Remark42

Command-Line Interface parameters

Required parameters

Most of the parameters have sane defaults and don't require customization. There are only a few parameters the user has to define:

  1. SECRET - secret key, can be any long and hard-to-guess string
  2. REMARK_URL - URL pointing to your Remark42 server, i.e. https://demo.remark42.com
  3. At least one pair of AUTH_<PROVIDER>_CID and AUTH_<PROVIDER>_CSEC defining OAuth2 provider(s)

The minimal docker-compose.yml has to include all required parameters:

version: '2'

services:
remark42:
image: umputun/remark42:latest
restart: always
container_name: "remark42"
environment:
- REMARK_URL=https://demo.remark42.com # URL pointing to your Remark42 server
- SITE=YOUR_SITE_ID # site ID, same as used for `site_id`, see "Setup on your website"
- SECRET=abcd-123456-xyz-$%^& # secret key
- AUTH_GITHUB_CID=12345667890 # OAuth2 client ID
- AUTH_GITHUB_CSEC=abcdefg12345678 # OAuth2 client secret
volumes:
- ./var:/srv/var # persistent volume to store all Remark42 data

Complete parameters list

Command lineEnvironmentDefaultDescription
urlREMARK_URLURL to Remark42 server, required
secretSECRETshared secret key used to sign JWT, should be a random, long, hard-to-guess string, required
siteSITEremarksite name(s), multi
store.typeSTORE_TYPEbolttype of storage, bolt or rpc
store.bolt.pathSTORE_BOLT_PATH./varpath to data directory
store.bolt.timeoutSTORE_BOLT_TIMEOUT30sboltdb access timeout
admin.shared.idADMIN_SHARED_IDadmin IDs (list of user IDs), multi
admin.shared.emailADMIN_SHARED_EMAILadmin@${REMARK_URL}admin emails, multi
backupBACKUP_PATH./var/backupbackups location
max-backMAX_BACKUP_FILES10max backup files to keep
cache.typeCACHE_TYPEmemtype of cache, redis_pub_sub or mem or none
cache.redis_addrCACHE_REDIS_ADDR127.0.0.1:6379address of redis PubSub instance, turn redis_pub_sub cache on for distributed cache
cache.max.itemsCACHE_MAX_ITEMS1000max number of cached items, 0 - unlimited
cache.max.valueCACHE_MAX_VALUE65536max size of cached value, 0 - unlimited
cache.max.sizeCACHE_MAX_SIZE50000000max size of all cached values, 0 - unlimited
avatar.typeAVATAR_TYPEfstype of avatar storage, fs, bolt, or uri
avatar.fs.pathAVATAR_FS_PATH./var/avatarsavatars location for fs store
avatar.bolt.fileAVATAR_BOLT_FILE./var/avatars.dbfile name for bolt store
avatar.uriAVATAR_URI./var/avatarsavatar store uri
avatar.rsz-lmtAVATAR_RSZ_LMT0 (disabled)max image size for resizing avatars on save
image.typeIMAGE_TYPEfstype of image storage, fs, bolt
image.max-sizeIMAGE_MAX_SIZE5000000max size of image file
image.fs.pathIMAGE_FS_PATH./var/picturespermanent location of images
image.fs.stagingIMAGE_FS_STAGING./var/pictures.stagingstaging location of images
image.fs.partitionsIMAGE_FS_PARTITIONS100number of image partitions
image.bolt.fileIMAGE_BOLT_FILE/var/pictures.dbimages bolt file location
image.resize-widthIMAGE_RESIZE_WIDTH2400width of resized image
image.resize-heightIMAGE_RESIZE_HEIGHT900height of resized image
auth.ttl.jwtAUTH_TTL_JWT5mjwt TTL
auth.ttl.cookieAUTH_TTL_COOKIE200hcookie TTL
auth.send-jwt-headerAUTH_SEND_JWT_HEADERfalsesend JWT as a header instead of cookie
auth.same-siteAUTH_SAME_SITEdefaultset same site policy for cookies (default, none, lax or strict)
auth.google.cidAUTH_GOOGLE_CIDGoogle OAuth client ID
auth.google.csecAUTH_GOOGLE_CSECGoogle OAuth client secret
auth.facebook.cidAUTH_FACEBOOK_CIDFacebook OAuth client ID
auth.facebook.csecAUTH_FACEBOOK_CSECFacebook OAuth client secret
auth.microsoft.cidAUTH_MICROSOFT_CIDMicrosoft OAuth client ID
auth.microsoft.csecAUTH_MICROSOFT_CSECMicrosoft OAuth client secret
auth.github.cidAUTH_GITHUB_CIDGitHub OAuth client ID
auth.github.csecAUTH_GITHUB_CSECGitHub OAuth client secret
auth.twitter.cidAUTH_TWITTER_CIDTwitter Consumer API Key
auth.twitter.csecAUTH_TWITTER_CSECTwitter Consumer API Secret key
auth.patreon.cidAUTH_PATREON_CIDPatreon OAuth Client ID
auth.patreon.csecAUTH_PATREON_CSECPatreon OAuth Client Secret
auth.telegramAUTH_TELEGRAMEnable Telegram auth (telegram.token must be present)
