diff --git a/docs/helpers/configenvextractor.go b/docs/helpers/configenvextractor.go index 474a1fee3c..a553aa72b4 100644 --- a/docs/helpers/configenvextractor.go +++ b/docs/helpers/configenvextractor.go @@ -12,9 +12,10 @@ import ( ) var targets = map[string]string{ - "adoc-generator.go.tmpl": "output/adoc/adoc-generator.go", - "example-config-generator.go.tmpl": "output/exampleconfig/example-config-generator.go", - "environment-variable-docs-generator.go.tmpl": "output/env/environment-variable-docs-generator.go", + "templates/adoc-generator.go.tmpl": "output/adoc/adoc-generator.go", + "templates/example-config-generator.go.tmpl": "output/exampleconfig/example-config-generator.go", + "templates/environment-variable-docs-generator.go.tmpl": "output/env/environment-variable-docs-generator.go", + "templates/envar-delta-table.go.tmpl": "output/env/envvar-delta-table.go", } // RenderTemplates does something with templates @@ -37,7 +38,10 @@ func RenderTemplates() { runIntermediateCode(output) } fmt.Println("Cleaning up") - os.RemoveAll("output") + err = os.RemoveAll("output") + if err != nil { + fmt.Println(err) + } } func generateIntermediateCode(templatePath string, intermediateCodePath string, paths []string) { diff --git a/docs/helpers/env-var-delta.go b/docs/helpers/env-var-delta.go new file mode 100644 index 0000000000..7d917e6821 --- /dev/null +++ b/docs/helpers/env-var-delta.go @@ -0,0 +1,122 @@ +package main + +import ( + "fmt" + "github.com/rogpeppe/go-internal/semver" + "gopkg.in/yaml.v2" + "log" + "os" + "path/filepath" + "text/template" +) + +const envVarYamlSource = "env_vars.yaml" + +var envVarOutPutTemplates = map[string]string{ + "added": "templates/env-vars-added.md.tmpl", + "removed": "templates/env-vars-removed.md.tmpl", + "deprecated": "templates/env-vars-deprecated.md.tmpl", +} + +// ConfigField represents the env-var annotation in the code +type ConfigField struct { + Name string `yaml:"name"` + DefaultValue string `yaml:"defaultValue"` + Type string `yaml:"type"` + Description string `yaml:"description"` + IntroductionVersion string `yaml:"introductionVersion"` + DeprecationVersion string `yaml:"deprecationVersion"` + RemovalVersion string `yaml:"removalVersion"` + DeprecationInfo string `yaml:"deprecationInfo"` +} + +type TemplateData struct { + StartVersion string + EndVersion string + DeltaFields []*ConfigField +} + +// RenderEnvVarDeltaTable generates tables for env-var deltas +func RenderEnvVarDeltaTable(osArgs []string) { + if !semver.IsValid(osArgs[2]) { + log.Fatalf("Start version invalid semver: %s", osArgs[2]) + } + if !semver.IsValid(osArgs[3]) { + log.Fatalf("Target version invalid semver: %s", osArgs[3]) + } + if semver.Compare(osArgs[2], osArgs[3]) >= 0 { + log.Fatalf("Start version %s is not smaller than target version %s", osArgs[2], osArgs[3]) + } + if semver.Compare(osArgs[2], "v5.0.0") < 0 { + log.Fatalf("This tool does not support versions prior v5.0.0, (given %s)", osArgs[2]) + } + startVersion := osArgs[2] + endVersion := osArgs[3] + fmt.Printf("Generating tables for env-var deltas between version %s and %s...\n", startVersion, endVersion) + curdir, err := os.Getwd() + if err != nil { + log.Fatal(err) + } + fullYamlPath := filepath.Join(curdir, envVarYamlSource) + configFields := make(map[string]*ConfigField) + variableList := map[string][]*ConfigField{ + "added": {}, + "removed": {}, + "deprecated": {}, + } + fmt.Printf("Reading existing variable definitions from %s\n", fullYamlPath) + yfile, err := os.ReadFile(fullYamlPath) + if err == nil { + err := yaml.Unmarshal(yfile, configFields) + if err != nil { + log.Fatal(err) + } + } + fmt.Printf("Success, found %d entries\n", len(configFields)) + for _, field := range configFields { + if field.IntroductionVersion != "" && + field.IntroductionVersion != "pre5.0" && + !semver.IsValid(field.IntroductionVersion) && + field.IntroductionVersion[0] != 'v' { + field.IntroductionVersion = "v" + field.IntroductionVersion + } + if field.IntroductionVersion != "pre5.0" && !semver.IsValid(field.IntroductionVersion) { + fmt.Printf("Invalid semver for field %s: %s\n", field.Name, field.IntroductionVersion) + os.Exit(1) + } + //fmt.Printf("Processing field %s dv: %s, iv: %s\n", field.Name, field.DeprecationVersion, field.IntroductionVersion) + if semver.IsValid(field.RemovalVersion) && semver.Compare(startVersion, field.RemovalVersion) < 0 && semver.Compare(endVersion, field.RemovalVersion) >= 0 { + variableList["removed"] = append(variableList["removed"], field) + } + if semver.IsValid(field.DeprecationVersion) && semver.Compare(startVersion, field.DeprecationVersion) <= 0 && semver.Compare(endVersion, field.DeprecationVersion) > 0 { + variableList["deprecated"] = append(variableList["deprecated"], field) + } + if semver.IsValid(field.IntroductionVersion) && semver.Compare(startVersion, field.IntroductionVersion) <= 0 && semver.Compare(endVersion, field.IntroductionVersion) >= 0 { + fmt.Printf("Adding field %s iv: %s\n", field.Name, field.IntroductionVersion) + variableList["added"] = append(variableList["added"], field) + } + } + for templateName, templatePath := range envVarOutPutTemplates { + content, err := os.ReadFile(templatePath) + if err != nil { + log.Fatal(err) + } + tpl := template.Must(template.New(templateName).Parse(string(content))) + err = os.MkdirAll("output/env-deltas", 0700) + if err != nil { + log.Fatal(err) + } + targetFile, err := os.Create(filepath.Join("output/env-deltas", fmt.Sprintf("%s-%s-%s.md", startVersion, endVersion, templateName))) + if err != nil { + log.Fatal(err) + } + err = tpl.Execute(targetFile, TemplateData{ + StartVersion: startVersion, + EndVersion: endVersion, + DeltaFields: variableList[templateName], + }) + if err != nil { + log.Fatal(err) + } + } +} diff --git a/docs/helpers/env_vars.yaml b/docs/helpers/env_vars.yaml new file mode 100644 index 0000000000..70682e3148 --- /dev/null +++ b/docs/helpers/env_vars.yaml @@ -0,0 +1,15236 @@ +ANTIVIRUS_CLAMAV_SOCKET: + name: ANTIVIRUS_CLAMAV_SOCKET + defaultValue: /run/clamav/clamd.ctl + type: string + description: The socket clamav is running on. Note the default value is an example + which needs adaption according your OS. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +ANTIVIRUS_DEBUG_ADDR: + name: ANTIVIRUS_DEBUG_ADDR + defaultValue: 127.0.0.1:9277 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +ANTIVIRUS_DEBUG_PPROF: + name: ANTIVIRUS_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +ANTIVIRUS_DEBUG_SCAN_OUTCOME: + name: ANTIVIRUS_DEBUG_SCAN_OUTCOME + defaultValue: "" + type: string + description: 'A predefined outcome for virus scanning, FOR DEBUG PURPOSES ONLY! + (example values: ''found,infected'')' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +ANTIVIRUS_DEBUG_TOKEN: + name: ANTIVIRUS_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +ANTIVIRUS_DEBUG_ZPAGES: + name: ANTIVIRUS_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing in-memory + traces. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +ANTIVIRUS_EVENTS_AUTH_PASSWORD: + name: OCIS_EVENTS_AUTH_PASSWORD;ANTIVIRUS_EVENTS_AUTH_PASSWORD + defaultValue: "" + type: string + description: The password to authenticate with the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +ANTIVIRUS_EVENTS_AUTH_USERNAME: + name: OCIS_EVENTS_AUTH_USERNAME;ANTIVIRUS_EVENTS_AUTH_USERNAME + defaultValue: "" + type: string + description: The username to authenticate with the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +ANTIVIRUS_EVENTS_CLUSTER: + name: OCIS_EVENTS_CLUSTER;ANTIVIRUS_EVENTS_CLUSTER + defaultValue: ocis-cluster + type: string + description: The clusterID of the event system. The event system is the message + queuing service. It is used as message broker for the microservice architecture. + Mandatory when using NATS as event system. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +ANTIVIRUS_EVENTS_ENABLE_TLS: + name: OCIS_EVENTS_ENABLE_TLS;ANTIVIRUS_EVENTS_ENABLE_TLS + defaultValue: "false" + type: bool + description: Enable TLS for the connection to the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +ANTIVIRUS_EVENTS_ENDPOINT: + name: OCIS_EVENTS_ENDPOINT;ANTIVIRUS_EVENTS_ENDPOINT + defaultValue: 127.0.0.1:9233 + type: string + description: The address of the event system. The event system is the message queuing + service. It is used as message broker for the microservice architecture. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +ANTIVIRUS_EVENTS_TLS_INSECURE: + name: OCIS_INSECURE;ANTIVIRUS_EVENTS_TLS_INSECURE + defaultValue: "false" + type: bool + description: Whether to verify the server TLS certificates. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +ANTIVIRUS_EVENTS_TLS_ROOT_CA_CERTIFICATE: + name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;ANTIVIRUS_EVENTS_TLS_ROOT_CA_CERTIFICATE + defaultValue: "" + type: string + description: The root CA certificate used to validate the server's TLS certificate. + If provided ANTIVIRUS_EVENTS_TLS_INSECURE will be seen as false. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +ANTIVIRUS_ICAP_SCAN_TIMEOUT: + name: ANTIVIRUS_ICAP_SCAN_TIMEOUT + defaultValue: 5m0s + type: Duration + description: Scan timeout for the ICAP client. Defaults to '5m' (5 minutes). See + the Environment Variable Types description for more details. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +ANTIVIRUS_ICAP_SERVICE: + name: ANTIVIRUS_ICAP_SERVICE + defaultValue: avscan + type: string + description: The name of the ICAP service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +ANTIVIRUS_ICAP_TIMEOUT: + name: ANTIVIRUS_ICAP_TIMEOUT + defaultValue: "0" + type: int64 + description: Timeout for the ICAP client. + introductionVersion: pre5.0 + deprecationVersion: "5.0" + removalVersion: "6.0" + deprecationInfo: Changing the envvar type for consistency reasons. +ANTIVIRUS_ICAP_URL: + name: ANTIVIRUS_ICAP_URL + defaultValue: icap://127.0.0.1:1344 + type: string + description: URL of the ICAP server. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +ANTIVIRUS_INFECTED_FILE_HANDLING: + name: ANTIVIRUS_INFECTED_FILE_HANDLING + defaultValue: delete + type: string + description: 'Defines the behaviour when a virus has been found. Supported options + are: ''delete'', ''continue'' and ''abort ''. Delete will delete the file. Continue + will mark the file as infected but continues further processing. Abort will keep + the file in the uploads folder for further admin inspection and will not move + it to its final destination.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +ANTIVIRUS_LOG_COLOR: + name: OCIS_LOG_COLOR;ANTIVIRUS_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +ANTIVIRUS_LOG_FILE: + name: OCIS_LOG_FILE;ANTIVIRUS_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +ANTIVIRUS_LOG_LEVEL: + name: OCIS_LOG_LEVEL;ANTIVIRUS_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +ANTIVIRUS_LOG_PRETTY: + name: OCIS_LOG_PRETTY;ANTIVIRUS_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +ANTIVIRUS_MAX_SCAN_SIZE: + name: ANTIVIRUS_MAX_SCAN_SIZE + defaultValue: "" + type: string + description: 'The maximum scan size the virusscanner can handle. Only this many + bytes of a file will be scanned. 0 means unlimited and is the default. Usable + common abbreviations: [KB, KiB, GB, GiB, TB, TiB, PB, PiB, EB, EiB], example: + 2GB.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +ANTIVIRUS_SCANNER_TYPE: + name: ANTIVIRUS_SCANNER_TYPE + defaultValue: clamav + type: string + description: The antivirus scanner to use. Supported values are 'clamav' and 'icap'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +ANTIVIRUS_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;ANTIVIRUS_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +ANTIVIRUS_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;ANTIVIRUS_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +ANTIVIRUS_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;ANTIVIRUS_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +ANTIVIRUS_TRACING_TYPE: + name: OCIS_TRACING_TYPE;ANTIVIRUS_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_PROVIDER_DEBUG_ADDR: + name: APP_PROVIDER_DEBUG_ADDR + defaultValue: 127.0.0.1:9165 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_PROVIDER_DEBUG_PPROF: + name: APP_PROVIDER_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_PROVIDER_DEBUG_TOKEN: + name: APP_PROVIDER_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_PROVIDER_DEBUG_ZPAGES: + name: APP_PROVIDER_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing traces + in-memory. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_PROVIDER_DRIVER: + name: APP_PROVIDER_DRIVER + defaultValue: "" + type: string + description: Driver, the APP PROVIDER services uses. Only 'wopi' is supported as + of now. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_PROVIDER_EXTERNAL_ADDR: + name: APP_PROVIDER_EXTERNAL_ADDR + defaultValue: "" + type: string + description: Address of the app provider, where the GATEWAY service can reach it. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_PROVIDER_GRPC_ADDR: + name: APP_PROVIDER_GRPC_ADDR + defaultValue: 127.0.0.1:9164 + type: string + description: The bind address of the GRPC service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_PROVIDER_GRPC_PROTOCOL: + name: APP_PROVIDER_GRPC_PROTOCOL + defaultValue: tcp + type: string + description: The transport protocol of the GPRC service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_PROVIDER_JWT_SECRET: + name: OCIS_JWT_SECRET;APP_PROVIDER_JWT_SECRET + defaultValue: "" + type: string + description: The secret to mint and validate jwt tokens. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_PROVIDER_LOG_COLOR: + name: OCIS_LOG_COLOR;APP_PROVIDER_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_PROVIDER_LOG_FILE: + name: OCIS_LOG_FILE;APP_PROVIDER_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_PROVIDER_LOG_LEVEL: + name: OCIS_LOG_LEVEL;APP_PROVIDER_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_PROVIDER_LOG_PRETTY: + name: OCIS_LOG_PRETTY;APP_PROVIDER_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_PROVIDER_SERVICE_NAME: + name: APP_PROVIDER_SERVICE_NAME + defaultValue: app-provider + type: string + description: 'The name of the service. This needs to be changed when using more + than one app provider. Each app provider configured needs to be identified by + a unique service name. Possible examples are: ''app-provider-collabora'', ''app-provider-onlyoffice'', + ''app-provider-office365''.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_PROVIDER_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;APP_PROVIDER_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_PROVIDER_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;APP_PROVIDER_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_PROVIDER_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;APP_PROVIDER_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_PROVIDER_TRACING_TYPE: + name: OCIS_TRACING_TYPE;APP_PROVIDER_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_PROVIDER_WOPI_APP_API_KEY: + name: APP_PROVIDER_WOPI_APP_API_KEY + defaultValue: "" + type: string + description: API key for the wopi app. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_PROVIDER_WOPI_APP_DESKTOP_ONLY: + name: APP_PROVIDER_WOPI_APP_DESKTOP_ONLY + defaultValue: "false" + type: bool + description: Offer this app only on desktop. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_PROVIDER_WOPI_APP_ICON_URI: + name: APP_PROVIDER_WOPI_APP_ICON_URI + defaultValue: "" + type: string + description: URI to an app icon to be used by clients. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_PROVIDER_WOPI_APP_INTERNAL_URL: + name: APP_PROVIDER_WOPI_APP_INTERNAL_URL + defaultValue: "" + type: string + description: Internal URL to the app, like in your DMZ. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_PROVIDER_WOPI_APP_NAME: + name: APP_PROVIDER_WOPI_APP_NAME + defaultValue: "" + type: string + description: Human readable app name. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_PROVIDER_WOPI_APP_URL: + name: APP_PROVIDER_WOPI_APP_URL + defaultValue: "" + type: string + description: URL for end users to access the app. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_PROVIDER_WOPI_DISABLE_CHAT: + name: APP_PROVIDER_WOPI_DISABLE_CHAT + defaultValue: "false" + type: bool + description: Disable the chat functionality of the office app. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_PROVIDER_WOPI_FOLDER_URL_BASE_URL: + name: OCIS_URL;APP_PROVIDER_WOPI_FOLDER_URL_BASE_URL + defaultValue: https://localhost:9200/ + type: string + description: Base url to navigate back from the app to the containing folder in + the file list. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_PROVIDER_WOPI_FOLDER_URL_PATH_TEMPLATE: + name: APP_PROVIDER_WOPI_FOLDER_URL_PATH_TEMPLATE + defaultValue: /f/{{.ResourceID}} + type: string + description: Path template to navigate back from the app to the containing folder + in the file list. Supported template variables are {{.ResourceInfo.ResourceID}}, + {{.ResourceInfo.Mtime.Seconds}}, {{.ResourceInfo.Name}}, {{.ResourceInfo.Path}}, + {{.ResourceInfo.Type}}, {{.ResourceInfo.Id.SpaceId}}, {{.ResourceInfo.Id.StorageId}}, + {{.ResourceInfo.Id.OpaqueId}}, {{.ResourceInfo.MimeType}} + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_PROVIDER_WOPI_INSECURE: + name: APP_PROVIDER_WOPI_INSECURE + defaultValue: "false" + type: bool + description: Disable TLS certificate validation for requests to the WOPI server + and the web office application. Do not set this in production environments. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_PROVIDER_WOPI_WOPI_SERVER_EXTERNAL_URL: + name: APP_PROVIDER_WOPI_WOPI_SERVER_EXTERNAL_URL + defaultValue: "" + type: string + description: External url of the CS3org WOPI server. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_PROVIDER_WOPI_WOPI_SERVER_IOP_SECRET: + name: APP_PROVIDER_WOPI_WOPI_SERVER_IOP_SECRET + defaultValue: "" + type: string + description: Shared secret of the CS3org WOPI server. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_REGISTRY_DEBUG_ADDR: + name: APP_REGISTRY_DEBUG_ADDR + defaultValue: 127.0.0.1:9243 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_REGISTRY_DEBUG_PPROF: + name: APP_REGISTRY_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_REGISTRY_DEBUG_TOKEN: + name: APP_REGISTRY_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_REGISTRY_DEBUG_ZPAGES: + name: APP_REGISTRY_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing in-memory + traces. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_REGISTRY_GRPC_ADDR: + name: APP_REGISTRY_GRPC_ADDR + defaultValue: 127.0.0.1:9242 + type: string + description: The bind address of the GRPC service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_REGISTRY_GRPC_PROTOCOL: + name: APP_REGISTRY_GRPC_PROTOCOL + defaultValue: tcp + type: string + description: The transport protocol of the GRPC service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_REGISTRY_JWT_SECRET: + name: OCIS_JWT_SECRET;APP_REGISTRY_JWT_SECRET + defaultValue: "" + type: string + description: The secret to mint and validate jwt tokens. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_REGISTRY_LOG_COLOR: + name: OCIS_LOG_COLOR;APP_REGISTRY_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_REGISTRY_LOG_FILE: + name: OCIS_LOG_FILE;APP_REGISTRY_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_REGISTRY_LOG_LEVEL: + name: OCIS_LOG_LEVEL;APP_REGISTRY_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_REGISTRY_LOG_PRETTY: + name: OCIS_LOG_PRETTY;APP_REGISTRY_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_REGISTRY_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;APP_REGISTRY_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_REGISTRY_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;APP_REGISTRY_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_REGISTRY_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;APP_REGISTRY_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +APP_REGISTRY_TRACING_TYPE: + name: OCIS_TRACING_TYPE;APP_REGISTRY_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUDIT_DEBUG_ADDR: + name: AUDIT_DEBUG_ADDR + defaultValue: 127.0.0.1:9229 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUDIT_DEBUG_PPROF: + name: AUDIT_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUDIT_DEBUG_TOKEN: + name: AUDIT_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUDIT_DEBUG_ZPAGES: + name: AUDIT_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing in-memory + traces. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUDIT_EVENTS_AUTH_PASSWORD: + name: OCIS_EVENTS_AUTH_PASSWORD;AUDIT_EVENTS_AUTH_PASSWORD + defaultValue: "" + type: string + description: The password to authenticate with the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUDIT_EVENTS_AUTH_USERNAME: + name: OCIS_EVENTS_AUTH_USERNAME;AUDIT_EVENTS_AUTH_USERNAME + defaultValue: "" + type: string + description: The username to authenticate with the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUDIT_EVENTS_CLUSTER: + name: OCIS_EVENTS_CLUSTER;AUDIT_EVENTS_CLUSTER + defaultValue: ocis-cluster + type: string + description: The clusterID of the event system. The event system is the message + queuing service. It is used as message broker for the microservice architecture. + Mandatory when using NATS as event system. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUDIT_EVENTS_ENABLE_TLS: + name: OCIS_EVENTS_ENABLE_TLS;AUDIT_EVENTS_ENABLE_TLS + defaultValue: "false" + type: bool + description: Enable TLS for the connection to the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUDIT_EVENTS_ENDPOINT: + name: OCIS_EVENTS_ENDPOINT;AUDIT_EVENTS_ENDPOINT + defaultValue: 127.0.0.1:9233 + type: string + description: The address of the event system. The event system is the message queuing + service. It is used as message broker for the microservice architecture. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUDIT_EVENTS_TLS_INSECURE: + name: OCIS_INSECURE;AUDIT_EVENTS_TLS_INSECURE + defaultValue: "false" + type: bool + description: Whether to verify the server TLS certificates. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUDIT_EVENTS_TLS_ROOT_CA_CERTIFICATE: + name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;AUDIT_EVENTS_TLS_ROOT_CA_CERTIFICATE + defaultValue: "" + type: string + description: The root CA certificate used to validate the server's TLS certificate. + If provided AUDIT_EVENTS_TLS_INSECURE will be seen as false. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUDIT_FILEPATH: + name: AUDIT_FILEPATH + defaultValue: "" + type: string + description: Filepath of the logfile. Mandatory if LOG_TO_FILE is set to 'true'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUDIT_FORMAT: + name: AUDIT_FORMAT + defaultValue: json + type: string + description: Log format. Supported values are '' (empty) and 'json'. Using 'json' + is advised, '' (empty) renders the 'minimal' format. See the text description + for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUDIT_LOG_COLOR: + name: OCIS_LOG_COLOR;AUDIT_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUDIT_LOG_FILE: + name: OCIS_LOG_FILE;AUDIT_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUDIT_LOG_LEVEL: + name: OCIS_LOG_LEVEL;AUDIT_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUDIT_LOG_PRETTY: + name: OCIS_LOG_PRETTY;AUDIT_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUDIT_LOG_TO_CONSOLE: + name: AUDIT_LOG_TO_CONSOLE + defaultValue: "true" + type: bool + description: Logs to stdout if set to 'true'. Independent of the LOG_TO_FILE option. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUDIT_LOG_TO_FILE: + name: AUDIT_LOG_TO_FILE + defaultValue: "false" + type: bool + description: Logs to file if set to 'true'. Independent of the LOG_TO_CONSOLE option. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUDIT_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;AUDIT_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUDIT_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;AUDIT_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUDIT_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;AUDIT_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUDIT_TRACING_TYPE: + name: OCIS_TRACING_TYPE;AUDIT_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_AUTH_MANAGER: + name: AUTH_BASIC_AUTH_MANAGER + defaultValue: ldap + type: string + description: The authentication manager to check if credentials are valid. Supported + value is 'ldap'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_DEBUG_ADDR: + name: AUTH_BASIC_DEBUG_ADDR + defaultValue: 127.0.0.1:9147 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_DEBUG_PPROF: + name: AUTH_BASIC_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_DEBUG_TOKEN: + name: AUTH_BASIC_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_DEBUG_ZPAGES: + name: AUTH_BASIC_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing traces + in-memory. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_DISABLE_USER_MECHANISM: + name: OCIS_LDAP_DISABLE_USER_MECHANISM;AUTH_BASIC_DISABLE_USER_MECHANISM + defaultValue: attribute + type: string + description: An option to control the behavior for disabling users. Valid options + are 'none', 'attribute' and 'group'. If set to 'group', disabling a user via API + will add the user to the configured group for disabled users, if set to 'attribute' + this will be done in the ldap user entry, if set to 'none' the disable request + is not processed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_DISABLED_USERS_GROUP_DN: + name: OCIS_LDAP_DISABLED_USERS_GROUP_DN;AUTH_BASIC_DISABLED_USERS_GROUP_DN + defaultValue: cn=DisabledUsersGroup,ou=groups,o=libregraph-idm + type: string + description: The distinguished name of the group to which added users will be classified + as disabled when 'disable_user_mechanism' is set to 'group'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_GRPC_ADDR: + name: AUTH_BASIC_GRPC_ADDR + defaultValue: 127.0.0.1:9146 + type: string + description: The bind address of the GRPC service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_GRPC_PROTOCOL: + name: AUTH_BASIC_GRPC_PROTOCOL + defaultValue: tcp + type: string + description: The transport protocol of the GRPC service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_IDP_URL: + name: OCIS_URL;OCIS_OIDC_ISSUER;AUTH_BASIC_IDP_URL + defaultValue: https://localhost:9200 + type: string + description: The identity provider value to set in the userids of the CS3 user objects + for users returned by this user provider. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_JWT_SECRET: + name: OCIS_JWT_SECRET;AUTH_BASIC_JWT_SECRET + defaultValue: "" + type: string + description: The secret to mint and validate jwt tokens. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_LDAP_BIND_DN: + name: OCIS_LDAP_BIND_DN;AUTH_BASIC_LDAP_BIND_DN + defaultValue: uid=reva,ou=sysusers,o=libregraph-idm + type: string + description: LDAP DN to use for simple bind authentication with the target LDAP + server. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_LDAP_BIND_PASSWORD: + name: OCIS_LDAP_BIND_PASSWORD;AUTH_BASIC_LDAP_BIND_PASSWORD + defaultValue: "" + type: string + description: Password to use for authenticating the 'bind_dn'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_LDAP_CACERT: + name: OCIS_LDAP_CACERT;AUTH_BASIC_LDAP_CACERT + defaultValue: /var/lib/ocis/idm/ldap.crt + type: string + description: Path/File name for the root CA certificate (in PEM format) used to + validate TLS server certificates of the LDAP service. If not defined, the root + directory derives from $OCIS_BASE_DATA_PATH:/idm. