diff --git a/conf/.env.example b/conf/.env.example
new file mode 100644
index 0000000..a0a1b72
--- /dev/null
+++ b/conf/.env.example
@@ -0,0 +1,44 @@
+# This file, when named as ".env" in the root of your BookStack install
+# folder, is used for the core configuration of the application.
+# By default this file contains the most common required options but
+# a full list of options can be found in the '.env.example.complete' file.
+
+# NOTE: If any of your values contain a space or a hash you will need to
+# wrap the entire value in quotes. (eg. MAIL_FROM_NAME="BookStack Mailer")
+
+# Application key
+# Used for encryption where needed.
+# Run `php artisan key:generate` to generate a valid key.
+APP_KEY=SomeRandomString
+
+# Application URL
+# This must be the root URL that you want to host BookStack on.
+# All URLs in BookStack will be generated using this value
+# to ensure URLs generated are consistent and secure.
+# If you change this in the future you may need to run a command
+# to update stored URLs in the database. Command example:
+# php artisan bookstack:update-url https://old.example.com https://new.example.com
+APP_URL=https://example.com
+
+# Database details
+DB_HOST=localhost
+DB_DATABASE=database_database
+DB_USERNAME=database_username
+DB_PASSWORD=database_user_password
+
+# Mail system to use
+# Can be 'smtp' or 'sendmail'
+MAIL_DRIVER=smtp
+
+# Mail sender details
+MAIL_FROM_NAME="BookStack"
+MAIL_FROM=bookstack@example.com
+
+# SMTP mail options
+# These settings can be checked using the "Send a Test Email"
+# feature found in the "Settings > Maintenance" area of the system.
+MAIL_HOST=localhost
+MAIL_PORT=1025
+MAIL_USERNAME=null
+MAIL_PASSWORD=null
+MAIL_ENCRYPTION=null
diff --git a/conf/.env.example.complete b/conf/.env.example.complete
new file mode 100644
index 0000000..9d46ed1
--- /dev/null
+++ b/conf/.env.example.complete
@@ -0,0 +1,367 @@
+# Full list of environment variables that can be used with BookStack.
+# Selectively copy these to your '.env' file as required.
+# Each option is shown with it's default value.
+# Do not copy this whole file to use as your '.env' file.
+
+# Application environment
+# Can be 'production', 'development', 'testing' or 'demo'
+APP_ENV=production
+
+# Enable debug mode
+# Shows advanced debug information and errors.
+# CAN EXPOSE OTHER VARIABLES, LEAVE DISABLED
+APP_DEBUG=false
+
+# Application key
+# Used for encryption where needed.
+# Run `php artisan key:generate` to generate a valid key.
+APP_KEY=SomeRandomString
+
+# Application URL
+# This must be the root URL that you want to host BookStack on.
+# All URL's in BookStack will be generated using this value.
+APP_URL=https://example.com
+
+# Application default language
+# The default language choice to show.
+# May be overridden by user-preference or visitor browser settings.
+APP_LANG=en
+
+# Auto-detect language for public visitors.
+# Uses browser-sent headers to infer a language.
+# APP_LANG will be used if such a header is not provided.
+APP_AUTO_LANG_PUBLIC=true
+
+# Application timezone
+# Used where dates are displayed such as on exported content.
+# Valid timezone values can be found here: https://www.php.net/manual/en/timezones.php
+APP_TIMEZONE=UTC
+
+# Application theme
+# Used to specific a themes/<APP_THEME> folder where BookStack UI
+# overrides can be made. Defaults to disabled.
+APP_THEME=false
+
+# Trusted proxies
+# Used to indicate trust of systems that proxy to the application so
+# certain header values (Such as "X-Forwarded-For") can be used from the
+# incoming proxy request to provide origin detail.
+# Set to an IP address, or multiple comma seperated IP addresses.
+# Can alternatively be set to "*" to trust all proxy addresses.
+APP_PROXIES=null
+
+# Database details
+# Host can contain a port (localhost:3306) or a separate DB_PORT option can be used.
+DB_HOST=localhost
+DB_PORT=3306
+DB_DATABASE=database_database
+DB_USERNAME=database_username
+DB_PASSWORD=database_user_password
+
+# MySQL specific connection options
+# Path to Certificate Authority (CA) certificate file for your MySQL instance.
+# When this option is used host name identity verification will be performed
+# which checks the hostname, used by the client, against names within the
+# certificate itself (Common Name or Subject Alternative Name).
