# This is a sample configuration file with all possible configuration options.
# If you don't want to maintain a file like this you can pass in all variables via Server Variabels

## Minimum Configuration, these are required for installation

LEAN_APP_URL = 'https://__DOMAIN__'                # Base URL, only needed for subfolder installation
LEAN_APP_URL_ROOT = ''                             # Base of application without trailing slash (used for cookies), e.g, /leantime

LEAN_DEBUG = 0                                     # Debug flag

# Database
LEAN_DB_HOST = 'localhost'                         # Database host
LEAN_DB_USER = '__DB_USER__'                       # Database username
LEAN_DB_PASSWORD = '__DB_PWD__'                    # Database password
LEAN_DB_DATABASE = '__DB_NAME__'                   # Database name
LEAN_DB_PORT = '3306'                              # Database port


## Optional Configuraiton, you may ommit these from your .env file

## Default Settings
LEAN_SITENAME = 'Leantime'                         # Name of your site, can be changed later
LEAN_LANGUAGE = '__LANGUAGE__'                     # Default language
LEAN_DEFAULT_TIMEZONE = '__TIMEZONE__'             # Set default timezone
LEAN_ENABLE_MENU_TYPE = false                      # Enable to specifiy menu on a project by project basis
LEAN_SESSION_PASSWORD = '__KEY__'                  #Salting sessions. Replace with a strong password
LEAN_SESSION_EXPIRATION = 28800                    # How many seconds after inactivity should we logout?  28800seconds = 8hours
LEAN_LOG_PATH = null                               # Default Log Path (including filename), if not set /logs/error.log will be used

## Look & Feel, these settings are available in the UI and can be overwritten there.
LEAN_LOGO_PATH = '/images/logo.svg'                # Default logo path, can be changed later
LEAN_PRINT_LOGO_URL = '/images/logo.jpg'           # Default logo URL use for printing (must be jpg or png format)
LEAN_DEFAULT_THEME = 'default'                     # Default theme
LEAN_PRIMARY_COLOR = '#1b75bb'                     # Primary Theme color
LEAN_SECONDARY_COLOR = '#81B1A8'                   # Secondary Theme Color
LEAN_KEEP_THEME = true                             # Keep theme and language from previous user for login screen

## Fileuploads

# Local File Uploads
LEAN_USER_FILE_PATH = 'userfiles/'                 # Local relative path to store uploaded files (if not using S3)
LEAN_DB_BACKUP_PATH = 'backupdb/'                  # Local relative path to store backup files, need permission to write

# S3 File Uploads
LEAN_USE_S3 = false                                # Set to true if you want to use S3 instead of local files
LEAN_S3_KEY = ''                                   # S3 Key
LEAN_S3_SECRET = ''                                # S3 Secret
LEAN_S3_BUCKET = ''                                # Your S3 bucket
LEAN_S3_USE_PATH_STYLE_ENDPOINT = false            # Sets the endpoint style: false => https://[bucket].[endpoint] ; true => https://[endpoint]/[bucket]
LEAN_S3_REGION = ''                                # S3 region
LEAN_S3_FOLDER_NAME = ''                           # Foldername within S3 (can be emtpy)
LEAN_S3_END_POINT = null                           # S3 EndPoint S3 Compatible (https://sfo2.digitaloceanspaces.com)

## Email
LEAN_EMAIL_RETURN = '__APP__@__DOMAIN__'          # Return email address, needs to be valid email address format
LEAN_EMAIL_USE_SMTP = true                         # Use SMTP? If set to false, the default php mail() function will be used
LEAN_EMAIL_SMTP_HOSTS = 'localhost'                # SMTP host
LEAN_EMAIL_SMTP_AUTH = true                        # SMTP authentication required
LEAN_EMAIL_SMTP_USERNAME = '__APP__'               # SMTP username
LEAN_EMAIL_SMTP_PASSWORD = '__MAIL_PWD__'          # SMTP password
LEAN_EMAIL_SMTP_AUTO_TLS = true                    # SMTP Enable TLS encryption automatically if a server supports it
LEAN_EMAIL_SMTP_SECURE = ''                        # SMTP Security protocol (usually one of: TLS, SSL, STARTTLS)
LEAN_EMAIL_SMTP_SSLNOVERIFY = true                 # SMTP Allow insecure SSL: Don't verify certificate, accept self-signed, etc.
LEAN_EMAIL_SMTP_PORT = '25'                        # Port (usually one of 25, 465, 587, 2526)

