sample.env

# Create a Secret Key for Rails
#
# You can generate a secure one through the Greenlight docker image
# with the command.
#
#   docker run --rm bigbluebutton/greenlight:v2 bundle exec rake secret
#
SECRET_KEY_BASE=

# The endpoint and secret for your BigBlueButton server.
# Set these if you are running GreenLight on a single BigBlueButton server.
# You can retrive these by running the following command on your BigBlueButton server:
#
#   bbb-conf --secret
#
BIGBLUEBUTTON_ENDPOINT=
BIGBLUEBUTTON_SECRET=

# The hostname that the application is accessible from.
#
# Used to protect against various HTTP header attacks
# Should be in the form of "domain.com"
#
SAFE_HOSTS=

# Google Login Provider (optional)
#
# For in-depth steps on setting up a Google Login Provider, see:
#
#   https://docs.bigbluebutton.org/greenlight/gl-config.html#google-oauth2
#
# The GOOGLE_OAUTH2_HD variable is used to limit sign-ins to a particular set of Google Apps hosted
# domains. This can be a string with separating commas such as, 'domain.com, example.com' or
# a string that specifies a single domain restriction such as, 'domain.com'.
# If left blank, GreenLight will allow sign-in from all Google Apps hosted domains.
GOOGLE_OAUTH2_ID=
GOOGLE_OAUTH2_SECRET=
GOOGLE_OAUTH2_HD=

# Twitter Login Provider (optional)
#
# Twitter Authentication is deprecated and will be phased out in a future release.

# Microsoft Office365 Login Provider (optional)
#
# For in-depth steps on setting up a Office 365 Login Provider, see:
#
#   https://docs.bigbluebutton.org/greenlight/gl-config.html#office365-oauth2
#
OFFICE365_KEY=
OFFICE365_SECRET=
OFFICE365_HD=

# OpenID Connect Provider (optional)
#
# For in-depth steps on setting up a OpenID Connect Login Provider, see:
#
#   https://docs.bigbluebutton.org/greenlight/gl-config.html#openid-connect
#
OPENID_CONNECT_CLIENT_ID=
OPENID_CONNECT_CLIENT_SECRET=
OPENID_CONNECT_ISSUER=
OPENID_CONNECT_HD=
OPENID_CONNECT_UID_FIELD=

# OAUTH2_REDIRECT allows you to specify the redirect_url passed to oauth on sign in.
# It is useful for cases when Greenlight is deployed behind a Network Load Balancer or proxy
OAUTH2_REDIRECT=

# LDAP Login Provider (optional)
#
# You can enable LDAP authentication by providing values for the variables below.
# Configuring LDAP authentication will take precedence over all other providers.
# For information about setting up LDAP, see:
#
#   https://docs.bigbluebutton.org/greenlight/gl-config.html#ldap-auth
#
#   LDAP_SERVER=ldap.example.com
#   LDAP_PORT=389
#   LDAP_METHOD=plain
#   LDAP_UID=uid
#   LDAP_BASE=dc=example,dc=com
#   LDAP_AUTH=simple
#   LDAP_BIND_DN=cn=admin,dc=example,dc=com
#   LDAP_PASSWORD=password
#   LDAP_ROLE_FIELD=ou
#   LDAP_FILTER=(&(attr1=value1)(attr2=value2))
#   LDAP_ATTRIBUTE_MAPPING=name=displayName;uid=uid; (See link above for more details)
LDAP_SERVER=
LDAP_PORT=
LDAP_METHOD=
LDAP_UID=
LDAP_BASE=
LDAP_BIND_DN=
LDAP_AUTH=
LDAP_PASSWORD=
LDAP_ROLE_FIELD=
LDAP_FILTER=
LDAP_ATTRIBUTE_MAPPING=

# Set this to true if you want GreenLight to support user signup and login without
# Omniauth. For more information, see:
#
#   https://docs.bigbluebutton.org/greenlight/gl-overview.html#accounts-and-profile
#
ALLOW_GREENLIGHT_ACCOUNTS=true

# To enable reCaptcha on the user sign up, define these 2 keys
# You can obtain these keys by registering your domain using the following url:
#
#  https://www.google.com/recaptcha/admin
#
RECAPTCHA_SITE_KEY=
RECAPTCHA_SECRET_KEY=

