mirror of https://github.com/wekan/wekan
The Open Source kanban (built with Meteor). Keep variable/table/field names camelCase. For translations, only add Pull Request changes to wekan/i18n/en.i18n.json , other translations are done at https://transifex.com/wekan/wekan only.
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
435 lines
22 KiB
435 lines
22 KiB
#!/bin/sh
|
|
|
|
# All supported keys are defined here together with descriptions and default values
|
|
|
|
# list of supported keys
|
|
keys="DEBUG MONGODB_BIND_UNIX_SOCKET MONGODB_BIND_IP MONGODB_PORT MAIL_URL MAIL_FROM ROOT_URL PORT DISABLE_MONGODB CADDY_ENABLED CADDY_BIND_PORT WITH_API RICHER_CARD_COMMENT_EDITOR ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURES_BEFORE ACCOUNTS_LOCKOUT_KNOWN_USERS_PERIOD ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURE_WINDOW ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURES_BERORE ACCOUNTS_LOCKOUT_UNKNOWN_USERS_LOCKOUT_PERIOD ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURE_WINDOW MAX_IMAGE_PIXEL IMAGE_COMPRESS_RATIO BIGEVENTS_PATTERN NOTIFY_DUE_DAYS_BEFORE_AND_AFTER NOTIFY_DUE_AT_HOUR_OF_DAY EMAIL_NOTIFICATION_TIMEOUT CORS CORS_ALLOW_HEADERS CORS_EXPOSE_HEADERS MATOMO_ADDRESS MATOMO_SITE_ID MATOMO_DO_NOT_TRACK MATOMO_WITH_USERNAME BROWSER_POLICY_ENABLED TRUSTED_URL WEBHOOKS_ATTRIBUTES OAUTH2_ENABLED OAUTH2_LOGIN_STYLE OAUTH2_CLIENT_ID OAUTH2_SECRET OAUTH2_SERVER_URL OAUTH2_AUTH_ENDPOINT OAUTH2_USERINFO_ENDPOINT OAUTH2_TOKEN_ENDPOINT OAUTH2_ID_MAP OAUTH2_USERNAME_MAP OAUTH2_FULLNAME_MAP OAUTH2_ID_TOKEN_WHITELIST_FIELDS OAUTH2_EMAIL_MAP OAUTH2_REQUEST_PERMISSIONS LDAP_ENABLE LDAP_PORT LDAP_HOST LDAP_BASEDN LDAP_LOGIN_FALLBACK LDAP_RECONNECT LDAP_TIMEOUT LDAP_IDLE_TIMEOUT LDAP_CONNECT_TIMEOUT LDAP_AUTHENTIFICATION LDAP_AUTHENTIFICATION_USERDN LDAP_AUTHENTIFICATION_PASSWORD LDAP_LOG_ENABLED LDAP_BACKGROUND_SYNC LDAP_BACKGROUND_SYNC_INTERVAL LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS LDAP_ENCRYPTION LDAP_CA_CERT LDAP_REJECT_UNAUTHORIZED LDAP_USER_AUTHENTICATION LDAP_USER_SEARCH_FILTER LDAP_USER_SEARCH_SCOPE LDAP_USER_SEARCH_FIELD LDAP_SEARCH_PAGE_SIZE LDAP_SEARCH_SIZE_LIMIT LDAP_GROUP_FILTER_ENABLE LDAP_GROUP_FILTER_OBJECTCLASS LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT LDAP_GROUP_FILTER_GROUP_NAME LDAP_UNIQUE_IDENTIFIER_FIELD LDAP_UTF8_NAMES_SLUGIFY LDAP_USERNAME_FIELD LDAP_FULLNAME_FIELD LDAP_MERGE_EXISTING_USERS LDAP_SYNC_USER_DATA LDAP_SYNC_USER_DATA_FIELDMAP LDAP_SYNC_GROUP_ROLES LDAP_DEFAULT_DOMAIN LDAP_EMAIL_MATCH_ENABLE LDAP_EMAIL_MATCH_REQUIRE LDAP_EMAIL_MATCH_VERIFIED LDAP_EMAIL_FIELD LDAP_SYNC_ADMIN_STATUS LDAP_SYNC_ADMIN_GROUPS HEADER_LOGIN_ID HEADER_LOGIN_FIRSTNAME HEADER_LOGIN_LASTNAME HEADER_LOGIN_EMAIL LOGOUT_WITH_TIMER LOGOUT_IN LOGOUT_ON_HOURS LOGOUT_ON_MINUTES DEFAULT_AUTHENTICATION_METHOD"
|
|
|
|
# default values
|
|
DESCRIPTION_DEBUG="Debug OIDC OAuth2 etc. Example: sudo snap set wekan debug='true'"
|
|
DEFAULT_DEBUG="false"
|
|
KEY_DEBUG="debug"
|
|
|
|
DESCRIPTION_MONGODB_BIND_UNIX_SOCKET="mongodb binding unix socket:\n"\
|
|
"\t\t\t Default behaviour will preffer binding over unix socket, to disable unix socket binding set value to 'nill' string\n"\
