diff --git a/conf/.env b/conf/.env index d376d19..d2b0269 100644 --- a/conf/.env +++ b/conf/.env @@ -24,14 +24,21 @@ ROOT_URL='https://__DOMAIN____PATH__' # https://github.com/wekan/wekan-mongodb/blob/master/docker-compose.yml MAIL_URL='smtp://localhost:25/' MAIL_FROM='Wekan Support ' +# Currently MAIL_SERVICE is not in use. +#MAIL_SERVICE=Outlook365 +#MAIL_SERVICE_USER=firstname.lastname@hotmail.com +#MAIL_SERVICE_PASSWORD=SecretPassword #--------------------------------------------- #KADIRA_OPTIONS_ENDPOINT=http://127.0.0.1:11011 #--------------------------------------------- # This is local port where Wekan Node.js runs, same as below on Caddyfile settings. PORT=__PORT__ #--------------------------------------------- -# Wekan Export Board works when WITH_API=true. -# If you disable Wekan API with false, Export Board does not work. +# ==== NUMBER OF SEARCH RESULTS PER PAGE BY DEFAULT ==== +#RESULTS_PER_PAGE=20 +#--------------------------------------------- +# Wekan Board works when WITH_API=true. +# If you disable Wekan API with false, Board does not work. WITH_API='true' #--------------------------------------------------------------- # ==== PASSWORD BRUTE FORCE PROTECTION ==== @@ -44,6 +51,11 @@ WITH_API='true' #ACCOUNTS_LOCKOUT_UNKNOWN_USERS_LOCKOUT_PERIOD=60 #ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURE_WINDOW=15 #--------------------------------------------------------------- +# ==== ACCOUNT OPTIONS ==== +# https://docs.meteor.com/api/accounts-multi.html#AccountsCommon-config +# Defaults below. Uncomment to change. wekan/server/accounts-common.js +# - ACCOUNTS_COMMON_LOGIN_EXPIRATION_IN_DAYS=90 +#--------------------------------------------------------------- # ==== RICH TEXT EDITOR IN CARD COMMENTS ==== # https://github.com/wekan/wekan/pull/2560 RICHER_CARD_COMMENT_EDITOR=true @@ -70,26 +82,26 @@ CARD_OPENED_WEBHOOK_ENABLED=false # disable the feature by setting this variable to "NONE" or # change the pattern to any valid regex. i.e. '|' delimited # activityType names. -# a) Example +# a) Example #BIGEVENTS_PATTERN=due # b) All #BIGEVENTS_PATTERN=received|start|due|end # c) Disabled BIGEVENTS_PATTERN=NONE #--------------------------------------------------------------- -# ==== EMAIL DUE DATE NOTIFICATION ===== +# ==== EMAIL DUE DATE NOTIFICATION ===== # https://github.com/wekan/wekan/pull/2536 # System timelines will be showing any user modification for # dueat startat endat receivedat, also notification to # the watchers and if any card is due, about due or past due. -# -# Notify due days, default is None. +# +# Notify due days, default is None. #NOTIFY_DUE_DAYS_BEFORE_AND_AFTER=2,0 # it will notify user 2 days before due day and on the due day -# +# # Notify due at hour of day. Default every morning at 8am. Can be 0-23. # If env variable has parsing error, use default. Notification sent to watchers. -# NOTIFY_DUE_AT_HOUR_OF_DAY=8 +#NOTIFY_DUE_AT_HOUR_OF_DAY=8 #----------------------------------------------------------------- # ==== EMAIL NOTIFICATION TIMEOUT, ms ===== # Defaut: 30000 ms = 30s @@ -115,6 +127,7 @@ BIGEVENTS_PATTERN=NONE # The option that allows matomo to retrieve the username: # Example: MATOMO_WITH_USERNAME=true #MATOMO_WITH_USERNAME='false' +#--------------------------------------------- # Enable browser policy and allow one trusted URL that can have iframe that has Wekan embedded inside. # Setting this to false is not recommended, it also disables all other browser policy protections # and allows all iframing etc. See wekan/server/policy.js @@ -137,27 +150,36 @@ WEBHOOKS_ATTRIBUTES='' # 2) Configure the environment variables. This