TerribleDev/ente
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
5c489f33582fb3570e14d104f889182e6db58dee
ente/docs/docs/self-hosting/administration/users.md
Keerthana 050d5ea3e9 [docs] refactor troubleshooting for docker
2025-07-26 20:03:39 +05:30

3.4 KiB
Raw Blame History

title, description
title description
User Management - Self-hosting Guide to configuring Ente CLI for Self Hosted Instance

User Management

You may wish to self-host Ente for your family or close circle. In such cases, you may wish to enable administrative access for few users, disable new registrations, manage one-time tokens (OTTs), etc.

This document covers the details on how you can administer users on your server.

Whitelist admins

The administrator users have to be explicitly whitelisted in museum.yaml. You can achieve this the following steps:

  1. Connect to ente_db (the database used for storing data related to Ente).

    # Change the DB name and DB user name if you use different
# values.
# If using Docker

docker exec -it <postgres-ente-container-name>
psql -U pguser -d ente_db

# Or when using psql directly
psql -U pguser -d ente_db

  2. Get the user ID of the first user by running the following SQL query:

    SELECT * from users;

  3. Edit internal.admins or internal.admin (if you wish to whitelist only single user) in museum.yaml to add the user ID you wish to whitelist.

    • For multiple admins:
    internal:
    admins:
        - <user_id>
    • For single admin:
    internal:
    admin: <user_id>

  4. Restart Museum by restarting the cluster

::: tip Restart your Compose clusters whenever you make changes

If you have edited the Compose file or configuration file (museum.yaml), make sure to recreate the cluster's containers.

You can do this by the following command:

docker compose down && docker compose up -d

:::

Increase storage and account validity

You can use Ente CLI for increasing storage quota and account validity for users on your instance. Check this guide for more information

Handle user verification codes

Ente currently relies on verification codes for completion of registration.

These are accessible in server logs. If using Docker Compose, they can be accessed by running sudo docker compose logs in the cluster folder where Compose file resides.

However, you may wish to streamline this workflow. You can follow one of the 2 methods if you wish to have many users in the system.

Use hardcoded OTTs

You can configure to use hardcoded OTTs only for specific emails, or based on suffix.

A sample configuration for the same is provided below, which is to be used in museum.yaml:

internal:
    hardcoded-ott:
        emails:
            - "example@example.org,123456"
        local-domain-suffix: "@example.org"
        local-domain-value: 012345

This sets OTT to 123456 for the email address example@example.com and 012345 for emails having @example.com as suffix.

Send email with verification code

You can configure SMTP for sending verification code e-mails to users, if you do not wish to hardcode OTTs and have larger audience.

For more information on configuring email, check out the email configuration section.

Disable registrations

For security purposes, you may choose to disable registrations on your instance. You can disable new registrations by using the following configuration in museum.yaml.

internal:
    disable-registration: true
Reference in New Issue View Git Blame Copy Permalink