## Ldap
LEAN_LDAP_USE_LDAP = true                          # Set to true if you want to use LDAP
LEAN_LDAP_LDAP_TYPE = 'OL'                         # Select the correct directory type. Currently Supported: OL - OpenLdap, AD - Active Directory
LEAN_LDAP_HOST = '127.0.0.1'                       # FQDN
LEAN_LDAP_PORT = 389                               # Default Port
LEAN_LDAP_DN = 'ou=users,dc=yunohost,dc=org'       # Location of users, example: CN=users,DC=example,DC=com

                                                   # Leantime->Ldap attribute mapping
LEAN_LDAP_KEYS="{
        \"username\":\"uid\",
        \"groups\":\"memberOf\",
        \"email\":\"mail\",
        \"firstname\":\"displayname\",
        \"lastname\":\"\",
        \"phonenumber\":\"telephoneNumber\"
}"

# For AD use these default attributes
# LEAN_LDAP_KEYS="{
#        \"username\":\"cn\",
#        \"groups\":\"memberOf\",
#        \"email\":\"mail\",
#        \"firstname\":\"givenName\",
#        \"lastname\":\"sn\",
#        \"phonenumber\":\"telephoneNumber\"
#      }"

LEAN_LDAP_DEFAULT_ROLE_KEY = 20;                   # Default Leantime Role on creation. (set to editor)

# Default role assignments upon first login.
# (Optional) Can be updated later in user settings for each user
LEAN_LDAP_GROUP_ASSIGNMENT="{
               \"5\": {
                 \"ltRole\":\"readonly\",
                 \"ldapRole\":\"readonly\"
               },
               \"10\": {
                 \"ltRole\":\"commenter\",
                  \"ldapRole\":\"commenter\"
               },
               \"20\": {
                 \"ltRole\":\"editor\",
                  \"ldapRole\":\"editor\"
               },
               \"30\": {
                 \"ltRole\":\"manager\",
                  \"ldapRole\":\"manager\"
               },
               \"40\": {
                 \"ltRole\":\"admin\",
                  \"ldapRole\":\"administrators\"
               },
               \"50\": {
                 \"ltRole\":\"owner\",
                 \"ldapRole\":\"administrators\"
               }
}"

## OpenID Connect
# required
LEAN_OIDC_ENABLE = false
LEAN_OIDC_CLIEND_ID =
LEAN_OIDC_CLIEND_SECRET =

# required - the url for your provider (examples down below)
#LEAN_OIDC_PROVIDER_URL =

# optional - these will be read from the well-known configuration if possible
#LEAN_OIDC_AUTH_URL_OVERRIDE =
#LEAN_OIDC_TOKEN_URL_OVERRIDE =
#LEAN_OIDC_JWKS_URL_OVERRIDE =
#LEAN_OIDC_USERINFO_URL_OVERRIDE =

# optional - override the public key for RSA validation
#LEAN_OIDC_CERTIFICATE_STRING =
#LEAN_OIDC_CERTIFICATE_FILE =

# optional - override the requested scopes
#LEAN_OIDC_SCOPES =

# optional - override the keys used for these fields
#LEAN_OIDC_FIELD_EMAIL =
#LEAN_OIDC_FIELD_FIRSTNAME =
#LEAN_OIDC_FIELD_LASTNAME =

## OpenID Connect setting for github
#LEAN_OIDC_PROVIDER_URL = https://token.actions.githubusercontent.com/
#LEAN_OIDC_AUTH_URL_OVERRIDE = https://github.com/login/oauth/authorize
#LEAN_OIDC_TOKEN_URL_OVERRIDE = https://github.com/login/oauth/access_token
#LEAN_OIDC_USERINFO_URL_OVERRIDE = https://api.github.com/user,https://api.github.com/user/emails
#LEAN_OIDC_SCOPES = user:email
#LEAN_OIDC_FIELD_EMAIL = 0.email


## Redis (for session storage and cache)
LEAN_USE_REDIS = false          #Set to true to use redis as session cache
LEAN_REDIS_URL = ''             #Add url path such as tcp://1.2.3.4:6379. If you are using a password add ?auth=yourverycomplexpasswordhere to your url