differs slightly # by installation type, but make sure you have the following: #OAUTH2_ENABLED=true +# # Optional OAuth2 CA Cert, see https://github.com/wekan/wekan/issues/3299 #OAUTH2_CA_CERT=ABCD1234 +# # Use OAuth2 ADFS additional changes. Also needs OAUTH2_ENABLED=true setting. #OAUTH2_ADFS_ENABLED=false +# # OAuth2 docs: https://github.com/wekan/wekan/wiki/OAuth2 # OAuth2 login style: popup or redirect. #OAUTH2_LOGIN_STYLE=redirect +# # Application GUID captured during app registration: #OAUTH2_CLIENT_ID=xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx +# # Secret key generated during app registration: #OAUTH2_SECRET=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx #OAUTH2_SERVER_URL=https://login.microsoftonline.com/ #OAUTH2_AUTH_ENDPOINT=/oauth2/v2.0/authorize #OAUTH2_USERINFO_ENDPOINT=https://graph.microsoft.com/oidc/userinfo #OAUTH2_TOKEN_ENDPOINT=/oauth2/v2.0/token +# # The claim name you want to map to the unique ID field: #OAUTH2_ID_MAP=email +# # The claim name you want to map to the username field: #OAUTH2_USERNAME_MAP=email +# # The claim name you want to map to the full name field: #OAUTH2_FULLNAME_MAP=name +# # The claim name you want to map to the email field: #OAUTH2_EMAIL_MAP=email #----------------------------------------------------------------- @@ -179,30 +201,43 @@ WEBHOOKS_ATTRIBUTES='' # https://github.com/wekan/wekan/wiki/OAuth2 # Enable the OAuth2 connection #OAUTH2_ENABLED=true +# # OAuth2 login style: popup or redirect. #OAUTH2_LOGIN_STYLE=redirect +# # OAuth2 Client ID. #OAUTH2_CLIENT_ID=abcde12345 +# # OAuth2 Secret. #OAUTH2_SECRET=54321abcde +# # OAuth2 Server URL. #OAUTH2_SERVER_URL=https://chat.example.com +# # OAuth2 Authorization Endpoint. #OAUTH2_AUTH_ENDPOINT=/oauth/authorize +# # OAuth2 Userinfo Endpoint. #OAUTH2_USERINFO_ENDPOINT=/oauth/userinfo +# # OAuth2 Token Endpoint. #OAUTH2_TOKEN_ENDPOINT=/oauth/token +# # OAUTH2 ID Token Whitelist Fields. #OAUTH2_ID_TOKEN_WHITELIST_FIELDS=[] +# # OAUTH2 Request Permissions. #OAUTH2_REQUEST_PERMISSIONS='openid profile email' +# # OAuth2 ID Mapping #OAUTH2_ID_MAP= +# # OAuth2 Username Mapping #OAUTH2_USERNAME_MAP= +# # OAuth2 Fullname Mapping #OAUTH2_FULLNAME_MAP= +# # OAuth2 Email Mapping #OAUTH2_EMAIL_MAP= #--------------------------------------------- @@ -218,10 +253,49 @@ LDAP_PORT=389 # example : LDAP_HOST=localhost #LDAP_HOST= LDAP_HOST=localhost +# +#----------------------------------------------------------------- +# ==== LDAP AD Simple Auth ==== +# +# Set to true, if you want to connect with Active Directory by Simple Authentication. +# When using AD Simple Auth, LDAP_BASEDN is not needed. +# +# Example: +#LDAP_AD_SIMPLE_AUTH=true +# +# === LDAP User Authentication === +# +# a) Option to login to the LDAP server with the user's own username and password, instead of +# an administrator key. Default: false (use administrator key). +# +# b) When using AD Simple Auth, set to true, when login user is used for binding, +# and LDAP_BASEDN is not needed. +# +# Example: +#LDAP_USER_AUTHENTICATION=true +# +# Which field is used to find the user for the user authentication. Default: uid. +#LDAP_USER_AUTHENTICATION_FIELD=uid +# +# === LDAP Default Domain === +# +# a) In case AD SimpleAuth is configured, the default domain is appended to the given +# loginname for creating the correct username for the bind request to AD. +# +# b) The default domain of the ldap it is used to create email if the field is not map +# correctly with the LDAP_SYNC_USER_DATA_FIELDMAP +# +# Example : +#LDAP_DEFAULT_DOMAIN=mydomain.com +# +#----------------------------------------------------------------- +# ==== LDAP