## Production-safe qsfera_full environment template. ## Copy to .env and fill every placeholder before running docker compose. COMPOSE_PATH_SEPARATOR=: QSFERA=:qsfera.yml ## Public deployment identity. OC_DOMAIN= TRAEFIK_ACME_MAIL= ## Use the production image and pin a release tag for repeatable rollouts. OC_DOCKER_IMAGE=qsfera/qsfera OC_DOCKER_TAG= ## Production must validate TLS certificates and must not create demo users. INSECURE=false DEMO_USERS=false ## Required by qsfera.yml. ADMIN_PASSWORD= ## Optional: enable Keycloak-backed production identity. ## Uncomment KEYCLOAK and fill all values before enabling it. #KEYCLOAK=:keycloak.yml KEYCLOAK_DOMAIN= KEYCLOAK_REALM=qsfera KEYCLOAK_POSTGRES_PASSWORD= KEYCLOAK_ADMIN_USER= KEYCLOAK_ADMIN_PASSWORD= ## Optional: enable S3-backed user storage. ## Uncomment DECOMPOSEDS3 and fill all values before enabling it. #DECOMPOSEDS3=:decomposeds3.yml DECOMPOSEDS3_ENDPOINT= DECOMPOSEDS3_REGION= DECOMPOSEDS3_ACCESS_KEY= DECOMPOSEDS3_SECRET_KEY= DECOMPOSEDS3_BUCKET= ## Optional: local MinIO is intended for test/lab installs, not public production. #DECOMPOSEDS3_MINIO=:minio.yml #MINIO_DOMAIN= ## Optional: use host paths for backup-friendly config and data storage. #OC_CONFIG_DIR=/srv/qsfera/config #OC_DATA_DIR=/srv/qsfera/data ## Keep this last: it assembles the selected compose files. COMPOSE_FILE=docker-compose.yml${QSFERA:-}${DECOMPOSEDS3:-}${DECOMPOSEDS3_MINIO:-}${KEYCLOAK:-}