mirror of
https://github.com/YunoHost-Apps/seafile_ynh.git
synced 2024-09-03 20:26:01 +02:00
399 lines
14 KiB
Python
399 lines
14 KiB
Python
# -*- coding: utf-8 -*-
|
|
|
|
SECRET_KEY = "{{ seahub_secret_key }}"
|
|
|
|
DATABASES = {
|
|
'default': {
|
|
'ENGINE': 'django.db.backends.mysql',
|
|
'NAME': 'seahubdb',
|
|
'USER': '{{ db_user }}',
|
|
'PASSWORD': '{{ db_pwd }}',
|
|
'HOST': '127.0.0.1',
|
|
'PORT': '3306',
|
|
'OPTIONS': {'charset': 'utf8mb4'},
|
|
}
|
|
}
|
|
|
|
CACHES = {
|
|
'default': {
|
|
'BACKEND': 'django_pylibmc.memcached.PyLibMCCache',
|
|
'LOCATION': '127.0.0.1:11211',
|
|
},
|
|
}
|
|
|
|
FILE_SERVER_ROOT = "https://{{ domain }}/seafhttp"
|
|
SERVE_STATIC = False
|
|
MEDIA_URL = "{{ path2 }}media/"
|
|
COMPRESS_URL = MEDIA_URL
|
|
STATIC_URL = MEDIA_URL + 'assets/'
|
|
LOGIN_URL = '{{ path2 }}accounts/login/'
|
|
|
|
#
|
|
# LDAP
|
|
#
|
|
|
|
ENABLE_LDAP = True
|
|
# The URL of LDAP server
|
|
LDAP_SERVER_URL = 'ldap://localhost:389'
|
|
|
|
# The root node of users who can log in to Seafile in the LDAP server
|
|
LDAP_BASE_DN = 'ou=users,dc=yunohost,dc=org'
|
|
|
|
# DN of the administrator used to query the LDAP server for information.
|
|
# For OpenLDAP, it maybe cn=admin,dc=example,dc=com
|
|
LDAP_ADMIN_DN = '' # Need to leave empty to work with anonymous authentication
|
|
|
|
# Password of LDAP_ADMIN_DN
|
|
LDAP_ADMIN_PASSWORD = '' # Need to leave empty to work with anonymous authentication
|
|
|
|
# Identify the source of the user, used in
|
|
# the table social_auth_usersocialauth, defaults to 'ldap'
|
|
LDAP_PROVIDER = 'ldap'
|
|
|
|
# User's attribute used to log in to Seafile.
|
|
# It should be a unique identifier for the user in LDAP server.
|
|
# Learn more about this id from the descriptions at begining of this section.
|
|
LDAP_LOGIN_ATTR = 'mail'
|
|
|
|
# LDAP user's contact_email attribute
|
|
LDAP_CONTACT_EMAIL_ATTR = 'mail'
|
|
|
|
# LDAP user's role attribute
|
|
LDAP_USER_ROLE_ATTR = ''
|
|
|
|
# For sync user's first name
|
|
LDAP_USER_FIRST_NAME_ATTR = 'givenName'
|
|
|
|
# For sync user's last name
|
|
LDAP_USER_LAST_NAME_ATTR = 'sn'
|
|
|
|
# Whether to reverse the user's first and last name
|
|
LDAP_USER_NAME_REVERSE = False
|
|
|
|
# Additional filter conditions, users who meet the filter conditions can log in, otherwise they cannot log in
|
|
LDAP_FILTER = 'permission=cn={{ app }}.main,ou=permission,dc=yunohost,dc=org'
|
|
|
|
#
|
|
# SSO
|
|
#
|
|
|
|
ENABLE_REMOTE_USER_AUTHENTICATION = True
|
|
REMOTE_USER_HEADER = 'HTTP_EMAIL'
|
|
REMOTE_USER_CREATE_UNKNOWN_USER = False
|
|
REMOTE_USER_PROTECTED_PATH = ['{{ path }}', '{{ path2 }}accounts/login', '{{ path2 }}sso']