BASEDN Auth ==== +# # LDAP_BASEDN : The base DN for the LDAP Tree # example : LDAP_BASEDN=ou=user,dc=example,dc=org #LDAP_BASEDN= LDAP_BASEDN=dc=yunohost,dc=org +#--------------------------------------------- # LDAP_LOGIN_FALLBACK : Fallback on the default authentication method # example : LDAP_LOGIN_FALLBACK=true #LDAP_LOGIN_FALLBACK=false @@ -257,6 +331,7 @@ LDAP_AUTHENTIFICATION=false # LDAP_AUTHENTIFICATION_PASSWORD : The password for the search user # example : AUTHENTIFICATION_PASSWORD=admin #LDAP_AUTHENTIFICATION_PASSWORD= +# # LDAP_LOG_ENABLED : Enable logs for the module # example : LDAP_LOG_ENABLED=true #LDAP_LOG_ENABLED=false @@ -270,6 +345,7 @@ LDAP_BACKGROUND_SYNC=true # Leave this unset, so it uses default, and does not crash. # https://github.com/wekan/wekan/issues/2354#issuecomment-515305722 LDAP_BACKGROUND_SYNC_INTERVAL='' +# # LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED : # example : LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=true #LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=false @@ -281,16 +357,15 @@ LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=true # LDAP_ENCRYPTION : If using LDAPS # example : LDAP_ENCRYPTION=ssl #LDAP_ENCRYPTION=false +# # LDAP_CA_CERT : The certification for the LDAPS server. Certificate needs to be included in this docker-compose.yml file. # example : LDAP_CA_CERT=-----BEGIN CERTIFICATE-----MIIE+zCCA+OgAwIBAgIkAhwR/6TVLmdRY6hHxvUFWc0+Enmu/Hu6cj+G2FIdAgIC...-----END CERTIFICATE----- #LDAP_CA_CERT= +# # LDAP_REJECT_UNAUTHORIZED : Reject Unauthorized Certificate # example : LDAP_REJECT_UNAUTHORIZED=true #LDAP_REJECT_UNAUTHORIZED=false -# Option to login to the LDAP server with the user's own username and password, instead of an administrator key. Default: false (use administrator key). -#LDAP_USER_AUTHENTICATION=true -# Which field is used to find the user for the user authentication. Default: uid. -#LDAP_USER_AUTHENTICATION_FIELD=uid +# # LDAP_USER_SEARCH_FILTER : Optional extra LDAP filters. Don't forget the outmost enclosing parentheses if needed # example : LDAP_USER_SEARCH_FILTER= #LDAP_USER_SEARCH_FILTER= @@ -383,9 +458,6 @@ LDAP_SYNC_USER_DATA_FIELDMAP={"cn":"name"} # example : #LDAP_SYNC_GROUP_ROLES= LDAP_SYNC_GROUP_ROLES=__APP__.admin -# LDAP_DEFAULT_DOMAIN : The default domain of the ldap it is used to create email if the field is not map correctly with the LDAP_SYNC_USER_DATA_FIELDMAP -# example : -#LDAP_DEFAULT_DOMAIN= # Enable/Disable syncing of admin status based on ldap groups: #LDAP_SYNC_ADMIN_STATUS=true LDAP_SYNC_ADMIN_STATUS=true @@ -411,7 +483,7 @@ LDAP_SYNC_ADMIN_GROUPS=__APP__.admin # example : LOGOUT_ON_MINUTES=55 #LOGOUT_ON_MINUTES= #--------------------------------------------------------------------- -# PASSWORD_LOGIN_ENABLED : Enable or not the password login form. +# PASSWORD_LOGIN_ENABLED : Enable or not the password login form. #PASSWORD_LOGIN_ENABLED=true #--------------------------------------------------------------------- #CAS_ENABLED=true @@ -431,3 +503,6 @@ LDAP_SYNC_ADMIN_GROUPS=__APP__.admin #SAML_LOCAL_PROFILE_MATCH_ATTRIBUTE= #SAML_ATTRIBUTES= #--------------------------------------------------------------------- +# Wait spinner to use +#WAIT_SPINNER=Bounce +#--------------------------------------------------------------------- diff --git a/scripts/_common.sh b/scripts/_common.sh index d51b74e..55aa9a5 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -7,7 +7,7 @@ # dependencies used by the app pkg_dependencies="" -NODEJS_VERSION=12.22.1 +NODEJS_VERSION=12.22.9 #================================================= # PERSONAL HELPERS