################################################################
# .env
# When both env_file and environment are set for a service, values set by environment have precedence.
# https://docs.docker.com/compose/environment-variables/envvars-precedence/
#
# CANNOT MIX ARRAYS (KEY: VAL) AND MAPS (KEY=VAL)
# Ex: Cannot have .ENV var as TZ=US and then a var here as DB_ENGINE: sqlite, has to be DB_ENGINE=sqlite
# Otherwise unexpected type map[string]interface {} occurs
# https://github.com/docker/compose/issues/11567
#
################################################################
APPLICATION_NAME=authentik
DOCKERDIR=/mnt/SSD1/docker/
STACKSDIR=${DOCKERDIR}/stacks/${APPLICATION_NAME}
DATADIR=${DOCKERDIR}/data/${APPLICATION_NAME}
SECRETSDIR=${STACKSDIR}/secrets

PUID=3014
PGID=3013
TZ=Africa/Johannesburg
DOMAINNAME=sthome.org
WEBUI_PORT=9000

################################################################  
# Authentik (https://docs.goauthentik.io/docs/)
# Environment Variables (https://docs.goauthentik.io/docs/installation/configuration)
################################################################  
POSTGRES_DB_PORT=5432
POSTGRES_PASSWORD_FILE=/run/secrets/authentik_postgresql_password
POSTGRES_USER_FILE=/run/secrets/authentik_postgresql_username
POSTGRES_DB_FILE=/run/secrets/authentik_postgresql_database

AUTHENTIK_POSTGRESQL__NAME_FILE=file:///run/secrets/authentik_postgresql_database
AUTHENTIK_POSTGRESQL__USER_FILE=file:///run/secrets/authentik_postgresql_username
AUTHENTIK_POSTGRESQL__PASSWORD_FILE=file:///run/secrets/authentik_postgresql_password
AUTHENTIK_DISABLE_STARTUP_ANALYTICS=true
AUTHENTIK_DISABLE_UPDATE_CHECK=false
AUTHENTIK_ERROR_REPORTING__ENABLED=false
AUTHENTIK_LOG_LEVEL=info # debug, info, warning, error, trace
AUTHENTIK_SECRET_KEY_FILE=file:///run/secrets/authentik_secret_key # openssl rand 60 | base64 -w 0
AUTHENTIK_COOKIE_DOMAIN=${DOMAINNAME}
AUTHENTIK_LISTEN__TRUSTED_PROXY_CIDRS: 127.0.0.0/8, 10.0.0.0/24, 172.16.0.0/12, 192.168.2.0/124, fe80::/10, ::1/128

AUTHENTIK_EMAIL__PORT=25
AUTHENTIK_EMAIL__USE_TLS=false
AUTHENTIK_EMAIL__USE_SSL=false
AUTHENTIK_EMAIL__TIMEOUT=10
AUTHENTIK_EMAIL__HOST_FILE=file:///run/secrets/smtp_host
AUTHENTIK_EMAIL__USERNAME_FILE=file:///run/secrets/smtp_username
AUTHENTIK_EMAIL__PASSWORD_FILE=file:///run/secrets/smtp_password
AUTHENTIK_EMAIL__FROM_FILE=file:///run/secrets/smtp_from

################################################################  
# GeoIP ( https://github.com/maxmind/geoipupdate)  
# Environment Variables (https://github.com/maxmind/geoipupdate/blob/main/doc/docker.md)  
################################################################  
GEOIPUPDATE_EDITION_IDS="GeoLite2-City GeoLite2-ASN" # Space seperated 
GEOIPUPDATE_FREQUENCY=8 # Frequency to check for updates, in hours
GEOIPUPDATE_ACCOUNT_ID_FILE=/run/secrets/geoip_acccount_id
GEOIPUPDATE_LICENSE_KEY_FILE=/run/secrets/geoip_license_key