOT_DIR=/var/lib/atcr/hold
|
|
|
|
# ==============================================================================
|
|
# Server Configuration
|
|
# ==============================================================================
|
|
|
|
# Server listen address (default: :8080)
|
|
# HOLD_SERVER_ADDR=:8080
|
|
|
|
# Allow public blob reads (pulls) without authentication
|
|
# Writes (pushes) always require crew membership via PDS
|
|
# Default: false
|
|
HOLD_PUBLIC=false
|
|
|
|
# ATProto relay endpoint for requesting crawl on startup
|
|
# This makes the hold's embedded PDS discoverable by the relay network
|
|
# Default: https://bsky.network (set to empty string to disable)
|
|
# HOLD_RELAY_ENDPOINT=https://bsky.network
|
|
|
|
# ==============================================================================
|
|
# Embedded PDS Configuration
|
|
# ==============================================================================
|
|
|
|
# Directory path for embedded PDS carstore (SQLite database)
|
|
# Default: /var/lib/atcr-hold
|
|
# If empty, embedded PDS is disabled
|
|
#
|
|
# Note: This should be a directory path, NOT a file path
|
|
# Carstore creates db.sqlite3 inside this directory
|
|
#
|
|
# The embedded PDS makes the hold a proper ATProto user with:
|
|
# - did:web identity (derived from HOLD_PUBLIC_URL hostname)
|
|
# - DID document at /.well-known/did.json
|
|
# - XRPC endpoints for crew management
|
|
# - ATProto blob endpoints (wraps existing presigned URL logic)
|
|
HOLD_DATABASE_DIR=/var/lib/atcr-hold
|
|
|
|
# Path to signing key (auto-generated on first run if missing)
|
|
# Default: {HOLD_DATABASE_DIR}/signing.key
|
|
# HOLD_KEY_PATH=/var/lib/atcr-hold/signing.key
|
|
|
|
# ==============================================================================
|
|
# Bluesky Integration
|
|
# ==============================================================================
|
|
|
|
# Enable Bluesky posts when users push container images (default: false)
|
|
# When enabled, the hold's embedded PDS will create posts announcing image pushes
|
|
# Synced to captain record's enableBlueskyPosts field on startup
|
|
# HOLD_BLUESKY_POSTS_ENABLED=false
|
|
|
|
# ==============================================================================
|
|
# Registration (REQUIRED)
|
|
# ==============================================================================
|
|
|
|
# Your ATProto DID (REQUIRED for registration)
|
|
# Get your DID: https://bsky.social/xrpc/com.atproto.identity.resolveHandle?handle=yourhandle.bsky.social
|
|
#
|
|
# On first run with HOLD_OWNER set:
|
|
# 1. Hold service will print an OAuth URL to the logs
|
|
# 2. Visit the URL in your browser to authorize
|
|
# 3. Hold service creates hold + crew records in your PDS
|
|
# 4. Registration complete!
|
|
#
|
|
# On subsequent runs:
|
|
# - Hold service checks if already registered
|
|
# - Skips OAuth if records exist
|
|
#
|
|
HOLD_OWNER=did:plc:your-did-here
|
|
|
|
# ==============================================================================
|
|
# Logging Configuration
|
|
# ==============================================================================
|
|
|
|
# Log level: debug, info, warn, error (default: info)
|
|
ATCR_LOG_LEVEL=debug
|
|
|
|
# Log formatter: text, json (default: text)
|
|
# ATCR_LOG_FORMATTER=text
|