# mcvsphere Configuration # Copy this file to .env and fill in your values # Docker Compose project name (prevents environment clashes) COMPOSE_PROJECT=mcvsphere # ───────────────────────────────────────────────────────────────────────────── # VMware vCenter/ESXi Connection (Required) # ───────────────────────────────────────────────────────────────────────────── VCENTER_HOST=your-vcenter-ip-or-hostname VCENTER_USER=administrator@vsphere.local VCENTER_PASSWORD=your-password # ───────────────────────────────────────────────────────────────────────────── # VMware Optional Settings # ───────────────────────────────────────────────────────────────────────────── # Datacenter name (auto-selects first if not specified) # VCENTER_DATACENTER=your-datacenter-name # Cluster name (auto-selects first if not specified) # VCENTER_CLUSTER=your-cluster-name # Datastore name (auto-selects largest if not specified) # VCENTER_DATASTORE=your-datastore-name # Default network for VMs VCENTER_NETWORK=VM Network # Skip SSL certificate verification (set to true for self-signed certs) VCENTER_INSECURE=true # ───────────────────────────────────────────────────────────────────────────── # MCP Server Settings # ───────────────────────────────────────────────────────────────────────────── # API key for authentication (optional, but recommended for production) # MCP_API_KEY=your-secret-api-key # Transport type: stdio (Claude Desktop), sse (web/Docker), http (OAuth) MCP_TRANSPORT=sse # Server binding (only used with SSE/HTTP transport) MCP_HOST=0.0.0.0 MCP_PORT=8080 # ───────────────────────────────────────────────────────────────────────────── # Logging Configuration # ───────────────────────────────────────────────────────────────────────────── # Log level: DEBUG, INFO, WARNING, ERROR LOG_LEVEL=INFO # Log file path (logs to console if not specified) # LOG_FILE=/app/logs/mcvsphere.log # ───────────────────────────────────────────────────────────────────────────── # OAuth/OIDC Configuration (Optional - requires Authentik or other OIDC provider) # ───────────────────────────────────────────────────────────────────────────── # Enable OAuth authentication (requires MCP_TRANSPORT=http or sse) OAUTH_ENABLED=false # OIDC issuer URL (Authentik application URL) # Example: https://auth.example.com/application/o/mcvsphere/ # OAUTH_ISSUER_URL= # OAuth client credentials (from Authentik application) # OAUTH_CLIENT_ID= # OAUTH_CLIENT_SECRET= # OAuth scopes to request (comma-separated or JSON array) # OAUTH_SCOPES=["openid", "profile", "email", "groups"] # OAuth groups required for access (empty = any authenticated user) # OAUTH_REQUIRED_GROUPS=["vsphere-readers"] # ───────────────────────────────────────────────────────────────────────────── # Authentik Deployment (for docker-compose.oauth.yml) # ───────────────────────────────────────────────────────────────────────────── # Authentik secret key (generate with: openssl rand -base64 36) # AUTHENTIK_SECRET_KEY= # Authentik PostgreSQL password # AUTHENTIK_DB_PASSWORD= # Authentik bootstrap admin (first run only) # AUTHENTIK_BOOTSTRAP_EMAIL=admin@localhost # AUTHENTIK_BOOTSTRAP_PASSWORD= # Authentik ports # AUTHENTIK_PORT=9000 # AUTHENTIK_HTTPS_PORT=9443 # Authentik hostname (for Caddy reverse proxy) # AUTHENTIK_HOST=auth.localhost