auth.yandex.cidAUTH_YANDEX_CIDYandex OAuth client ID
auth.yandex.csecAUTH_YANDEX_CSECYandex OAuth client secret
auth.devAUTH_DEVfalselocal OAuth2 server, development mode only
auth.anonAUTH_ANONfalseenable anonymous login
auth.email.enableAUTH_EMAIL_ENABLEfalseenable auth via email
auth.email.fromAUTH_EMAIL_FROMemail from
auth.email.subjAUTH_EMAIL_SUBJremark42 confirmationemail subject
auth.email.content-typeAUTH_EMAIL_CONTENT_TYPEtext/htmlemail content type
auth.email.templateAUTH_EMAIL_TEMPLATEnone (predefined)custom email message template file
notify.usersNOTIFY_USERSnonetype of user notifications (Telegram, email)
notify.adminsNOTIFY_ADMINSnonetype of admin notifications (Telegram, Slack, webhook and/or email)
notify.queueNOTIFY_QUEUE100size of notification queue
notify.telegram.chanNOTIFY_TELEGRAM_CHANTelegram channel
notify.slack.tokenNOTIFY_SLACK_TOKENSlack token
notify.slack.chanNOTIFY_SLACK_CHANgeneralSlack channel
notify.webhook.urlNOTIFY_WEBHOOK_URLWebhook notification URL
notify.webhook.templateNOTIFY_WEBHOOK_TEMPLATE{"text": ""}Webhook payload template
notify.webhook.headersNOTIFY_WEBHOOK_HEADERSHTTP header in format Header1:Value1,Header2:Value2,...
notify.webhook.timeoutNOTIFY_WEBHOOK_TIMEOUT5sWebhook connection timeout
notify.email.fromAddressNOTIFY_EMAIL_FROMfrom email address
notify.email.verification_subjNOTIFY_EMAIL_VERIFICATION_SUBJEmail verificationverification message subject
telegram.tokenTELEGRAM_TOKENTelegram token (used for auth and Telegram notifications)
telegram.timeoutTELEGRAM_TIMEOUT5sTelegram connection timeout
smtp.hostSMTP_HOSTSMTP host
smtp.portSMTP_PORTSMTP port
smtp.usernameSMTP_USERNAMESMTP user name
smtp.passwordSMTP_PASSWORDSMTP password
smtp.tlsSMTP_TLSenable TLS for SMTP
smtp.timeoutSMTP_TIMEOUT10sSMTP TCP connection timeout
ssl.typeSSL_TYPEnonenone-HTTP, static-HTTPS, auto-HTTPS + le
ssl.portSSL_PORT8443port for HTTPS server
ssl.certSSL_CERTpath to cert.pem file
ssl.keySSL_KEYpath to key.pem file
ssl.acme-locationSSL_ACME_LOCATION./var/acmedir where obtained le-certs will be stored
ssl.acme-emailSSL_ACME_EMAILadmin email for receiving notifications from LE
max-commentMAX_COMMENT_SIZE2048comment's size limit
max-votesMAX_VOTES-1votes limit per comment, -1 - unlimited
votes-ipVOTES_IPfalserestrict votes from the same IP
anon-voteANON_VOTEfalseallow voting for anonymous users, require VOTES_IP to be enabled as well
votes-ip-timeVOTES_IP_TIME5msame IP vote restriction time, 0s - unlimited
low-scoreLOW_SCORE-5low score threshold
critical-scoreCRITICAL_SCORE-10critical score threshold
positive-scorePOSITIVE_SCOREfalserestricts comment's score to be only positive
restricted-wordsRESTRICTED_WORDSwords banned in comments (can use *), multi
restricted-namesRESTRICTED_NAMESnames prohibited to use by the user, multi
edit-timeEDIT_TIME5medit window
admin-editADMIN_EDITfalseunlimited edit for admins
read-ageREADONLY_AGEread-only age of comments, days
image-proxy.http2httpsIMAGE_PROXY_HTTP2HTTPSfalseenable HTTP->HTTPS proxy for images
image-proxy.cache-externalIMAGE_PROXY_CACHE_EXTERNALfalseenable caching external images to current image storage
emojiEMOJIfalseenable emoji support
simple-viewSIMPLE_VIEWfalseminimized UI with basic info only
proxy-corsPROXY_CORSfalsedisable internal CORS and delegate it to proxy
allowed-hostsALLOWED_HOSTSenable alllimit hosts/sources allowed to embed comments
addressREMARK_ADDRESSall interfacesweb server listening address
portREMARK_PORT8080web server port
web-rootREMARK_WEB_ROOT./webweb server root directory
update-limitUPDATE_LIMIT0.5updates/sec limit
subscribers-onlySUBSCRIBERS_ONLYfalseenable commenting only for Patreon subscribers
admin-passwdADMIN_PASSWDnone (disabled)password for admin basic auth
dbgDEBUGfalsedebug mode
  • command line parameters are long-form --<key>=value, i.e. --site=https://demo.remark42.com
  • multi parameters separated by , in the environment or repeated with command line key, like --site=s1 --site=s2 ...
  • required parameters have to be presented in the environment or provided in the command line