|
|
"\t\t\t To bind to instance of mongodb provided through content interface,set value to relative path to the socket inside '$SNAP_DATA/shared' directory"
|
|
DEFAULT_MONGODB_BIND_UNIX_SOCKET="/var/snap/wekan/current/share"
|
|
KEY_MONGODB_BIND_UNIX_SOCKET="mongodb-bind-unix-socket"
|
|
|
|
DESCRIPTION_MONGODB_PORT="mongodb binding port: eg 27017 when using localhost"
|
|
DEFAULT_MONGODB_PORT="27019"
|
|
KEY_MONGODB_PORT='mongodb-port'
|
|
|
|
DESCRIPTION_MONGODB_BIND_IP="mongodb binding ip address: eg 127.0.0.1 for localhost\n\t\tIf not defined default unix socket is used instead"
|
|
DEFAULT_MONGODB_BIND_IP="127.0.0.1"
|
|
KEY_MONGODB_BIND_IP="mongodb-bind-ip"
|
|
|
|
DESCRIPTION_MAIL_URL="wekan mail binding"
|
|
DEFAULT_MAIL_URL="smtp://user:pass@mailserver.examples.com:25/"
|
|
KEY_MAIL_URL="mail-url"
|
|
|
|
DESCRIPTION_MAIL_FROM="wekan's admin mail from name email address"
|
|
DEFAULT_MAIL_FROM="wekan-admin@example.com"
|
|
KEY_MAIL_FROM="mail-from"
|
|
|
|
DESCRIPTION_ROOT_URL="wekan's root url, eg http://127.0.0.1, https://example.com, https://wekan.example.com, http://example.com/wekan"
|
|
DEFAULT_ROOT_URL="http://127.0.0.1"
|
|
KEY_ROOT_URL="root-url"
|
|
|
|
DESCRIPTION_PORT="port wekan is exposed at"
|
|
DEFAULT_PORT="8080"
|
|
KEY_PORT="port"
|
|
|
|
DESCRIPTION_DISABLE_MONGODB="Disable mongodb service: use only if binding to database outside of the ${SNAP_NAME} snap. Valid values: [true,false]"
|
|
DEFAULT_DISABLE_MONGODB="false"
|
|
KEY_DISABLE_MONGODB="disable-mongodb"
|
|
|
|
DESCRIPTION_CADDY_ENABLED="Enable caddy service (caddy - Every Site on HTTPS) personal license for non-commercial use only, see https://caddyserver.com/products/licenses . Set to 'true' to enable caddy\n\t\tcaddy settings are handled through $SNAP_COMMON/Caddyfile"
|
|
DEFAULT_CADDY_ENABLED="false"
|
|
KEY_CADDY_ENABLED="caddy-enabled"
|
|
|
|
DESCRIPTION_CADDY_BIND_PORT="Port on which caddy will expect proxy, value set here will be set in $SNAP_COMMON/Caddyfile"
|
|
DEFAULT_CADDY_BIND_PORT="3001"
|
|
KEY_CADDY_BIND_PORT="caddy-bind-port"
|
|
|
|
DESCRIPTION_WITH_API="Enable/disable the api of wekan"
|
|
DEFAULT_WITH_API="true"
|
|
KEY_WITH_API="with-api"
|
|
|
|
DESCRIPTION_RICHER_CARD_COMMENT_EDITOR="Rich text editor in card comments. Default: true"
|
|
DEFAULT_RICHER_CARD_COMMENT_EDITOR="true"
|
|
KEY_RICHER_CARD_COMMENT_EDITOR="richer-card-comment-editor"
|
|
|
|
DESCRIPTION_ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURES_BEFORE="Accounts lockout known users failures before, greater than 0. Default: 3"
|
|
DEFAULT_ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURES_BEFORE="3"
|
|
KEY_ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURES_BEFORE="accounts-lockout-known-users-failures-before"
|
|
|
|
DESCRIPTION_ACCOUNTS_LOCKOUT_KNOWN_USERS_PERIOD="Accounts lockout know users period, in seconds. Default: 60"
|
|
DEFAULT_ACCOUNTS_LOCKOUT_KNOWN_USERS_PERIOD="60"
|
|
KEY_ACCOUNTS_LOCKOUT_KNOWN_USERS_PERIOD="accounts-lockout-known-users-period"
|
|
|
|