+MYSQL_ATTR_SSL_CA="/path/to/ca.pem"
+
+# Mail system to use
+# Can be 'smtp' or 'sendmail'
+MAIL_DRIVER=smtp
+
+# Mail sending options
+MAIL_FROM=mail@bookstackapp.com
+MAIL_FROM_NAME=BookStack
+
+# SMTP mail options
+MAIL_HOST=localhost
+MAIL_PORT=1025
+MAIL_USERNAME=null
+MAIL_PASSWORD=null
+MAIL_ENCRYPTION=null
+
+# Cache & Session driver to use
+# Can be 'file', 'database', 'memcached' or 'redis'
+CACHE_DRIVER=file
+SESSION_DRIVER=file
+
+# Session configuration
+SESSION_LIFETIME=120
+SESSION_COOKIE_NAME=bookstack_session
+SESSION_SECURE_COOKIE=false
+
+# Cache key prefix
+# Can be used to prevent conflicts multiple BookStack instances use the same store.
+CACHE_PREFIX=bookstack
+
+# Memcached server configuration
+# If using a UNIX socket path for the host, set the port to 0
+# This follows the following format: HOST:PORT:WEIGHT
+# For multiple servers separate with a comma
+MEMCACHED_SERVERS=127.0.0.1:11211:100
+
+# Redis server configuration
+# This follows the following format: HOST:PORT:DATABASE
+# or, if using a password: HOST:PORT:DATABASE:PASSWORD
+# For multiple servers separate with a comma. These will be clustered.
+REDIS_SERVERS=127.0.0.1:6379:0
+
+# Queue driver to use
+# Can be 'sync', 'database' or 'redis'
+QUEUE_CONNECTION=sync
+
+# Storage system to use
+# Can be 'local', 'local_secure' or 's3'
+STORAGE_TYPE=local
+
+# Image storage system to use
+# Defaults to the value of STORAGE_TYPE if unset.
+# Accepts the same values as STORAGE_TYPE.
+STORAGE_IMAGE_TYPE=local
+
+# Attachment storage system to use
+# Defaults to the value of STORAGE_TYPE if unset.
+# Accepts the same values as STORAGE_TYPE although 'local' will be forced to 'local_secure'.
+STORAGE_ATTACHMENT_TYPE=local_secure
+
+# Amazon S3 storage configuration
+STORAGE_S3_KEY=your-s3-key
+STORAGE_S3_SECRET=your-s3-secret
+STORAGE_S3_BUCKET=s3-bucket-name
+STORAGE_S3_REGION=s3-bucket-region
+
+# S3 endpoint to use for storage calls
+# Only set this if using a non-Amazon s3-compatible service such as Minio
+STORAGE_S3_ENDPOINT=https://my-custom-s3-compatible.service.com:8001
+
+# Storage URL prefix
+# Used as a base for any generated image urls.
+# An s3-format URL will be generated if not set.
+STORAGE_URL=false
+
+# Authentication method to use
+# Can be 'standard', 'ldap', 'saml2' or 'oidc'
+AUTH_METHOD=standard
+
+# Automatically initiate login via external auth system if it's the only auth method.
+# Works with saml2 or oidc auth methods.
+AUTH_AUTO_INITIATE=false
+
+# Social authentication configuration
+# All disabled by default.