Deprecated parameters

The following list of command-line options is deprecated and might be removed in next major release after the version in which they were deprecated. After Remark42 version update, please check the startup log once for deprecation warning messages to avoid trouble with unrecognized command-line options in the future.

Deprecated options
Command lineReplacementEnvironmentReplacementDefaultDescriptionDeprecation version
auth.email.hostsmtp.hostAUTH_EMAIL_HOSTSMTP_HOSTsmtp host1.5.0
auth.email.portsmtp.portAUTH_EMAIL_PORTSMTP_PORTsmtp port1.5.0
auth.email.usersmtp.usernameAUTH_EMAIL_USERSMTP_USERNAMEsmtp user name1.5.0
auth.email.passwdsmtp.passwordAUTH_EMAIL_PASSWDSMTP_PASSWORDsmtp password1.5.0
auth.email.tlssmtp.tlsAUTH_EMAIL_TLSSMTP_TLSfalseenable TLS1.5.0
auth.email.timeoutsmtp.timeoutAUTH_EMAIL_TIMEOUTSMTP_TIMEOUT10ssmtp timeout1.5.0
img-proxyimage-proxy.http2httpsIMG_PROXYIMAGE_PROXY_HTTP2HTTPSfalseenable HTTP->HTTPS proxy for images1.5.0
notify.typenotify.admins, notify.usersNOTIFY_TYPENOTIFY_ADMINS, NOTIFY_USERS1.9.0
notify.email.notify_adminnotify.admins=emailNOTIFY_EMAIL_ADMINNOTIFY_ADMINS=email1.9.0
notify.telegram.tokentelegram.tokenNOTIFY_TELEGRAM_TOKENTELEGRAM_TOKENTelegram token1.9.0
notify.telegram.timeouttelegram.timeoutNOTIFY_TELEGRAM_TIMEOUTTELEGRAM_TIMEOUTTelegram timeout1.9.0

Admin users

Admins/moderators should be defined in docker-compose.yml as a list of user IDs or passed in the command line.

environment:
- ADMIN_SHARED_ID=github_ef0f706a79cc24b17bbbb374cd234a691a034128,github_dae9983158e9e5e127ef2b87a411ef13c891e9e5

To get a user ID just log in and click on your username or any other user you want to promote to admins. It will expand login info and show the full user ID.

Docker parameters

Two parameters allow customizing Docker container on the system level:

  • APP_UID - sets UID to run Remark42 application in container (default=1001)
  • TIME_ZONE - sets time zone of Remark42 container (default=America/Chicago)

see umputun/baseimage for more details

Example of docker-compose.yml:

version: '2'

services:
remark42:
image: umputun/remark42:latest
restart: always
container_name: "remark42"
environment:
- APP_UID=2000 # runs Remark42 app with non-default UID
- TIME_ZONE=GTC # sets container time to UTC
- REMARK_URL=https://demo.remark42.com # URL pointing to your Remark42 server
- SITE=YOUR_SITE_ID # site ID, same as used for `site_id`, see "Setup on your website"
- SECRET=abcd-123456-xyz-$%^& # secret key
- AUTH_GITHUB_CID=12345667890 # OAuth2 client ID
- AUTH_GITHUB_CSEC=abcdefg12345678 # OAuth2 client secret
volumes:
- ./var:/srv/var # persistent volume to store all Remark42 data