From 88781e760a55be4334264007909689e58509e9d4 Mon Sep 17 00:00:00 2001
From: sarmstrong <stuart.armstrong@wilix.org>
Date: Thu, 19 Feb 2026 11:00:04 +0300
Subject: [PATCH] Add .env file for docker compose.

---
 docker-compose/.env                | 29 ++++++++++++++++++++++++
 docker-compose/docker-compose.yml  | 36 +++++++++++++++---------------
 docker-compose/nginx/loop-ssl.conf |  2 +-
 3 files changed, 48 insertions(+), 19 deletions(-)
 create mode 100644 docker-compose/.env

diff --git a/docker-compose/.env b/docker-compose/.env
new file mode 100644
index 0000000..d86dee8
--- /dev/null
+++ b/docker-compose/.env
@@ -0,0 +1,29 @@
+########## Обязательные переменные ##########
+
+# Система Loop поставляется с несколькими дополнительными сервисами:
+# - PostgreSQL - основная БД для хранения данных
+# - Minio - S3 файловое хранилище
+# - Nginx - используется как reverse-proxy
+
+# loop:
+
+SITEURL=loop.example.com
+HTTP_PROTOCOL=https://
+GIPHYSDKKEY=GIPHYSDKKEY
+
+# db:
+
+PG_PASSWORD=password
+PG_USER=loopuser
+PG_DB_NAME=loop_db
+
+# s3:
+
+MINIO_ROOT_USER=MINIO_ROOT_USER
+MINIO_ROOT_PASSWORD=MINIO_ROOT_PASSWORD
+
+# s3-client:
+
+ACCESS_KEY_ID=AWS_ACCESS_KEY_ID
+SECRET_ACCESS_KEY=AWS_SECRET_ACCESS_KEY
+BUCKET_NAME=looponprem-bucket
diff --git a/docker-compose/docker-compose.yml b/docker-compose/docker-compose.yml
index 7259fb4..65d1667 100644
--- a/docker-compose/docker-compose.yml
+++ b/docker-compose/docker-compose.yml
@@ -16,6 +16,7 @@ services:
       - loop
 
   loop:
+    container_name: loop
     image: "registry.loop.ru/loop/server:10.0.3"
     restart: "unless-stopped"
     depends_on:
@@ -26,16 +27,15 @@ services:
       - "8443:8443/udp"
 
     environment:
-      MM_CALLS_RTCD_URL: "http://rtcd.loop.ru:33045" #This is the URL for interacting with the RTC (Real-Time Communication) server, which handles calls in real time.
       MM_EMAILSETTINGS_PUSHNOTIFICATIONSERVER: "https://push.loop.ru" #This evn indicates the server that sends push notifications.
       MM_EMAILSETTINGS_SENDPUSHNOTIFICATIONS: "true" #This env indicates whether push notifications are allowed for email
       MM_EXPERIMENTALSETTINGS_ENABLEAPPBAR: "true" #This env indicates whether the application panel is enabled
       MM_FEATUREFLAGS_AppsEnabled: "true" #Indicates the availability and ability to use certain applications or functions, for example, access to the gallery to download images
-      MM_FILESETTINGS_AMAZONS3ACCESSKEYID: "<AWS_ACCESS_KEY_ID>" #Access Key ID to access s3 storage
-      MM_FILESETTINGS_AMAZONS3BUCKET: "looponprem-bucket" #The name of the S3 bucket where the files are stored
+      MM_FILESETTINGS_AMAZONS3ACCESSKEYID:  ${ACCESS_KEY_ID} #Access Key ID to access s3 storage
+      MM_FILESETTINGS_AMAZONS3BUCKET: ${BUCKET_NAME} #The name of the S3 bucket where the files are stored
       MM_FILESETTINGS_AMAZONS3ENDPOINT: "minio:9000" #The URL of the S3 storage endpoint
       MM_FILESETTINGS_AMAZONS3PATHPREFIX: "loop" #This option allows you to specify the path to files on S3
-      MM_FILESETTINGS_AMAZONS3SECRETACCESSKEY: "<AWS_SECRET_ACCESS_KEY>" #The secret key for accessing S3 storage
+      MM_FILESETTINGS_AMAZONS3SECRETACCESSKEY: ${SECRET_ACCESS_KEY} #The secret key for accessing S3 storage
       MM_FILESETTINGS_AMAZONS3SSE: "false" #Env indicates whether SSL (Server-Side Encryption) is enabled for S3
       MM_FILESETTINGS_AMAZONS3SSL: "false" #Env indicates whether the connection to Amazon S3 should take place over SSL
       MM_FILESETTINGS_DRIVERNAME: "amazons3" #The name of the driver for working with files
@@ -55,11 +55,11 @@ services:
       MM_SERVICESETTINGS_ENABLEOAUTHSERVICEPROVIDER: "true" #It is used to determine whether the use of third-party OAuth service providers is allowed
       MM_SERVICESETTINGS_ENABLETESTING: "true" #The flag indicates whether testing is allowed
       MM_SERVICESETTINGS_ENABLEUSERACCESSTOKENS: "true" #The flag indicates whether user access tokens are allowed  
-      MM_SERVICESETTINGS_GIPHYSDKKEY: "<GiphySDKkey>" #Giphy SDK key for integration with Giphy
+      MM_SERVICESETTINGS_GIPHYSDKKEY: ${GIPHYSDKKEY} #Giphy SDK key for integration with Giphy
       MM_SERVICESETTINGS_LICENSEFILELOCATION: "/mattermost/config/license.txt" #The path to the license file
       MM_SERVICESETTINGS_LISTENADDRESS: ":8065" #The address and port on which the service is listening.
-      MM_SERVICESETTINGS_SITEURL: "https://loop.example.com" #The public URL of the service.
-      MM_SQLSETTINGS_DATASOURCE: "postgres://loopuser:<password>@db/loop_db?sslmode=disable\u0026connect_timeout=10" #Data source for connecting to the PostgreSQL database
+      MM_SERVICESETTINGS_SITEURL: ${HTTP_PROTOCOL}${SITEURL} #The public URL of the service.
+      MM_SQLSETTINGS_DATASOURCE: "postgres://${PG_USER}:${PG_PASSWORD}@db/${PG_DB_NAME}?sslmode=disable\u0026connect_timeout=10" #Data source for connecting to the PostgreSQL database
       MM_SQLSETTINGS_DRIVERNAME: "postgres" #Name of the database driver
       MM_TEAMSETTINGS_MAXUSERSPERTEAM: 500 #Maximum number of users per team
 