+# Refer to https://www.bookstackapp.com/docs/admin/third-party-auth/
+
+AZURE_APP_ID=false
+AZURE_APP_SECRET=false
+AZURE_TENANT=false
+AZURE_AUTO_REGISTER=false
+AZURE_AUTO_CONFIRM_EMAIL=false
+
+DISCORD_APP_ID=false
+DISCORD_APP_SECRET=false
+DISCORD_AUTO_REGISTER=false
+DISCORD_AUTO_CONFIRM_EMAIL=false
+
+FACEBOOK_APP_ID=false
+FACEBOOK_APP_SECRET=false
+FACEBOOK_AUTO_REGISTER=false
+FACEBOOK_AUTO_CONFIRM_EMAIL=false
+
+GITHUB_APP_ID=false
+GITHUB_APP_SECRET=false
+GITHUB_AUTO_REGISTER=false
+GITHUB_AUTO_CONFIRM_EMAIL=false
+
+GITLAB_APP_ID=false
+GITLAB_APP_SECRET=false
+GITLAB_BASE_URI=false
+GITLAB_AUTO_REGISTER=false
+GITLAB_AUTO_CONFIRM_EMAIL=false
+
+GOOGLE_APP_ID=false
+GOOGLE_APP_SECRET=false
+GOOGLE_SELECT_ACCOUNT=false
+GOOGLE_AUTO_REGISTER=false
+GOOGLE_AUTO_CONFIRM_EMAIL=false
+
+OKTA_BASE_URL=false
+OKTA_APP_ID=false
+OKTA_APP_SECRET=false
+OKTA_AUTO_REGISTER=false
+OKTA_AUTO_CONFIRM_EMAIL=false
+
+SLACK_APP_ID=false
+SLACK_APP_SECRET=false
+SLACK_AUTO_REGISTER=false
+SLACK_AUTO_CONFIRM_EMAIL=false
+
+TWITCH_APP_ID=false
+TWITCH_APP_SECRET=false
+TWITCH_AUTO_REGISTER=false
+TWITCH_AUTO_CONFIRM_EMAIL=false
+
+TWITTER_APP_ID=false
+TWITTER_APP_SECRET=false
+TWITTER_AUTO_REGISTER=false
+TWITTER_AUTO_CONFIRM_EMAIL=false
+
+# LDAP authentication configuration
+# Refer to https://www.bookstackapp.com/docs/admin/ldap-auth/
+LDAP_SERVER=false
+LDAP_BASE_DN=false
+LDAP_DN=false
+LDAP_PASS=false
+LDAP_USER_FILTER=false
+LDAP_VERSION=false
+LDAP_START_TLS=false
+LDAP_TLS_INSECURE=false
+LDAP_ID_ATTRIBUTE=uid
+LDAP_EMAIL_ATTRIBUTE=mail
+LDAP_DISPLAY_NAME_ATTRIBUTE=cn
+LDAP_THUMBNAIL_ATTRIBUTE=null
+LDAP_FOLLOW_REFERRALS=true
+LDAP_DUMP_USER_DETAILS=false
+
+# LDAP group sync configuration
+# Refer to https://www.bookstackapp.com/docs/admin/ldap-auth/
+LDAP_USER_TO_GROUPS=false
+LDAP_GROUP_ATTRIBUTE="memberOf"
+LDAP_REMOVE_FROM_GROUPS=false
+LDAP_DUMP_USER_GROUPS=false
+
+# SAML authentication configuration
+# Refer to https://www.bookstackapp.com/docs/admin/saml2-auth/
+SAML2_NAME=SSO
+SAML2_EMAIL_ATTRIBUTE=email
+SAML2_DISPLAY_NAME_ATTRIBUTES=username
+SAML2_EXTERNAL_ID_ATTRIBUTE=null
+SAML2_IDP_ENTITYID=null
+SAML2_IDP_SSO=null
+SAML2_IDP_SLO=null
+SAML2_IDP_x509=null
+SAML2_ONELOGIN_OVERRIDES=null
+SAML2_DUMP_USER_DETAILS=false
+SAML2_AUTOLOAD_METADATA=false
+SAML2_IDP_AUTHNCONTEXT=true
+SAML2_SP_x509=null
+SAML2_SP_x509_KEY=null
+
+# SAML group sync configuration
+# Refer to https://www.bookstackapp.com/docs/admin/saml2-auth/
+SAML2_USER_TO_GROUPS=false
+SAML2_GROUP_ATTRIBUTE=group
+SAML2_REMOVE_FROM_GROUPS=false
+
+# OpenID Connect authentication configuration
+# Refer to https://www.bookstackapp.com/docs/admin/oidc-auth/
+OIDC_NAME=SSO
+OIDC_DISPLAY_NAME_CLAIMS=name
+OIDC_CLIENT_ID=null
+OIDC_CLIENT_SECRET=null
+OIDC_ISSUER=null
+OIDC_ISSUER_DISCOVER=false
+OIDC_PUBLIC_KEY=null
+OIDC_AUTH_ENDPOINT=null
+OIDC_TOKEN_ENDPOINT=null
+OIDC_DUMP_USER_DETAILS=false
+
+# Disable default third-party services such as Gravatar and Draw.IO
+# Service-specific options will override this option
+DISABLE_EXTERNAL_SERVICES=false
+
+# Use custom avatar service, Sets fetch URL
+# Possible placeholders: ${hash} ${size} ${email}
+# If set, Avatars will be fetched regardless of DISABLE_EXTERNAL_SERVICES option.