|
|
|
|
#
|
|
# Security settings
|
|
#
|
|
|
|
# For security consideration, please set to match the host/domain of your site, e.g., ALLOWED_HOSTS = ['.example.com'].
|
|
# Please refer https://docs.djangoproject.com/en/dev/ref/settings/#allowed-hosts for details.
|
|
ALLOWED_HOSTS = ['{{ domain }}']
|
|
|
|
# Whether to use a secure cookie for the CSRF cookie
|
|
# https://docs.djangoproject.com/en/3.2/ref/settings/#csrf-cookie-secure
|
|
CSRF_COOKIE_SECURE = True
|
|
|
|
# The value of the SameSite flag on the CSRF cookie
|
|
# https://docs.djangoproject.com/en/3.2/ref/settings/#csrf-cookie-samesite
|
|
CSRF_COOKIE_SAMESITE = 'Strict'
|
|
|
|
# https://docs.djangoproject.com/en/3.2/ref/settings/#csrf-trusted-origins
|
|
CSRF_TRUSTED_ORIGINS = ['https://{{ domain }}']
|
|
|
|
#
|
|
# User options
|
|
#
|
|
|
|
# Enalbe or disalbe registration on web. Default is `False`.
|
|
# ENABLE_SIGNUP = False
|
|
|
|
# Activate or deactivate user when registration complete. Default is `True`.
|
|
# If set to `False`, new users need to be activated by admin in admin panel.
|
|
# ACTIVATE_AFTER_REGISTRATION = True
|
|
|
|
# Whether to send email when a system admin adding a new member. Default is `True`.
|
|
# SEND_EMAIL_ON_ADDING_SYSTEM_MEMBER = True
|
|
|
|
# Whether to send email when a system admin resetting a user's password. Default is `True`.
|
|
# SEND_EMAIL_ON_RESETTING_USER_PASSWD = True
|
|
|
|
# Send system admin notify email when user registration is complete. Default is `False`.
|
|
# NOTIFY_ADMIN_AFTER_REGISTRATION = False
|
|
|
|
# Remember days for login. Default is 7
|
|
# LOGIN_REMEMBER_DAYS = 7
|
|
|
|
# Attempt limit before showing a captcha when login.
|
|
# LOGIN_ATTEMPT_LIMIT = 3
|
|
|
|
# deactivate user account when login attempts exceed limit
|
|
# Since version 5.1.2 or pro 5.1.3
|
|
# FREEZE_USER_ON_LOGIN_FAILED = False
|
|
|
|
# Age of cookie, in seconds (default: 2 weeks).
|
|
# SESSION_COOKIE_AGE = 60 * 60 * 24 * 7 * 2
|
|
|
|
# Whether a user's session cookie expires when the Web browser is closed.
|
|
# SESSION_EXPIRE_AT_BROWSER_CLOSE = False
|
|
|
|
# Whether to save the session data on every request. Default is `False`
|
|
# SESSION_SAVE_EVERY_REQUEST = False
|
|
|
|
# Whether enable the feature "published library". Default is `False`
|
|
# Since 6.1.0 CE
|
|
ENABLE_WIKI = True
|
|
|
|
# In old version, if you use Single Sign On, the password is not saved in Seafile.
|
|
# Users can't use WebDAV because Seafile can't check whether the password is correct.
|
|
# Since version 6.3.8, you can enable this option to let user's to specific a password for WebDAV login.
|
|
# Users login via SSO can use this password to login in WebDAV.
|
|
# Enable the feature. pycryptodome should be installed first.
|
|
# sudo pip install pycryptodome==3.12.0
|
|
ENABLE_WEBDAV_SECRET = False
|
|
|
|
# Since version 7.0.9, you can force a full user to log in with a two factor authentication.
|
|
# The prerequisite is that the administrator should 'enable two factor authentication' in the 'System Admin -> Settings' page.