DESCRIPTION_ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURE_WINDOW="Accounts lockout unknown failure window, in seconds. Default: 15"
|
|
DEFAULT_ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURE_WINDOW="15"
|
|
KEY_ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURE_WINDOW="accounts-lockout-known-users-failure-window"
|
|
|
|
DESCRIPTION_ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURES_BERORE="Accounts lockout unknown users failures before, greater than 0. Default: 3"
|
|
DEFAULT_ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURES_BERORE="3"
|
|
KEY_ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURES_BERORE="accounts-lockout-unknown-users-failures-before"
|
|
|
|
DESCRIPTION_ACCOUNTS_LOCKOUT_UNKNOWN_USERS_LOCKOUT_PERIOD="Accounts lockout unknown users lockout period, in seconds. Default: 60"
|
|
DEFAULT_ACCOUNTS_LOCKOUT_UNKNOWN_USERS_LOCKOUT_PERIOD="60"
|
|
KEY_ACCOUNTS_LOCKOUT_UNKNOWN_USERS_LOCKOUT_PERIOD="accounts-lockout-unknown-users-lockout-period"
|
|
|
|
DESCRIPTION_ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURE_WINDOW="Accounts lockout unknown users failure window, in seconds. Default: 15"
|
|
DEFAULT_ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURE_WINDOW="15"
|
|
KEY_ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURE_WINDOW="accounts-lockout-unknown-users-failure-window"
|
|
|
|
DESCRIPTION_MAX_IMAGE_PIXEL="Max image pixel: Allow to shrink attached/pasted image https://github.com/wekan/wekan/pull/2544"
|
|
DEFAULT_MAX_IMAGE_PIXEL=""
|
|
KEY_MAX_IMAGE_PIXEL="max-image-pixel"
|
|
|
|
DESCRIPTION_IMAGE_COMPRESS_RATIO="Image compress ratio: Allow to shrink attached/pasted image https://github.com/wekan/wekan/pull/2544"
|
|
DEFAULT_IMAGE_COMPRESS_RATIO=""
|
|
KEY_IMAGE_COMPRESS_RATIO="image-compress-ratio"
|
|
|
|
DESCRIPTION_BIGEVENTS_PATTERN="Big events pattern: Notify always due etc regardless of notification settings. Default: due, All: received|start|due|end, Disabled: NONE"
|
|
DEFAULT_BIGEVENTS_PATTERN=""
|
|
KEY_BIGEVENTS_PATTERN="bigevents-pattern"
|
|
|
|
DESCRIPTION_NOTIFY_DUE_DAYS_BEFORE_AND_AFTER="Notify due days, default 2 days before and after. 0 = due notifications disabled. Default: 2"
|
|
DEFAULT_NOTIFY_DUE_DAYS_BEFORE_AND_AFTER=""
|
|
KEY_NOTIFY_DUE_DAYS_BEFORE_AND_AFTER="notify-due-days-before-and-after"
|
|
|
|
DESCRIPTION_NOTIFY_DUE_AT_HOUR_OF_DAY="Notify due at hour of day. Default every morning at 8am. Can be 0-23. If env variable has parsing error, use default. Notification sent to watchers. Default: 0"
|
|
DEFAULT_NOTIFY_DUE_AT_HOUR_OF_DAY=""
|
|
KEY_NOTIFY_DUE_AT_HOUR_OF_DAY="notify-due-at-hour-of-day"
|
|
|
|
DESCRIPTION_EMAIL_NOTIFICATION_TIMEOUT="Email notification timeout, ms. Default: 30000 (=30s)."
|
|
DEFAULT_EMAIL_NOTIFICATION_TIMEOUT="30000"
|
|
KEY_EMAIL_NOTIFICATION_TIMEOUT="email-notification-timeout"
|
|
|
|
DESCRIPTION_CORS="Enable/disable CORS: Set Access-Control-Allow-Origin header. Example: *"
|
|
DEFAULT_CORS=""
|
|
KEY_CORS="cors"
|
|
|
|
DESCRIPTION_CORS_ALLOW_HEADERS="Set Access-Control-Allow-Headers header. \"Authorization,Content-Type\" is required for cross-origin use of the API."