# To enable Google Analytics on your site, set this key to the Google Analytics Property Tracking ID
#
#  https://analytics.google.com/analytics/web/
#
GOOGLE_ANALYTICS_TRACKING_ID=

# Set this to true if you want GreenLight to send verification emails upon
# the creation of a new account
#
#   ALLOW_MAIL_NOTIFICATIONS=true
#
# The notifications are sent using sendmail, unless the SMTP_SERVER variable is set.
# In that case, make sure the rest of the variables are properly set.
#
#   SMTP_SERVER=smtp.gmail.com
#   SMTP_PORT=587
#   SMTP_DOMAIN=gmail.com
#   SMTP_USERNAME=<youremail@gmail.com>
#   SMTP_PASSWORD=<yourpassword>
#   SMTP_AUTH=plain
#   SMTP_STARTTLS_AUTO=true
#
# If your mail server has a self-signed certificate, you'll also need to include the line below.
# Please note that enable this presents its own security risks and should not be done unless necessary.
#   SMTP_OPENSSL_VERIFY_MODE=none
#
SMTP_SERVER=
SMTP_PORT=
SMTP_DOMAIN=
SMTP_USERNAME=
SMTP_PASSWORD=
SMTP_AUTH=
SMTP_STARTTLS_AUTO=

# Specify the email address that all mail is sent from
SMTP_SENDER=

# Specify the recipient for test emails (needed for providers like Microsoft, who are very
# strict about RFC 2606)
SMTP_TEST_RECIPIENT=notifications@example.com

# Prefix for the applications root URL.
# Useful for deploying the application to a subdirectory, which is highly recommended
# if deploying on a BigBlueButton server. Keep in mind that if you change this, you'll
# have to update your authentication callback URL's to reflect this change.
#
#   The recommended prefix is "/b".
#
RELATIVE_URL_ROOT=/b

# Specify which settings you would like the users to configure on room creation
# or edit after the room has been created
# By default, all settings are turned OFF.
#
# Current settings available:
#   mute-on-join: Automatically mute users by default when they join a room
#   require-moderator-approval: Require moderators to approve new users before they can join the room
#   anyone-can-start: Allows anyone with the join url to start the room in BigBlueButton
#   all-join-moderator: All users join as moderators in BigBlueButton
#   recording: Sessions are recorded
ROOM_FEATURES=mute-on-join,require-moderator-approval,anyone-can-start,all-join-moderator,recording

# Specify the maximum number of records to be sent to the BigBlueButton API in one call
# Default is set to 25 records
PAGINATION_NUMBER=25

# Specify the maximum number of rows that should be displayed per page for a paginated table
# Default is set to 25 rows
NUMBER_OF_ROWS=25

# Specify if you want to display the Google Calendar button
#   ENABLE_GOOGLE_CALENDAR_BUTTON=true|false
ENABLE_GOOGLE_CALENDAR_BUTTON=

# Set the application into Maintenance Mode
#
# Current options supported:
# true: Renders an error page that does not allow users to access any of the features in the application
# false: Application runs normally
MAINTENANCE_MODE=false

# Displays a flash that appears to inform the user of a scheduled maintenance window
# This variable should contain ONLY the date and time of the scheduled maintenance
#
# Ex: MAINTENANCE_WINDOW=Friday August 18 6pm-10pm EST
MAINTENANCE_WINDOW=

# The link to the Report an Issue button that appears on the 500 page and in the Account Dropdown
#
# Defaults to the Github Issues Page for Greenlight
# Button can be disabled by setting the value to blank
#
# REPORT_ISSUE_URL=https://github.com/bigbluebutton/greenlight/issues/new

# The link to the Need help? button that appears on the Account Dropdown
#
# Defaults to the Greenlight documentation
# Button can be disabled by setting the value to blank
HELP_URL=https://docs.bigbluebutton.org/greenlight/gl-overview.html

# Change the default language
#
# By default, Greenlight will appear in the same language as that specific user's browser.
# The user can override this by going into their profile and changing the language.
# You can override the default language to a specific language instead of the browser's language by setting
# the variable below. To find the correct value, visit: https://github.com/bigbluebutton/greenlight/tree/v2/config/locales
# and find the code that matches the language you want. Ex: For Arabic -> DEFAULT_LOCALE=ar, For Italian -> DEFAULT_LOCALE=it
# DEFAULT_LOCALE=