|
|
# Then you can add the following configuration information to the configuration file.
|
|
# ENABLE_FORCE_2FA_TO_ALL_USERS = False
|
|
|
|
#
|
|
# Library options
|
|
#
|
|
|
|
# if enable create encrypted library
|
|
# ENABLE_ENCRYPTED_LIBRARY = True
|
|
|
|
# version for encrypted library
|
|
# should only be `2` or `4`.
|
|
# version 3 is insecure (using AES128 encryption) so it's not recommended any more.
|
|
# ENCRYPTED_LIBRARY_VERSION = 2
|
|
|
|
# mininum length for password of encrypted library
|
|
# REPO_PASSWORD_MIN_LENGTH = 8
|
|
|
|
# force use password when generate a share/upload link (since version 8.0.9)
|
|
# SHARE_LINK_FORCE_USE_PASSWORD = False
|
|
|
|
# mininum length for password for share link (since version 4.4)
|
|
# SHARE_LINK_PASSWORD_MIN_LENGTH = 8
|
|
|
|
# LEVEL for the password of a share/upload link
|
|
# based on four types of input:
|
|
# num, upper letter, lower letter, other symbols
|
|
# '3' means password must have at least 3 types of the above. (since version 8.0.9)
|
|
# SHARE_LINK_PASSWORD_STRENGTH_LEVEL = 3
|
|
|
|
# Default expire days for share link (since version 6.3.8)
|
|
# Once this value is configured, the user can no longer generate an share link with no expiration time.
|
|
# If the expiration value is not set when the share link is generated, the value configured here will be used.
|
|
# SHARE_LINK_EXPIRE_DAYS_DEFAULT = 5
|
|
|
|
# minimum expire days for share link (since version 6.3.6)
|
|
# SHARE_LINK_EXPIRE_DAYS_MIN should be less than SHARE_LINK_EXPIRE_DAYS_DEFAULT (If the latter is set).
|
|
# SHARE_LINK_EXPIRE_DAYS_MIN = 3 # default is 0, no limit.
|
|
|
|
# maximum expire days for share link (since version 6.3.6)
|
|
# SHARE_LINK_EXPIRE_DAYS_MIN should be greater than SHARE_LINK_EXPIRE_DAYS_DEFAULT (If the latter is set).
|
|
# SHARE_LINK_EXPIRE_DAYS_MAX = 8 # default is 0, no limit.
|
|
|
|
# Default expire days for upload link (since version 7.1.6)
|
|
# Once this value is configured, the user can no longer generate an upload link with no expiration time.
|
|
# If the expiration value is not set when the upload link is generated, the value configured here will be used.
|
|
# UPLOAD_LINK_EXPIRE_DAYS_DEFAULT = 5
|
|
|
|
# minimum expire days for upload link (since version 7.1.6)
|
|
# UPLOAD_LINK_EXPIRE_DAYS_MIN should be less than UPLOAD_LINK_EXPIRE_DAYS_DEFAULT (If the latter is set).
|
|
# UPLOAD_LINK_EXPIRE_DAYS_MIN = 3 # default is 0, no limit.
|
|
|
|
# maximum expire days for upload link (since version 7.1.6)
|
|
# UPLOAD_LINK_EXPIRE_DAYS_MAX should be greater than UPLOAD_LINK_EXPIRE_DAYS_DEFAULT (If the latter is set).
|
|
# UPLOAD_LINK_EXPIRE_DAYS_MAX = 8 # default is 0, no limit.
|
|
|
|
# force user login when view file/folder share link (since version 6.3.6)
|
|
# SHARE_LINK_LOGIN_REQUIRED = False
|
|
|
|
# enable water mark when view(not edit) file in web browser (since version 6.3.6)
|
|
# ENABLE_WATERMARK = True
|
|
|
|
# Disable sync with any folder. Default is `False`
|
|
# NOTE: since version 4.2.4
|
|
# DISABLE_SYNC_WITH_ANY_FOLDER = False
|
|
|
|
# Enable or disable library history setting
|
|
# ENABLE_REPO_HISTORY_SETTING = True
|
|
|
|
# Enable or disable normal user to create organization libraries
|
|
# Since version 5.0.5
|
|
# ENABLE_USER_CREATE_ORG_REPO = True
|
|
|
|
# Enable or disable user share library to any group
|
|
# Since version 6.2.0
|