|
|
DEFAULT_CORS_ALLOW_HEADERS=""
|
|
KEY_CORS_ALLOW_HEADERS="cors-allow-headers"
|
|
|
|
DESCRIPTION_EXPOSE_HEADERS="Set Access-Control-Expose-Headers header. This is not needed for typical CORS situations. Example: *"
|
|
DEFAULT_CORS_EXPOSE_HEADERS=""
|
|
KEY_CORS_EXPOSE_HEADERS="cors-expose-headers"
|
|
|
|
DESCRIPTION_MATOMO_ADDRESS="The address of the server where matomo is hosted"
|
|
DEFAULT_MATOMO_ADDRESS=""
|
|
KEY_MATOMO_ADDRESS="matomo-address"
|
|
|
|
DESCRIPTION_MATOMO_SITE_ID="The value of the site ID given in matomo server for wekan"
|
|
DEFAULT_MATOMO_SITE_ID=""
|
|
KEY_MATOMO_SITE_ID="matomo-site-id"
|
|
|
|
DESCRIPTION_MATOMO_DO_NOT_TRACK="The option do not track which enables users to not be tracked by matomo"
|
|
DEFAULT_MATOMO_DO_NOT_TRACK="true"
|
|
KEY_MATOMO_DO_NOT_TRACK="matomo-do-not-track"
|
|
|
|
DESCRIPTION_MATOMO_WITH_USERNAME="The option that allows matomo to retrieve the username"
|
|
DEFAULT_MATOMO_WITH_USERNAME="false"
|
|
KEY_MATOMO_WITH_USERNAME="matomo-with-username"
|
|
|
|
DESCRIPTION_BROWSER_POLICY_ENABLED="Enable browser policy and allow one trusted URL that can have iframe that has Wekan embedded inside.\n"\
|
|
"\t\t\t Setting this to false is not recommended, it also disables all other browser policy protections\n"\
|
|
"\t\t\t and allows all iframing etc. See wekan/server/policy.js"
|
|
DEFAULT_BROWSER_POLICY_ENABLED="true"
|
|
KEY_BROWSER_POLICY_ENABLED="browser-policy-enabled"
|
|
|
|
DESCRIPTION_TRUSTED_URL="When browser policy is enabled, HTML code at this Trusted URL can have iframe that embeds Wekan inside."
|
|
DEFAULT_TRUSTED_URL=""
|
|
KEY_TRUSTED_URL="trusted-url"
|
|
|
|
DESCRIPTION_WEBHOOKS_ATTRIBUTES="What to send to Outgoing Webhook, or leave out. Example, that includes all that are default: cardId,listId,oldListId,boardId,comment,user,card,commentId ."
|
|
DEFAULT_WEBHOOKS_ATTRIBUTES=""
|
|
KEY_WEBHOOKS_ATTRIBUTES="webhooks-attributes"
|
|
|
|
DESCRIPTION_OAUTH2_ENABLED="Enable the OAuth2 connection"
|
|
DEFAULT_OAUTH2_ENABLED="false"
|
|
KEY_OAUTH2_ENABLED="oauth2-enabled"
|
|
|
|
DESCRIPTION_OAUTH2_LOGIN_STYLE="OAuth2 login style: popup or redirect. Default: redirect"
|
|
DEFAULT_OAUTH2_LOGIN_STYLE="redirect"
|
|
KEY_OAUTH2_LOGIN_STYLE="oauth2-login-style"
|
|
|
|
DESCRIPTION_OAUTH2_CLIENT_ID="OAuth2 Client ID, for example from Rocket.Chat. Example: abcde12345"
|
|
DEFAULT_OAUTH2_CLIENT_ID=""
|
|
KEY_OAUTH2_CLIENT_ID="oauth2-client-id"
|
|
|
|
DESCRIPTION_OAUTH2_SECRET="OAuth2 Secret, for example from Rocket.Chat: Example: 54321abcde"
|
|
DEFAULT_OAUTH2_SECRET=""
|
|
KEY_OAUTH2_SECRET="oauth2-secret"
|
|
|
|
DESCRIPTION_OAUTH2_SERVER_URL="OAuth2 Server URL, for example Rocket.Chat. Example: https://chat.example.com"
|
|
DEFAULT_OAUTH2_SERVER_URL=""
|
|
KEY_OAUTH2_SERVER_URL="oauth2-server-url"
|
|
|
|
DESCRIPTION_OAUTH2_AUTH_ENDPOINT="OAuth2 authorization endpoint. Example: /oauth/authorize"
|
|
DEFAULT_OAUTH2_AUTH_ENDPOINT=""
|
|
KEY_OAUTH2_AUTH_ENDPOINT="oauth2-auth-endpoint"
|
|
|
|
DESCRIPTION_OAUTH2_USERINFO_ENDPOINT="OAuth2 userinfo endpoint. Example: /oauth/userinfo"
|
|
DEFAULT_OAUTH2_USERINFO_ENDPOINT=""
|
|
KEY_OAUTH2_USERINFO_ENDPOINT="oauth2-userinfo-endpoint"
|
|
|
|
DESCRIPTION_OAUTH2_TOKEN_ENDPOINT="OAuth2 token endpoint. Example: /oauth/token"
|
|
DEFAULT_OAUTH2_TOKEN_ENDPOINT=""
|
|
KEY_OAUTH2_TOKEN_ENDPOINT="oauth2-token-endpoint"
|
|
|
|
DESCRIPTION_OAUTH2_ID_MAP="OAuth2 ID Mapping. Example: email"
|
|
DEFAULT_OAUTH2_ID_MAP=""
|
|
KEY_OAUTH2_ID_MAP="oauth2-id-map"
|
|
|
|
DESCRIPTION_OAUTH2_USERNAME_MAP="OAuth2 Username Mapping. Example: email"
|
|
DEFAULT_OAUTH2_USERNAME_MAP=""
|
|
KEY_OAUTH2_USERNAME_MAP="oauth2-username-map"
|
|
|
|
DESCRIPTION_OAUTH2_FULLNAME_MAP="OAuth2 Fullname Mapping. Example: name"
|
|
DEFAULT_OAUTH2_FULLNAME_MAP=""
|
|
KEY_OAUTH2_FULLNAME_MAP="oauth2-fullname-map"
|
|
|
|
DESCRIPTION_OAUTH2_FULLNAME_MAP="OAuth2 Fullname Mapping. Example: name"
|
|
DEFAULT_OAUTH2_FULLNAME_MAP=""
|
|
KEY_OAUTH2_FULLNAME_MAP="oauth2-fullname-map"
|
|
|
|
DESCRIPTION_OAUTH2_ID_TOKEN_WHITELIST_FIELDS="OAuth2 ID Token Whitelist Fields."
