Ente
What is Ente?
Ente is a service that provides a fully open-source, end-to-end encrypted platform for you to store your data in the cloud without needing to trust the service provider. On top of the platform, Ente has built two apps so far: Ente Photos (an alternative to Apple and Google Photos) and Ente Auth (a 2FA alternative to the deprecated Authy).
Learn more at help.ente.io.
Configuring Object Store
- Once you have selected your service. You will need to set up of some environment variables for your S3 bucket or substitute like MinIO.
1. Remote S3 bucket
For AWS S3 you can create a bucket and allow access via IAM Roles/User Permissions. Which will generate an access key and secrect key for your S3 Bucket.
For the S3 bucket, apply the following CORS policy for proper access control from the museum service.
[
{
"AllowedOrigins": ["*"],
"AllowedHeaders": ["*"],
"AllowedMethods": ["GET", "HEAD", "POST", "PUT", "DELETE"],
"MaxAgeSeconds": 3000,
"ExposeHeaders": ["Etag"]
}
]
Fill the credentials like
endpoint
,region
,bucket
,access key
,secret key
.Deploy the Service and you are good to go.
2. Coolify minio bucket.
Minio is expected to be exposed over HTTPS and needs SSL/TLS, so make sure your proxies are setup properly. Here is a useful link for set up and configuration.
Once you have deployed the Minio service from Coolify you can login to the service from the console URL and use the same username and password as set in the environment variables user the API URL for backend or shell based usecases.
# Set Alias
mc alias set <alias> <API_ENDPOINT> <ACCESS_KEY> <SECRET_KEY>
# List buckets (same us used in coolify to validate S3)
minio/mc ls myminio
Once logged in, create a bucket for your use in Ente.
The default region for Minio is
us-east-1
, so you can use the same.Use the API endpoint as bucket endpoint for Ente config.
Note: Additional details are available here.
Environment Variables
Variable Name | Service | Description | Default Value | Required | Prefilled |
---|---|---|---|---|---|
SERVICE_URL_MUSEUM_8080 | museum | URL for the museum service on port 8080 | - | Yes | Yes |
ENTE_HTTP_USE_TLS | museum | Enable/disable TLS for HTTP connections | false | No | Yes |
SERVICE_URL_WEB_3002 | museum | URL for the web albums service | - | Yes | Yes |
SERVICE_URL_WEB_3004 | museum | URL for the web cast service | - | Yes | Yes |
SERVICE_URL_WEB_3001 | museum | URL for the web accounts service | - | Yes | Yes |
ENTE_DB_HOST | museum | PostgreSQL database host | postgres | No | Yes |
ENTE_DB_PORT | museum | PostgreSQL database port | 5432 | No | Yes |
ENTE_DB_NAME | museum | PostgreSQL database name | ente_db | No | Yes |
SERVICE_USER_POSTGRES | museum | PostgreSQL database username | pguser | No | Yes |
SERVICE_PASSWORD_POSTGRES | museum | PostgreSQL database password | - | Yes | Yes |
SERVICE_REALBASE64_ENCRYPTION | museum | Base64 encoded encryption key | - | Yes | Yes |
SERVICE_REALBASE64_64_HASH | museum | Base64 encoded hash key | - | Yes | Yes |
SERVICE_REALBASE64_JWT | museum | Base64 encoded JWT secret | - | Yes | Yes |
ENTE_INTERNAL_ADMIN | museum | Internal admin user ID | 1580559962386438 | No | Yes |
ENTE_INTERNAL_DISABLE_REGISTRATION | museum | Disable user registration | false | No | Yes |
PRIMARY_STORAGE_ARE_LOCAL_BUCKETS | museum | Use local buckets for primary storage (false unless you are connecting to bucket over http) | false | No | Yes |
PRIMARY_STORAGE_USE_PATH_STYLE_URLS | museum | Use path-style URLs for storage | true | No | Yes |
S3_STORAGE_KEY | museum | S3 storage access key | - | Yes | No |
S3_STORAGE_SECRET | museum | S3 storage secret key | - | Yes | No |
S3_STORAGE_ENDPOINT | museum | S3 storage endpoint URL | - | Yes | No |
S3_STORAGE_REGION | museum | S3 storage region | us-east-1 | No | Yes |
S3_STORAGE_BUCKET | museum | S3 storage bucket name | - | Yes | No |
SERVICE_URL_WEB_3000 | web | URL for the main web service | - | Yes | Yes |
SERVICE_URL_MUSEUM | web | URL for the museum service | - | Yes | Yes |
SERVICE_URL_WEB_3002 | web | URL for the albums service | - | Yes | Yes |
SERVICE_USER_POSTGRES | postgres | PostgreSQL username | pguser | No | Yes |
SERVICE_PASSWORD_POSTGRES | postgres | PostgreSQL password | - | Yes | Yes |
SERVICE_DB_NAME | postgres | PostgreSQL database name | ente_db | No | Yes |