+# Example: AVATAR_URL=https://seccdn.libravatar.org/avatar/${hash}?s=${size}&d=identicon
+AVATAR_URL=
+
+# Enable diagrams.net integration
+# Can simply be true/false to enable/disable the integration.
+# Alternatively, It can be URL to the diagrams.net instance you want to use.
+# For URLs, The following URL parameters should be included: embed=1&proto=json&spin=1&configure=1
+DRAWIO=true
+
+# Default item listing view
+# Used for public visitors and user's without a preference.
+# Can be 'list' or 'grid'.
+APP_VIEWS_BOOKS=list
+APP_VIEWS_BOOKSHELVES=grid
+APP_VIEWS_BOOKSHELF=grid
+
+# Use dark mode by default
+# Will be overriden by any user/session preference.
+APP_DEFAULT_DARK_MODE=false
+
+# Page revision limit
+# Number of page revisions to keep in the system before deleting old revisions.
+# If set to 'false' a limit will not be enforced.
+REVISION_LIMIT=50
+
+# Recycle Bin Lifetime
+# The number of days that content will remain in the recycle bin before
+# being considered for auto-removal. It is not a guarantee that content will
+# be removed after this time.
+# Set to 0 for no recycle bin functionality.
+# Set to -1 for unlimited recycle bin lifetime.
+RECYCLE_BIN_LIFETIME=30
+
+# File Upload Limit
+# Maximum file size, in megabytes, that can be uploaded to the system.
+FILE_UPLOAD_SIZE_LIMIT=50
+
+# Export Page Size
+# Primarily used to determine page size of PDF exports.
+# Can be 'a4' or 'letter'.
+EXPORT_PAGE_SIZE=a4
+
+# Allow <script> tags in page content
+# Note, if set to 'true' the page editor may still escape scripts.
+ALLOW_CONTENT_SCRIPTS=false
+
+# Indicate if robots/crawlers should crawl your instance.
+# Can be 'true', 'false' or 'null'.
+# The behaviour of the default 'null' option will depend on the 'app-public' admin setting.
+# Contents of the robots.txt file can be overridden, making this option obsolete.
+ALLOW_ROBOTS=null
+
+# Allow server-side fetches to be performed to potentially unknown
+# and user-provided locations. Primarily used in exports when loading
+# in externally referenced assets.
+# Can be 'true' or 'false'.
+ALLOW_UNTRUSTED_SERVER_FETCHING=false
+
+# A list of hosts that BookStack can be iframed within.
+# Space separated if multiple. BookStack host domain is auto-inferred.
+# For Example: ALLOWED_IFRAME_HOSTS="https://example.com https://a.example.com"
+# Setting this option will also auto-adjust cookies to be SameSite=None.
+ALLOWED_IFRAME_HOSTS=null
+
+# A list of sources/hostnames that can be loaded within iframes within BookStack.
+# Space separated if multiple. BookStack host domain is auto-inferred.
+# Can be set to a lone "*" to allow all sources for iframe content (Not advised).
+# Defaults to a set of common services.
+# Current host and source for the "DRAWIO" setting will be auto-appended to the sources configured.
+ALLOWED_IFRAME_SOURCES="https://*.draw.io https://*.youtube.com https://*.youtube-nocookie.com https://*.vimeo.com"
+
+# The default and maximum item-counts for listing API requests.
+API_DEFAULT_ITEM_COUNT=100
+API_MAX_ITEM_COUNT=500
+
+# The number of API requests that can be made per minute by a single user.
+API_REQUESTS_PER_MIN=180
+
+# Enable the logging of failed email+password logins with the given message.
+# The default log channel below uses the php 'error_log' function which commonly
+# results in messages being output to the webserver error logs.
+# The message can contain a %u parameter which will be replaced with the login
+# user identifier (Username or email).
+LOG_FAILED_LOGIN_MESSAGE=false
+LOG_FAILED_LOGIN_CHANNEL=errorlog_plain_webserver
+
+# Alter the precision of IP addresses stored by BookStack.
+# Should be a number between 0 and 4, where 4 retains the full IP address
+# and 0 completely hides the IP address. As an example, a value of 2 for the
+# IP address '146.191.42.4' would result in '146.191.x.x' being logged.
+# For the IPv6 address '2001:db8:85a3:8d3:1319:8a2e:370:7348' this would result as:
+# '2001:db8:85a3:8d3:x:x:x:x'
+IP_ADDRESS_PRECISION=4