|
|
DEFAULT_OAUTH2_ID_TOKEN_WHITELIST_FIELDS=""
|
|
KEY_OAUTH2_ID_TOKEN_WHITELIST_FIELDS="oauth2-id-token-whitelist-fields"
|
|
|
|
DESCRIPTION_OAUTH2_REQUEST_PERMISSIONS="OAuth2 Request Permissions. Example: 'openid profile email'"
|
|
DEFAULT_OAUTH2_REQUEST_PERMISSIONS="'openid profile email'"
|
|
KEY_OAUTH2_REQUEST_PERMISSIONS="oauth2-request-permissions"
|
|
|
|
DESCRIPTION_OAUTH2_EMAIL_MAP="OAuth2 Email Mapping. Example: email"
|
|
DEFAULT_OAUTH2_EMAIL_MAP=""
|
|
KEY_OAUTH2_EMAIL_MAP="oauth2-email-map"
|
|
|
|
DESCRIPTION_LDAP_ENABLE="Enable or not the connection by the LDAP"
|
|
DEFAULT_LDAP_ENABLE="false"
|
|
KEY_LDAP_ENABLE="ldap-enable"
|
|
|
|
DESCRIPTION_LDAP_PORT="The port of the LDAP server"
|
|
DEFAULT_LDAP_PORT="389"
|
|
KEY_LDAP_PORT="ldap-port"
|
|
|
|
DESCRIPTION_LDAP_HOST="The host server for the LDAP server"
|
|
DEFAULT_LDAP_HOST=""
|
|
KEY_LDAP_HOST="ldap-host"
|
|
|
|
DESCRIPTION_LDAP_BASEDN="The base DN for the LDAP Tree"
|
|
DEFAULT_LDAP_BASEDN=""
|
|
KEY_LDAP_BASEDN="ldap-basedn"
|
|
|
|
DESCRIPTION_LDAP_LOGIN_FALLBACK="Fallback on the default authentication method"
|
|
DEFAULT_LDAP_LOGIN_FALLBACK="false"
|
|
KEY_LDAP_LOGIN_FALLBACK="ldap-login-fallback"
|
|
|
|
DESCRIPTION_LDAP_RECONNECT="Reconnect to the server if the connection is lost"
|
|
DEFAULT_LDAP_RECONNECT="true"
|
|
KEY_LDAP_RECONNECT="ldap-reconnect"
|
|
|
|
DESCRIPTION_LDAP_TIMEOUT="Overall timeout, in milliseconds."
|
|
DEFAULT_LDAP_TIMEOUT="10000"
|
|
KEY_LDAP_TIMEOUT="ldap-timeout"
|
|
|
|
DESCRIPTION_LDAP_IDLE_TIMEOUT="Specifies the timeout for idle LDAP connections in milliseconds"
|
|
DEFAULT_LDAP_IDLE_TIMEOUT="10000"
|
|
KEY_LDAP_IDLE_TIMEOUT="ldap-idle-timeout"
|
|
|
|
DESCRIPTION_LDAP_CONNECT_TIMEOUT="Connection timeout, in milliseconds."