@@ -78,9 +78,9 @@ services:
     image: "postgres:15-alpine3.21"
     restart: "unless-stopped"
     environment:
-      POSTGRES_PASSWORD: "<password>"
-      POSTGRES_USER: "loopuser"
-      POSTGRES_DB: "loop_db"
+      POSTGRES_PASSWORD: ${PG_PASSWORD}
+      POSTGRES_USER: ${PG_USER}
+      POSTGRES_DB: ${PG_DB_NAME}
     volumes:
       - ./db:/var/lib/postgresql/data
     networks:
@@ -91,8 +91,8 @@ services:
     image: minio/minio:RELEASE.2022-08-26T19-53-15Z
     restart: unless-stopped
     environment:
-      MINIO_ROOT_USER: <MINIO_ROOT_USER>
-      MINIO_ROOT_PASSWORD: <MINIO_ROOT_PASSWORD>
+      MINIO_ROOT_USER: ${MINIO_ROOT_USER}
+      MINIO_ROOT_PASSWORD: ${MINIO_ROOT_PASSWORD}
     command: server --address :9000 --console-address :9001 /data
     ports:
       - "9000"
@@ -108,14 +108,14 @@ services:
     volumes:
       - ./minio:/tmp/policies
     environment:
-      AWS_ACCESS_KEY_ID: <AWS_ACCESS_KEY_ID> 
-      AWS_SECRET_ACCESS_KEY: <AWS_SECRET_ACCESS_KEY> 
+      AWS_ACCESS_KEY_ID: ${ACCESS_KEY_ID}
+      AWS_SECRET_ACCESS_KEY: ${SECRET_ACCESS_KEY}
     entrypoint: >
       /bin/sh -c "
-      until (/usr/bin/mc config host add loop http://minio:9000 <MINIO_ROOT_USER> <MINIO_ROOT_PASSWORD>) do echo '...waiting...' && sleep 1; done;
-      /usr/bin/mc mb loop/looponprem-bucket;
-      /usr/bin/mc admin user add loop <AWS_ACCESS_KEY_ID> <AWS_SECRET_ACCESS_KEY>;
-      /usr/bin/mc admin policy set loop readwrite user=<AWS_ACCESS_KEY_ID>;
+      until (/usr/bin/mc config host add loop http://minio:9000 ${MINIO_ROOT_USER} ${MINIO_ROOT_PASSWORD}) do echo '...waiting...' && sleep 1; done;
+      /usr/bin/mc mb loop/${BUCKET_NAME};
+      /usr/bin/mc admin user add loop  ${ACCESS_KEY_ID} ${SECRET_ACCESS_KEY};
+      /usr/bin/mc admin policy set loop readwrite user= ${ACCESS_KEY_ID};
       exit 0;
       "      
     networks:
diff --git a/docker-compose/nginx/loop-ssl.conf b/docker-compose/nginx/loop-ssl.conf
index af9006a..def9d1f 100644
--- a/docker-compose/nginx/loop-ssl.conf
+++ b/docker-compose/nginx/loop-ssl.conf
@@ -11,7 +11,7 @@ map $http_x_forwarded_proto $proxy_x_forwarded_proto {
 
 server {
     listen 443 ssl http2;
-    server_name loop.example.com;
+    server_name ${SITEURL};
 
     ssl_certificate /etc/nginx/ssl/server.crt;
     ssl_certificate_key /etc/nginx/ssl/server.key;