# Force a redirect to HTTPS and make cookies secure.
# WARNING: Only set this to false for a development environment.
ENABLE_SSL=true

# Comment this out to send logs to STDOUT in production instead of log/production.log .
#
# RAILS_LOG_TO_STDOUT=true
#
# When using docker-compose the logs can be sent to an centralized repository like PaperTrail
# just by using the built in driver. Make sure to add to docker-compose.yml the next lines:
#
#     logging:
#      driver: $LOG_DRIVER
#      options:
#        syslog-address: $LOG_ADDRESS
#        tag: $LOG_TAG
#
# And set this variables up:
#
# LOG_DRIVER=syslog
# LOG_ADDRESS=udp://logs4.papertrailapp.com:[99999]
# LOG_TAG=greenlight.example.com:v2
#
# Check docker-compose and papertrail documentation for encrypting and
# protecting access to the log repository.
# https://docs.docker.com/config/containers/logging/syslog/#options
# https://help.papertrailapp.com/kb/configuration/encrypting-remote-syslog-with-tls-ssl/
#
# For sending logs to a remote aggregator enable these variables:
#
# RAILS_LOG_REMOTE_NAME=logxx.papertrailapp.com
# RAILS_LOG_REMOTE_PORT=9999
# RAILS_LOG_REMOTE_TAG=greenlight

# Database settings
#
# Greenlight may work out of the box with sqlite3, but for production it is recommended to use postgresql.
# In such case, these variables must be included:
#
# DB_ADAPTER=postgresql
# DB_HOST=postgres.example.com
# DB_PORT=5432
# DB_NAME=greenlight_production
# DB_USERNAME=postgres
# DB_PASSWORD=password
#
# The ActionCable-Workers require 4 connections. So, when using postgres as the CABLE_ADAPTER
# make sure the Database can handle the overall connection count calculated as follows:
#    ( RAILS_MAX_THREADS + 4 ) * WEB_CONCURRENCY
# So DB_POOL_SIZE should be set to RAILS_MAX_THREADS + 4
#
# DB_POOL_SIZE=9
#
# Additionally, there may be cases where the database has errors so the old db connections became stale.
# In order to overcome the lost of connections, it is recommended to add a timeout.
#
# DB_CONNECT_TIMEOUT=5
# DB_READ_TIMEOUT=120
#
# For deployments based on the docker-compose script also included, the HOST should be set with the Docker container id.
#
DB_ADAPTER=postgresql
DB_HOST=db
DB_PORT=5432
DB_NAME=greenlight_production
DB_USERNAME=postgres
DB_PASSWORD=password

# Use postgresql to handle ActionCable connections by default
CABLE_ADAPTER=postgresql

# Specify the default registration to be used by Greenlight until an administrator sets the
# registration method
# Allowed values are:
#   open - For open registration
#   invite - For invite only registration
#   approval - For approve/decline registration
DEFAULT_REGISTRATION=open

# Preupload Presentation Storage
#
# By default, if Preupload Presentation is enabled for rooms, presentations are uploaded locally to ~/greenlight/storage
# If you prefer to use AWS S3 or GCS Storage, you can set the variables below
#
# For AWS S3:
# AWS_ACCESS_KEY_ID=
# AWS_SECRET_ACCESS_KEY=
# AWS_REGION=
# AWS_BUCKET=
#
# For GCS Storage:
# GCS_PROJECT_ID=
# GCS_PRIVATE_KEY_ID=
# GCS_PRIVATE_KEY=
# GCS_CLIENT_EMAIL=
# GCS_CLIENT_ID=
# GCS_CLIENT_CERT=
# GCS_PROJECT=
# GCS_BUCKET=

# Web server settings
#
# The size of the thread pool per worker used by Greenlight's web server.
# For details, see: https://github.com/puma/puma#thread-pool
# Default: 5
#
# If you change this value please correct the DB_POOL_SIZE to RAILS_MAX_THREADS + 4 (ActionCable-Workers)
#RAILS_MAX_THREADS=5

# The amount of workers (separate processes) used by the web server.
# For details, see: https://github.com/puma/puma#clustered-mode
# Default: 1
#WEB_CONCURRENCY=1