|
|
DEFAULT_LDAP_CONNECT_TIMEOUT="10000"
|
|
KEY_LDAP_CONNECT_TIMEOUT="ldap-connect-timeout"
|
|
|
|
DESCRIPTION_LDAP_AUTHENTIFICATION="If the LDAP needs a user account to search"
|
|
DEFAULT_LDAP_AUTHENTIFICATION="false"
|
|
KEY_LDAP_AUTHENTIFICATION="ldap-authentication"
|
|
|
|
DESCRIPTION_LDAP_AUTHENTIFICATION_USERDN="The search user DN"
|
|
DEFAULT_LDAP_AUTHENTIFICATION_USERDN=""
|
|
KEY_LDAP_AUTHENTIFICATION_USERDN="ldap-authentication-userdn"
|
|
|
|
DESCRIPTION_LDAP_AUTHENTIFICATION_PASSWORD="The password for the search user"
|
|
DEFAULT_LDAP_AUTHENTIFICATION_PASSWORD=""
|
|
KEY_LDAP_AUTHENTIFICATION_PASSWORD="ldap-authentication-password"
|
|
|
|
DESCRIPTION_LDAP_LOG_ENABLED="Enable logs for the module"
|
|
DEFAULT_LDAP_LOG_ENABLED="false"
|
|
KEY_LDAP_LOG_ENABLED="ldap-log-enabled"
|
|
|
|
DESCRIPTION_LDAP_BACKGROUND_SYNC="If the sync of the users should be done in the background"
|
|
DEFAULT_LDAP_BACKGROUND_SYNC="false"
|
|
KEY_LDAP_BACKGROUND_SYNC="ldap-background-sync"
|
|
|
|
DESCRIPTION_LDAP_BACKGROUND_SYNC_INTERVAL="At which interval does the background task sync in milliseconds"
|
|
DEFAULT_LDAP_BACKGROUND_SYNC_INTERVAL="100"
|
|
KEY_LDAP_BACKGROUND_SYNC_INTERVAL="ldap-background-sync-interval"
|
|
|
|
DESCRIPTION_LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=""
|
|
DEFAULT_LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED="false"
|
|
KEY_LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED="ldap-background-sync-keep-existant-users-updated"
|
|
|
|
DESCRIPTION_LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=""
|
|
DEFAULT_LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS="false"
|
|
KEY_LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS="ldap-background-sync-import-new-users"
|
|
|
|
DESCRIPTION_LDAP_ENCRYPTION="If using LDAPS, use LDAP_ENCRYPTION=ssl"
|
|
DEFAULT_LDAP_ENCRYPTION="false"
|
|
KEY_LDAP_ENCRYPTION="ldap-encryption"
|
|
|
|
DESCRIPTION_LDAP_CA_CERT="The certification for the LDAPS server"
|
|
DEFAULT_LDAP_CA_CERT=""
|
|
KEY_LDAP_CA_CERT="ldap-ca-cert"
|
|
|
|
DESCRIPTION_LDAP_REJECT_UNAUTHORIZED="Reject Unauthorized Certificate"
|
|
DEFAULT_LDAP_REJECT_UNAUTHORIZED="false"
|
|
KEY_LDAP_REJECT_UNAUTHORIZED="ldap-reject-unauthorized"
|
|
|
|
DESCRIPTION_LDAP_USER_AUTHENTICATION="Option to login to the LDAP server with the user's own username and password, instead of an administrator key. Default: false (use administrator key)."
|
|
DEFAULT_LDAP_USER_AUTHENTICATION="false"
|
|
KEY_LDAP_USER_AUTHENTICATION="ldap-user-authentication"
|
|
|
|
DESCRIPTION_LDAP_USER_SEARCH_FILTER="Optional extra LDAP filters. Don't forget the outmost enclosing parentheses if needed"
|
|
DEFAULT_LDAP_USER_SEARCH_FILTER=""
|
|
KEY_LDAP_USER_SEARCH_FILTER="ldap-user-search-filter"
|
|
|
|
DESCRIPTION_LDAP_USER_SEARCH_SCOPE="base (search only in the provided DN), one (search only in the provided DN and one level deep), or sub (search the whole subtree). Example: one"
|
|
DEFAULT_LDAP_USER_SEARCH_SCOPE=""
|
|
KEY_LDAP_USER_SEARCH_SCOPE="ldap-user-search-scope"
|
|
|
|
DESCRIPTION_LDAP_USER_SEARCH_FIELD="Which field is used to find the user"
|
|
DEFAULT_LDAP_USER_SEARCH_FIELD=""
|
|
KEY_LDAP_USER_SEARCH_FIELD="ldap-user-search-field"
|
|
|
|
DESCRIPTION_LDAP_SEARCH_PAGE_SIZE="Used for pagination (0=unlimited)"
|
|
DEFAULT_LDAP_SEARCH_PAGE_SIZE="0"
|
|
KEY_LDAP_SEARCH_PAGE_SIZE="ldap-search-page-size"
|
|
|
|
DESCRIPTION_LDAP_SEARCH_SIZE_LIMIT="The limit number of entries (0=unlimited)"
|
|
DEFAULT_LDAP_SEARCH_SIZE_LIMIT="0"
|
|
KEY_LDAP_SEARCH_SIZE_LIMIT="ldap-search-size-limit"
|
|
|
|
DESCRIPTION_LDAP_GROUP_FILTER_ENABLE="Enable group filtering"
