Configuration
Configuration is done via Environment Variables on the Docker Container.
General
Variable | Default | Example | Required | Description |
---|---|---|---|---|
DATABASE_URL | postgresql://username:password@localhost:5432/panthora | Yes | Credentials and location of the database server. | |
NEXTAUTH_SECRET | Yes | Used to encrypt JWTs. Use | ||
NEXTAUTH_URL | https://my-panthora.com (opens in a new tab) | Yes | Public URL where your Panthora instance is reachable. | |
APP_BASE_URL | https://my-panthora.com (opens in a new tab) | Yes | Public URL where your Panthora instance is reachable. Same as
| |
NEXTAUTH_URL_INTERNAL | http://panthora:3000 (opens in a new tab) | Yes, if running behind reverse-proxy | Internal URL where your Panthora instance is reachable when running behind
a reverse-proxy. | |
MEILI_URL | http://search:7700 (opens in a new tab) | Yes | URL where your MeiliSearch instance is reachable. | |
MEILI_MASTER_KEY | Yes | Master key that is also configured for the MeiliSearch instance. |
Authentication
A wide variety of authentication providers is available as well as password auth.
Variable | Default | Example | Required | Description |
---|---|---|---|---|
Password Auth | ||||
PASSWORD_AUTH_ENABLED | false | true | No | Allow users to register and login with password credentials. |
Generic OAuth2 | ||||
OAUTH_CLIENT_ID | Yes, if you want to enable generic OAuth | OAuth2 Client ID | ||
OAUTH_CLIENT_SECRET | Yes, if you want to enable generic OAuth | OAuth2 Client Secret | ||
OAUTH_ISSUER | Yes, if you want to enable generic OAuth and the provider supports OIDC | OAuth2 OIDC Issuer URL | ||
OAUTH_ACCESS_TOKEN_URL | Yes, if you want to enable generic OAuth and | OAuth2 Access Token URL | ||
OAUTH_PROFILE_URL | Yes, if you want to enable generic OAuth and | OAuth2 Profile/User Info URL | ||
OAUTH_AUTHORIZATION_URL | Yes, if you want to enable generic OAuth and | OAuth2 Authorization URL | ||
AWS Cognito | ||||
COGNITO_CLIENT_ID | Yes, if you want to enable AWS Cognito auth | AWS Cognito Client ID | ||
COGNITO_CLIENT_SECRET | Yes, if you want to enable AWS Cognito auth | AWS Cognito Client Secret | ||
COGNITO_ISSUER |
| Yes, if you want to enable AWS Cognito auth | AWS Cognito Issuer URL | |
Discord | ||||
DISCORD_CLIENT_ID | Yes, if you want to enable Discord auth | Discord Client ID | ||
DISCORD_CLIENT_SECRET | Yes, if you want to enable Discord auth | Discord Client Secret | ||
GitHub | ||||
GITHUB_CLIENT_ID | Yes, if you want to enable GitHub auth | GitHub Client ID | ||
GITHUB_CLIENT_SECRET | Yes, if you want to enable GitHub auth | GitHub Client Secret | ||
GOOGLE_CLIENT_ID | Yes, if you want to enable Google auth | Google Client Id | ||
GOOGLE_CLIENT_SECRET | Yes, if you want to enable Google auth | Google Client Secret | ||
Authentik | ||||
AUTHENTIK_CLIENT_ID | Yes, if you want to enable Authentik auth | Authentik Client ID | ||
AUTHENTIK_CLIENT_SECRET | Yes, if you want to enable Authentik auth | Authentik Client Secret | ||
AUTHENTIK_ISSUER | Yes, if you want to enable Authentik auth | Authentik Issuer URL | ||
Auth0 | ||||
AUTH0_CLIENT_ID | Yes, if you want to enable Auth0 auth | Auth0 Client ID | ||
AUTH0_CLIENT_SECRET | Yes, if you want to enable Auth0 auth | Auth0 Client Secret | ||
AUTH0_ISSUER | Yes, if you want to enable Auth0 auth | Auth0 Issuer URL | ||
GitLab | ||||
GITLAB_CLIENT_ID | Yes, if you want to enable GitLab auth | GitLab Client ID | ||
GITLAB_CLIENT_SECRET | Yes, if you want to enable GitLab auth | GitLab Client Secret | ||
Azure AD | ||||
AZURE_AD_CLIENT_ID | Yes, if you want to enable Azure AD auth | Azure AD Client ID | ||
AZURE_AD_CLIENT_SECRET | Yes, if you want to enable Azure AD auth | Azure AD Client Secret | ||
AZURE_AD_TENANT_ID | Yes, if you want to enable Azure AD auth | Azure AD Tenant ID | ||
Keycloak | ||||
KEYCLOAK_CLIENT_ID | Yes, if you want to enable Keycloak auth | Keycloak Client ID | ||
KEYCLOAK_CLIENT_SECRET | Yes, if you want to enable Keycloak auth | Keycloak Client Secret | ||
KEYCLOAK_ISSUER | Yes, if you want to enable Keycloak auth | Keycloak Issuer URL | ||
Okta | ||||
OKTA_CLIENT_ID | Yes, if you want to enable Okta auth | Okta Client ID | ||
OKTA_CLIENT_SECRET | Yes, if you want to enable Okta auth | Okta Client Secret | ||
OKTA_ISSUER | Yes, if you want to enable Okta auth | Okta Issuer URL | ||
OneLogin | ||||
ONELOGIN_CLIENT_ID | Yes, if you want to enable OneLogin auth | OneLogin Client ID | ||
ONELOGIN_CLIENT_SECRET | Yes, if you want to enable OneLogin auth | OneLogin Client Secret | ||
ONELOGIN_ISSUER | Yes, if you want to enable OneLogin auth | OneLogin Issuer URL | ||
Slack | ||||
SLACK_CLIENT_ID | Yes, if you want to enable Slack auth | Slack Client ID | ||
SLACK_CLIENT_SECRET | Yes, if you want to enable Slack auth | Slack Client Secret | ||
Twitch | ||||
TWITCH_CLIENT_ID | Yes, if you want to enable Twitch auth | Twitch Client ID | ||
TWITCH_CLIENT_SECRET | Yes, if you want to enable Twitch auth | Twitch Client Secret |
Misc
Variable | Default | Example | Required | Description |
---|---|---|---|---|
DISABLE_RATE_LIMIT | false | true | No | Disable Rate-Limiting. Use with caution! |
LOG_LEVEL | info | debug | No | Enable debug logs, helpful for debugging problems. |