-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.env.example
More file actions
69 lines (64 loc) · 3.08 KB
/
.env.example
File metadata and controls
69 lines (64 loc) · 3.08 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
# Bates Attic Cache - Local Development Secrets
# Copy to .env and fill in actual values
#
# This file is loaded automatically by direnv (.envrc has dotenv_if_exists)
# DO NOT COMMIT .env - it is gitignored and contains secrets
#
# IMPORTANT: Most configuration is in config/organization.yaml
# This file only contains secrets and optional overrides.
#
# Most CI/CD values are configured via GitLab CI/CD variables.
# This file is for local development only.
# =============================================================================
# GitLab Authentication (Required for OpenTofu)
# =============================================================================
# Personal Access Token (PAT) for GitLab HTTP backend and API access
# Get your token from: https://gitlab.com/-/user_settings/personal_access_tokens
# Required scopes: api, read_repository, write_repository
#
# This is used for:
# - OpenTofu HTTP state backend (GitLab project state storage)
# - GitLab API operations (runners, pipelines, etc.)
#
TF_HTTP_PASSWORD=glpat-your-token-here
# =============================================================================
# Optional Overrides (organization config takes precedence if not set)
# =============================================================================
# These values are loaded from config/organization.yaml by default.
# Uncomment to override for local development:
#
# KUBE_CONTEXT=custom-context
# NAMESPACE=custom-namespace
# KUBE_INGRESS_BASE_DOMAIN=custom.domain.com
# ATTIC_SERVER=https://attic-cache.custom.domain.com
# ATTIC_CACHE=main
# =============================================================================
# S3 Backend (NOT REQUIRED when using MinIO - which is the default)
# =============================================================================
# MinIO (use_minio=true) is the default and provides S3-compatible storage.
# These variables are ONLY required when use_minio=false (external S3).
#
# For CI/CD, set these as masked variables in GitLab:
# S3_ENDPOINT - S3 endpoint URL
# S3_ACCESS_KEY_ID - S3 access key (masked)
# S3_SECRET_ACCESS_KEY - S3 secret key (masked)
# S3_BUCKET_NAME - S3 bucket name
#
# For local testing without MinIO:
# S3_ENDPOINT=https://s3.example.com
# S3_ACCESS_KEY_ID=
# S3_SECRET_ACCESS_KEY=
# S3_BUCKET_NAME=attic-cache
# =============================================================================
# MinIO Configuration (when use_minio=true)
# =============================================================================
# MinIO credentials are auto-generated by OpenTofu if not provided.
# These are only needed for manual MinIO administration.
# MINIO_ROOT_USER=minioadmin
# MINIO_ROOT_PASSWORD=
# =============================================================================
# Database (Optional - CNPG generates URL automatically)
# =============================================================================
# When use_cnpg_postgres=true (default), CloudNativePG manages the database.
# Only set this for external PostgreSQL (e.g., Neon):
# DATABASE_URL=postgresql://user:password@host:5432/attic?sslmode=require