|
|
DEFAULT_LDAP_GROUP_FILTER_ENABLE="false"
|
|
KEY_LDAP_GROUP_FILTER_ENABLE="ldap-group-filter-enable"
|
|
|
|
DESCRIPTION_LDAP_GROUP_FILTER_OBJECTCLASS="The object class for filtering"
|
|
DEFAULT_LDAP_GROUP_FILTER_OBJECTCLASS=""
|
|
KEY_LDAP_GROUP_FILTER_OBJECTCLASS="ldap-group-filter-objectclass"
|
|
|
|
DESCRIPTION_LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE="ldap-group-filter-id-attribute. Default: ''"
|
|
DEFAULT_LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE=""
|
|
KEY_LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE="ldap-group-filter-id-attribute"
|
|
|
|
DESCRIPTION_LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE="ldap-group-filter-member-attibute. Default: ''"
|
|
DEFAULT_LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE=""
|
|
KEY_LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE="ldap-group-filter-member-attribute"
|
|
|
|
DESCRIPTION_LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT="ldap-group-filter-group-member-format. Default: ''"
|
|
DEFAULT_LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT=""
|
|
KEY_LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT="ldap-group-filter-member-format"
|
|
|
|
DESCRIPTION_LDAP_GROUP_FILTER_GROUP_NAME="ldap-group-filter-group-name. Default: ''"
|
|
DEFAULT_LDAP_GROUP_FILTER_GROUP_NAME=""
|
|
KEY_LDAP_GROUP_FILTER_GROUP_NAME="ldap-group-filter-member-name"
|
|
|
|
DESCRIPTION_LDAP_UNIQUE_IDENTIFIER_FIELD="This field is sometimes class GUID (Globally Unique Identifier)"
|
|
DEFAULT_LDAP_UNIQUE_IDENTIFIER_FIELD=""
|
|
KEY_LDAP_UNIQUE_IDENTIFIER_FIELD="ldap-unique-identifier-field"
|
|
|
|
DESCRIPTION_LDAP_UTF8_NAMES_SLUGIFY="Convert the username to utf8"
|
|
DEFAULT_LDAP_UTF8_NAMES_SLUGIFY="true"
|
|
KEY_LDAP_UTF8_NAMES_SLUGIFY="ldap-utf8-names-slugify"
|
|
|
|
DESCRIPTION_LDAP_USERNAME_FIELD="Which field contains the ldap username"
|
|
DEFAULT_LDAP_USERNAME_FIELD=""
|
|
KEY_LDAP_USERNAME_FIELD="ldap-username-field"
|
|
|
|
DESCRIPTION_LDAP_FULLNAME_FIELD="Which field contains the ldap fullname"
|
|
DEFAULT_LDAP_FULLNAME_FIELD=""
|
|
KEY_LDAP_FULLNAME_FIELD="ldap-fullname-field"
|
|
|
|
DESCRIPTION_LDAP_MERGE_EXISTING_USERS="ldap-merge-existing-users . Default: false"
|
|
DEFAULT_LDAP_MERGE_EXISTING_USERS="false"
|
|
KEY_LDAP_MERGE_EXISTING_USERS="ldap-merge-existing-users"
|
|
|
|
DESCRIPTION_LDAP_EMAIL_MATCH_ENABLE="ldap-email-match-enable . Default: false"
|
|
DEFAULT_LDAP_EMAIL_MATCH_ENABLE="false"
|
|
KEY_LDAP_EMAIL_MATCH_ENABLE="ldap-email-match-enable"
|
|
|
|
DESCRIPTION_LDAP_EMAIL_MATCH_REQUIRE="ldap-email-match-require . Default: false"
|
|
DEFAULT_LDAP_EMAIL_MATCH_REQUIRE="false"
|
|
KEY_LDAP_EMAIL_MATCH_REQUIRE="ldap-email-match-require"
|
|
|
|
DESCRIPTION_LDAP_EMAIL_MATCH_VERIFIED="ldap-email-match-verified . Default: false"
|
|
DEFAULT_LDAP_EMAIL_MATCH_VERIFIED="false"
|
|
KEY_LDAP_EMAIL_MATCH_VERIFIED="ldap-email-match-verified"
|
|
|
|
DESCRIPTION_LDAP_EMAIL_FIELD="Which field contains the ldap e-mail address"
|
|
DEFAULT_LDAP_EMAIL_FIELD=""
|
|
KEY_LDAP_EMAIL_FIELD="ldap-email-field"
|
|
|
|
DESCRIPTION_LDAP_SYNC_USER_DATA="ldap-sync-user-data . Default: false"
|
|
DEFAULT_LDAP_SYNC_USER_DATA="false"
|
|
KEY_LDAP_SYNC_USER_DATA="ldap-sync-user-data"
|
|
|
|
DESCRIPTION_LDAP_SYNC_USER_DATA_FIELDMAP="LDAP Sync User Data Fieldmap. Example: ldap-sync-user-data-fieldmap='{\"cn\":\"name\", \"mail\":\"email\"}'"
|
|
DEFAULT_LDAP_SYNC_USER_DATA_FIELDMAP=""
|
|
KEY_LDAP_SYNC_USER_DATA_FIELDMAP="ldap-sync-user-data-fieldmap"
|
|
|
|
DESCRIPTION_LDAP_SYNC_GROUP_ROLES="ldap-sync-group-roles . Default: '' (empty)."