|
# ENABLE_SHARE_TO_ALL_GROUPS = True
|
|
|
|
# Enable or disable user to clean trash (default is True)
|
|
# Since version 6.3.6
|
|
# ENABLE_USER_CLEAN_TRASH = True
|
|
|
|
# Add a report abuse button on download links. (since version 7.1.0)
|
|
# Users can report abuse on the share link page, fill in the report type, contact information, and description.
|
|
# Default is false.
|
|
# ENABLE_SHARE_LINK_REPORT_ABUSE = False
|
|
|
|
#
|
|
# Online preview
|
|
#
|
|
|
|
# Whether to use pdf.js to view pdf files online. Default is `True`, you can turn it off.
|
|
# NOTE: since version 1.4.
|
|
# USE_PDFJS = True
|
|
|
|
# Online preview maximum file size, defaults to 30M.
|
|
# FILE_PREVIEW_MAX_SIZE = 30 * 1024 * 1024
|
|
|
|
# Extensions of previewed text files.
|
|
# NOTE: since version 6.1.1
|
|
# TEXT_PREVIEW_EXT = """ac, am, bat, c, cc, cmake, cpp, cs, css, diff, el, h, html,
|
|
# htm, java, js, json, less, make, org, php, pl, properties, py, rb,
|
|
# scala, script, sh, sql, txt, text, tex, vi, vim, xhtml, xml, log, csv,
|
|
# groovy, rst, patch, go"""
|
|
|
|
# Enable or disable thumbnails
|
|
# NOTE: since version 4.0.2
|
|
# ENABLE_THUMBNAIL = True
|
|
|
|
# Seafile only generates thumbnails for images smaller than the following size.
|
|
# Since version 6.3.8 pro, suport the psd online preview.
|
|
# THUMBNAIL_IMAGE_SIZE_LIMIT = 30 # MB
|
|
|
|
# Enable or disable thumbnail for video. ffmpeg and moviepy should be installed first.
|
|
# For details, please refer to https://manual.seafile.com/deploy/video_thumbnails.html
|
|
# NOTE: this option is deprecated in version 7.1
|
|
# ENABLE_VIDEO_THUMBNAIL = False
|
|
|
|
# Use the frame at 5 second as thumbnail
|
|
# NOTE: this option is deprecated in version 7.1
|
|
# THUMBNAIL_VIDEO_FRAME_TIME = 5
|
|
|
|
# Absolute filesystem path to the directory that will hold thumbnail files.
|
|
# THUMBNAIL_ROOT = '/haiwen/seahub-data/thumbnail/thumb/'
|
|
|
|
# Default size for picture preview. Enlarge this size can improve the preview quality.
|
|
# NOTE: since version 6.1.1
|
|
# THUMBNAIL_SIZE_FOR_ORIGINAL = 1024
|
|
|
|
#
|
|
# Other options
|
|
#
|
|
|
|
# This is outside URL for Seahub(Seafile Web).
|
|
# The domain part (i.e., www.example.com) will be used in generating share links and download/upload file via web.
|
|
# Note: Outside URL means "if you use Nginx, it should be the Nginx's address"
|
|
# Note: SERVICE_URL is moved to seahub_settings.py since 9.0.0
|
|
SERVICE_URL = "https://{{ domain }}{{ path }}"
|
|
|
|
# Disable settings via Web interface in system admin->settings
|
|
# Default is True
|
|
# Since 5.1.3
|
|
# ENABLE_SETTINGS_VIA_WEB = True
|
|
|
|
# Choices can be found here:
|
|
# http://en.wikipedia.org/wiki/List_of_tz_zones_by_name
|
|
# although not all choices may be available on all operating systems.
|
|
# If running in a Windows environment this must be set to the same as your
|
|
# system time zone.
|
|
TIME_ZONE = "{{ time_zone }}"
|
|
|
|
# Language code for this installation. All choices can be found here:
|
|
# http://www.i18nguy.com/unicode/language-identifiers.html
|
|
# Default language for sending emails.
|
|
LANGUAGE_CODE = '{{ language }}'
|
|
|
|
# Custom language code choice.
|
|
# LANGUAGES = ( )
|
|
|
|
# Set this to your website/company's name. This is contained in email notifications and welcome message when user login for the first time.
|
|
SITE_NAME = 'Seafile'
|
|
|
|
# Browser tab's title
|
|
SITE_TITLE = 'Private Seafile'
|
|
|
|
# If you don't want to run seahub website on your site's root path, set this option to your preferred path.
|
|
# e.g. setting it to '/seahub/' would run seahub on http://example.com/seahub/.
|
|
SITE_ROOT = "{{ path2 }}"
|
|
|
|
# Max number of files when user upload file/folder.
|
|
# Since version 6.0.4
|
|
# MAX_NUMBER_OF_FILES_FOR_FILEUPLOAD = 500
|
|
|
|
# Control the language that send email. Default to user's current language.
|
|
# Since version 6.1.1
|
|
# SHARE_LINK_EMAIL_LANGUAGE = ''
|
|
|
|
# Interval for browser requests unread notifications
|
|
# Since PRO 6.1.4 or CE 6.1.2
|
|
# UNREAD_NOTIFICATIONS_REQUEST_INTERVAL = 3 * 60 # seconds
|
|
|
|
# Get web api auth token on profile page.
|
|
# ENABLE_GET_AUTH_TOKEN_BY_SESSION = True
|
|
|
|
# Since 8.0.6 CE/PRO version.
|
|
# Url redirected to after user logout Seafile.
|
|
# Usually configured as Single Logout url.
|
|
LOGOUT_REDIRECT_URL = 'https://{{ domain }}/yunohost/sso/?action=logout'
|
|
|
|
# Enable system admin add T&C, all users need to accept terms before using. Defaults to `False`.
|
|
# Since version 6.0
|
|
# ENABLE_TERMS_AND_CONDITIONS = False
|
|
|
|
# Enable two factor authentication for accounts. Defaults to `False`.
|
|
# Since version 6.0
|
|
# ENABLE_TWO_FACTOR_AUTH = False
|
|
|
|
# Enable user select a template when he/she creates library.
|
|
# When user select a template, Seafile will create folders releated to the pattern automaticly.
|
|
# Since version 6.0
|
|
# LIBRARY_TEMPLATES = {
|
|
# 'Technology': ['/Develop/Python', '/Test'],
|
|
# 'Finance': ['/Current assets', '/Fixed assets/Computer']
|
|
# }
|
|
|
|
# Enable a user to change password in 'settings' page. Default to `True`
|
|
# Since version 6.2.11
|
|
# ENABLE_CHANGE_PASSWORD = True
|
|
|
|
# If show contact email when search user.
|
|
# ENABLE_SHOW_CONTACT_EMAIL_WHEN_SEARCH_USER = True
|
|
|
|
#
|
|
# Mail
|
|
#
|
|
|
|
EMAIL_USE_TLS = True
|
|
EMAIL_HOST = "{{ domain }}"
|
|
EMAIL_HOST_USER = "{{ app }}"
|
|
EMAIL_HOST_PASSWORD = "{{ mail_pwd }}"
|
|
EMAIL_PORT = "587"
|
|
REPLACE_FROM_EMAIL = True
|
|
ADD_REPLY_TO_HEADER = True
|
|
DEFAULT_FROM_EMAIL = "{{ app }}@{{ domain }}"
|
|
SERVER_EMAIL = "{{ app }}@{{ domain }}"
|
|
|
|
#
|
|
# RESTful API
|
|
#
|
|
|
|
# API throttling related settings. Enlarger the rates if you got 429 response code during API calls.
|
|
# REST_FRAMEWORK = {
|
|
# 'DEFAULT_THROTTLE_RATES': {
|
|
# 'ping': '600/minute',
|
|
# 'anon': '5/minute',
|
|
# 'user': '300/minute',
|
|
# },
|
|
# 'UNICODE_JSON': False,
|
|
# }
|
|
|
|
# Throtting whitelist used to disable throttle for certain IPs.
|
|
# e.g. REST_FRAMEWORK_THROTTING_WHITELIST = ['127.0.0.1', '192.168.1.1']
|
|
# Please make sure `REMOTE_ADDR` header is configured in Nginx conf according to https://manual.seafile.com/deploy/deploy_with_nginx.html.
|
|
# REST_FRAMEWORK_THROTTING_WHITELIST = []
|