|
|
DEFAULT_LDAP_SYNC_GROUP_ROLES=""
|
|
KEY_LDAP_SYNC_GROUP_ROLES="ldap-sync-group-roles"
|
|
|
|
DESCRIPTION_LDAP_SYNC_ADMIN_STATUS="Enable/Disable syncing of admin status based on LDAP groups. Example: true"
|
|
DEFAULT_LDAP_SYNC_ADMIN_STATUS=""
|
|
KEY_LDAP_SYNC_ADMIN_STATUS="ldap-sync-admin-status"
|
|
|
|
DESCRIPTION_LDAP_SYNC_ADMIN_GROUPS="Comma separated list of admin group names to sync. Example: group1, group2"
|
|
DEFAULT_LDAP_SYNC_ADMIN_GROUPS=""
|
|
KEY_LDAP_SYNC_ADMIN_GROUPS="ldap-sync-admin-groups"
|
|
|
|
DESCRIPTION_LDAP_DEFAULT_DOMAIN="The default domain of the ldap it is used to create email if the field is not map correctly with the LDAP_SYNC_USER_DATA_FIELDMAP"
|
|
DEFAULT_LDAP_DEFAULT_DOMAIN=""
|
|
KEY_LDAP_DEFAULT_DOMAIN="ldap-default-domain"
|
|
|
|
DESCRIPTION_HEADER_LOGIN_ID="Header login ID. Example for siteminder: HEADERUID"
|
|
DEFAULT_HEADER_LOGIN_ID=""
|
|
KEY_HEADER_LOGIN_ID="header-login-id"
|
|
|
|
DESCRIPTION_HEADER_LOGIN_FIRSTNAME="Header login firstname. Example for siteminder: HEADERFIRSTNAME"
|
|
DEFAULT_HEADER_LOGIN_FIRSTNAME="Header login firstname. Example for siteminder: HEADERFIRSTNAME"
|
|
KEY_HEADER_LOGIN_FIRSTNAME="header-login-firstname"
|
|
|
|
DESCRIPTION_HEADER_LOGIN_LASTNAME="Header login lastname. Example for siteminder: HEADERLASTNAME"
|
|
DEFAULT_HEADER_LOGIN_LASTNAME="Header login firstname. Example for siteminder: HEADERLASTNAME"
|
|
KEY_HEADER_LOGIN_LASTNAME="header-login-lastname"
|
|
|
|
DESCRIPTION_HEADER_LOGIN_EMAIL="Header login email. Example for siteminder: HEADEREMAILADDRESS"
|
|
DEFAULT_HEADER_LOGIN_EMAIL="Header login email. Example for siteminder: HEADEREMAILADDRESS"
|
|
KEY_HEADER_LOGIN_EMAIL="header-login-email"
|
|
|
|
DESCRIPTION_LOGOUT_WITH_TIMER="Enables or not the option logout with timer"
|
|
DEFAULT_LOGOUT_WITH_TIMER="false"
|
|
KEY_LOGOUT_WITH_TIMER="logout-with-timer"
|
|
|
|
DESCRIPTION_LOGOUT_IN="The number of days"
|
|
DEFAULT_LOGOUT_IN=""
|
|
KEY_LOGOUT_IN="logout-in"
|
|
|
|
DESCRIPTION_LOGOUT_ON_HOURS="The number of hours"
|
|
DEFAULT_LOGOUT_ON_HOURS=""
|
|
KEY_LOGOUT_ON_HOURS="logout-on-hours"
|
|
|
|
DESCRIPTION_LOGOUT_ON_MINUTES="The number of minutes"
|
|
DEFAULT_LOGOUT_ON_MINUTES=""
|
|
KEY_LOGOUT_ON_MINUTES="logout-on-minutes"
|
|
|
|
DESCRIPTION_DEFAULT_AUTHENTICATION_METHOD="The default authentication method used if a user does not exist to create and authenticate. Method can be password or ldap."
|
|
DEFAULT_DEFAULT_AUTHENTICATION_METHOD=""
|
|
KEY_DEFAULT_AUTHENTICATION_METHOD="default-authentication-method"
|
|
|