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_LDAP_GROUP_BASE_DN: + name: OCIS_LDAP_GROUP_BASE_DN;AUTH_BASIC_LDAP_GROUP_BASE_DN + defaultValue: ou=groups,o=libregraph-idm + type: string + description: Search base DN for looking up LDAP groups. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_LDAP_GROUP_FILTER: + name: OCIS_LDAP_GROUP_FILTER;AUTH_BASIC_LDAP_GROUP_FILTER + defaultValue: "" + type: string + description: LDAP filter to add to the default filters for group searches. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_LDAP_GROUP_OBJECTCLASS: + name: OCIS_LDAP_GROUP_OBJECTCLASS;AUTH_BASIC_LDAP_GROUP_OBJECTCLASS + defaultValue: groupOfNames + type: string + description: The object class to use for groups in the default group search filter + ('groupOfNames'). + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_LDAP_GROUP_SCHEMA_DISPLAYNAME: + name: OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME;AUTH_BASIC_LDAP_GROUP_SCHEMA_DISPLAYNAME + defaultValue: cn + type: string + description: LDAP Attribute to use for the displayname of groups (often the same + as groupname attribute). + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_LDAP_GROUP_SCHEMA_GROUPNAME: + name: OCIS_LDAP_GROUP_SCHEMA_GROUPNAME;AUTH_BASIC_LDAP_GROUP_SCHEMA_GROUPNAME + defaultValue: cn + type: string + description: LDAP Attribute to use for the name of groups. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_LDAP_GROUP_SCHEMA_ID: + name: OCIS_LDAP_GROUP_SCHEMA_ID;AUTH_BASIC_LDAP_GROUP_SCHEMA_ID + defaultValue: ownclouduuid + type: string + description: LDAP Attribute to use as the unique id for groups. This should be a + stable globally unique id (e.g. a UUID). + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING: + name: OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;AUTH_BASIC_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING + defaultValue: "false" + type: bool + description: Set this to true if the defined 'id' attribute for groups is of the + 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute + of Active Directory for the group IDs. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_LDAP_GROUP_SCHEMA_MAIL: + name: OCIS_LDAP_GROUP_SCHEMA_MAIL;AUTH_BASIC_LDAP_GROUP_SCHEMA_MAIL + defaultValue: mail + type: string + description: LDAP Attribute to use for the email address of groups (can be empty). + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_LDAP_GROUP_SCHEMA_MEMBER: + name: OCIS_LDAP_GROUP_SCHEMA_MEMBER;AUTH_BASIC_LDAP_GROUP_SCHEMA_MEMBER + defaultValue: member + type: string + description: LDAP Attribute that is used for group members. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_LDAP_GROUP_SCOPE: + name: OCIS_LDAP_GROUP_SCOPE;AUTH_BASIC_LDAP_GROUP_SCOPE + defaultValue: sub + type: string + description: LDAP search scope to use when looking up groups. Supported values are + 'base', 'one' and 'sub'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_LDAP_INSECURE: + name: OCIS_LDAP_INSECURE;AUTH_BASIC_LDAP_INSECURE + defaultValue: "false" + type: bool + description: Disable TLS certificate validation for the LDAP connections. Do not + set this in production environments. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_LDAP_LOGIN_ATTRIBUTES: + name: LDAP_LOGIN_ATTRIBUTES;AUTH_BASIC_LDAP_LOGIN_ATTRIBUTES + defaultValue: '[uid]' + type: '[]string' + description: A list of user object attributes that can be used for login. See the + Environment Variable Types description for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_LDAP_URI: + name: OCIS_LDAP_URI;AUTH_BASIC_LDAP_URI + defaultValue: ldaps://localhost:9235 + type: string + description: URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' + and 'ldap://' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_LDAP_USER_BASE_DN: + name: OCIS_LDAP_USER_BASE_DN;AUTH_BASIC_LDAP_USER_BASE_DN + defaultValue: ou=users,o=libregraph-idm + type: string + description: Search base DN for looking up LDAP users. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_LDAP_USER_ENABLED_ATTRIBUTE: + name: OCIS_LDAP_USER_ENABLED_ATTRIBUTE;AUTH_BASIC_LDAP_USER_ENABLED_ATTRIBUTE + defaultValue: ownCloudUserEnabled + type: string + description: LDAP attribute to use as a flag telling if the user is enabled or disabled. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_LDAP_USER_FILTER: + name: OCIS_LDAP_USER_FILTER;AUTH_BASIC_LDAP_USER_FILTER + defaultValue: "" + type: string + description: LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_LDAP_USER_OBJECTCLASS: + name: OCIS_LDAP_USER_OBJECTCLASS;AUTH_BASIC_LDAP_USER_OBJECTCLASS + defaultValue: inetOrgPerson + type: string + description: The object class to use for users in the default user search filter + ('inetOrgPerson'). + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_LDAP_USER_SCHEMA_DISPLAYNAME: + name: OCIS_LDAP_USER_SCHEMA_DISPLAYNAME;AUTH_BASIC_LDAP_USER_SCHEMA_DISPLAYNAME + defaultValue: displayname + type: string + description: LDAP Attribute to use for the displayname of users. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_LDAP_USER_SCHEMA_ID: + name: OCIS_LDAP_USER_SCHEMA_ID;AUTH_BASIC_LDAP_USER_SCHEMA_ID + defaultValue: ownclouduuid + type: string + description: LDAP Attribute to use as the unique ID for users. This should be a + stable globally unique ID like a UUID. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING: + name: OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;AUTH_BASIC_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING + defaultValue: "false" + type: bool + description: Set this to true if the defined 'ID' attribute for users is of the + 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute + of Active Directory for the user IDs. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_LDAP_USER_SCHEMA_MAIL: + name: OCIS_LDAP_USER_SCHEMA_MAIL;AUTH_BASIC_LDAP_USER_SCHEMA_MAIL + defaultValue: mail + type: string + description: LDAP Attribute to use for the email address of users. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_LDAP_USER_SCHEMA_USERNAME: + name: OCIS_LDAP_USER_SCHEMA_USERNAME;AUTH_BASIC_LDAP_USER_SCHEMA_USERNAME + defaultValue: uid + type: string + description: LDAP Attribute to use for username of users. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_LDAP_USER_SCOPE: + name: OCIS_LDAP_USER_SCOPE;AUTH_BASIC_LDAP_USER_SCOPE + defaultValue: sub + type: string + description: LDAP search scope to use when looking up users. Supported values are + 'base', 'one' and 'sub'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_LOG_COLOR: + name: OCIS_LOG_COLOR;AUTH_BASIC_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_LOG_FILE: + name: OCIS_LOG_FILE;AUTH_BASIC_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_LOG_LEVEL: + name: OCIS_LOG_LEVEL;AUTH_BASIC_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_LOG_PRETTY: + name: OCIS_LOG_PRETTY;AUTH_BASIC_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_OWNCLOUDSQL_DB_HOST: + name: AUTH_BASIC_OWNCLOUDSQL_DB_HOST + defaultValue: mysql + type: string + description: Hostname of the database server. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_OWNCLOUDSQL_DB_NAME: + name: AUTH_BASIC_OWNCLOUDSQL_DB_NAME + defaultValue: owncloud + type: string + description: Name of the owncloud database. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_OWNCLOUDSQL_DB_PASSWORD: + name: AUTH_BASIC_OWNCLOUDSQL_DB_PASSWORD + defaultValue: "" + type: string + description: Password for the database user. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_OWNCLOUDSQL_DB_PORT: + name: AUTH_BASIC_OWNCLOUDSQL_DB_PORT + defaultValue: "3306" + type: int + description: Network port to use for the database connection. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_OWNCLOUDSQL_DB_USERNAME: + name: AUTH_BASIC_OWNCLOUDSQL_DB_USERNAME + defaultValue: owncloud + type: string + description: Database user to use for authenticating with the owncloud database. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_OWNCLOUDSQL_IDP: + name: AUTH_BASIC_OWNCLOUDSQL_IDP + defaultValue: https://localhost:9200 + type: string + description: The identity provider value to set in the userids of the CS3 user objects + for users returned by this user provider. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_OWNCLOUDSQL_JOIN_OWNCLOUD_UUID: + name: AUTH_BASIC_OWNCLOUDSQL_JOIN_OWNCLOUD_UUID + defaultValue: "false" + type: bool + description: Join the user properties table to read user ID's. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_OWNCLOUDSQL_JOIN_USERNAME: + name: AUTH_BASIC_OWNCLOUDSQL_JOIN_USERNAME + defaultValue: "false" + type: bool + description: Join the user properties table to read usernames + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_OWNCLOUDSQL_NOBODY: + name: AUTH_BASIC_OWNCLOUDSQL_NOBODY + defaultValue: "90" + type: int64 + description: Fallback number if no numeric UID and GID properties are provided. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_SKIP_USER_GROUPS_IN_TOKEN: + name: AUTH_BASIC_SKIP_USER_GROUPS_IN_TOKEN + defaultValue: "false" + type: bool + description: Disables the encoding of the user's group memberships in the reva access + token. This reduces the token size, especially when users are members of a large + number of groups. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;AUTH_BASIC_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;AUTH_BASIC_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;AUTH_BASIC_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BASIC_TRACING_TYPE: + name: OCIS_TRACING_TYPE;AUTH_BASIC_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BEARER_DEBUG_ADDR: + name: AUTH_BEARER_DEBUG_ADDR + defaultValue: 127.0.0.1:9149 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BEARER_DEBUG_PPROF: + name: AUTH_BEARER_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BEARER_DEBUG_TOKEN: + name: AUTH_BEARER_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BEARER_DEBUG_ZPAGES: + name: AUTH_BEARER_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing in-memory + traces. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BEARER_GRPC_ADDR: + name: AUTH_BEARER_GRPC_ADDR + defaultValue: 127.0.0.1:9148 + type: string + description: The bind address of the GRPC service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BEARER_GRPC_PROTOCOL: + name: AUTH_BEARER_GRPC_PROTOCOL + defaultValue: tcp + type: string + description: The transport protocol of the GRPC service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BEARER_JWT_SECRET: + name: OCIS_JWT_SECRET;AUTH_BEARER_JWT_SECRET + defaultValue: "" + type: string + description: The secret to mint and validate jwt tokens. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BEARER_LOG_COLOR: + name: OCIS_LOG_COLOR;AUTH_BEARER_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BEARER_LOG_FILE: + name: OCIS_LOG_FILE;AUTH_BEARER_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BEARER_LOG_LEVEL: + name: OCIS_LOG_LEVEL;AUTH_BEARER_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BEARER_LOG_PRETTY: + name: OCIS_LOG_PRETTY;AUTH_BEARER_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BEARER_OIDC_GID_CLAIM: + name: AUTH_BEARER_OIDC_GID_CLAIM + defaultValue: "" + type: string + description: Name of the claim, which holds the GID. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BEARER_OIDC_ID_CLAIM: + name: AUTH_BEARER_OIDC_ID_CLAIM + defaultValue: preferred_username + type: string + description: Name of the claim, which holds the user identifier. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BEARER_OIDC_INSECURE: + name: OCIS_INSECURE;AUTH_BEARER_OIDC_INSECURE + defaultValue: "false" + type: bool + description: Allow insecure connections to the OIDC issuer. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BEARER_OIDC_ISSUER: + name: OCIS_URL;OCIS_OIDC_ISSUER;AUTH_BEARER_OIDC_ISSUER + defaultValue: https://localhost:9200 + type: string + description: URL of the OIDC issuer. It defaults to URL of the builtin IDP. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BEARER_OIDC_UID_CLAIM: + name: AUTH_BEARER_OIDC_UID_CLAIM + defaultValue: "" + type: string + description: Name of the claim, which holds the UID. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BEARER_SKIP_USER_GROUPS_IN_TOKEN: + name: AUTH_BEARER_SKIP_USER_GROUPS_IN_TOKEN + defaultValue: "false" + type: bool + description: Disables the encoding of the user's group memberships in the reva access + token. This reduces the token size, especially when users are members of a large + number of groups. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BEARER_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;AUTH_BEARER_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BEARER_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;AUTH_BEARER_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BEARER_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;AUTH_BEARER_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_BEARER_TRACING_TYPE: + name: OCIS_TRACING_TYPE;AUTH_BEARER_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_MACHINE_API_KEY: + name: OCIS_MACHINE_AUTH_API_KEY;PROXY_MACHINE_AUTH_API_KEY + defaultValue: "" + type: string + description: Machine auth API key used to validate internal requests necessary to + access resources from other services. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_MACHINE_DEBUG_ADDR: + name: AUTH_MACHINE_DEBUG_ADDR + defaultValue: 127.0.0.1:9167 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_MACHINE_DEBUG_PPROF: + name: AUTH_MACHINE_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_MACHINE_DEBUG_TOKEN: + name: AUTH_MACHINE_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_MACHINE_DEBUG_ZPAGES: + name: AUTH_MACHINE_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing in-memory + traces. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_MACHINE_GRPC_ADDR: + name: AUTH_MACHINE_GRPC_ADDR + defaultValue: 127.0.0.1:9166 + type: string + description: The bind address of the GRPC service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_MACHINE_GRPC_PROTOCOL: + name: AUTH_MACHINE_GRPC_PROTOCOL + defaultValue: tcp + type: string + description: The transport protocol of the GRPC service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_MACHINE_JWT_SECRET: + name: OCIS_JWT_SECRET;SETTINGS_JWT_SECRET + defaultValue: "" + type: string + description: The secret to mint and validate jwt tokens. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_MACHINE_LOG_COLOR: + name: OCIS_LOG_COLOR;SETTINGS_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_MACHINE_LOG_FILE: + name: OCIS_LOG_FILE;SETTINGS_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_MACHINE_LOG_LEVEL: + name: OCIS_LOG_LEVEL;SETTINGS_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_MACHINE_LOG_PRETTY: + name: OCIS_LOG_PRETTY;SETTINGS_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_MACHINE_SKIP_USER_GROUPS_IN_TOKEN: + name: AUTH_MACHINE_SKIP_USER_GROUPS_IN_TOKEN + defaultValue: "false" + type: bool + description: Disables the encoding of the user's group memberships in the reva access + token. This reduces the token size, especially when users are members of a large + number of groups. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_MACHINE_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;SETTINGS_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_MACHINE_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;SETTINGS_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_MACHINE_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;SETTINGS_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_MACHINE_TRACING_TYPE: + name: OCIS_TRACING_TYPE;SETTINGS_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_SERVICE_DEBUG_ADDR: + name: AUTH_SERVICE_DEBUG_ADDR + defaultValue: 127.0.0.1:9198 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_SERVICE_DEBUG_PPROF: + name: AUTH_SERVICE_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_SERVICE_DEBUG_TOKEN: + name: AUTH_SERVICE_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_SERVICE_DEBUG_ZPAGES: + name: AUTH_SERVICE_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing in-memory + traces. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_SERVICE_GRPC_ADDR: + name: AUTH_SERVICE_GRPC_ADDR + defaultValue: 127.0.0.1:9199 + type: string + description: The bind address of the GRPC service. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_SERVICE_GRPC_PROTOCOL: + name: AUTH_SERVICE_GRPC_PROTOCOL + defaultValue: tcp + type: string + description: The transport protocol of the GRPC service. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_SERVICE_JWT_SECRET: + name: OCIS_JWT_SECRET;AUTH_SERVICE_JWT_SECRET + defaultValue: "" + type: string + description: The secret to mint and validate jwt tokens. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_SERVICE_LOG_COLOR: + name: OCIS_LOG_COLOR;AUTH_SERVICE_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_SERVICE_LOG_FILE: + name: OCIS_LOG_FILE;AUTH_SERVICE_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_SERVICE_LOG_LEVEL: + name: OCIS_LOG_LEVEL;AUTH_SERVICE_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_SERVICE_LOG_PRETTY: + name: OCIS_LOG_PRETTY;AUTH_SERVICE_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_SERVICE_SERVICE_ACCOUNT_ID: + name: OCIS_SERVICE_ACCOUNT_ID;AUTH_SERVICE_SERVICE_ACCOUNT_ID + defaultValue: "" + type: string + description: The ID of the service account the service should use. See the 'auth-service' + service description for more details. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_SERVICE_SERVICE_ACCOUNT_SECRET: + name: OCIS_SERVICE_ACCOUNT_SECRET;AUTH_SERVICE_SERVICE_ACCOUNT_SECRET + defaultValue: "" + type: string + description: The service account secret. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_SERVICE_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;AUTH_SERVICE_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_SERVICE_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;AUTH_SERVICE_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_SERVICE_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;AUTH_SERVICE_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +AUTH_SERVICE_TRACING_TYPE: + name: OCIS_TRACING_TYPE;AUTH_SERVICE_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +CLIENTLOG_DEBUG_ADDR: + name: CLIENTLOG_DEBUG_ADDR + defaultValue: 127.0.0.1:9260 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +CLIENTLOG_DEBUG_PPROF: + name: CLIENTLOG_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +CLIENTLOG_DEBUG_TOKEN: + name: CLIENTLOG_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +CLIENTLOG_DEBUG_ZPAGES: + name: CLIENTLOG_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing in-memory + traces. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +CLIENTLOG_EVENTS_AUTH_PASSWORD: + name: OCIS_EVENTS_AUTH_PASSWORD;CLIENTLOG_EVENTS_AUTH_PASSWORD + defaultValue: "" + type: string + description: The password to authenticate with the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +CLIENTLOG_EVENTS_AUTH_USERNAME: + name: OCIS_EVENTS_AUTH_USERNAME;CLIENTLOG_EVENTS_AUTH_USERNAME + defaultValue: "" + type: string + description: The username to authenticate with the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +CLIENTLOG_EVENTS_CLUSTER: + name: OCIS_EVENTS_CLUSTER;CLIENTLOG_EVENTS_CLUSTER + defaultValue: ocis-cluster + type: string + description: The clusterID of the event system. The event system is the message + queuing service. It is used as message broker for the microservice architecture. + Mandatory when using NATS as event system. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +CLIENTLOG_EVENTS_ENABLE_TLS: + name: OCIS_EVENTS_ENABLE_TLS;CLIENTLOG_EVENTS_ENABLE_TLS + defaultValue: "false" + type: bool + description: Enable TLS for the connection to the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +CLIENTLOG_EVENTS_ENDPOINT: + name: OCIS_EVENTS_ENDPOINT;CLIENTLOG_EVENTS_ENDPOINT + defaultValue: 127.0.0.1:9233 + type: string + description: The address of the event system. The event system is the message queuing + service. It is used as message broker for the microservice architecture. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +CLIENTLOG_EVENTS_TLS_INSECURE: + name: OCIS_INSECURE;CLIENTLOG_EVENTS_TLS_INSECURE + defaultValue: "false" + type: bool + description: Whether to verify the server TLS certificates. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +CLIENTLOG_EVENTS_TLS_ROOT_CA_CERTIFICATE: + name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;CLIENTLOG_EVENTS_TLS_ROOT_CA_CERTIFICATE + defaultValue: "" + type: string + description: The root CA certificate used to validate the server's TLS certificate. + If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +CLIENTLOG_JWT_SECRET: + name: OCIS_JWT_SECRET;CLIENTLOG_JWT_SECRET + defaultValue: "" + type: string + description: The secret to mint and validate jwt tokens. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +CLIENTLOG_REVA_GATEWAY: + name: OCIS_REVA_GATEWAY;CLIENTLOG_REVA_GATEWAY + defaultValue: com.owncloud.api.gateway + type: string + description: CS3 gateway used to look up user metadata + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +CLIENTLOG_SERVICE_ACCOUNT_ID: + name: OCIS_SERVICE_ACCOUNT_ID;CLIENTLOG_SERVICE_ACCOUNT_ID + defaultValue: "" + type: string + description: The ID of the service account the service should use. See the 'auth-service' + service description for more details. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +CLIENTLOG_SERVICE_ACCOUNT_SECRET: + name: OCIS_SERVICE_ACCOUNT_SECRET;CLIENTLOG_SERVICE_ACCOUNT_SECRET + defaultValue: "" + type: string + description: The service account secret. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +CLIENTLOG_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;CLIENTLOG_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +CLIENTLOG_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;CLIENTLOG_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +CLIENTLOG_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;CLIENTLOG_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +CLIENTLOG_TRACING_TYPE: + name: OCIS_TRACING_TYPE;CLIENTLOG_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +CLIENTLOG_USERLOG_LOG_COLOR: + name: OCIS_LOG_COLOR;CLIENTLOG_USERLOG_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +CLIENTLOG_USERLOG_LOG_FILE: + name: OCIS_LOG_FILE;CLIENTLOG_USERLOG_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +CLIENTLOG_USERLOG_LOG_LEVEL: + name: OCIS_LOG_LEVEL;CLIENTLOG_USERLOG_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +CLIENTLOG_USERLOG_LOG_PRETTY: + name: OCIS_LOG_PRETTY;CLIENTLOG_USERLOG_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +EVENTHISTORY_DEBUG_ADDR: + name: EVENTHISTORY_DEBUG_ADDR + defaultValue: 127.0.0.1:9270 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +EVENTHISTORY_DEBUG_PPROF: + name: EVENTHISTORY_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +EVENTHISTORY_DEBUG_TOKEN: + name: EVENTHISTORY_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +EVENTHISTORY_DEBUG_ZPAGES: + name: EVENTHISTORY_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing in-memory + traces. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +EVENTHISTORY_EVENTS_AUTH_PASSWORD: + name: OCIS_EVENTS_AUTH_PASSWORD;EVENTHISTORY_EVENTS_AUTH_PASSWORD + defaultValue: "" + type: string + description: The password to authenticate with the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +EVENTHISTORY_EVENTS_AUTH_USERNAME: + name: OCIS_EVENTS_AUTH_USERNAME;EVENTHISTORY_EVENTS_AUTH_USERNAME + defaultValue: "" + type: string + description: The username to authenticate with the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +EVENTHISTORY_EVENTS_CLUSTER: + name: OCIS_EVENTS_CLUSTER;EVENTHISTORY_EVENTS_CLUSTER + defaultValue: ocis-cluster + type: string + description: The clusterID of the event system. The event system is the message + queuing service. It is used as message broker for the microservice architecture. + Mandatory when using NATS as event system. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +EVENTHISTORY_EVENTS_ENABLE_TLS: + name: OCIS_EVENTS_ENABLE_TLS;EVENTHISTORY_EVENTS_ENABLE_TLS + defaultValue: "false" + type: bool + description: Enable TLS for the connection to the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +EVENTHISTORY_EVENTS_ENDPOINT: + name: OCIS_EVENTS_ENDPOINT;EVENTHISTORY_EVENTS_ENDPOINT + defaultValue: 127.0.0.1:9233 + type: string + description: The address of the event system. The event system is the message queuing + service. It is used as message broker for the microservice architecture. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +EVENTHISTORY_EVENTS_TLS_INSECURE: + name: OCIS_INSECURE;EVENTHISTORY_EVENTS_TLS_INSECURE + defaultValue: "false" + type: bool + description: Whether to verify the server TLS certificates. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +EVENTHISTORY_EVENTS_TLS_ROOT_CA_CERTIFICATE: + name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;EVENTHISTORY_EVENTS_TLS_ROOT_CA_CERTIFICATE + defaultValue: "" + type: string + description: The root CA certificate used to validate the server's TLS certificate. + Will be seen as empty if NOTIFICATIONS_EVENTS_TLS_INSECURE is provided. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +EVENTHISTORY_GRPC_ADDR: + name: EVENTHISTORY_GRPC_ADDR + defaultValue: 127.0.0.1:0 + type: string + description: The bind address of the GRPC service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +EVENTHISTORY_LOG_COLOR: + name: OCIS_LOG_COLOR;EVENTHISTORY_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +EVENTHISTORY_LOG_FILE: + name: OCIS_LOG_FILE;EVENTHISTORY_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +EVENTHISTORY_LOG_LEVEL: + name: OCIS_LOG_LEVEL;EVENTHISTORY_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +EVENTHISTORY_LOG_PRETTY: + name: OCIS_LOG_PRETTY;EVENTHISTORY_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +EVENTHISTORY_STORE: + name: OCIS_PERSISTENT_STORE;EVENTHISTORY_STORE + defaultValue: memory + type: string + description: 'The type of the store. Supported values are: ''memory'', ''ocmem'', + ''etcd'', ''redis'', ''redis-sentinel'', ''nats-js'', ''noop''. See the text description + for details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +EVENTHISTORY_STORE_AUTH_PASSWORD: + name: OCIS_PERSISTENT_STORE_AUTH_PASSWORD;EVENTHISTORY_STORE_AUTH_PASSWORD + defaultValue: "" + type: string + description: The password to authenticate with the store. Only applies when store + type 'nats-js-kv' is configured. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +EVENTHISTORY_STORE_AUTH_USERNAME: + name: OCIS_PERSISTENT_STORE_AUTH_USERNAME;EVENTHISTORY_STORE_AUTH_USERNAME + defaultValue: "" + type: string + description: The username to authenticate with the store. Only applies when store + type 'nats-js-kv' is configured. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +EVENTHISTORY_STORE_DATABASE: + name: EVENTHISTORY_STORE_DATABASE + defaultValue: eventhistory + type: string + description: The database name the configured store should use. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +EVENTHISTORY_STORE_NODES: + name: OCIS_PERSISTENT_STORE_NODES;EVENTHISTORY_STORE_NODES + defaultValue: '[]' + type: '[]string' + description: A list of nodes to access the configured store. This has no effect + when 'memory' or 'ocmem' stores are configured. Note that the behaviour how nodes + are used is dependent on the library of the configured store. See the Environment + Variable Types description for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +EVENTHISTORY_STORE_SIZE: + name: OCIS_PERSISTENT_STORE_SIZE;EVENTHISTORY_STORE_SIZE + defaultValue: "0" + type: int + description: The maximum quantity of items in the store. Only applies when store + type 'ocmem' is configured. Defaults to 512 which is derived and used from the + ocmem package though no explicit default was set. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +EVENTHISTORY_STORE_TABLE: + name: EVENTHISTORY_STORE_TABLE + defaultValue: events + type: string + description: The database table the store should use. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +EVENTHISTORY_STORE_TTL: + name: OCIS_PERSISTENT_STORE_TTL;EVENTHISTORY_STORE_TTL + defaultValue: 336h0m0s + type: Duration + description: Time to live for events in the store. Defaults to '336h' (2 weeks). + See the Environment Variable Types description for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +EVENTHISTORY_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;EVENTHISTORY_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +EVENTHISTORY_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;EVENTHISTORY_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +EVENTHISTORY_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;EVENTHISTORY_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +EVENTHISTORY_TRACING_TYPE: + name: OCIS_TRACING_TYPE;EVENTHISTORY_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_APP_HANDLER_INSECURE: + name: OCIS_INSECURE;FRONTEND_APP_HANDLER_INSECURE + defaultValue: "false" + type: bool + description: Allow insecure connections to the frontend. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_ARCHIVER_INSECURE: + name: OCIS_INSECURE;FRONTEND_ARCHIVER_INSECURE + defaultValue: "false" + type: bool + description: Allow insecure connections to the archiver. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_ARCHIVER_MAX_NUM_FILES: + name: FRONTEND_ARCHIVER_MAX_NUM_FILES + defaultValue: "10000" + type: int64 + description: Max number of files that can be packed into an archive. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_ARCHIVER_MAX_SIZE: + name: FRONTEND_ARCHIVER_MAX_SIZE + defaultValue: "1073741824" + type: int64 + description: Max size in bytes of the zip archive the archiver can create. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_AUTO_ACCEPT_SHARES: + name: FRONTEND_AUTO_ACCEPT_SHARES + defaultValue: "true" + type: bool + description: Defines if shares should be auto accepted by default. Users can change + this setting individually in their profile. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_CHECKSUMS_PREFERRED_UPLOAD_TYPE: + name: FRONTEND_CHECKSUMS_PREFERRED_UPLOAD_TYPE + defaultValue: sha1 + type: string + description: The supported checksum type for uploads that indicates to clients supporting + multiple hash algorithms which one is preferred by the server. Must be one out + of the defined list of SUPPORTED_TYPES. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_CHECKSUMS_SUPPORTED_TYPES: + name: FRONTEND_CHECKSUMS_SUPPORTED_TYPES + defaultValue: '[sha1 md5 adler32]' + type: '[]string' + description: A list of checksum types that indicate to clients which hashes the + server can use to verify upload integrity. Supported types are 'sha1', 'md5' and + 'adler32'. See the Environment Variable Types description for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_CORS_ALLOW_CREDENTIALS: + name: OCIS_CORS_ALLOW_CREDENTIALS;FRONTEND_CORS_ALLOW_CREDENTIALS + defaultValue: "true" + type: bool + description: 'Allow credentials for CORS.See following chapter for more details: + *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_CORS_ALLOW_HEADERS: + name: OCIS_CORS_ALLOW_HEADERS;FRONTEND_CORS_ALLOW_HEADERS + defaultValue: '[Origin Accept Content-Type Depth Authorization Ocs-Apirequest If-None-Match + If-Match Destination Overwrite X-Request-Id X-Requested-With Tus-Resumable Tus-Checksum-Algorithm + Upload-Concat Upload-Length Upload-Metadata Upload-Defer-Length Upload-Expires + Upload-Checksum Upload-Offset X-HTTP-Method-Override Cache-Control]' + type: '[]string' + description: 'A list of allowed CORS headers. See following chapter for more details: + *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_CORS_ALLOW_METHODS: + name: OCIS_CORS_ALLOW_METHODS;FRONTEND_CORS_ALLOW_METHODS + defaultValue: '[OPTIONS HEAD GET PUT POST PATCH DELETE MKCOL PROPFIND PROPPATCH + MOVE COPY REPORT SEARCH]' + type: '[]string' + description: 'A list of allowed CORS methods. See following chapter for more details: + *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_CORS_ALLOW_ORIGINS: + name: OCIS_CORS_ALLOW_ORIGINS;FRONTEND_CORS_ALLOW_ORIGINS + defaultValue: '[*]' + type: '[]string' + description: 'A list of allowed CORS origins. See following chapter for more details: + *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_DATA_GATEWAY_PREFIX: + name: FRONTEND_DATA_GATEWAY_PREFIX + defaultValue: data + type: string + description: Path prefix for the data gateway. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_DEBUG_ADDR: + name: FRONTEND_DEBUG_ADDR + defaultValue: 127.0.0.1:9141 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_DEBUG_PPROF: + name: FRONTEND_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_DEBUG_TOKEN: + name: FRONTEND_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_DEBUG_ZPAGES: + name: FRONTEND_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing in-memory + traces. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_DEFAULT_LINK_PERMISSIONS: + name: FRONTEND_DEFAULT_LINK_PERMISSIONS + defaultValue: "1" + type: int + description: Defines the default permissions a link is being created with. Possible + values are 0 (= internal link, for instance members only) and 1 (= public link + with viewer permissions). Defaults to 1. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_DEFAULT_UPLOAD_PROTOCOL: + name: FRONTEND_DEFAULT_UPLOAD_PROTOCOL + defaultValue: tus + type: string + description: The default upload protocol to use in clients. Currently only 'tus' + is avaliable. See the developer API documentation for more details about TUS. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_DISABLE_SSE: + name: OCIS_DISABLE_SSE;FRONTEND_DISABLE_SSE + defaultValue: "false" + type: bool + description: When set to true, clients are informed that the Server-Sent Events + endpoint is not accessible. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_EDITION: + name: OCIS_EDITION;FRONTEND_EDITION + defaultValue: Community + type: string + description: Edition of oCIS. Used for branding pruposes. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_ENABLE_FAVORITES: + name: FRONTEND_ENABLE_FAVORITES + defaultValue: "false" + type: bool + description: Enables the support for favorites in the clients. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_ENABLE_FEDERATED_SHARING_INCOMING: + name: FRONTEND_ENABLE_FEDERATED_SHARING_INCOMING + defaultValue: "false" + type: bool + description: Changing this value is NOT supported. Enables support for incoming + federated sharing for clients. The backend behaviour is not changed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_ENABLE_FEDERATED_SHARING_OUTGOING: + name: FRONTEND_ENABLE_FEDERATED_SHARING_OUTGOING + defaultValue: "false" + type: bool + description: Changing this value is NOT supported. Enables support for outgoing + federated sharing for clients. The backend behaviour is not changed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_ENABLE_RESHARING: + name: OCIS_ENABLE_RESHARING;FRONTEND_ENABLE_RESHARING + defaultValue: "true" + type: bool + description: Changing this value is NOT supported. Enables the support for resharing + in the clients. + introductionVersion: pre5.0 + deprecationVersion: "5.0" + removalVersion: "" + deprecationInfo: Resharing will be removed in the future. +FRONTEND_EVENTS_AUTH_PASSWORD: + name: OCIS_EVENTS_AUTH_PASSWORD;FRONTEND_EVENTS_AUTH_PASSWORD + defaultValue: "" + type: string + description: The password to authenticate with the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_EVENTS_AUTH_USERNAME: + name: OCIS_EVENTS_AUTH_USERNAME;FRONTEND_EVENTS_AUTH_USERNAME + defaultValue: "" + type: string + description: The username to authenticate with the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_EVENTS_CLUSTER: + name: OCIS_EVENTS_CLUSTER;FRONTEND_EVENTS_CLUSTER + defaultValue: ocis-cluster + type: string + description: The clusterID of the event system. The event system is the message + queuing service. It is used as message broker for the microservice architecture. + Mandatory when using NATS as event system. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_EVENTS_ENABLE_TLS: + name: OCIS_EVENTS_ENABLE_TLS;FRONTEND_EVENTS_ENABLE_TLS + defaultValue: "false" + type: bool + description: Enable TLS for the connection to the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_EVENTS_ENDPOINT: + name: OCIS_EVENTS_ENDPOINT;FRONTEND_EVENTS_ENDPOINT + defaultValue: 127.0.0.1:9233 + type: string + description: The address of the event system. The event system is the message queuing + service. It is used as message broker for the microservice architecture. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_EVENTS_TLS_INSECURE: + name: OCIS_INSECURE;FRONTEND_EVENTS_TLS_INSECURE + defaultValue: "false" + type: bool + description: Whether to verify the server TLS certificates. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_EVENTS_TLS_ROOT_CA_CERTIFICATE: + name: FRONTEND_EVENTS_TLS_ROOT_CA_CERTIFICATE;OCS_EVENTS_TLS_ROOT_CA_CERTIFICATE + defaultValue: "" + type: string + description: The root CA certificate used to validate the server's TLS certificate. + If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_FULL_TEXT_SEARCH_ENABLED: + name: FRONTEND_FULL_TEXT_SEARCH_ENABLED + defaultValue: "false" + type: bool + description: Set to true to signal the web client that full-text search is enabled. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_HTTP_ADDR: + name: FRONTEND_HTTP_ADDR + defaultValue: 127.0.0.1:9140 + type: string + description: The bind address of the HTTP service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_HTTP_PREFIX: + name: FRONTEND_HTTP_PREFIX + defaultValue: "" + type: string + description: The Path prefix where the frontend can be accessed (defaults to /). + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_HTTP_PROTOCOL: + name: FRONTEND_HTTP_PROTOCOL + defaultValue: tcp + type: string + description: The transport protocol of the HTTP service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_JWT_SECRET: + name: OCIS_JWT_SECRET;FRONTEND_JWT_SECRET + defaultValue: "" + type: string + description: The secret to mint and validate jwt tokens. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_LDAP_SERVER_WRITE_ENABLED: + name: OCIS_LDAP_SERVER_WRITE_ENABLED;FRONTEND_LDAP_SERVER_WRITE_ENABLED + defaultValue: "true" + type: bool + description: Allow creating, modifying and deleting LDAP users via the GRAPH API. + This can only be set to 'true' when keeping default settings for the LDAP user + and group attribute types (the 'OCIS_LDAP_USER_SCHEMA_* and 'OCIS_LDAP_GROUP_SCHEMA_* + variables). + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_LOG_COLOR: + name: OCIS_LOG_COLOR;FRONTEND_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_LOG_FILE: + name: OCIS_LOG_FILE;FRONTEND_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_LOG_LEVEL: + name: OCIS_LOG_LEVEL;FRONTEND_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_LOG_PRETTY: + name: OCIS_LOG_PRETTY;FRONTEND_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_MACHINE_AUTH_API_KEY: + name: OCIS_MACHINE_AUTH_API_KEY;FRONTEND_MACHINE_AUTH_API_KEY + defaultValue: "" + type: string + description: The machine auth API key used to validate internal requests necessary + to access resources from other services. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_MAX_QUOTA: + name: OCIS_SPACES_MAX_QUOTA;FRONTEND_MAX_QUOTA + defaultValue: "0" + type: uint64 + description: Set the global max quota value in bytes. A value of 0 equals unlimited. + The value is provided via capabilities. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_OCS_ADDITIONAL_INFO_ATTRIBUTE: + name: FRONTEND_OCS_ADDITIONAL_INFO_ATTRIBUTE + defaultValue: '{{.Mail}}' + type: string + description: Additional information attribute for the user like {{.Mail}}. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_OCS_ENABLE_DENIALS: + name: FRONTEND_OCS_ENABLE_DENIALS + defaultValue: "false" + type: bool + description: 'EXPERIMENTAL: enable the feature to deny access on folders.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_OCS_INCLUDE_OCM_SHAREES: + name: FRONTEND_OCS_INCLUDE_OCM_SHAREES + defaultValue: "false" + type: bool + description: Include OCM sharees when listing sharees. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_OCS_LIST_OCM_SHARES: + name: FRONTEND_OCS_LIST_OCM_SHARES + defaultValue: "true" + type: bool + description: Include OCM shares when listing shares. See the OCM service documentation + for more details. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_OCS_PERSONAL_NAMESPACE: + name: FRONTEND_OCS_PERSONAL_NAMESPACE + defaultValue: /users/{{.Id.OpaqueId}} + type: string + description: Homespace namespace identifier. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_OCS_PREFIX: + name: FRONTEND_OCS_PREFIX + defaultValue: ocs + type: string + description: URL path prefix for the OCS service. Note that the string must not + start with '/'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD: + name: OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD + defaultValue: "true" + type: bool + description: Set this to true if you want to enforce passwords on all public shares. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD: + name: OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD + defaultValue: "false" + type: bool + description: Set this to true if you want to enforce passwords on Uploader, Editor + or Contributor shares. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_OCS_SHARE_PREFIX: + name: FRONTEND_OCS_SHARE_PREFIX + defaultValue: /Shares + type: string + description: Path prefix for shares as part of an ocis resource. Note that the path + must start with '/'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_OCS_STAT_CACHE_AUTH_PASSWORD: + name: OCIS_CACHE_AUTH_PASSWORD;FRONTEND_OCS_STAT_CACHE_AUTH_PASSWORD + defaultValue: "" + type: string + description: The password to use for authentication. Only applies when using the + 'nats-js-kv' store type. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_OCS_STAT_CACHE_AUTH_USERNAME: + name: OCIS_CACHE_AUTH_USERNAME;FRONTEND_OCS_STAT_CACHE_AUTH_USERNAME + defaultValue: "" + type: string + description: The username to use for authentication. Only applies when using the + 'nats-js-kv' store type. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_OCS_STAT_CACHE_DISABLE_PERSISTENCE: + name: OCIS_CACHE_DISABLE_PERSISTENCE;FRONTEND_OCS_STAT_CACHE_DISABLE_PERSISTENCE + defaultValue: "false" + type: bool + description: Disable persistence of the cache. Only applies when using the 'nats-js-kv' + store type. Defaults to false. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_OCS_STAT_CACHE_SIZE: + name: OCIS_CACHE_SIZE;FRONTEND_OCS_STAT_CACHE_SIZE + defaultValue: "0" + type: int + description: Max number of entries to hold in the cache. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_OCS_STAT_CACHE_STORE: + name: OCIS_CACHE_STORE;FRONTEND_OCS_STAT_CACHE_STORE + defaultValue: memory + type: string + description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'', + ''nats-js-kv'', ''noop''. See the text description for details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_OCS_STAT_CACHE_STORE_NODES: + name: OCIS_CACHE_STORE_NODES;FRONTEND_OCS_STAT_CACHE_STORE_NODES + defaultValue: '[127.0.0.1:9233]' + type: '[]string' + description: A list of nodes to access the configured store. This has no effect + when 'memory' or 'ocmem' stores are configured. Note that the behaviour how nodes + are used is dependent on the library of the configured store. See the Environment + Variable Types description for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_OCS_STAT_CACHE_TABLE: + name: FRONTEND_OCS_STAT_CACHE_TABLE + defaultValue: "" + type: string + description: The database table the store should use. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_OCS_STAT_CACHE_TTL: + name: OCIS_CACHE_TTL;FRONTEND_OCS_STAT_CACHE_TTL + defaultValue: 5m0s + type: Duration + description: Default time to live for user info in the cache. Only applied when + access tokens has no expiration. See the Environment Variable Types description + for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_PASSWORD_POLICY_BANNED_PASSWORDS_LIST: + name: OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST;FRONTEND_PASSWORD_POLICY_BANNED_PASSWORDS_LIST + defaultValue: "" + type: string + description: Path to the 'banned passwords list' file. See the documentation for + more details. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_PASSWORD_POLICY_DISABLED: + name: OCIS_PASSWORD_POLICY_DISABLED;FRONTEND_PASSWORD_POLICY_DISABLED + defaultValue: "false" + type: bool + description: Disable the password policy. Defaults to false if not set. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_PASSWORD_POLICY_MIN_CHARACTERS: + name: OCIS_PASSWORD_POLICY_MIN_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_CHARACTERS + defaultValue: "8" + type: int + description: Define the minimum password length. Defaults to 8 if not set. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_PASSWORD_POLICY_MIN_DIGITS: + name: OCIS_PASSWORD_POLICY_MIN_DIGITS;FRONTEND_PASSWORD_POLICY_MIN_DIGITS + defaultValue: "1" + type: int + description: Define the minimum number of digits. Defaults to 1 if not set. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS: + name: OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS + defaultValue: "1" + type: int + description: Define the minimum number of uppercase letters. Defaults to 1 if not + set. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS: + name: OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS + defaultValue: "1" + type: int + description: Define the minimum number of characters from the special characters + list to be present. Defaults to 1 if not set. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS: + name: OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS + defaultValue: "1" + type: int + description: Define the minimum number of lowercase letters. Defaults to 1 if not + set. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_PUBLIC_URL: + name: OCIS_URL;FRONTEND_PUBLIC_URL + defaultValue: https://localhost:9200 + type: string + description: The public facing URL of the oCIS frontend. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_READONLY_USER_ATTRIBUTES: + name: FRONTEND_READONLY_USER_ATTRIBUTES + defaultValue: '[]' + type: '[]string' + description: 'A list of user attributes to indicate as read-only. Supported values: + ''user.onPremisesSamAccountName'' (username), ''user.displayName'', ''user.mail'', + ''user.passwordProfile'' (password), ''user.appRoleAssignments'' (role), ''user.memberOf'' + (groups), ''user.accountEnabled'' (login allowed), ''drive.quota'' (quota). See + the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_SEARCH_MIN_LENGTH: + name: FRONTEND_SEARCH_MIN_LENGTH + defaultValue: "3" + type: int + description: Minimum number of characters to enter before a client should start + a search for Share receivers. This setting can be used to customize the user experience + if e.g too many results are displayed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_SERVICE_ACCOUNT_ID: + name: OCIS_SERVICE_ACCOUNT_ID;FRONTEND_SERVICE_ACCOUNT_ID + defaultValue: "" + type: string + description: The ID of the service account the service should use. See the 'auth-service' + service description for more details. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_SERVICE_ACCOUNT_SECRET: + name: OCIS_SERVICE_ACCOUNT_SECRET;FRONTEND_SERVICE_ACCOUNT_SECRET + defaultValue: "" + type: string + description: The service account secret. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_SKIP_USER_GROUPS_IN_TOKEN: + name: FRONTEND_SKIP_USER_GROUPS_IN_TOKEN + defaultValue: "false" + type: bool + description: Disables the loading of user's group memberships from the reva access + token. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;FRONTEND_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;FRONTEND_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;FRONTEND_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_TRACING_TYPE: + name: OCIS_TRACING_TYPE;FRONTEND_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_UPLOAD_HTTP_METHOD_OVERRIDE: + name: FRONTEND_UPLOAD_HTTP_METHOD_OVERRIDE + defaultValue: "" + type: string + description: Advise TUS to replace PATCH requests by POST requests. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +FRONTEND_UPLOAD_MAX_CHUNK_SIZE: + name: FRONTEND_UPLOAD_MAX_CHUNK_SIZE + defaultValue: "10000000" + type: int + description: Sets the max chunk sizes in bytes for uploads via the clients. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GATEWAY_COMMIT_SHARE_TO_STORAGE_GRANT: + name: GATEWAY_COMMIT_SHARE_TO_STORAGE_GRANT + defaultValue: "true" + type: bool + description: Commit shares to storage grants. This grants access to shared resources + for the share receiver directly on the storage. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GATEWAY_CREATE_HOME_CACHE_AUTH_PASSWORD: + name: OCIS_CACHE_AUTH_PASSWORD;GATEWAY_CREATE_HOME_CACHE_AUTH_PASSWORD + defaultValue: "" + type: string + description: The password to use for authentication. Only applies when store type + 'nats-js-kv' is configured. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GATEWAY_CREATE_HOME_CACHE_AUTH_USERNAME: + name: OCIS_CACHE_AUTH_USERNAME;GATEWAY_CREATE_HOME_CACHE_AUTH_USERNAME + defaultValue: "" + type: string + description: The username to use for authentication. Only applies when store type + 'nats-js-kv' is configured. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GATEWAY_CREATE_HOME_CACHE_DISABLE_PERSISTENCE: + name: OCIS_CACHE_DISABLE_PERSISTENCE;GATEWAY_CREATE_HOME_CACHE_DISABLE_PERSISTENCE + defaultValue: "false" + type: bool + description: Disables persistence of the create home cache. Only applies when store + type 'nats-js-kv' is configured. Defaults to false. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GATEWAY_CREATE_HOME_CACHE_SIZE: + name: OCIS_CACHE_SIZE;GATEWAY_CREATE_HOME_CACHE_SIZE + defaultValue: "0" + type: int + description: The maximum quantity of items in the cache. Only applies when store + type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package + though not exclicitely set as default. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GATEWAY_CREATE_HOME_CACHE_STORE: + name: OCIS_CACHE_STORE;GATEWAY_CREATE_HOME_CACHE_STORE + defaultValue: memory + type: string + description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'', + ''nats-js-kv'', ''noop''. See the text description for details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GATEWAY_CREATE_HOME_CACHE_STORE_NODES: + name: OCIS_CACHE_STORE_NODES;GATEWAY_CREATE_HOME_CACHE_STORE_NODES + defaultValue: '[127.0.0.1:9233]' + type: '[]string' + description: A list of nodes to access the configured store. This has no effect + when 'memory' or 'ocmem' stores are configured. Note that the behaviour how nodes + are used is dependent on the library of the configured store. See the Environment + Variable Types description for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GATEWAY_CREATE_HOME_CACHE_TTL: + name: OCIS_CACHE_TTL;GATEWAY_CREATE_HOME_CACHE_TTL + defaultValue: 5m0s + type: Duration + description: Default time to live for user info in the cache. Only applied when + access tokens has no expiration. See the Environment Variable Types description + for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GATEWAY_DEBUG_ADDR: + name: GATEWAY_DEBUG_ADDR + defaultValue: 127.0.0.1:9143 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GATEWAY_DEBUG_PPROF: + name: GATEWAY_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GATEWAY_DEBUG_TOKEN: + name: GATEWAY_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GATEWAY_DEBUG_ZPAGES: + name: GATEWAY_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing in-memory + traces. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GATEWAY_DISABLE_HOME_CREATION_ON_LOGIN: + name: GATEWAY_DISABLE_HOME_CREATION_ON_LOGIN + defaultValue: "true" + type: bool + description: Disable creation of the home space on login. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GATEWAY_FRONTEND_PUBLIC_URL: + name: OCIS_URL;GATEWAY_FRONTEND_PUBLIC_URL + defaultValue: https://localhost:9200 + type: string + description: The public facing URL of the oCIS frontend. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GATEWAY_GRPC_ADDR: + name: OCIS_GATEWAY_GRPC_ADDR;GATEWAY_GRPC_ADDR + defaultValue: 127.0.0.1:9142 + type: string + description: The bind address of the GRPC service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GATEWAY_GRPC_PROTOCOL: + name: GATEWAY_GRPC_PROTOCOL + defaultValue: tcp + type: string + description: The transport protocol of the GRPC service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GATEWAY_JWT_SECRET: + name: OCIS_JWT_SECRET;GATEWAY_JWT_SECRET + defaultValue: "" + type: string + description: The secret to mint and validate jwt tokens. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GATEWAY_LOG_COLOR: + name: OCIS_LOG_COLOR;GATEWAY_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GATEWAY_LOG_FILE: + name: OCIS_LOG_FILE;GATEWAY_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GATEWAY_LOG_LEVEL: + name: OCIS_LOG_LEVEL;GATEWAY_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GATEWAY_LOG_PRETTY: + name: OCIS_LOG_PRETTY;GATEWAY_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GATEWAY_PROVIDER_CACHE_AUTH_PASSWORD: + name: OCIS_CACHE_AUTH_PASSWORD;GATEWAY_PROVIDER_CACHE_AUTH_PASSWORD + defaultValue: "" + type: string + description: The password to use for authentication. Only applies when store type + 'nats-js-kv' is configured. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GATEWAY_PROVIDER_CACHE_AUTH_USERNAME: + name: OCIS_CACHE_AUTH_USERNAME;GATEWAY_PROVIDER_CACHE_AUTH_USERNAME + defaultValue: "" + type: string + description: The username to use for authentication. Only applies when store type + 'nats-js-kv' is configured. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GATEWAY_PROVIDER_CACHE_DISABLE_PERSISTENCE: + name: OCIS_CACHE_DISABLE_PERSISTENCE;GATEWAY_PROVIDER_CACHE_DISABLE_PERSISTENCE + defaultValue: "false" + type: bool + description: Disables persistence of the provider cache. Only applies when store + type 'nats-js-kv' is configured. Defaults to false. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GATEWAY_PROVIDER_CACHE_SIZE: + name: OCIS_CACHE_SIZE;GATEWAY_PROVIDER_CACHE_SIZE + defaultValue: "0" + type: int + description: The maximum quantity of items in the cache. Only applies when store + type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package + though not exclicitely set as default. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GATEWAY_PROVIDER_CACHE_STORE: + name: OCIS_CACHE_STORE;GATEWAY_PROVIDER_CACHE_STORE + defaultValue: noop + type: string + description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'', + ''nats-js-kv'', ''noop''. See the text description for details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GATEWAY_PROVIDER_CACHE_STORE_NODES: + name: OCIS_CACHE_STORE_NODES;GATEWAY_PROVIDER_CACHE_STORE_NODES + defaultValue: '[127.0.0.1:9233]' + type: '[]string' + description: A list of nodes to access the configured store. This has no effect + when 'memory' or 'ocmem' stores are configured. Note that the behaviour how nodes + are used is dependent on the library of the configured store. See the Environment + Variable Types description for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GATEWAY_PROVIDER_CACHE_TTL: + name: OCIS_CACHE_TTL;GATEWAY_PROVIDER_CACHE_TTL + defaultValue: 5m0s + type: Duration + description: Default time to live for user info in the cache. Only applied when + access tokens has no expiration. See the Environment Variable Types description + for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GATEWAY_SHARE_FOLDER_NAME: + name: GATEWAY_SHARE_FOLDER_NAME + defaultValue: Shares + type: string + description: Name of the share folder in users' home space. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GATEWAY_SKIP_USER_GROUPS_IN_TOKEN: + name: GATEWAY_SKIP_USER_GROUPS_IN_TOKEN + defaultValue: "false" + type: bool + description: Disables the loading of user's group memberships from the reva access + token. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GATEWAY_STORAGE_REGISTRY_CONFIG_JSON: + name: GATEWAY_STORAGE_REGISTRY_CONFIG_JSON + defaultValue: "" + type: string + description: Additional configuration for the storage registry in json format. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GATEWAY_STORAGE_REGISTRY_DRIVER: + name: GATEWAY_STORAGE_REGISTRY_DRIVER + defaultValue: spaces + type: string + description: The driver name of the storage registry to use. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GATEWAY_STORAGE_REGISTRY_RULES: + name: GATEWAY_STORAGE_REGISTRY_RULES + defaultValue: '[]' + type: '[]string' + description: The rules for the storage registry. See the Environment Variable Types + description for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GATEWAY_STORAGE_USERS_MOUNT_ID: + name: GATEWAY_STORAGE_USERS_MOUNT_ID + defaultValue: "" + type: string + description: Mount ID of this storage. Admins can set the ID for the storage in + this config option manually which is then used to reference the storage. Any reasonable + long string is possible, preferably this would be an UUIDv4 format. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GATEWAY_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;GATEWAY_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GATEWAY_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;GATEWAY_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GATEWAY_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;GATEWAY_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GATEWAY_TRACING_TYPE: + name: OCIS_TRACING_TYPE;GATEWAY_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GATEWAY_TRANSFER_EXPIRES: + name: GATEWAY_TRANSFER_EXPIRES + defaultValue: "86400" + type: int + description: Expiry for the gateway tokens. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_APPLICATION_DISPLAYNAME: + name: GRAPH_APPLICATION_DISPLAYNAME + defaultValue: ownCloud Infinite Scale + type: string + description: The ocis application name. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_APPLICATION_ID: + name: GRAPH_APPLICATION_ID + defaultValue: "" + type: string + description: The ocis application ID shown in the graph. All app roles are tied + to this ID. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_ASSIGN_DEFAULT_USER_ROLE: + name: GRAPH_ASSIGN_DEFAULT_USER_ROLE + defaultValue: "true" + type: bool + description: Whether to assign newly created users the default role 'User'. Set + this to 'false' if you want to assign roles manually, or if the role assignment + should happen at first login. Set this to 'true' (the default) to assign the role + 'User' when creating a new user. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_CACHE_AUTH_PASSWORD: + name: OCIS_CACHE_AUTH_PASSWORD;GRAPH_CACHE_AUTH_PASSWORD + defaultValue: "" + type: string + description: The password to authenticate with the cache. Only applies when store + type 'nats-js-kv' is configured. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_CACHE_AUTH_USERNAME: + name: OCIS_CACHE_AUTH_USERNAME;GRAPH_CACHE_AUTH_USERNAME + defaultValue: "" + type: string + description: The username to authenticate with the cache. Only applies when store + type 'nats-js-kv' is configured. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_CACHE_DISABLE_PERSISTENCE: + name: OCIS_CACHE_DISABLE_PERSISTENCE;GRAPH_CACHE_DISABLE_PERSISTENCE + defaultValue: "false" + type: bool + description: Disables persistence of the cache. Only applies when store type 'nats-js-kv' + is configured. Defaults to false. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_CACHE_SIZE: + name: OCIS_CACHE_SIZE;GRAPH_CACHE_SIZE + defaultValue: "0" + type: int + description: The maximum quantity of items in the store. Only applies when store + type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package + though not exclicitely set as default. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_CACHE_STORE: + name: OCIS_CACHE_STORE;GRAPH_CACHE_STORE + defaultValue: memory + type: string + description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'', + ''nats-js-kv'', ''noop''. See the text description for details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_CACHE_STORE_DATABASE: + name: GRAPH_CACHE_STORE_DATABASE + defaultValue: cache-roles + type: string + description: The database name the configured store should use. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_CACHE_STORE_NODES: + name: OCIS_CACHE_STORE_NODES;GRAPH_CACHE_STORE_NODES + defaultValue: '[127.0.0.1:9233]' + type: '[]string' + description: A list of nodes to access the configured store. This has no effect + when 'memory' or 'ocmem' stores are configured. Note that the behaviour how nodes + are used is dependent on the library of the configured store. See the Environment + Variable Types description for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_CACHE_STORE_TABLE: + name: GRAPH_CACHE_STORE_TABLE + defaultValue: "" + type: string + description: The database table the store should use. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_CACHE_TTL: + name: OCIS_CACHE_TTL;GRAPH_CACHE_TTL + defaultValue: 336h0m0s + type: Duration + description: Time to live for cache records in the graph. Defaults to '336h' (2 + weeks). See the Environment Variable Types description for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_CORS_ALLOW_CREDENTIALS: + name: OCIS_CORS_ALLOW_CREDENTIALS;GRAPH_CORS_ALLOW_CREDENTIALS + defaultValue: "true" + type: bool + description: 'Allow credentials for CORS.See following chapter for more details: + *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_CORS_ALLOW_HEADERS: + name: OCIS_CORS_ALLOW_HEADERS;GRAPH_CORS_ALLOW_HEADERS + defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id + Purge Restore]' + type: '[]string' + description: 'A list of allowed CORS headers. See following chapter for more details: + *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_CORS_ALLOW_METHODS: + name: OCIS_CORS_ALLOW_METHODS;GRAPH_CORS_ALLOW_METHODS + defaultValue: '[GET POST PUT PATCH DELETE OPTIONS]' + type: '[]string' + description: 'A list of allowed CORS methods. See following chapter for more details: + *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_CORS_ALLOW_ORIGINS: + name: OCIS_CORS_ALLOW_ORIGINS;GRAPH_CORS_ALLOW_ORIGINS + defaultValue: '[*]' + type: '[]string' + description: 'A list of allowed CORS origins. See following chapter for more details: + *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_DEBUG_ADDR: + name: GRAPH_DEBUG_ADDR + defaultValue: 127.0.0.1:9124 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_DEBUG_PPROF: + name: GRAPH_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_DEBUG_TOKEN: + name: GRAPH_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_DEBUG_ZPAGES: + name: GRAPH_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing in-memory + traces. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_DISABLE_USER_MECHANISM: + name: OCIS_LDAP_DISABLE_USER_MECHANISM;GRAPH_DISABLE_USER_MECHANISM + defaultValue: attribute + type: string + description: An option to control the behavior for disabling users. Supported options + are 'none', 'attribute' and 'group'. If set to 'group', disabling a user via API + will add the user to the configured group for disabled users, if set to 'attribute' + this will be done in the ldap user entry, if set to 'none' the disable request + is not processed. Default is 'attribute'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_DISABLED_USERS_GROUP_DN: + name: OCIS_LDAP_DISABLED_USERS_GROUP_DN;GRAPH_DISABLED_USERS_GROUP_DN + defaultValue: cn=DisabledUsersGroup,ou=groups,o=libregraph-idm + type: string + description: The distinguished name of the group to which added users will be classified + as disabled when 'disable_user_mechanism' is set to 'group'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_ENABLE_RESHARING: + name: OCIS_ENABLE_RESHARING;GRAPH_ENABLE_RESHARING + defaultValue: "true" + type: bool + description: Changing this value is NOT supported. Enables the support for resharing. + introductionVersion: "5.0" + deprecationVersion: "5.0" + removalVersion: "" + deprecationInfo: Resharing will be removed in the future. +GRAPH_EVENTS_AUTH_PASSWORD: + name: OCIS_EVENTS_AUTH_PASSWORD;GRAPH_EVENTS_AUTH_PASSWORD + defaultValue: "" + type: string + description: The password to authenticate with the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_EVENTS_AUTH_USERNAME: + name: OCIS_EVENTS_AUTH_USERNAME;GRAPH_EVENTS_AUTH_USERNAME + defaultValue: "" + type: string + description: The username to authenticate with the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_EVENTS_CLUSTER: + name: OCIS_EVENTS_CLUSTER;GRAPH_EVENTS_CLUSTER + defaultValue: ocis-cluster + type: string + description: The clusterID of the event system. The event system is the message + queuing service. It is used as message broker for the microservice architecture. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_EVENTS_ENABLE_TLS: + name: OCIS_EVENTS_ENABLE_TLS;GRAPH_EVENTS_ENABLE_TLS + defaultValue: "false" + type: bool + description: Enable TLS for the connection to the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_EVENTS_ENDPOINT: + name: OCIS_EVENTS_ENDPOINT;GRAPH_EVENTS_ENDPOINT + defaultValue: 127.0.0.1:9233 + type: string + description: The address of the event system. The event system is the message queuing + service. It is used as message broker for the microservice architecture. Set to + a empty string to disable emitting events. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_EVENTS_TLS_INSECURE: + name: OCIS_INSECURE;GRAPH_EVENTS_TLS_INSECURE + defaultValue: "false" + type: bool + description: Whether to verify the server TLS certificates. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_EVENTS_TLS_ROOT_CA_CERTIFICATE: + name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;GRAPH_EVENTS_TLS_ROOT_CA_CERTIFICATE + defaultValue: "" + type: string + description: The root CA certificate used to validate the server's TLS certificate. + If provided GRAPH_EVENTS_TLS_INSECURE will be seen as false. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_GROUP_MEMBERS_PATCH_LIMIT: + name: GRAPH_GROUP_MEMBERS_PATCH_LIMIT + defaultValue: "20" + type: int + description: The amount of group members allowed to be added with a single patch + request. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_HTTP_ADDR: + name: GRAPH_HTTP_ADDR + defaultValue: 127.0.0.1:9120 + type: string + description: The bind address of the HTTP service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_HTTP_API_TOKEN: + name: GRAPH_HTTP_API_TOKEN + defaultValue: "" + type: string + description: An optional API bearer token + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_HTTP_ROOT: + name: GRAPH_HTTP_ROOT + defaultValue: /graph + type: string + description: Subdirectory that serves as the root for this HTTP service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_IDENTITY_BACKEND: + name: GRAPH_IDENTITY_BACKEND + defaultValue: ldap + type: string + description: The user identity backend to use. Supported backend types are 'ldap' + and 'cs3'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_IDENTITY_SEARCH_MIN_LENGTH: + name: GRAPH_IDENTITY_SEARCH_MIN_LENGTH + defaultValue: "3" + type: int + description: The minimum length the search term needs to have for unprivileged users + when searching for users or groups. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_JWT_SECRET: + name: OCIS_JWT_SECRET;GRAPH_JWT_SECRET + defaultValue: "" + type: string + description: The secret to mint and validate jwt tokens. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_KEYCLOAK_BASE_PATH: + name: OCIS_KEYCLOAK_BASE_PATH;GRAPH_KEYCLOAK_BASE_PATH + defaultValue: "" + type: string + description: The URL to access keycloak. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_KEYCLOAK_CLIENT_ID: + name: OCIS_KEYCLOAK_CLIENT_ID;GRAPH_KEYCLOAK_CLIENT_ID + defaultValue: "" + type: string + description: The client id to authenticate with keycloak. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_KEYCLOAK_CLIENT_REALM: + name: OCIS_KEYCLOAK_CLIENT_REALM;GRAPH_KEYCLOAK_CLIENT_REALM + defaultValue: "" + type: string + description: The realm the client is defined in. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_KEYCLOAK_CLIENT_SECRET: + name: OCIS_KEYCLOAK_CLIENT_SECRET;GRAPH_KEYCLOAK_CLIENT_SECRET + defaultValue: "" + type: string + description: The client secret to use in authentication. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_KEYCLOAK_INSECURE_SKIP_VERIFY: + name: OCIS_KEYCLOAK_INSECURE_SKIP_VERIFY;GRAPH_KEYCLOAK_INSECURE_SKIP_VERIFY + defaultValue: "false" + type: bool + description: Disable TLS certificate validation for Keycloak connections. Do not + set this in production environments. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_KEYCLOAK_USER_REALM: + name: OCIS_KEYCLOAK_USER_REALM;GRAPH_KEYCLOAK_USER_REALM + defaultValue: "" + type: string + description: The realm users are defined. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LDAP_BIND_DN: + name: OCIS_LDAP_BIND_DN;GRAPH_LDAP_BIND_DN + defaultValue: uid=libregraph,ou=sysusers,o=libregraph-idm + type: string + description: LDAP DN to use for simple bind authentication with the target LDAP + server. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LDAP_BIND_PASSWORD: + name: OCIS_LDAP_BIND_PASSWORD;GRAPH_LDAP_BIND_PASSWORD + defaultValue: "" + type: string + description: Password to use for authenticating the 'bind_dn'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LDAP_CACERT: + name: OCIS_LDAP_CACERT;GRAPH_LDAP_CACERT + defaultValue: /var/lib/ocis/idm/ldap.crt + type: string + description: Path/File name for the root CA certificate (in PEM format) used to + validate TLS server certificates of the LDAP service. If not defined, the root + directory derives from $OCIS_BASE_DATA_PATH:/idm. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LDAP_EDUCATION_RESOURCES_ENABLED: + name: GRAPH_LDAP_EDUCATION_RESOURCES_ENABLED + defaultValue: "false" + type: bool + description: Enable LDAP support for managing education related resources. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LDAP_GROUP_BASE_DN: + name: OCIS_LDAP_GROUP_BASE_DN;GRAPH_LDAP_GROUP_BASE_DN + defaultValue: ou=groups,o=libregraph-idm + type: string + description: Search base DN for looking up LDAP groups. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LDAP_GROUP_CREATE_BASE_DN: + name: GRAPH_LDAP_GROUP_CREATE_BASE_DN + defaultValue: ou=groups,o=libregraph-idm + type: string + description: Parent DN under which new groups are created. This DN needs to be subordinate + to the 'GRAPH_LDAP_GROUP_BASE_DN'. This setting is only relevant when 'GRAPH_LDAP_SERVER_WRITE_ENABLED' + is 'true'. It defaults to the value of 'GRAPH_LDAP_GROUP_BASE_DN'. All groups + outside of this subtree are treated as readonly groups and cannot be updated. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LDAP_GROUP_FILTER: + name: OCIS_LDAP_GROUP_FILTER;GRAPH_LDAP_GROUP_FILTER + defaultValue: "" + type: string + description: LDAP filter to add to the default filters for group searches. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LDAP_GROUP_ID_ATTRIBUTE: + name: OCIS_LDAP_GROUP_SCHEMA_ID;GRAPH_LDAP_GROUP_ID_ATTRIBUTE + defaultValue: owncloudUUID + type: string + description: LDAP Attribute to use as the unique id for groups. This should be a + stable globally unique ID like a UUID. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LDAP_GROUP_MEMBER_ATTRIBUTE: + name: OCIS_LDAP_GROUP_SCHEMA_MEMBER;GRAPH_LDAP_GROUP_MEMBER_ATTRIBUTE + defaultValue: member + type: string + description: LDAP Attribute that is used for group members. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LDAP_GROUP_NAME_ATTRIBUTE: + name: OCIS_LDAP_GROUP_SCHEMA_GROUPNAME;GRAPH_LDAP_GROUP_NAME_ATTRIBUTE + defaultValue: cn + type: string + description: LDAP Attribute to use for the name of groups. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LDAP_GROUP_OBJECTCLASS: + name: OCIS_LDAP_GROUP_OBJECTCLASS;GRAPH_LDAP_GROUP_OBJECTCLASS + defaultValue: groupOfNames + type: string + description: The object class to use for groups in the default group search filter + ('groupOfNames'). + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING: + name: OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;GRAPH_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING + defaultValue: "false" + type: bool + description: Set this to true if the defined 'ID' attribute for groups is of the + 'OCTETSTRING' syntax. This is required when using the 'objectGUID' attribute of + Active Directory for the group ID's. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LDAP_GROUP_SEARCH_SCOPE: + name: OCIS_LDAP_GROUP_SCOPE;GRAPH_LDAP_GROUP_SEARCH_SCOPE + defaultValue: sub + type: string + description: LDAP search scope to use when looking up groups. Supported scopes are + 'base', 'one' and 'sub'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LDAP_INSECURE: + name: OCIS_LDAP_INSECURE;GRAPH_LDAP_INSECURE + defaultValue: "false" + type: bool + description: Disable TLS certificate validation for the LDAP connections. Do not + set this in production environments. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LDAP_REFINT_ENABLED: + name: GRAPH_LDAP_REFINT_ENABLED + defaultValue: "false" + type: bool + description: Signals that the server has the refint plugin enabled, which makes + some actions not needed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LDAP_SCHOOL_BASE_DN: + name: GRAPH_LDAP_SCHOOL_BASE_DN + defaultValue: "" + type: string + description: Search base DN for looking up LDAP schools. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LDAP_SCHOOL_FILTER: + name: GRAPH_LDAP_SCHOOL_FILTER + defaultValue: "" + type: string + description: LDAP filter to add to the default filters for school searches. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LDAP_SCHOOL_ID_ATTRIBUTE: + name: GRAPH_LDAP_SCHOOL_ID_ATTRIBUTE + defaultValue: "" + type: string + description: LDAP Attribute to use as the unique id for schools. This should be + a stable globally unique ID like a UUID. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LDAP_SCHOOL_NAME_ATTRIBUTE: + name: GRAPH_LDAP_SCHOOL_NAME_ATTRIBUTE + defaultValue: "" + type: string + description: LDAP Attribute to use for the name of a school. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LDAP_SCHOOL_NUMBER_ATTRIBUTE: + name: GRAPH_LDAP_SCHOOL_NUMBER_ATTRIBUTE + defaultValue: "" + type: string + description: LDAP Attribute to use for the number of a school. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LDAP_SCHOOL_OBJECTCLASS: + name: GRAPH_LDAP_SCHOOL_OBJECTCLASS + defaultValue: "" + type: string + description: The object class to use for schools in the default school search filter. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LDAP_SCHOOL_SEARCH_SCOPE: + name: GRAPH_LDAP_SCHOOL_SEARCH_SCOPE + defaultValue: "" + type: string + description: LDAP search scope to use when looking up schools. Supported scopes + are 'base', 'one' and 'sub'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LDAP_SCHOOL_TERMINATION_MIN_GRACE_DAYS: + name: GRAPH_LDAP_SCHOOL_TERMINATION_MIN_GRACE_DAYS + defaultValue: "0" + type: int + description: When setting a 'terminationDate' for a school, require the date to + be at least this number of days in the future. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LDAP_SERVER_USE_PASSWORD_MODIFY_EXOP: + name: GRAPH_LDAP_SERVER_USE_PASSWORD_MODIFY_EXOP + defaultValue: "true" + type: bool + description: Use the 'Password Modify Extended Operation' for updating user passwords. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LDAP_SERVER_UUID: + name: GRAPH_LDAP_SERVER_UUID + defaultValue: "false" + type: bool + description: If set to true, rely on the LDAP Server to generate a unique ID for + users and groups, like when using 'entryUUID' as the user ID attribute. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LDAP_SERVER_WRITE_ENABLED: + name: OCIS_LDAP_SERVER_WRITE_ENABLED;FRONTEND_LDAP_SERVER_WRITE_ENABLED + defaultValue: "true" + type: bool + description: Allow creating, modifying and deleting LDAP users via the GRAPH API. + This can only be set to 'true' when keeping default settings for the LDAP user + and group attribute types (the 'OCIS_LDAP_USER_SCHEMA_* and 'OCIS_LDAP_GROUP_SCHEMA_* + variables). + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LDAP_URI: + name: OCIS_LDAP_URI;GRAPH_LDAP_URI + defaultValue: ldaps://localhost:9235 + type: string + description: URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' + and 'ldap://' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LDAP_USER_BASE_DN: + name: OCIS_LDAP_USER_BASE_DN;GRAPH_LDAP_USER_BASE_DN + defaultValue: ou=users,o=libregraph-idm + type: string + description: Search base DN for looking up LDAP users. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE: + name: LDAP_USER_SCHEMA_DISPLAY_NAME;GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE + defaultValue: displayName + type: string + description: LDAP Attribute to use for the displayname of users. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LDAP_USER_EMAIL_ATTRIBUTE: + name: OCIS_LDAP_USER_SCHEMA_MAIL;GRAPH_LDAP_USER_EMAIL_ATTRIBUTE + defaultValue: mail + type: string + description: LDAP Attribute to use for the email address of users. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LDAP_USER_FILTER: + name: OCIS_LDAP_USER_FILTER;GRAPH_LDAP_USER_FILTER + defaultValue: "" + type: string + description: LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LDAP_USER_NAME_ATTRIBUTE: + name: OCIS_LDAP_USER_SCHEMA_USERNAME;GRAPH_LDAP_USER_NAME_ATTRIBUTE + defaultValue: uid + type: string + description: LDAP Attribute to use for username of users. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LDAP_USER_OBJECTCLASS: + name: OCIS_LDAP_USER_OBJECTCLASS;GRAPH_LDAP_USER_OBJECTCLASS + defaultValue: inetOrgPerson + type: string + description: The object class to use for users in the default user search filter + ('inetOrgPerson'). + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING: + name: OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;GRAPH_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING + defaultValue: "false" + type: bool + description: Set this to true if the defined 'ID' attribute for users is of the + 'OCTETSTRING' syntax. This is required when using the 'objectGUID' attribute of + Active Directory for the user ID's. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LDAP_USER_SCOPE: + name: OCIS_LDAP_USER_SCOPE;GRAPH_LDAP_USER_SCOPE + defaultValue: sub + type: string + description: LDAP search scope to use when looking up users. Supported scopes are + 'base', 'one' and 'sub'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LDAP_USER_TYPE_ATTRIBUTE: + name: OCIS_LDAP_USER_SCHEMA_USER_TYPE;GRAPH_LDAP_USER_TYPE_ATTRIBUTE + defaultValue: ownCloudUserType + type: string + description: LDAP Attribute to distinguish between 'Member' and 'Guest' users. Default + is 'ownCloudUserType'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LDAP_USER_UID_ATTRIBUTE: + name: OCIS_LDAP_USER_SCHEMA_ID;GRAPH_LDAP_USER_UID_ATTRIBUTE + defaultValue: owncloudUUID + type: string + description: LDAP Attribute to use as the unique ID for users. This should be a + stable globally unique ID like a UUID. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LOG_COLOR: + name: OCIS_LOG_COLOR;GRAPH_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LOG_FILE: + name: OCIS_LOG_FILE;GRAPH_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LOG_LEVEL: + name: OCIS_LOG_LEVEL;GRAPH_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_LOG_PRETTY: + name: OCIS_LOG_PRETTY;GRAPH_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_SERVICE_ACCOUNT_ID: + name: OCIS_SERVICE_ACCOUNT_ID;GRAPH_SERVICE_ACCOUNT_ID + defaultValue: "" + type: string + description: The ID of the service account the service should use. See the 'auth-service' + service description for more details. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_SERVICE_ACCOUNT_SECRET: + name: OCIS_SERVICE_ACCOUNT_SECRET;GRAPH_SERVICE_ACCOUNT_SECRET + defaultValue: "" + type: string + description: The service account secret. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_SPACES_DEFAULT_QUOTA: + name: GRAPH_SPACES_DEFAULT_QUOTA + defaultValue: "1000000000" + type: string + description: The default quota in bytes. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_SPACES_EXTENDED_SPACE_PROPERTIES_CACHE_TTL: + name: GRAPH_SPACES_EXTENDED_SPACE_PROPERTIES_CACHE_TTL + defaultValue: "60000000000" + type: int + description: Max TTL in seconds for the spaces property cache. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_SPACES_GROUPS_CACHE_TTL: + name: GRAPH_SPACES_GROUPS_CACHE_TTL + defaultValue: "60000000000" + type: int + description: Max TTL in seconds for the spaces groups cache. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_SPACES_STORAGE_USERS_ADDRESS: + name: GRAPH_SPACES_STORAGE_USERS_ADDRESS + defaultValue: com.owncloud.api.storage-users + type: string + description: The address of the storage-users service. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_SPACES_USERS_CACHE_TTL: + name: GRAPH_SPACES_USERS_CACHE_TTL + defaultValue: "60000000000" + type: int + description: Max TTL in seconds for the spaces users cache. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_SPACES_WEBDAV_BASE: + name: OCIS_URL;GRAPH_SPACES_WEBDAV_BASE + defaultValue: https://localhost:9200 + type: string + description: The public facing URL of WebDAV. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_SPACES_WEBDAV_PATH: + name: GRAPH_SPACES_WEBDAV_PATH + defaultValue: /dav/spaces/ + type: string + description: The WebDAV subpath for spaces. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;GRAPH_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;GRAPH_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;GRAPH_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_TRACING_TYPE: + name: OCIS_TRACING_TYPE;GRAPH_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_USER_ENABLED_ATTRIBUTE: + name: OCIS_LDAP_USER_ENABLED_ATTRIBUTE;GRAPH_USER_ENABLED_ATTRIBUTE + defaultValue: ownCloudUserEnabled + type: string + description: LDAP Attribute to use as a flag telling if the user is enabled or disabled. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GRAPH_USERNAME_MATCH: + name: GRAPH_USERNAME_MATCH + defaultValue: default + type: string + description: Apply restrictions to usernames. Supported values are 'default' and + 'none'. When set to 'default', user names must not start with a number and are + restricted to ASCII characters. When set to 'none', no restrictions are applied. + The default value is 'default'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_DEBUG_ADDR: + name: GROUPS_DEBUG_ADDR + defaultValue: 127.0.0.1:9161 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_DEBUG_PPROF: + name: GROUPS_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_DEBUG_TOKEN: + name: GROUPS_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_DEBUG_ZPAGES: + name: GROUPS_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing in-memory + traces. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_DRIVER: + name: GROUPS_DRIVER + defaultValue: ldap + type: string + description: The driver which should be used by the groups service. Supported values + are 'ldap' and 'owncloudsql'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_GRPC_ADDR: + name: GROUPS_GRPC_ADDR + defaultValue: 127.0.0.1:9160 + type: string + description: The bind address of the GRPC service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_GRPC_PROTOCOL: + name: GROUPS_GRPC_PROTOCOL + defaultValue: tcp + type: string + description: The transport protocol of the GRPC service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_IDP_URL: + name: OCIS_URL;OCIS_OIDC_ISSUER;GROUPS_IDP_URL + defaultValue: https://localhost:9200 + type: string + description: The identity provider value to set in the group IDs of the CS3 group + objects for groups returned by this group provider. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_JWT_SECRET: + name: OCIS_JWT_SECRET;GROUPS_JWT_SECRET + defaultValue: "" + type: string + description: The secret to mint and validate jwt tokens. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_LDAP_BIND_DN: + name: OCIS_LDAP_BIND_DN;GROUPS_LDAP_BIND_DN + defaultValue: uid=reva,ou=sysusers,o=libregraph-idm + type: string + description: LDAP DN to use for simple bind authentication with the target LDAP + server. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_LDAP_BIND_PASSWORD: + name: OCIS_LDAP_BIND_PASSWORD;GROUPS_LDAP_BIND_PASSWORD + defaultValue: "" + type: string + description: Password to use for authenticating the 'bind_dn'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_LDAP_CACERT: + name: OCIS_LDAP_CACERT;GROUPS_LDAP_CACERT + defaultValue: /var/lib/ocis/idm/ldap.crt + type: string + description: Path/File name for the root CA certificate (in PEM format) used to + validate TLS server certificates of the LDAP service. If not defined, the root + directory derives from $OCIS_BASE_DATA_PATH:/idm. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_LDAP_GROUP_BASE_DN: + name: OCIS_LDAP_GROUP_BASE_DN;GROUPS_LDAP_GROUP_BASE_DN + defaultValue: ou=groups,o=libregraph-idm + type: string + description: Search base DN for looking up LDAP groups. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_LDAP_GROUP_FILTER: + name: OCIS_LDAP_GROUP_FILTER;GROUPS_LDAP_GROUP_FILTER + defaultValue: "" + type: string + description: LDAP filter to add to the default filters for group searches. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_LDAP_GROUP_OBJECTCLASS: + name: OCIS_LDAP_GROUP_OBJECTCLASS;GROUPS_LDAP_GROUP_OBJECTCLASS + defaultValue: groupOfNames + type: string + description: The object class to use for groups in the default group search filter + ('groupOfNames'). + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_LDAP_GROUP_SCHEMA_DISPLAYNAME: + name: OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME;GROUPS_LDAP_GROUP_SCHEMA_DISPLAYNAME + defaultValue: cn + type: string + description: LDAP Attribute to use for the displayname of groups (often the same + as groupname attribute). + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_LDAP_GROUP_SCHEMA_GROUPNAME: + name: OCIS_LDAP_GROUP_SCHEMA_GROUPNAME;GROUPS_LDAP_GROUP_SCHEMA_GROUPNAME + defaultValue: cn + type: string + description: LDAP Attribute to use for the name of groups. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_LDAP_GROUP_SCHEMA_ID: + name: OCIS_LDAP_GROUP_SCHEMA_ID;GROUPS_LDAP_GROUP_SCHEMA_ID + defaultValue: ownclouduuid + type: string + description: LDAP Attribute to use as the unique id for groups. This should be a + stable globally unique ID like a UUID. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING: + name: OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;GROUPS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING + defaultValue: "false" + type: bool + description: Set this to true if the defined 'id' attribute for groups is of the + 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute + of Active Directory for the group ID's. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_LDAP_GROUP_SCHEMA_MAIL: + name: OCIS_LDAP_GROUP_SCHEMA_MAIL;GROUPS_LDAP_GROUP_SCHEMA_MAIL + defaultValue: mail + type: string + description: LDAP Attribute to use for the email address of groups (can be empty). + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_LDAP_GROUP_SCHEMA_MEMBER: + name: OCIS_LDAP_GROUP_SCHEMA_MEMBER;GROUPS_LDAP_GROUP_SCHEMA_MEMBER + defaultValue: member + type: string + description: LDAP Attribute that is used for group members. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_LDAP_GROUP_SCOPE: + name: OCIS_LDAP_GROUP_SCOPE;GROUPS_LDAP_GROUP_SCOPE + defaultValue: sub + type: string + description: LDAP search scope to use when looking up groups. Supported scopes are + 'base', 'one' and 'sub'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_LDAP_GROUP_SUBSTRING_FILTER_TYPE: + name: LDAP_GROUP_SUBSTRING_FILTER_TYPE;GROUPS_LDAP_GROUP_SUBSTRING_FILTER_TYPE + defaultValue: any + type: string + description: Type of substring search filter to use for substring searches for groups. + Supported values are 'initial', 'final' and 'any'. The value 'initial' is used + for doing prefix only searches, 'final' for doing suffix only searches or 'any' + for doing full substring searches + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_LDAP_INSECURE: + name: OCIS_LDAP_INSECURE;GROUPS_LDAP_INSECURE + defaultValue: "false" + type: bool + description: Disable TLS certificate validation for the LDAP connections. Do not + set this in production environments. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_LDAP_URI: + name: OCIS_LDAP_URI;GROUPS_LDAP_URI + defaultValue: ldaps://localhost:9235 + type: string + description: URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' + and 'ldap://' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_LDAP_USER_BASE_DN: + name: OCIS_LDAP_USER_BASE_DN;GROUPS_LDAP_USER_BASE_DN + defaultValue: ou=users,o=libregraph-idm + type: string + description: Search base DN for looking up LDAP users. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_LDAP_USER_FILTER: + name: OCIS_LDAP_USER_FILTER;GROUPS_LDAP_USER_FILTER + defaultValue: "" + type: string + description: LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_LDAP_USER_OBJECTCLASS: + name: OCIS_LDAP_USER_OBJECTCLASS;GROUPS_LDAP_USER_OBJECTCLASS + defaultValue: inetOrgPerson + type: string + description: The object class to use for users in the default user search filter + ('inetOrgPerson'). + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_LDAP_USER_SCHEMA_DISPLAYNAME: + name: OCIS_LDAP_USER_SCHEMA_DISPLAYNAME;GROUPS_LDAP_USER_SCHEMA_DISPLAYNAME + defaultValue: displayname + type: string + description: LDAP Attribute to use for the displayname of users. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_LDAP_USER_SCHEMA_ID: + name: OCIS_LDAP_USER_SCHEMA_ID;GROUPS_LDAP_USER_SCHEMA_ID + defaultValue: ownclouduuid + type: string + description: LDAP Attribute to use as the unique id for users. This should be a + stable globally unique id like a UUID. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING: + name: OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;GROUPS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING + defaultValue: "false" + type: bool + description: Set this to true if the defined 'ID' attribute for users is of the + 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute + of Active Directory for the user ID's. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_LDAP_USER_SCHEMA_MAIL: + name: OCIS_LDAP_USER_SCHEMA_MAIL;GROUPS_LDAP_USER_SCHEMA_MAIL + defaultValue: mail + type: string + description: LDAP Attribute to use for the email address of users. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_LDAP_USER_SCHEMA_USERNAME: + name: OCIS_LDAP_USER_SCHEMA_USERNAME;GROUPS_LDAP_USER_SCHEMA_USERNAME + defaultValue: uid + type: string + description: LDAP Attribute to use for username of users. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_LDAP_USER_SCOPE: + name: OCIS_LDAP_USER_SCOPE;GROUPS_LDAP_USER_SCOPE + defaultValue: sub + type: string + description: LDAP search scope to use when looking up users. Supported scopes are + 'base', 'one' and 'sub'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_LOG_COLOR: + name: OCIS_LOG_COLOR;GROUPS_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_LOG_FILE: + name: OCIS_LOG_FILE;GROUPS_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_LOG_LEVEL: + name: OCIS_LOG_LEVEL;GROUPS_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_LOG_PRETTY: + name: OCIS_LOG_PRETTY;GROUPS_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_OWNCLOUDSQL_DB_HOST: + name: GROUPS_OWNCLOUDSQL_DB_HOST + defaultValue: mysql + type: string + description: Hostname of the database server. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_OWNCLOUDSQL_DB_NAME: + name: GROUPS_OWNCLOUDSQL_DB_NAME + defaultValue: owncloud + type: string + description: Name of the owncloud database. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_OWNCLOUDSQL_DB_PASSWORD: + name: GROUPS_OWNCLOUDSQL_DB_PASSWORD + defaultValue: "" + type: string + description: Password for the database user. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_OWNCLOUDSQL_DB_PORT: + name: GROUPS_OWNCLOUDSQL_DB_PORT + defaultValue: "3306" + type: int + description: Network port to use for the database connection. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_OWNCLOUDSQL_DB_USERNAME: + name: GROUPS_OWNCLOUDSQL_DB_USERNAME + defaultValue: owncloud + type: string + description: Database user to use for authenticating with the owncloud database. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_OWNCLOUDSQL_ENABLE_MEDIAL_SEARCH: + name: GROUPS_OWNCLOUDSQL_ENABLE_MEDIAL_SEARCH + defaultValue: "false" + type: bool + description: Allow 'medial search' when searching for users instead of just doing + a prefix search. This allows finding 'Alice' when searching for 'lic'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_OWNCLOUDSQL_IDP: + name: GROUPS_OWNCLOUDSQL_IDP + defaultValue: https://localhost:9200 + type: string + description: The identity provider value to set in the userids of the CS3 user objects + for users returned by this user provider. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_OWNCLOUDSQL_JOIN_OWNCLOUD_UUID: + name: GROUPS_OWNCLOUDSQL_JOIN_OWNCLOUD_UUID + defaultValue: "false" + type: bool + description: Join the user properties table to read user IDs. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_OWNCLOUDSQL_JOIN_USERNAME: + name: GROUPS_OWNCLOUDSQL_JOIN_USERNAME + defaultValue: "false" + type: bool + description: Join the user properties table to read usernames. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_OWNCLOUDSQL_NOBODY: + name: GROUPS_OWNCLOUDSQL_NOBODY + defaultValue: "90" + type: int64 + description: Fallback number if no numeric UID and GID properties are provided. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_SKIP_USER_GROUPS_IN_TOKEN: + name: GROUPS_SKIP_USER_GROUPS_IN_TOKEN + defaultValue: "false" + type: bool + description: Disables the loading of user's group memberships from the reva access + token. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;GROUPS_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;GROUPS_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;GROUPS_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +GROUPS_TRACING_TYPE: + name: OCIS_TRACING_TYPE;GROUPS_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDM_ADMIN_PASSWORD: + name: IDM_ADMIN_PASSWORD + defaultValue: "" + type: string + description: Password to set for the oCIS 'admin' user. Either cleartext or an argon2id + hash. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDM_ADMIN_USER_ID: + name: OCIS_ADMIN_USER_ID;IDM_ADMIN_USER_ID + defaultValue: "" + type: string + description: ID of the user that should receive admin privileges. Consider that + the UUID can be encoded in some LDAP deployment configurations like in .ldif files. + These need to be decoded beforehand. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDM_CREATE_DEMO_USERS: + name: SETTINGS_SETUP_DEFAULT_ASSIGNMENTS;IDM_CREATE_DEMO_USERS + defaultValue: "false" + type: bool + description: The default role assignments the demo users should be setup. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDM_DATABASE_PATH: + name: IDM_DATABASE_PATH + defaultValue: /var/lib/ocis/idm/ocis.boltdb + type: string + description: Full path to the IDM backend database. If not defined, the root directory + derives from $OCIS_BASE_DATA_PATH:/idm. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDM_DEBUG_ADDR: + name: IDM_DEBUG_ADDR + defaultValue: 127.0.0.1:9239 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDM_DEBUG_PPROF: + name: IDM_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDM_DEBUG_TOKEN: + name: IDM_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDM_DEBUG_ZPAGES: + name: IDM_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing in-memory + traces. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDM_IDPSVC_PASSWORD: + name: IDM_IDPSVC_PASSWORD + defaultValue: "" + type: string + description: Password to set for the 'idp' service user. Either cleartext or an + argon2id hash. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDM_LDAPS_ADDR: + name: IDM_LDAPS_ADDR + defaultValue: 127.0.0.1:9235 + type: string + description: Listen address for the LDAPS listener (ip-addr:port). + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDM_LDAPS_CERT: + name: IDM_LDAPS_CERT + defaultValue: /var/lib/ocis/idm/ldap.crt + type: string + description: File name of the TLS server certificate for the LDAPS listener. If + not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/idm. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDM_LDAPS_KEY: + name: IDM_LDAPS_KEY + defaultValue: /var/lib/ocis/idm/ldap.key + type: string + description: File name for the TLS certificate key for the server certificate. If + not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/idm. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDM_LOG_COLOR: + name: OCIS_LOG_COLOR;IDM_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDM_LOG_FILE: + name: OCIS_LOG_FILE;IDM_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDM_LOG_LEVEL: + name: OCIS_LOG_LEVEL;IDM_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDM_LOG_PRETTY: + name: OCIS_LOG_PRETTY;IDM_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDM_REVASVC_PASSWORD: + name: IDM_REVASVC_PASSWORD + defaultValue: "" + type: string + description: Password to set for the 'reva' service user. Either cleartext or an + argon2id hash. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDM_SVC_PASSWORD: + name: IDM_SVC_PASSWORD + defaultValue: "" + type: string + description: Password to set for the 'idm' service user. Either cleartext or an + argon2id hash. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDM_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;IDM_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDM_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;IDM_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDM_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;IDM_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDM_TRACING_TYPE: + name: OCIS_TRACING_TYPE;IDM_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_ACCESS_TOKEN_EXPIRATION: + name: IDP_ACCESS_TOKEN_EXPIRATION + defaultValue: "300" + type: uint64 + description: '''Access token lifespan in seconds (time before an access token is + expired).''' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_ALLOW_CLIENT_GUESTS: + name: IDP_ALLOW_CLIENT_GUESTS + defaultValue: "false" + type: bool + description: Allow guest clients to access oCIS. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_ALLOW_DYNAMIC_CLIENT_REGISTRATION: + name: IDP_ALLOW_DYNAMIC_CLIENT_REGISTRATION + defaultValue: "false" + type: bool + description: Allow dynamic client registration. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_ASSET_PATH: + name: IDP_ASSET_PATH + defaultValue: "" + type: string + description: Serve IDP assets from a path on the filesystem instead of the builtin + assets. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_DEBUG_ADDR: + name: IDP_DEBUG_ADDR + defaultValue: 127.0.0.1:9134 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_DEBUG_PPROF: + name: IDP_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_DEBUG_TOKEN: + name: IDP_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_DEBUG_ZPAGES: + name: IDP_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing in-memory + traces. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_DYNAMIC_CLIENT_SECRET_DURATION: + name: IDP_DYNAMIC_CLIENT_SECRET_DURATION + defaultValue: "0" + type: uint64 + description: Lifespan in seconds of a dynamically registered OIDC client. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_ENCRYPTION_SECRET_FILE: + name: IDP_ENCRYPTION_SECRET_FILE + defaultValue: /var/lib/ocis/idp/encryption.key + type: string + description: Path to the encryption secret file, if unset, a new certificate will + be autogenerated upon each restart, thus invalidating all existing sessions. If + not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/idp. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_ENDPOINT_URI: + name: IDP_ENDPOINT_URI + defaultValue: "" + type: string + description: URL of the IDP endpoint. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_HTTP_ADDR: + name: IDP_HTTP_ADDR + defaultValue: 127.0.0.1:9130 + type: string + description: The bind address of the HTTP service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_HTTP_ROOT: + name: IDP_HTTP_ROOT + defaultValue: / + type: string + description: Subdirectory that serves as the root for this HTTP service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_ID_TOKEN_EXPIRATION: + name: IDP_ID_TOKEN_EXPIRATION + defaultValue: "300" + type: uint64 + description: ID token lifespan in seconds (time before an ID token is expired). + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_IDENTITY_MANAGER: + name: IDP_IDENTITY_MANAGER + defaultValue: ldap + type: string + description: The identity manager implementation to use. Supported identity managers + are 'ldap', 'cs3', 'libregraph' and 'guest'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_INSECURE: + name: OCIS_LDAP_INSECURE;IDP_INSECURE + defaultValue: "false" + type: bool + description: Disable TLS certificate validation for the LDAP connections. Do not + set this in production environments. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_ISS: + name: OCIS_URL;OCIS_OIDC_ISSUER;IDP_ISS + defaultValue: https://localhost:9200 + type: string + description: The OIDC issuer URL to use. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_LDAP_BASE_DN: + name: OCIS_LDAP_USER_BASE_DN;IDP_LDAP_BASE_DN + defaultValue: ou=users,o=libregraph-idm + type: string + description: Search base DN for looking up LDAP users. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_LDAP_BIND_DN: + name: OCIS_LDAP_BIND_DN;IDP_LDAP_BIND_DN + defaultValue: uid=idp,ou=sysusers,o=libregraph-idm + type: string + description: LDAP DN to use for simple bind authentication with the target LDAP + server. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_LDAP_BIND_PASSWORD: + name: OCIS_LDAP_BIND_PASSWORD;IDP_LDAP_BIND_PASSWORD + defaultValue: "" + type: string + description: Password to use for authenticating the 'bind_dn'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_LDAP_EMAIL_ATTRIBUTE: + name: OCIS_LDAP_USER_SCHEMA_MAIL;IDP_LDAP_EMAIL_ATTRIBUTE + defaultValue: mail + type: string + description: LDAP User email attribute like 'mail'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_LDAP_FILTER: + name: OCIS_LDAP_USER_FILTER;IDP_LDAP_FILTER + defaultValue: "" + type: string + description: LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_LDAP_LOGIN_ATTRIBUTE: + name: IDP_LDAP_LOGIN_ATTRIBUTE + defaultValue: uid + type: string + description: LDAP User attribute to use for login like 'uid'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_LDAP_NAME_ATTRIBUTE: + name: OCIS_LDAP_USER_SCHEMA_USERNAME;IDP_LDAP_NAME_ATTRIBUTE + defaultValue: displayName + type: string + description: LDAP User name attribute like 'displayName'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_LDAP_OBJECTCLASS: + name: OCIS_LDAP_USER_OBJECTCLASS;IDP_LDAP_OBJECTCLASS + defaultValue: inetOrgPerson + type: string + description: LDAP User ObjectClass like 'inetOrgPerson'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_LDAP_SCOPE: + name: OCIS_LDAP_USER_SCOPE;IDP_LDAP_SCOPE + defaultValue: sub + type: string + description: LDAP search scope to use when looking up users. Supported scopes are + 'base', 'one' and 'sub'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_LDAP_TLS_CACERT: + name: OCIS_LDAP_CACERT;IDP_LDAP_TLS_CACERT + defaultValue: /var/lib/ocis/idm/ldap.crt + type: string + description: Path/File name for the root CA certificate (in PEM format) used to + validate TLS server certificates of the LDAP service. If not defined, the root + directory derives from $OCIS_BASE_DATA_PATH:/idp. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_LDAP_URI: + name: OCIS_LDAP_URI;IDP_LDAP_URI + defaultValue: ldaps://localhost:9235 + type: string + description: Url of the LDAP service to use as IDP. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_LDAP_UUID_ATTRIBUTE: + name: OCIS_LDAP_USER_SCHEMA_ID;IDP_LDAP_UUID_ATTRIBUTE + defaultValue: ownCloudUUID + type: string + description: LDAP User UUID attribute like 'uid'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_LDAP_UUID_ATTRIBUTE_TYPE: + name: IDP_LDAP_UUID_ATTRIBUTE_TYPE + defaultValue: text + type: string + description: LDAP User uuid attribute type like 'text'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_LOG_COLOR: + name: OCIS_LOG_COLOR;IDP_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_LOG_FILE: + name: OCIS_LOG_FILE;IDP_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_LOG_LEVEL: + name: OCIS_LOG_LEVEL;IDP_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_LOG_PRETTY: + name: OCIS_LOG_PRETTY;IDP_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_LOGIN_BACKGROUND_URL: + name: IDP_LOGIN_BACKGROUND_URL + defaultValue: "" + type: string + description: Configure an alternative URL to the background image for the login + page. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_MACHINE_AUTH_API_KEY: + name: OCIS_MACHINE_AUTH_API_KEY;IDP_MACHINE_AUTH_API_KEY + defaultValue: "" + type: string + description: Machine auth API key used to validate internal requests necessary for + the access to resources from other services. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_PASSWORD_RESET_URI: + name: IDP_PASSWORD_RESET_URI + defaultValue: "" + type: string + description: The URI where a user can reset their password. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_REFRESH_TOKEN_EXPIRATION: + name: IDP_REFRESH_TOKEN_EXPIRATION + defaultValue: "2592000" + type: uint64 + description: Refresh token lifespan in seconds (time before an refresh token is + expired). This also limits the duration of an idle offline session. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_SIGN_IN_URI: + name: IDP_SIGN_IN_URI + defaultValue: "" + type: string + description: IDP sign-in url. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_SIGN_OUT_URI: + name: IDP_SIGN_OUT_URI + defaultValue: "" + type: string + description: IDP sign-out url. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_SIGNING_KID: + name: IDP_SIGNING_KID + defaultValue: private-key + type: string + description: Value of the KID (Key ID) field which is used in created tokens to + uniquely identify the signing-private-key. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_SIGNING_METHOD: + name: IDP_SIGNING_METHOD + defaultValue: PS256 + type: string + description: Signing method of IDP requests like 'PS256' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_SIGNING_PRIVATE_KEY_FILES: + name: IDP_SIGNING_PRIVATE_KEY_FILES + defaultValue: '[/var/lib/ocis/idp/private-key.pem]' + type: '[]string' + description: A list of private key files for signing IDP requests. If not defined, + the root directory derives from $OCIS_BASE_DATA_PATH:/idp. See the Environment + Variable Types description for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_TLS: + name: IDP_TLS + defaultValue: "false" + type: bool + description: Disable or Enable HTTPS for the communication between the Proxy service + and the IDP service. If set to 'true', the key and cert files need to be configured + and present. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;IDP_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;IDP_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;IDP_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_TRACING_TYPE: + name: OCIS_TRACING_TYPE;IDP_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_TRANSPORT_TLS_CERT: + name: IDP_TRANSPORT_TLS_CERT + defaultValue: /var/lib/ocis/idp/server.crt + type: string + description: Path/File name of the TLS server certificate (in PEM format) for the + IDP service. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/idp. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_TRANSPORT_TLS_KEY: + name: IDP_TRANSPORT_TLS_KEY + defaultValue: /var/lib/ocis/idp/server.key + type: string + description: Path/File name for the TLS certificate key (in PEM format) for the + server certificate to use for the IDP service. If not defined, the root directory + derives from $OCIS_BASE_DATA_PATH:/idp. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_URI_BASE_PATH: + name: IDP_URI_BASE_PATH + defaultValue: "" + type: string + description: IDP uri base path (defaults to ''). + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_USER_ENABLED_ATTRIBUTE: + name: OCIS_LDAP_USER_ENABLED_ATTRIBUTE;IDP_USER_ENABLED_ATTRIBUTE + defaultValue: ownCloudUserEnabled + type: string + description: LDAP Attribute to use as a flag telling if the user is enabled or disabled. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +IDP_VALIDATION_KEYS_PATH: + name: IDP_VALIDATION_KEYS_PATH + defaultValue: "" + type: string + description: Path to validation keys for IDP requests. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +INVITATIONS_CORS_ALLOW_CREDENTIALS: + name: OCIS_CORS_ALLOW_CREDENTIALS;SETTINGS_CORS_ALLOW_CREDENTIALS + defaultValue: "true" + type: bool + description: 'Allow credentials for CORS.See following chapter for more details: + *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +INVITATIONS_CORS_ALLOW_HEADERS: + name: OCIS_CORS_ALLOW_HEADERS;SETTINGS_CORS_ALLOW_HEADERS + defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id]' + type: '[]string' + description: 'A list of allowed CORS headers. See following chapter for more details: + *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +INVITATIONS_CORS_ALLOW_METHODS: + name: OCIS_CORS_ALLOW_METHODS;SETTINGS_CORS_ALLOW_METHODS + defaultValue: '[GET POST PUT PATCH DELETE OPTIONS]' + type: '[]string' + description: 'A list of allowed CORS methods. See following chapter for more details: + *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +INVITATIONS_CORS_ALLOW_ORIGINS: + name: OCIS_CORS_ALLOW_ORIGINS;SETTINGS_CORS_ALLOW_ORIGINS + defaultValue: '[*]' + type: '[]string' + description: 'A list of allowed CORS origins. See following chapter for more details: + *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +INVITATIONS_DEBUG_ADDR: + name: INVITATIONS_DEBUG_ADDR + defaultValue: 127.0.0.1:0 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +INVITATIONS_DEBUG_PPROF: + name: INVITATIONS_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +INVITATIONS_DEBUG_TOKEN: + name: INVITATIONS_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +INVITATIONS_DEBUG_ZPAGES: + name: INVITATIONS_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing in-memory + traces. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +INVITATIONS_HTTP_ADDR: + name: INVITATIONS_HTTP_ADDR + defaultValue: 127.0.0.1:0 + type: string + description: The bind address of the HTTP service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +INVITATIONS_HTTP_ROOT: + name: INVITATIONS_HTTP_ROOT + defaultValue: /graph/v1.0 + type: string + description: Subdirectory that serves as the root for this HTTP service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +INVITATIONS_JWT_SECRET: + name: OCIS_JWT_SECRET;INVITATIONS_JWT_SECRET + defaultValue: "" + type: string + description: The secret to mint and validate jwt tokens. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +INVITATIONS_KEYCLOAK_BASE_PATH: + name: OCIS_KEYCLOAK_BASE_PATH;GRAPH_KEYCLOAK_BASE_PATH + defaultValue: "" + type: string + description: The URL to access keycloak. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +INVITATIONS_KEYCLOAK_CLIENT_ID: + name: OCIS_KEYCLOAK_CLIENT_ID;GRAPH_KEYCLOAK_CLIENT_ID + defaultValue: "" + type: string + description: The client id to authenticate with keycloak. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +INVITATIONS_KEYCLOAK_CLIENT_REALM: + name: OCIS_KEYCLOAK_CLIENT_REALM;GRAPH_KEYCLOAK_CLIENT_REALM + defaultValue: "" + type: string + description: The realm the client is defined in. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +INVITATIONS_KEYCLOAK_CLIENT_SECRET: + name: OCIS_KEYCLOAK_CLIENT_SECRET;GRAPH_KEYCLOAK_CLIENT_SECRET + defaultValue: "" + type: string + description: The client secret to use in authentication. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +INVITATIONS_KEYCLOAK_INSECURE_SKIP_VERIFY: + name: OCIS_KEYCLOAK_INSECURE_SKIP_VERIFY;GRAPH_KEYCLOAK_INSECURE_SKIP_VERIFY + defaultValue: "false" + type: bool + description: Disable TLS certificate validation for Keycloak connections. Do not + set this in production environments. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +INVITATIONS_KEYCLOAK_USER_REALM: + name: OCIS_KEYCLOAK_USER_REALM;GRAPH_KEYCLOAK_USER_REALM + defaultValue: "" + type: string + description: The realm users are defined. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +INVITATIONS_LOG_COLOR: + name: OCIS_LOG_COLOR;INVITATIONS_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +INVITATIONS_LOG_FILE: + name: OCIS_LOG_FILE;INVITATIONS_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +INVITATIONS_LOG_LEVEL: + name: OCIS_LOG_LEVEL;INVITATIONS_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +INVITATIONS_LOG_PRETTY: + name: OCIS_LOG_PRETTY;INVITATIONS_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +INVITATIONS_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;INVITATIONS_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +INVITATIONS_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;INVITATIONS_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +INVITATIONS_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;INVITATIONS_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +INVITATIONS_TRACING_TYPE: + name: OCIS_TRACING_TYPE;INVITATIONS_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +LDAP_GROUP_SUBSTRING_FILTER_TYPE: + name: LDAP_GROUP_SUBSTRING_FILTER_TYPE;GROUPS_LDAP_GROUP_SUBSTRING_FILTER_TYPE + defaultValue: any + type: string + description: Type of substring search filter to use for substring searches for groups. + Supported values are 'initial', 'final' and 'any'. The value 'initial' is used + for doing prefix only searches, 'final' for doing suffix only searches or 'any' + for doing full substring searches + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +LDAP_LOGIN_ATTRIBUTES: + name: LDAP_LOGIN_ATTRIBUTES;AUTH_BASIC_LDAP_LOGIN_ATTRIBUTES + defaultValue: '[uid]' + type: '[]string' + description: A list of user object attributes that can be used for login. See the + Environment Variable Types description for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +LDAP_USER_SCHEMA_DISPLAY_NAME: + name: LDAP_USER_SCHEMA_DISPLAY_NAME;GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE + defaultValue: displayName + type: string + description: LDAP Attribute to use for the displayname of users. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +LDAP_USER_SUBSTRING_FILTER_TYPE: + name: LDAP_USER_SUBSTRING_FILTER_TYPE;USERS_LDAP_USER_SUBSTRING_FILTER_TYPE + defaultValue: any + type: string + description: 'Type of substring search filter to use for substring searches for + users. Possible values: ''initial'' for doing prefix only searches, ''final'' + for doing suffix only searches or ''any'' for doing full substring searches' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NATS_DEBUG_ADDR: + name: NATS_DEBUG_ADDR + defaultValue: 127.0.0.1:9234 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NATS_DEBUG_PPROF: + name: NATS_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NATS_DEBUG_TOKEN: + name: NATS_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NATS_DEBUG_ZPAGES: + name: NATS_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing in-memory + traces. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NATS_EVENTS_ENABLE_TLS: + name: OCIS_EVENTS_ENABLE_TLS;NATS_EVENTS_ENABLE_TLS + defaultValue: "false" + type: bool + description: Enable TLS for the connection to the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NATS_LOG_COLOR: + name: OCIS_LOG_COLOR;NATS_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NATS_LOG_FILE: + name: OCIS_LOG_FILE;NATS_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NATS_LOG_LEVEL: + name: OCIS_LOG_LEVEL;NATS_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NATS_LOG_PRETTY: + name: OCIS_LOG_PRETTY;NATS_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NATS_NATS_CLUSTER_ID: + name: NATS_NATS_CLUSTER_ID + defaultValue: ocis-cluster + type: string + description: ID of the NATS cluster. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NATS_NATS_HOST: + name: NATS_NATS_HOST + defaultValue: 127.0.0.1 + type: string + description: Bind address. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NATS_NATS_PORT: + name: NATS_NATS_PORT + defaultValue: "9233" + type: int + description: Bind port. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NATS_NATS_STORE_DIR: + name: NATS_NATS_STORE_DIR + defaultValue: /var/lib/ocis/nats + type: string + description: The directory where the filesystem storage will store NATS JetStream + data. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/nats. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NATS_TLS_CERT: + name: NATS_TLS_CERT + defaultValue: /var/lib/ocis/nats/tls.crt + type: string + description: Path/File name of the TLS server certificate (in PEM format) for the + NATS listener. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/nats. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NATS_TLS_KEY: + name: NATS_TLS_KEY + defaultValue: /var/lib/ocis/nats/tls.key + type: string + description: Path/File name for the TLS certificate key (in PEM format) for the + NATS listener. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/nats. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NATS_TLS_SKIP_VERIFY_CLIENT_CERT: + name: OCIS_INSECURE;NATS_TLS_SKIP_VERIFY_CLIENT_CERT + defaultValue: "false" + type: bool + description: Whether the NATS server should skip the client certificate verification + during the TLS handshake. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NATS_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;NATS_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NATS_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;NATS_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NATS_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;NATS_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NATS_TRACING_TYPE: + name: OCIS_TRACING_TYPE;NATS_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NOTIFICATIONS_DEBUG_ADDR: + name: NOTIFICATIONS_DEBUG_ADDR + defaultValue: 127.0.0.1:9174 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NOTIFICATIONS_DEBUG_PPROF: + name: NOTIFICATIONS_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NOTIFICATIONS_DEBUG_TOKEN: + name: NOTIFICATIONS_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NOTIFICATIONS_DEBUG_ZPAGES: + name: NOTIFICATIONS_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing in-memory + traces. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NOTIFICATIONS_EMAIL_TEMPLATE_PATH: + name: OCIS_EMAIL_TEMPLATE_PATH;NOTIFICATIONS_EMAIL_TEMPLATE_PATH + defaultValue: "" + type: string + description: Path to Email notification templates overriding embedded ones. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NOTIFICATIONS_EVENTS_AUTH_PASSWORD: + name: OCIS_EVENTS_AUTH_PASSWORD;NOTIFICATIONS_EVENTS_AUTH_PASSWORD + defaultValue: "" + type: string + description: The password to authenticate with the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NOTIFICATIONS_EVENTS_AUTH_USERNAME: + name: OCIS_EVENTS_AUTH_USERNAME;NOTIFICATIONS_EVENTS_AUTH_USERNAME + defaultValue: "" + type: string + description: The username to authenticate with the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NOTIFICATIONS_EVENTS_CLUSTER: + name: OCIS_EVENTS_CLUSTER;NOTIFICATIONS_EVENTS_CLUSTER + defaultValue: ocis-cluster + type: string + description: The clusterID of the event system. The event system is the message + queuing service. It is used as message broker for the microservice architecture. + Mandatory when using NATS as event system. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NOTIFICATIONS_EVENTS_ENABLE_TLS: + name: OCIS_EVENTS_ENABLE_TLS;NOTIFICATIONS_EVENTS_ENABLE_TLS + defaultValue: "false" + type: bool + description: Enable TLS for the connection to the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NOTIFICATIONS_EVENTS_ENDPOINT: + name: OCIS_EVENTS_ENDPOINT;NOTIFICATIONS_EVENTS_ENDPOINT + defaultValue: 127.0.0.1:9233 + type: string + description: The address of the event system. The event system is the message queuing + service. It is used as message broker for the microservice architecture. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NOTIFICATIONS_EVENTS_TLS_INSECURE: + name: OCIS_INSECURE;NOTIFICATIONS_EVENTS_TLS_INSECURE + defaultValue: "false" + type: bool + description: Whether to verify the server TLS certificates. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NOTIFICATIONS_EVENTS_TLS_ROOT_CA_CERTIFICATE: + name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;NOTIFICATIONS_EVENTS_TLS_ROOT_CA_CERTIFICATE + defaultValue: "" + type: string + description: The root CA certificate used to validate the server's TLS certificate. + If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NOTIFICATIONS_LOG_COLOR: + name: OCIS_LOG_COLOR;NOTIFICATIONS_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NOTIFICATIONS_LOG_FILE: + name: OCIS_LOG_FILE;NOTIFICATIONS_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NOTIFICATIONS_LOG_LEVEL: + name: OCIS_LOG_LEVEL;NOTIFICATIONS_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NOTIFICATIONS_LOG_PRETTY: + name: OCIS_LOG_PRETTY;NOTIFICATIONS_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NOTIFICATIONS_SERVICE_ACCOUNT_ID: + name: OCIS_SERVICE_ACCOUNT_ID;NOTIFICATIONS_SERVICE_ACCOUNT_ID + defaultValue: "" + type: string + description: The ID of the service account the service should use. See the 'auth-service' + service description for more details. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NOTIFICATIONS_SERVICE_ACCOUNT_SECRET: + name: OCIS_SERVICE_ACCOUNT_SECRET;NOTIFICATIONS_SERVICE_ACCOUNT_SECRET + defaultValue: "" + type: string + description: The service account secret. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NOTIFICATIONS_SMTP_AUTHENTICATION: + name: NOTIFICATIONS_SMTP_AUTHENTICATION + defaultValue: "" + type: string + description: Authentication method for the SMTP communication. Possible values are + 'login', 'plain', 'crammd5', 'none' or 'auto'. If set to 'auto' or unset, the + authentication method is automatically negotiated with the server. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NOTIFICATIONS_SMTP_ENCRYPTION: + name: NOTIFICATIONS_SMTP_ENCRYPTION + defaultValue: none + type: string + description: Encryption method for the SMTP communication. Possible values are + 'starttls', 'ssl', 'ssltls', 'tls' and 'none'. + introductionVersion: pre5.0 + deprecationVersion: 5.0.0 + removalVersion: 6.0.0 + deprecationInfo: The NOTIFICATIONS_SMTP_ENCRYPTION values 'ssl' and 'tls' are deprecated + and will be removed in the future. +NOTIFICATIONS_SMTP_HOST: + name: NOTIFICATIONS_SMTP_HOST + defaultValue: "" + type: string + description: SMTP host to connect to. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NOTIFICATIONS_SMTP_INSECURE: + name: NOTIFICATIONS_SMTP_INSECURE + defaultValue: "false" + type: bool + description: Allow insecure connections to the SMTP server. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NOTIFICATIONS_SMTP_PASSWORD: + name: NOTIFICATIONS_SMTP_PASSWORD + defaultValue: "" + type: string + description: Password for the SMTP host to connect to. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NOTIFICATIONS_SMTP_PORT: + name: NOTIFICATIONS_SMTP_PORT + defaultValue: "0" + type: int + description: Port of the SMTP host to connect to. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NOTIFICATIONS_SMTP_SENDER: + name: NOTIFICATIONS_SMTP_SENDER + defaultValue: "" + type: string + description: Sender address of emails that will be sent (e.g. 'ownCloud '. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NOTIFICATIONS_SMTP_USERNAME: + name: NOTIFICATIONS_SMTP_USERNAME + defaultValue: "" + type: string + description: Username for the SMTP host to connect to. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NOTIFICATIONS_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;NOTIFICATIONS_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NOTIFICATIONS_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;NOTIFICATIONS_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NOTIFICATIONS_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;NOTIFICATIONS_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NOTIFICATIONS_TRACING_TYPE: + name: OCIS_TRACING_TYPE;NOTIFICATIONS_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NOTIFICATIONS_TRANSLATION_PATH: + name: OCIS_TRANSLATION_PATH;NOTIFICATIONS_TRANSLATION_PATH + defaultValue: "" + type: string + description: (optional) Set this to a path with custom translations to overwrite + the builtin translations. Note that file and folder naming rules apply, see the + documentation for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NOTIFICATIONS_WEB_UI_URL: + name: OCIS_URL;NOTIFICATIONS_WEB_UI_URL + defaultValue: https://localhost:9200 + type: string + description: The public facing URL of the oCIS Web UI, used e.g. when sending notification + eMails + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCDAV_ALLOW_PROPFIND_DEPTH_INFINITY: + name: OCDAV_ALLOW_PROPFIND_DEPTH_INFINITY + defaultValue: "false" + type: bool + description: Allow the use of depth infinity in PROPFINDS. When enabled, a propfind + will traverse through all subfolders. If many subfolders are expected, depth infinity + can cause heavy server load and/or delayed response times. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCDAV_CORS_ALLOW_CREDENTIALS: + name: OCIS_CORS_ALLOW_CREDENTIALS;OCDAV_CORS_ALLOW_CREDENTIALS + defaultValue: "true" + type: bool + description: 'Allow credentials for CORS.See following chapter for more details: + *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCDAV_CORS_ALLOW_HEADERS: + name: OCIS_CORS_ALLOW_HEADERS;OCDAV_CORS_ALLOW_HEADERS + defaultValue: '[Origin Accept Content-Type Depth Authorization Ocs-Apirequest If-None-Match + If-Match Destination Overwrite X-Request-Id X-Requested-With Tus-Resumable Tus-Checksum-Algorithm + Upload-Concat Upload-Length Upload-Metadata Upload-Defer-Length Upload-Expires + Upload-Checksum Upload-Offset X-HTTP-Method-Override Cache-Control]' + type: '[]string' + description: 'A list of allowed CORS headers. See following chapter for more details: + *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCDAV_CORS_ALLOW_METHODS: + name: OCIS_CORS_ALLOW_METHODS;OCDAV_CORS_ALLOW_METHODS + defaultValue: '[OPTIONS HEAD GET PUT POST DELETE MKCOL PROPFIND PROPPATCH MOVE COPY + REPORT SEARCH]' + type: '[]string' + description: 'A list of allowed CORS methods. See following chapter for more details: + *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCDAV_CORS_ALLOW_ORIGINS: + name: OCIS_CORS_ALLOW_ORIGINS;OCDAV_CORS_ALLOW_ORIGINS + defaultValue: '[*]' + type: '[]string' + description: 'A list of allowed CORS origins. See following chapter for more details: + *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCDAV_DEBUG_ADDR: + name: OCDAV_DEBUG_ADDR + defaultValue: 127.0.0.1:9163 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCDAV_DEBUG_PPROF: + name: OCDAV_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCDAV_DEBUG_TOKEN: + name: OCDAV_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCDAV_DEBUG_ZPAGES: + name: OCDAV_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing in-memory + traces. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCDAV_EDITION: + name: OCIS_EDITION;FRONTEND_EDITION + defaultValue: Community + type: string + description: Edition of oCIS. Used for branding pruposes. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCDAV_FILES_NAMESPACE: + name: OCDAV_FILES_NAMESPACE + defaultValue: /users/{{.Id.OpaqueId}} + type: string + description: Jail requests to /dav/files/{username} into this CS3 namespace. Supports + template layouting with CS3 User properties. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCDAV_GATEWAY_REQUEST_TIMEOUT: + name: OCDAV_GATEWAY_REQUEST_TIMEOUT + defaultValue: "84300" + type: int64 + description: Request timeout in seconds for requests from the oCDAV service to the + GATEWAY service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCDAV_HTTP_ADDR: + name: OCDAV_HTTP_ADDR + defaultValue: 127.0.0.1:0 + type: string + description: The bind address of the HTTP service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCDAV_HTTP_PREFIX: + name: OCDAV_HTTP_PREFIX + defaultValue: "" + type: string + description: A URL path prefix for the handler. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCDAV_HTTP_PROTOCOL: + name: OCDAV_HTTP_PROTOCOL + defaultValue: tcp + type: string + description: The transport protocol of the HTTP service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCDAV_INSECURE: + name: OCIS_INSECURE;OCDAV_INSECURE + defaultValue: "false" + type: bool + description: Allow insecure connections to the GATEWAY service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCDAV_JWT_SECRET: + name: OCIS_JWT_SECRET;OCDAV_JWT_SECRET + defaultValue: "" + type: string + description: The secret to mint and validate jwt tokens. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCDAV_LOG_COLOR: + name: OCIS_LOG_COLOR;OCDAV_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCDAV_LOG_FILE: + name: OCIS_LOG_FILE;OCDAV_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCDAV_LOG_LEVEL: + name: OCIS_LOG_LEVEL;OCDAV_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCDAV_LOG_PRETTY: + name: OCIS_LOG_PRETTY;OCDAV_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCDAV_MACHINE_AUTH_API_KEY: + name: OCIS_MACHINE_AUTH_API_KEY;OCDAV_MACHINE_AUTH_API_KEY + defaultValue: "" + type: string + description: Machine auth API key used to validate internal requests necessary for + the access to resources from other services. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCDAV_OCM_NAMESPACE: + name: OCDAV_OCM_NAMESPACE + defaultValue: /public + type: string + description: The human readable path prefix for the ocm shares. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCDAV_PUBLIC_URL: + name: OCIS_URL;OCDAV_PUBLIC_URL + defaultValue: https://localhost:9200 + type: string + description: URL where oCIS is reachable for users. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCDAV_SHARES_NAMESPACE: + name: OCDAV_SHARES_NAMESPACE + defaultValue: /Shares + type: string + description: The human readable path for the share jail. Relative to a users personal + space root. Upcased intentionally. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCDAV_SKIP_USER_GROUPS_IN_TOKEN: + name: OCDAV_SKIP_USER_GROUPS_IN_TOKEN + defaultValue: "false" + type: bool + description: Disables the loading of user's group memberships from the reva access + token. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCDAV_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;OCDAV_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCDAV_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;OCDAV_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCDAV_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;OCDAV_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCDAV_TRACING_TYPE: + name: OCIS_TRACING_TYPE;OCDAV_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCDAV_WEBDAV_NAMESPACE: + name: OCDAV_WEBDAV_NAMESPACE + defaultValue: /users/{{.Id.OpaqueId}} + type: string + description: Jail requests to /dav/webdav into this CS3 namespace. Supports template + layouting with CS3 User properties. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_ADMIN_USER_ID: + name: OCIS_ADMIN_USER_ID;SETTINGS_ADMIN_USER_ID + defaultValue: "" + type: string + description: ID of the user that should receive admin privileges. Consider that + the UUID can be encoded in some LDAP deployment configurations like in .ldif files. + These need to be decoded beforehand. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_ASYNC_UPLOADS: + name: OCIS_ASYNC_UPLOADS;SEARCH_EVENTS_ASYNC_UPLOADS + defaultValue: "true" + type: bool + description: Enable asynchronous file uploads. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_CACHE_AUTH_PASSWORD: + name: OCIS_CACHE_AUTH_PASSWORD;SETTINGS_CACHE_AUTH_PASSWORD + defaultValue: "" + type: string + description: The password to authenticate with the cache. Only applies when store + type 'nats-js-kv' is configured. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_CACHE_AUTH_USERNAME: + name: OCIS_CACHE_AUTH_USERNAME;SETTINGS_CACHE_AUTH_USERNAME + defaultValue: "" + type: string + description: The username to authenticate with the cache. Only applies when store + type 'nats-js-kv' is configured. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_CACHE_DATABASE: + name: OCIS_CACHE_DATABASE + defaultValue: settings-cache + type: string + description: The database name the configured store should use. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_CACHE_DISABLE_PERSISTENCE: + name: OCIS_CACHE_DISABLE_PERSISTENCE;SETTINGS_CACHE_DISABLE_PERSISTENCE + defaultValue: "false" + type: bool + description: Disables persistence of the cache. Only applies when store type 'nats-js-kv' + is configured. Defaults to false. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_CACHE_SIZE: + name: OCIS_CACHE_SIZE;SETTINGS_CACHE_SIZE + defaultValue: "0" + type: int + description: The maximum quantity of items in the cache. Only applies when store + type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package + though not exclicitely set as default. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_CACHE_STORE: + name: OCIS_CACHE_STORE;SETTINGS_CACHE_STORE + defaultValue: memory + type: string + description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'', + ''nats-js-kv'', ''noop''. See the text description for details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_CACHE_STORE_NODES: + name: OCIS_CACHE_STORE_NODES;SETTINGS_CACHE_STORE_NODES + defaultValue: '[127.0.0.1:9233]' + type: '[]string' + description: A list of nodes to access the configured store. This has no effect + when 'memory' or 'ocmem' stores are configured. Note that the behaviour how nodes + are used is dependent on the library of the configured store. See the Environment + Variable Types description for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_CACHE_TTL: + name: OCIS_CACHE_TTL;SETTINGS_CACHE_TTL + defaultValue: 10m0s + type: Duration + description: Default time to live for entries in the cache. Only applied when access + tokens has no expiration. See the Environment Variable Types description for more + details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_CORS_ALLOW_CREDENTIALS: + name: OCIS_CORS_ALLOW_CREDENTIALS;SETTINGS_CORS_ALLOW_CREDENTIALS + defaultValue: "true" + type: bool + description: 'Allow credentials for CORS.See following chapter for more details: + *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_CORS_ALLOW_HEADERS: + name: OCIS_CORS_ALLOW_HEADERS;SETTINGS_CORS_ALLOW_HEADERS + defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id]' + type: '[]string' + description: 'A list of allowed CORS headers. See following chapter for more details: + *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_CORS_ALLOW_METHODS: + name: OCIS_CORS_ALLOW_METHODS;SETTINGS_CORS_ALLOW_METHODS + defaultValue: '[GET POST PUT PATCH DELETE OPTIONS]' + type: '[]string' + description: 'A list of allowed CORS methods. See following chapter for more details: + *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_CORS_ALLOW_ORIGINS: + name: OCIS_CORS_ALLOW_ORIGINS;SETTINGS_CORS_ALLOW_ORIGINS + defaultValue: '[*]' + type: '[]string' + description: 'A list of allowed CORS origins. See following chapter for more details: + *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_CORS_EXPOSE_HEADERS: + name: OCIS_CORS_EXPOSE_HEADERS;STORAGE_USERS_CORS_EXPOSE_HEADERS + defaultValue: '[Upload-Offset Location Upload-Length Tus-Version Tus-Resumable Tus-Max-Size + Tus-Extension Upload-Metadata Upload-Defer-Length Upload-Concat Upload-Incomplete + Upload-Draft-Interop-Version]' + type: '[]string' + description: 'A list of exposed CORS headers. See following chapter for more details: + *Access-Control-Expose-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_CORS_MAX_AGE: + name: OCIS_CORS_MAX_AGE;STORAGE_USERS_CORS_MAX_AGE + defaultValue: "86400" + type: uint + description: 'The max cache duration of preflight headers. See following chapter + for more details: *Access-Control-Max-Age* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_DECOMPOSEDFS_METADATA_BACKEND: + name: OCIS_DECOMPOSEDFS_METADATA_BACKEND;STORAGE_SYSTEM_OCIS_METADATA_BACKEND + defaultValue: messagepack + type: string + description: The backend to use for storing metadata. Supported values are 'messagepack' + and 'xattrs'. The setting 'messagepack' uses a dedicated file to store file metadata + while 'xattrs' uses extended attributes to store file metadata. Defaults to 'messagepack'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_DECOMPOSEDFS_PROPAGATOR: + name: OCIS_DECOMPOSEDFS_PROPAGATOR;STORAGE_USERS_S3NG_PROPAGATOR + defaultValue: sync + type: string + description: The propagator used for decomposedfs. At the moment, only 'sync' is + fully supported, 'async' is available as an experimental option. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_DEFAULT_LANGUAGE: + name: OCIS_DEFAULT_LANGUAGE + defaultValue: "" + type: string + description: The default language used by services and the WebUI. If not defined, + English will be used as default. See the documentation for more details. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_DISABLE_PREVIEWS: + name: OCIS_DISABLE_PREVIEWS;WEBDAV_DISABLE_PREVIEWS + defaultValue: "false" + type: bool + description: Set this option to 'true' to disable rendering of thumbnails triggered + via webdav access. Note that when disabled, all access to preview related webdav + paths will return a 404. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_DISABLE_SSE: + name: OCIS_DISABLE_SSE;FRONTEND_DISABLE_SSE + defaultValue: "false" + type: bool + description: When set to true, clients are informed that the Server-Sent Events + endpoint is not accessible. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_DISABLE_SSE,USERLOG_DISABLE_SSE: + name: OCIS_DISABLE_SSE,USERLOG_DISABLE_SSE + defaultValue: "false" + type: bool + description: Disables server-sent events (sse). When disabled, clients will no longer + receive sse notifications. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_EDITION: + name: OCIS_EDITION;FRONTEND_EDITION + defaultValue: Community + type: string + description: Edition of oCIS. Used for branding pruposes. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_EMAIL_TEMPLATE_PATH: + name: OCIS_EMAIL_TEMPLATE_PATH;NOTIFICATIONS_EMAIL_TEMPLATE_PATH + defaultValue: "" + type: string + description: Path to Email notification templates overriding embedded ones. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_ENABLE_RESHARING: + name: OCIS_ENABLE_RESHARING;FRONTEND_ENABLE_RESHARING + defaultValue: "true" + type: bool + description: Changing this value is NOT supported. Enables the support for resharing + in the clients. + introductionVersion: pre5.0 + deprecationVersion: "5.0" + removalVersion: "" + deprecationInfo: Resharing will be removed in the future. +OCIS_EVENTS_AUTH_PASSWORD: + name: OCIS_EVENTS_AUTH_PASSWORD;FRONTEND_EVENTS_AUTH_PASSWORD + defaultValue: "" + type: string + description: The password to authenticate with the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_EVENTS_AUTH_USERNAME: + name: OCIS_EVENTS_AUTH_USERNAME;FRONTEND_EVENTS_AUTH_USERNAME + defaultValue: "" + type: string + description: The username to authenticate with the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_EVENTS_CLUSTER: + name: OCIS_EVENTS_CLUSTER;FRONTEND_EVENTS_CLUSTER + defaultValue: ocis-cluster + type: string + description: The clusterID of the event system. The event system is the message + queuing service. It is used as message broker for the microservice architecture. + Mandatory when using NATS as event system. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_EVENTS_ENABLE_TLS: + name: OCIS_EVENTS_ENABLE_TLS;FRONTEND_EVENTS_ENABLE_TLS + defaultValue: "false" + type: bool + description: Enable TLS for the connection to the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_EVENTS_ENDPOINT: + name: OCIS_EVENTS_ENDPOINT;FRONTEND_EVENTS_ENDPOINT + defaultValue: 127.0.0.1:9233 + type: string + description: The address of the event system. The event system is the message queuing + service. It is used as message broker for the microservice architecture. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE: + name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;AUDIT_EVENTS_TLS_ROOT_CA_CERTIFICATE + defaultValue: "" + type: string + description: The root CA certificate used to validate the server's TLS certificate. + If provided AUDIT_EVENTS_TLS_INSECURE will be seen as false. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_GATEWAY_GRPC_ADDR: + name: OCIS_GATEWAY_GRPC_ADDR;GATEWAY_GRPC_ADDR + defaultValue: 127.0.0.1:9142 + type: string + description: The bind address of the GRPC service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_GRPC_CLIENT_TLS_CACERT: + name: OCIS_GRPC_CLIENT_TLS_CACERT + defaultValue: "" + type: string + description: Path/File name for the root CA certificate (in PEM format) used to + validate TLS server certificates of the go-micro based grpc services. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_GRPC_CLIENT_TLS_MODE: + name: OCIS_GRPC_CLIENT_TLS_MODE + defaultValue: "" + type: string + description: 'TLS mode for grpc connection to the go-micro based grpc services. + Possible values are ''off'', ''insecure'' and ''on''. ''off'': disables transport + security for the clients. ''insecure'' allows using transport security, but disables + certificate verification (to be used with the autogenerated self-signed certificates). + ''on'' enables transport security, including server certificate verification.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_HTTP_TLS_CERTIFICATE: + name: OCIS_HTTP_TLS_CERTIFICATE + defaultValue: "" + type: string + description: Path/File name of the TLS server certificate (in PEM format) for the + http services. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_HTTP_TLS_ENABLED: + name: OCIS_HTTP_TLS_ENABLED + defaultValue: "false" + type: bool + description: Activates TLS for the http based services using the server certifcate + and key configured via OCIS_HTTP_TLS_CERTIFICATE and OCIS_HTTP_TLS_KEY. If OCIS_HTTP_TLS_CERTIFICATE + is not set a temporary server certificate is generated - to be used with PROXY_INSECURE_BACKEND=true. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_HTTP_TLS_KEY: + name: OCIS_HTTP_TLS_KEY + defaultValue: "" + type: string + description: Path/File name for the TLS certificate key (in PEM format) for the + server certificate to use for the http services. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_INSECURE: + name: OCIS_INSECURE;PROXY_OIDC_INSECURE + defaultValue: "false" + type: bool + description: Disable TLS certificate validation for connections to the IDP. Note + that this is not recommended for production environments. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_JWT_SECRET: + name: OCIS_JWT_SECRET;SETTINGS_JWT_SECRET + defaultValue: "" + type: string + description: The secret to mint and validate jwt tokens. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_KEYCLOAK_BASE_PATH: + name: OCIS_KEYCLOAK_BASE_PATH;GRAPH_KEYCLOAK_BASE_PATH + defaultValue: "" + type: string + description: The URL to access keycloak. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_KEYCLOAK_CLIENT_ID: + name: OCIS_KEYCLOAK_CLIENT_ID;GRAPH_KEYCLOAK_CLIENT_ID + defaultValue: "" + type: string + description: The client id to authenticate with keycloak. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_KEYCLOAK_CLIENT_REALM: + name: OCIS_KEYCLOAK_CLIENT_REALM;GRAPH_KEYCLOAK_CLIENT_REALM + defaultValue: "" + type: string + description: The realm the client is defined in. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_KEYCLOAK_CLIENT_SECRET: + name: OCIS_KEYCLOAK_CLIENT_SECRET;GRAPH_KEYCLOAK_CLIENT_SECRET + defaultValue: "" + type: string + description: The client secret to use in authentication. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_KEYCLOAK_INSECURE_SKIP_VERIFY: + name: OCIS_KEYCLOAK_INSECURE_SKIP_VERIFY;GRAPH_KEYCLOAK_INSECURE_SKIP_VERIFY + defaultValue: "false" + type: bool + description: Disable TLS certificate validation for Keycloak connections. Do not + set this in production environments. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_KEYCLOAK_USER_REALM: + name: OCIS_KEYCLOAK_USER_REALM;GRAPH_KEYCLOAK_USER_REALM + defaultValue: "" + type: string + description: The realm users are defined. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_LDAP_BIND_DN: + name: OCIS_LDAP_BIND_DN;AUTH_BASIC_LDAP_BIND_DN + defaultValue: uid=reva,ou=sysusers,o=libregraph-idm + type: string + description: LDAP DN to use for simple bind authentication with the target LDAP + server. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_LDAP_BIND_PASSWORD: + name: OCIS_LDAP_BIND_PASSWORD;AUTH_BASIC_LDAP_BIND_PASSWORD + defaultValue: "" + type: string + description: Password to use for authenticating the 'bind_dn'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_LDAP_CACERT: + name: OCIS_LDAP_CACERT;AUTH_BASIC_LDAP_CACERT + defaultValue: /var/lib/ocis/idm/ldap.crt + type: string + description: Path/File name for the root CA certificate (in PEM format) used to + validate TLS server certificates of the LDAP service. If not defined, the root + directory derives from $OCIS_BASE_DATA_PATH:/idm. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_LDAP_DISABLE_USER_MECHANISM: + name: OCIS_LDAP_DISABLE_USER_MECHANISM;AUTH_BASIC_DISABLE_USER_MECHANISM + defaultValue: attribute + type: string + description: An option to control the behavior for disabling users. Valid options + are 'none', 'attribute' and 'group'. If set to 'group', disabling a user via API + will add the user to the configured group for disabled users, if set to 'attribute' + this will be done in the ldap user entry, if set to 'none' the disable request + is not processed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_LDAP_DISABLED_USERS_GROUP_DN: + name: OCIS_LDAP_DISABLED_USERS_GROUP_DN;AUTH_BASIC_DISABLED_USERS_GROUP_DN + defaultValue: cn=DisabledUsersGroup,ou=groups,o=libregraph-idm + type: string + description: The distinguished name of the group to which added users will be classified + as disabled when 'disable_user_mechanism' is set to 'group'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_LDAP_GROUP_BASE_DN: + name: OCIS_LDAP_GROUP_BASE_DN;AUTH_BASIC_LDAP_GROUP_BASE_DN + defaultValue: ou=groups,o=libregraph-idm + type: string + description: Search base DN for looking up LDAP groups. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_LDAP_GROUP_FILTER: + name: OCIS_LDAP_GROUP_FILTER;AUTH_BASIC_LDAP_GROUP_FILTER + defaultValue: "" + type: string + description: LDAP filter to add to the default filters for group searches. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_LDAP_GROUP_OBJECTCLASS: + name: OCIS_LDAP_GROUP_OBJECTCLASS;AUTH_BASIC_LDAP_GROUP_OBJECTCLASS + defaultValue: groupOfNames + type: string + description: The object class to use for groups in the default group search filter + ('groupOfNames'). + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME: + name: OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME;AUTH_BASIC_LDAP_GROUP_SCHEMA_DISPLAYNAME + defaultValue: cn + type: string + description: LDAP Attribute to use for the displayname of groups (often the same + as groupname attribute). + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_LDAP_GROUP_SCHEMA_GROUPNAME: + name: OCIS_LDAP_GROUP_SCHEMA_GROUPNAME;AUTH_BASIC_LDAP_GROUP_SCHEMA_GROUPNAME + defaultValue: cn + type: string + description: LDAP Attribute to use for the name of groups. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_LDAP_GROUP_SCHEMA_ID: + name: OCIS_LDAP_GROUP_SCHEMA_ID;AUTH_BASIC_LDAP_GROUP_SCHEMA_ID + defaultValue: ownclouduuid + type: string + description: LDAP Attribute to use as the unique id for groups. This should be a + stable globally unique id (e.g. a UUID). + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING: + name: OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;AUTH_BASIC_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING + defaultValue: "false" + type: bool + description: Set this to true if the defined 'id' attribute for groups is of the + 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute + of Active Directory for the group IDs. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_LDAP_GROUP_SCHEMA_MAIL: + name: OCIS_LDAP_GROUP_SCHEMA_MAIL;AUTH_BASIC_LDAP_GROUP_SCHEMA_MAIL + defaultValue: mail + type: string + description: LDAP Attribute to use for the email address of groups (can be empty). + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_LDAP_GROUP_SCHEMA_MEMBER: + name: OCIS_LDAP_GROUP_SCHEMA_MEMBER;AUTH_BASIC_LDAP_GROUP_SCHEMA_MEMBER + defaultValue: member + type: string + description: LDAP Attribute that is used for group members. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_LDAP_GROUP_SCOPE: + name: OCIS_LDAP_GROUP_SCOPE;AUTH_BASIC_LDAP_GROUP_SCOPE + defaultValue: sub + type: string + description: LDAP search scope to use when looking up groups. Supported values are + 'base', 'one' and 'sub'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_LDAP_INSECURE: + name: OCIS_LDAP_INSECURE;AUTH_BASIC_LDAP_INSECURE + defaultValue: "false" + type: bool + description: Disable TLS certificate validation for the LDAP connections. Do not + set this in production environments. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_LDAP_SERVER_WRITE_ENABLED: + name: OCIS_LDAP_SERVER_WRITE_ENABLED;FRONTEND_LDAP_SERVER_WRITE_ENABLED + defaultValue: "true" + type: bool + description: Allow creating, modifying and deleting LDAP users via the GRAPH API. + This can only be set to 'true' when keeping default settings for the LDAP user + and group attribute types (the 'OCIS_LDAP_USER_SCHEMA_* and 'OCIS_LDAP_GROUP_SCHEMA_* + variables). + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_LDAP_URI: + name: OCIS_LDAP_URI;AUTH_BASIC_LDAP_URI + defaultValue: ldaps://localhost:9235 + type: string + description: URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' + and 'ldap://' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_LDAP_USER_BASE_DN: + name: OCIS_LDAP_USER_BASE_DN;AUTH_BASIC_LDAP_USER_BASE_DN + defaultValue: ou=users,o=libregraph-idm + type: string + description: Search base DN for looking up LDAP users. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_LDAP_USER_ENABLED_ATTRIBUTE: + name: OCIS_LDAP_USER_ENABLED_ATTRIBUTE;AUTH_BASIC_LDAP_USER_ENABLED_ATTRIBUTE + defaultValue: ownCloudUserEnabled + type: string + description: LDAP attribute to use as a flag telling if the user is enabled or disabled. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_LDAP_USER_FILTER: + name: OCIS_LDAP_USER_FILTER;AUTH_BASIC_LDAP_USER_FILTER + defaultValue: "" + type: string + description: LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_LDAP_USER_OBJECTCLASS: + name: OCIS_LDAP_USER_OBJECTCLASS;AUTH_BASIC_LDAP_USER_OBJECTCLASS + defaultValue: inetOrgPerson + type: string + description: The object class to use for users in the default user search filter + ('inetOrgPerson'). + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_LDAP_USER_SCHEMA_DISPLAYNAME: + name: OCIS_LDAP_USER_SCHEMA_DISPLAYNAME;AUTH_BASIC_LDAP_USER_SCHEMA_DISPLAYNAME + defaultValue: displayname + type: string + description: LDAP Attribute to use for the displayname of users. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_LDAP_USER_SCHEMA_ID: + name: OCIS_LDAP_USER_SCHEMA_ID;AUTH_BASIC_LDAP_USER_SCHEMA_ID + defaultValue: ownclouduuid + type: string + description: LDAP Attribute to use as the unique ID for users. This should be a + stable globally unique ID like a UUID. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING: + name: OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;AUTH_BASIC_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING + defaultValue: "false" + type: bool + description: Set this to true if the defined 'ID' attribute for users is of the + 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute + of Active Directory for the user IDs. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_LDAP_USER_SCHEMA_MAIL: + name: OCIS_LDAP_USER_SCHEMA_MAIL;AUTH_BASIC_LDAP_USER_SCHEMA_MAIL + defaultValue: mail + type: string + description: LDAP Attribute to use for the email address of users. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_LDAP_USER_SCHEMA_USER_TYPE: + name: OCIS_LDAP_USER_SCHEMA_USER_TYPE;GRAPH_LDAP_USER_TYPE_ATTRIBUTE + defaultValue: ownCloudUserType + type: string + description: LDAP Attribute to distinguish between 'Member' and 'Guest' users. Default + is 'ownCloudUserType'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_LDAP_USER_SCHEMA_USERNAME: + name: OCIS_LDAP_USER_SCHEMA_USERNAME;AUTH_BASIC_LDAP_USER_SCHEMA_USERNAME + defaultValue: uid + type: string + description: LDAP Attribute to use for username of users. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_LDAP_USER_SCOPE: + name: OCIS_LDAP_USER_SCOPE;AUTH_BASIC_LDAP_USER_SCOPE + defaultValue: sub + type: string + description: LDAP search scope to use when looking up users. Supported values are + 'base', 'one' and 'sub'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_LOG_COLOR: + name: OCIS_LOG_COLOR;SETTINGS_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_LOG_FILE: + name: OCIS_LOG_FILE;SETTINGS_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_LOG_LEVEL: + name: OCIS_LOG_LEVEL;SETTINGS_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_LOG_PRETTY: + name: OCIS_LOG_PRETTY;SETTINGS_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_MACHINE_AUTH_API_KEY: + name: OCIS_MACHINE_AUTH_API_KEY;PROXY_MACHINE_AUTH_API_KEY + defaultValue: "" + type: string + description: Machine auth API key used to validate internal requests necessary to + access resources from other services. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_OIDC_CLIENT_ID: + name: OCIS_OIDC_CLIENT_ID;WEB_OIDC_CLIENT_ID + defaultValue: web + type: string + description: The OIDC client ID which ownCloud Web uses. This client needs to be + set up in your IDP. Note that this setting has no effect when using the builtin + IDP. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_OIDC_ISSUER: + name: OCIS_URL;OCIS_OIDC_ISSUER;PROXY_OIDC_ISSUER + defaultValue: https://localhost:9200 + type: string + description: URL of the OIDC issuer. It defaults to URL of the builtin IDP. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST: + name: OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST;FRONTEND_PASSWORD_POLICY_BANNED_PASSWORDS_LIST + defaultValue: "" + type: string + description: Path to the 'banned passwords list' file. See the documentation for + more details. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_PASSWORD_POLICY_DISABLED: + name: OCIS_PASSWORD_POLICY_DISABLED;FRONTEND_PASSWORD_POLICY_DISABLED + defaultValue: "false" + type: bool + description: Disable the password policy. Defaults to false if not set. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_PASSWORD_POLICY_MIN_CHARACTERS: + name: OCIS_PASSWORD_POLICY_MIN_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_CHARACTERS + defaultValue: "8" + type: int + description: Define the minimum password length. Defaults to 8 if not set. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_PASSWORD_POLICY_MIN_DIGITS: + name: OCIS_PASSWORD_POLICY_MIN_DIGITS;FRONTEND_PASSWORD_POLICY_MIN_DIGITS + defaultValue: "1" + type: int + description: Define the minimum number of digits. Defaults to 1 if not set. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS: + name: OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS + defaultValue: "1" + type: int + description: Define the minimum number of uppercase letters. Defaults to 1 if not + set. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS: + name: OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS + defaultValue: "1" + type: int + description: Define the minimum number of characters from the special characters + list to be present. Defaults to 1 if not set. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS: + name: OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS + defaultValue: "1" + type: int + description: Define the minimum number of lowercase letters. Defaults to 1 if not + set. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_PERSISTENT_STORE: + name: OCIS_PERSISTENT_STORE;EVENTHISTORY_STORE + defaultValue: memory + type: string + description: 'The type of the store. Supported values are: ''memory'', ''ocmem'', + ''etcd'', ''redis'', ''redis-sentinel'', ''nats-js'', ''noop''. See the text description + for details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_PERSISTENT_STORE_AUTH_PASSWORD: + name: OCIS_PERSISTENT_STORE_AUTH_PASSWORD;EVENTHISTORY_STORE_AUTH_PASSWORD + defaultValue: "" + type: string + description: The password to authenticate with the store. Only applies when store + type 'nats-js-kv' is configured. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_PERSISTENT_STORE_AUTH_USERNAME: + name: OCIS_PERSISTENT_STORE_AUTH_USERNAME;EVENTHISTORY_STORE_AUTH_USERNAME + defaultValue: "" + type: string + description: The username to authenticate with the store. Only applies when store + type 'nats-js-kv' is configured. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_PERSISTENT_STORE_NODES: + name: OCIS_PERSISTENT_STORE_NODES;EVENTHISTORY_STORE_NODES + defaultValue: '[]' + type: '[]string' + description: A list of nodes to access the configured store. This has no effect + when 'memory' or 'ocmem' stores are configured. Note that the behaviour how nodes + are used is dependent on the library of the configured store. See the Environment + Variable Types description for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_PERSISTENT_STORE_SIZE: + name: OCIS_PERSISTENT_STORE_SIZE;EVENTHISTORY_STORE_SIZE + defaultValue: "0" + type: int + description: The maximum quantity of items in the store. Only applies when store + type 'ocmem' is configured. Defaults to 512 which is derived and used from the + ocmem package though no explicit default was set. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_PERSISTENT_STORE_TTL: + name: OCIS_PERSISTENT_STORE_TTL;EVENTHISTORY_STORE_TTL + defaultValue: 336h0m0s + type: Duration + description: Time to live for events in the store. Defaults to '336h' (2 weeks). + See the Environment Variable Types description for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_PUBLIC_URL: + name: OCIS_URL;OCIS_PUBLIC_URL + defaultValue: https://127.0.0.1:9200 + type: string + description: URL, where oCIS is reachable for users. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_REVA_GATEWAY: + name: OCIS_REVA_GATEWAY + defaultValue: com.owncloud.api.gateway + type: string + description: The CS3 gateway endpoint. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_REVA_GATEWAY_TLS_CACERT: + name: OCIS_REVA_GATEWAY_TLS_CACERT + defaultValue: "" + type: string + description: The root CA certificate used to validate the gateway's TLS certificate. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_REVA_GATEWAY_TLS_MODE: + name: OCIS_REVA_GATEWAY_TLS_MODE + defaultValue: "" + type: string + description: 'TLS mode for grpc connection to the CS3 gateway endpoint. Possible + values are ''off'', ''insecure'' and ''on''. ''off'': disables transport security + for the clients. ''insecure'' allows using transport security, but disables certificate + verification (to be used with the autogenerated self-signed certificates). ''on'' + enables transport security, including server certificate verification.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_SERVICE_ACCOUNT_ID: + name: SETTINGS_SERVICE_ACCOUNT_IDS;OCIS_SERVICE_ACCOUNT_ID + defaultValue: "" + type: '[]string' + description: 'The list of all service account IDs. These will be assigned the hidden + ''service-account'' role. Note: When using ''OCIS_SERVICE_ACCOUNT_ID'' this will + contain only one value while ''SETTINGS_SERVICE_ACCOUNT_IDS'' can have multiple. + See the ''auth-service'' service description for more details about service accounts.' + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_SERVICE_ACCOUNT_SECRET: + name: OCIS_SERVICE_ACCOUNT_SECRET;PROXY_SERVICE_ACCOUNT_SECRET + defaultValue: "" + type: string + description: The service account secret. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD: + name: OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD + defaultValue: "true" + type: bool + description: Set this to true if you want to enforce passwords on all public shares. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD: + name: OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD + defaultValue: "false" + type: bool + description: Set this to true if you want to enforce passwords on Uploader, Editor + or Contributor shares. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_SPACES_MAX_QUOTA: + name: OCIS_SPACES_MAX_QUOTA;FRONTEND_MAX_QUOTA + defaultValue: "0" + type: uint64 + description: Set the global max quota value in bytes. A value of 0 equals unlimited. + The value is provided via capabilities. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_SYSTEM_USER_API_KEY: + name: OCIS_SYSTEM_USER_API_KEY + defaultValue: "" + type: string + description: API key for the STORAGE-SYSTEM system user. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_SYSTEM_USER_ID: + name: OCIS_SYSTEM_USER_ID;SETTINGS_SYSTEM_USER_ID + defaultValue: "" + type: string + description: ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID + for the STORAGE-SYSTEM system user in this config option which is then used to + reference the user. Any reasonable long string is possible, preferably this would + be an UUIDv4 format. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_SYSTEM_USER_IDP: + name: OCIS_SYSTEM_USER_IDP;SETTINGS_SYSTEM_USER_IDP + defaultValue: internal + type: string + description: IDP of the oCIS STORAGE-SYSTEM system user. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;SETTINGS_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;SETTINGS_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;SETTINGS_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_TRACING_TYPE: + name: OCIS_TRACING_TYPE;SETTINGS_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_TRANSFER_SECRET: + name: OCIS_TRANSFER_SECRET + defaultValue: "" + type: string + description: Transfer secret for signing file up- and download requests. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_TRANSLATION_PATH: + name: OCIS_TRANSLATION_PATH;NOTIFICATIONS_TRANSLATION_PATH + defaultValue: "" + type: string + description: (optional) Set this to a path with custom translations to overwrite + the builtin translations. Note that file and folder naming rules apply, see the + documentation for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCIS_URL: + name: OCIS_URL;OCIS_OIDC_ISSUER;PROXY_OIDC_ISSUER + defaultValue: https://localhost:9200 + type: string + description: URL of the OIDC issuer. It defaults to URL of the builtin IDP. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_CORS_ALLOW_CREDENTIALS: + name: OCIS_CORS_ALLOW_CREDENTIALS;OCM_CORS_ALLOW_CREDENTIALS + defaultValue: "true" + type: bool + description: 'Allow credentials for CORS.See following chapter for more details: + *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.' + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_CORS_ALLOW_HEADERS: + name: OCIS_CORS_ALLOW_HEADERS;OCM_CORS_ALLOW_HEADERS + defaultValue: '[Origin Accept Content-Type Depth Authorization Ocs-Apirequest If-None-Match + If-Match Destination Overwrite X-Request-Id X-Requested-With Tus-Resumable Tus-Checksum-Algorithm + Upload-Concat Upload-Length Upload-Metadata Upload-Defer-Length Upload-Expires + Upload-Checksum Upload-Offset X-HTTP-Method-Override Cache-Control]' + type: '[]string' + description: 'A list of allowed CORS headers. See following chapter for more details: + *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. + See the Environment Variable Types description for more details.' + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_CORS_ALLOW_METHODS: + name: OCIS_CORS_ALLOW_METHODS;OCM_CORS_ALLOW_METHODS + defaultValue: '[OPTIONS HEAD GET PUT POST DELETE MKCOL PROPFIND PROPPATCH MOVE COPY + REPORT SEARCH]' + type: '[]string' + description: 'A list of allowed CORS methods. See following chapter for more details: + *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. + See the Environment Variable Types description for more details.' + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_CORS_ALLOW_ORIGINS: + name: OCIS_CORS_ALLOW_ORIGINS;OCM_CORS_ALLOW_ORIGINS + defaultValue: '[*]' + type: '[]string' + description: 'A list of allowed CORS origins. See following chapter for more details: + *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. + See the Environment Variable Types description for more details.' + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_DEBUG_ADDR: + name: OCM_DEBUG_ADDR + defaultValue: 127.0.0.1:9281 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_DEBUG_PPROF: + name: OCM_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_DEBUG_TOKEN: + name: OCM_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_DEBUG_ZPAGES: + name: OCM_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing in-memory + traces. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_GRPC_ADDR: + name: OCM_GRPC_ADDR + defaultValue: 127.0.0.1:9282 + type: string + description: The bind address of the GRPC service. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_GRPC_PROTOCOL: + name: OCM_GRPC_PROTOCOL + defaultValue: "" + type: string + description: The transport protocol of the GRPC service. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_HTTP_ADDR: + name: OCM_HTTP_ADDR + defaultValue: 127.0.0.1:9280 + type: string + description: The bind address of the HTTP service. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_HTTP_PREFIX: + name: OCM_HTTP_PREFIX + defaultValue: "" + type: string + description: The path prefix where OCM can be accessed (defaults to /). + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_HTTP_PROTOCOL: + name: OCM_HTTP_PROTOCOL + defaultValue: tcp + type: string + description: The transport protocol of the HTTP service. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_LOG_COLOR: + name: OCIS_LOG_COLOR;OCM_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_LOG_FILE: + name: OCIS_LOG_FILE;OCM_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_LOG_LEVEL: + name: OCIS_LOG_LEVEL;OCM_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_LOG_PRETTY: + name: OCIS_LOG_PRETTY;OCM_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_MESH_DIRECTORY_URL: + name: OCM_MESH_DIRECTORY_URL + defaultValue: "" + type: string + description: URL of the mesh directory service. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_OCM_CORE_DRIVER: + name: OCM_OCM_CORE_DRIVER + defaultValue: json + type: string + description: Driver to be used for the OCM core. Supported value is only 'json'. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_OCM_CORE_JSON_FILE: + name: OCM_OCM_CORE_JSON_FILE + defaultValue: /var/lib/ocis/storage/ocm/ocmshares.json + type: string + description: Path to the JSON file where OCM share data will be stored. If not defined, + the root directory derives from $OCIS_BASE_DATA_PATH:/storage. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_OCM_INVITE_MANAGER_DRIVER: + name: OCM_OCM_INVITE_MANAGER_DRIVER + defaultValue: json + type: string + description: Driver to be used to persist OCM invites. Supported value is only 'json'. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_OCM_INVITE_MANAGER_INSECURE: + name: OCM_OCM_INVITE_MANAGER_INSECURE + defaultValue: "false" + type: bool + description: Disable TLS certificate validation for the OCM connections. Do not + set this in production environments. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_OCM_INVITE_MANAGER_JSON_FILE: + name: OCM_OCM_INVITE_MANAGER_JSON_FILE + defaultValue: /var/lib/ocis/storage/ocm/ocminvites.json + type: string + description: Path to the JSON file where OCM invite data will be stored. If not + defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_OCM_PROVIDER_AUTHORIZER_PROVIDERS_FILE: + name: OCM_OCM_PROVIDER_AUTHORIZER_PROVIDERS_FILE + defaultValue: /var/lib/ocis/storage/ocm/ocmproviders.json + type: string + description: Path to the JSON file where ocm invite data will be stored. If not + defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_OCM_PROVIDER_AUTHORIZER_VERIFY_REQUEST_HOSTNAME: + name: OCM_OCM_PROVIDER_AUTHORIZER_VERIFY_REQUEST_HOSTNAME + defaultValue: "false" + type: bool + description: Verify the hostname of the incoming request against the hostname of + the OCM provider. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_OCM_SHARE_PROVIDER_DRIVER: + name: OCM_OCM_SHARE_PROVIDER_DRIVER + defaultValue: json + type: string + description: Driver to be used for the OCM share provider. Supported value is only + 'json'. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_OCM_SHARE_PROVIDER_INSECURE: + name: OCM_OCM_SHARE_PROVIDER_INSECURE + defaultValue: "false" + type: bool + description: Disable TLS certificate validation for the OCM connections. Do not + set this in production environments. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_OCM_SHAREPROVIDER_JSON_FILE: + name: OCM_OCM_SHAREPROVIDER_JSON_FILE + defaultValue: /var/lib/ocis/storage/ocm/ocmshares.json + type: string + description: Path to the JSON file where OCM share data will be stored. If not defined, + the root directory derives from $OCIS_BASE_DATA_PATH:/storage. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_OCM_STORAGE_PROVIDER_INSECURE: + name: OCM_OCM_STORAGE_PROVIDER_INSECURE + defaultValue: "false" + type: bool + description: Disable TLS certificate validation for the OCM connections. Do not + set this in production environments. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_OCM_STORAGE_PROVIDER_STORAGE_ROOT: + name: OCM_OCM_STORAGE_PROVIDER_STORAGE_ROOT + defaultValue: /var/lib/ocis/storage/ocm + type: string + description: Directory where the ocm storage provider persists its data like tus + upload info files. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_OCMD_EXPOSE_RECIPIENT_DISPLAY_NAME: + name: OCM_OCMD_EXPOSE_RECIPIENT_DISPLAY_NAME + defaultValue: "false" + type: bool + description: Expose the display name of OCM share recipients. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_OCMD_PREFIX: + name: OCM_OCMD_PREFIX + defaultValue: ocm + type: string + description: URL path prefix for the OCMD service. Note that the string must not + start with '/'. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_SCIENCEMESH_PREFIX: + name: OCM_SCIENCEMESH_PREFIX + defaultValue: sciencemesh + type: string + description: URL path prefix for the ScienceMesh service. Note that the string must + not start with '/'. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_SERVICE_ACCOUNT_ID: + name: OCIS_SERVICE_ACCOUNT_ID;OCM_SERVICE_ACCOUNT_ID + defaultValue: "" + type: string + description: The ID of the service account the service should use. See the 'auth-service' + service description for more details. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_SERVICE_ACCOUNT_SECRET: + name: OCIS_SERVICE_ACCOUNT_SECRET;OCM_SERVICE_ACCOUNT_SECRET + defaultValue: "" + type: string + description: The service account secret. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;OCM_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;OCM_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;OCM_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_TRACING_TYPE: + name: OCIS_TRACING_TYPE;OCM_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCM_WEBAPP_TEMPLATE: + name: OCM_WEBAPP_TEMPLATE + defaultValue: "" + type: string + description: Template for the webapp url. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCS_CORS_ALLOW_CREDENTIALS: + name: OCIS_CORS_ALLOW_CREDENTIALS;OCS_CORS_ALLOW_CREDENTIALS + defaultValue: "true" + type: bool + description: 'Allow credentials for CORS.See following chapter for more details: + *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCS_CORS_ALLOW_HEADERS: + name: OCIS_CORS_ALLOW_HEADERS;OCS_CORS_ALLOW_HEADERS + defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id + Cache-Control]' + type: '[]string' + description: 'A list of allowed CORS headers. See following chapter for more details: + *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCS_CORS_ALLOW_METHODS: + name: OCIS_CORS_ALLOW_METHODS;OCS_CORS_ALLOW_METHODS + defaultValue: '[GET POST PUT PATCH DELETE OPTIONS]' + type: '[]string' + description: 'A list of allowed CORS methods. See following chapter for more details: + *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCS_CORS_ALLOW_ORIGINS: + name: OCIS_CORS_ALLOW_ORIGINS;OCS_CORS_ALLOW_ORIGINS + defaultValue: '[*]' + type: '[]string' + description: 'A list of allowed CORS origins. See following chapter for more details: + *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCS_DEBUG_ADDR: + name: OCS_DEBUG_ADDR + defaultValue: 127.0.0.1:9114 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCS_DEBUG_PPROF: + name: OCS_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCS_DEBUG_TOKEN: + name: OCS_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCS_DEBUG_ZPAGES: + name: OCS_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing in-memory + traces. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCS_EVENTS_TLS_ROOT_CA_CERTIFICATE: + name: FRONTEND_EVENTS_TLS_ROOT_CA_CERTIFICATE;OCS_EVENTS_TLS_ROOT_CA_CERTIFICATE + defaultValue: "" + type: string + description: The root CA certificate used to validate the server's TLS certificate. + If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCS_HTTP_ADDR: + name: OCS_HTTP_ADDR + defaultValue: 127.0.0.1:9110 + type: string + description: The bind address of the HTTP service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCS_HTTP_ROOT: + name: OCS_HTTP_ROOT + defaultValue: /ocs + type: string + description: Subdirectory that serves as the root for this HTTP service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCS_JWT_SECRET: + name: OCIS_JWT_SECRET;OCS_JWT_SECRET + defaultValue: "" + type: string + description: The secret to mint and validate jwt tokens. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCS_LOG_COLOR: + name: OCIS_LOG_COLOR;OCS_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCS_LOG_FILE: + name: OCIS_LOG_FILE;OCS_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCS_LOG_LEVEL: + name: OCIS_LOG_LEVEL;OCS_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCS_LOG_PRETTY: + name: OCIS_LOG_PRETTY;OCS_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCS_PRESIGNEDURL_SIGNING_KEYS_STORE: + name: OCIS_CACHE_STORE;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE + defaultValue: nats-js-kv + type: string + description: 'The type of the signing key store. Supported values are: ''redis-sentinel'' + and ''nats-js-kv''. See the text description for details.' + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_PASSWORD: + name: OCIS_CACHE_AUTH_PASSWORD;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_PASSWORD + defaultValue: "" + type: string + description: The password to authenticate with the store. Only applies when store + type 'nats-js-kv' is configured. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_USERNAME: + name: OCIS_CACHE_AUTH_USERNAME;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_USERNAME + defaultValue: "" + type: string + description: The username to authenticate with the store. Only applies when store + type 'nats-js-kv' is configured. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES: + name: OCIS_CACHE_STORE_NODES;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES + defaultValue: '[127.0.0.1:9233]' + type: '[]string' + description: A list of nodes to access the configured store. Note that the behaviour + how nodes are used is dependent on the library of the configured store. See the + Environment Variable Types description for more details. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_TTL: + name: OCIS_CACHE_TTL;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_TTL + defaultValue: 12h0m0s + type: Duration + description: Default time to live for signing keys. See the Environment Variable + Types description for more details. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCS_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;OCS_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCS_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;OCS_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCS_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;OCS_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +OCS_TRACING_TYPE: + name: OCIS_TRACING_TYPE;OCS_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POLICIES_DEBUG_ADDR: + name: POLICIES_DEBUG_ADDR + defaultValue: 127.0.0.1:9129 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POLICIES_DEBUG_PPROF: + name: POLICIES_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POLICIES_DEBUG_TOKEN: + name: POLICIES_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POLICIES_DEBUG_ZPAGES: + name: POLICIES_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing in-memory + traces. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POLICIES_ENGINE_MIMES: + name: POLICIES_ENGINE_MIMES + defaultValue: "" + type: string + description: Sets the mimes file path which maps mimetypes to associated file extensions. + See the text description for details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POLICIES_ENGINE_TIMEOUT: + name: POLICIES_ENGINE_TIMEOUT + defaultValue: 10s + type: Duration + description: Sets the timeout the rego expression evaluation can take. Rules default + to deny if the timeout was reached. See the Environment Variable Types description + for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POLICIES_EVENTS_AUTH_PASSWORD: + name: OCIS_EVENTS_AUTH_PASSWORD;FRONTEND_EVENTS_AUTH_PASSWORD + defaultValue: "" + type: string + description: The password to authenticate with the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POLICIES_EVENTS_AUTH_USERNAME: + name: OCIS_EVENTS_AUTH_USERNAME;FRONTEND_EVENTS_AUTH_USERNAME + defaultValue: "" + type: string + description: The username to authenticate with the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POLICIES_EVENTS_CLUSTER: + name: OCIS_EVENTS_CLUSTER;FRONTEND_EVENTS_CLUSTER + defaultValue: ocis-cluster + type: string + description: The clusterID of the event system. The event system is the message + queuing service. It is used as message broker for the microservice architecture. + Mandatory when using NATS as event system. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POLICIES_EVENTS_ENABLE_TLS: + name: OCIS_EVENTS_ENABLE_TLS;FRONTEND_EVENTS_ENABLE_TLS + defaultValue: "false" + type: bool + description: Enable TLS for the connection to the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POLICIES_EVENTS_ENDPOINT: + name: OCIS_EVENTS_ENDPOINT;FRONTEND_EVENTS_ENDPOINT + defaultValue: 127.0.0.1:9233 + type: string + description: The address of the event system. The event system is the message queuing + service. It is used as message broker for the microservice architecture. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POLICIES_EVENTS_TLS_INSECURE: + name: OCIS_INSECURE;PROXY_OIDC_INSECURE + defaultValue: "false" + type: bool + description: Disable TLS certificate validation for connections to the IDP. Note + that this is not recommended for production environments. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POLICIES_EVENTS_TLS_ROOT_CA_CERTIFICATE: + name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;AUDIT_EVENTS_TLS_ROOT_CA_CERTIFICATE + defaultValue: "" + type: string + description: The root CA certificate used to validate the server's TLS certificate. + If provided AUDIT_EVENTS_TLS_INSECURE will be seen as false. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POLICIES_GRPC_ADDR: + name: POLICIES_GRPC_ADDR + defaultValue: 127.0.0.1:9125 + type: string + description: The bind address of the GRPC service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POLICIES_LOG_COLOR: + name: OCIS_LOG_COLOR;POLICIES_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POLICIES_LOG_FILE: + name: OCIS_LOG_FILE;POLICIES_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POLICIES_LOG_LEVEL: + name: OCIS_LOG_LEVEL;POLICIES_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POLICIES_LOG_PRETTY: + name: OCIS_LOG_PRETTY;POLICIES_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POLICIES_POSTPROCESSING_QUERY: + name: POLICIES_POSTPROCESSING_QUERY + defaultValue: "" + type: string + description: Defines the 'Complete Rules' variable defined in the rego rule set + this step uses for its evaluation. Defaults to deny if the variable was not found. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POLICIES_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;POLICIES_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POLICIES_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;POLICIES_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POLICIES_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;POLICIES_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POLICIES_TRACING_TYPE: + name: OCIS_TRACING_TYPE;POLICIES_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POSTPROCESSING_DEBUG_ADDR: + name: POSTPROCESSING_DEBUG_ADDR + defaultValue: 127.0.0.1:9255 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POSTPROCESSING_DEBUG_PPROF: + name: POSTPROCESSING_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POSTPROCESSING_DEBUG_TOKEN: + name: POSTPROCESSING_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POSTPROCESSING_DEBUG_ZPAGES: + name: POSTPROCESSING_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing in-memory + traces. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POSTPROCESSING_DELAY: + name: POSTPROCESSING_DELAY + defaultValue: 0s + type: Duration + description: After uploading a file but before making it available for download, + a delay step can be added. Intended for developing purposes only. If a duration + is set but the keyword 'delay' is not explicitely added to 'POSTPROCESSING_STEPS', + the delay step will be processed as last step. In such a case, a log entry will + be written on service startup to remind the admin about that situation. See the + Environment Variable Types description for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POSTPROCESSING_EVENTS_AUTH_PASSWORD: + name: OCIS_EVENTS_AUTH_PASSWORD;POSTPROCESSING_EVENTS_AUTH_PASSWORD + defaultValue: "" + type: string + description: The password to authenticate with the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POSTPROCESSING_EVENTS_AUTH_USERNAME: + name: OCIS_EVENTS_AUTH_USERNAME;POSTPROCESSING_EVENTS_AUTH_USERNAME + defaultValue: "" + type: string + description: The username to authenticate with the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POSTPROCESSING_EVENTS_CLUSTER: + name: OCIS_EVENTS_CLUSTER;POSTPROCESSING_EVENTS_CLUSTER + defaultValue: ocis-cluster + type: string + description: The clusterID of the event system. The event system is the message + queuing service. It is used as message broker for the microservice architecture. + Mandatory when using NATS as event system. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POSTPROCESSING_EVENTS_ENABLE_TLS: + name: OCIS_EVENTS_ENABLE_TLS;POSTPROCESSING_EVENTS_ENABLE_TLS + defaultValue: "false" + type: bool + description: Enable TLS for the connection to the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POSTPROCESSING_EVENTS_ENDPOINT: + name: OCIS_EVENTS_ENDPOINT;POSTPROCESSING_EVENTS_ENDPOINT + defaultValue: 127.0.0.1:9233 + type: string + description: The address of the event system. The event system is the message queuing + service. It is used as message broker for the microservice architecture. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POSTPROCESSING_EVENTS_TLS_INSECURE: + name: OCIS_INSECURE;POSTPROCESSING_EVENTS_TLS_INSECURE + defaultValue: "false" + type: bool + description: Whether the ocis server should skip the client certificate verification + during the TLS handshake. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POSTPROCESSING_EVENTS_TLS_ROOT_CA_CERTIFICATE: + name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;POSTPROCESSING_EVENTS_TLS_ROOT_CA_CERTIFICATE + defaultValue: "" + type: string + description: The root CA certificate used to validate the server's TLS certificate. + If provided POSTPROCESSING_EVENTS_TLS_INSECURE will be seen as false. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POSTPROCESSING_LOG_COLOR: + name: OCIS_LOG_COLOR;POSTPROCESSING_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POSTPROCESSING_LOG_FILE: + name: OCIS_LOG_FILE;POSTPROCESSING_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POSTPROCESSING_LOG_LEVEL: + name: OCIS_LOG_LEVEL;POSTPROCESSING_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POSTPROCESSING_LOG_PRETTY: + name: OCIS_LOG_PRETTY;POSTPROCESSING_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POSTPROCESSING_MAX_RETRIES: + name: POSTPROCESSING_MAX_RETRIES + defaultValue: "14" + type: int + description: The maximum number of retries for a failed postprocessing step. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POSTPROCESSING_RETRY_BACKOFF_DURATION: + name: POSTPROCESSING_RETRY_BACKOFF_DURATION + defaultValue: 5s + type: Duration + description: The base for the exponential backoff duration before retrying a failed + postprocessing step. See the Environment Variable Types description for more details. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POSTPROCESSING_STEPS: + name: POSTPROCESSING_STEPS + defaultValue: '[]' + type: '[]string' + description: 'A list of postprocessing steps processed in order of their appearance. + Currently supported values by the system are: ''virusscan'', ''policies'' and + ''delay''. Custom steps are allowed. See the documentation for instructions. See + the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POSTPROCESSING_STORE: + name: OCIS_PERSISTENT_STORE;POSTPROCESSING_STORE + defaultValue: memory + type: string + description: 'The type of the store. Supported values are: ''memory'', ''ocmem'', + ''etcd'', ''redis'', ''redis-sentinel'', ''nats-js'', ''noop''. See the text description + for details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POSTPROCESSING_STORE_AUTH_PASSWORD: + name: OCIS_PERSISTENT_STORE_AUTH_PASSWORD;POSTPROCESSING_STORE_AUTH_PASSWORD + defaultValue: "" + type: string + description: The password to authenticate with the store. Only applies when store + type 'nats-js-kv' is configured. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POSTPROCESSING_STORE_AUTH_USERNAME: + name: OCIS_PERSISTENT_STORE_AUTH_USERNAME;POSTPROCESSING_STORE_AUTH_USERNAME + defaultValue: "" + type: string + description: The username to authenticate with the store. Only applies when store + type 'nats-js-kv' is configured. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POSTPROCESSING_STORE_DATABASE: + name: POSTPROCESSING_STORE_DATABASE + defaultValue: postprocessing + type: string + description: The database name the configured store should use. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POSTPROCESSING_STORE_NODES: + name: OCIS_PERSISTENT_STORE_NODES;POSTPROCESSING_STORE_NODES + defaultValue: '[]' + type: '[]string' + description: A list of nodes to access the configured store. This has no effect + when 'memory' or 'ocmem' stores are configured. Note that the behaviour how nodes + are used is dependent on the library of the configured store. See the Environment + Variable Types description for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POSTPROCESSING_STORE_SIZE: + name: OCIS_PERSISTENT_STORE_SIZE;POSTPROCESSING_STORE_SIZE + defaultValue: "0" + type: int + description: The maximum quantity of items in the store. Only applies when store + type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package + though not exclicitely set as default. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POSTPROCESSING_STORE_TABLE: + name: POSTPROCESSING_STORE_TABLE + defaultValue: postprocessing + type: string + description: The database table the store should use. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POSTPROCESSING_STORE_TTL: + name: OCIS_PERSISTENT_STORE_TTL;POSTPROCESSING_STORE_TTL + defaultValue: 0s + type: Duration + description: Time to live for events in the store. See the Environment Variable + Types description for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POSTPROCESSING_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;POSTPROCESSING_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POSTPROCESSING_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;POSTPROCESSING_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POSTPROCESSING_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;POSTPROCESSING_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +POSTPROCESSING_TRACING_TYPE: + name: OCIS_TRACING_TYPE;POSTPROCESSING_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_ACCOUNT_BACKEND_TYPE: + name: PROXY_ACCOUNT_BACKEND_TYPE + defaultValue: cs3 + type: string + description: Account backend the PROXY service should use. Currently only 'cs3' + is possible here. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_AUTOPROVISION_ACCOUNTS: + name: PROXY_AUTOPROVISION_ACCOUNTS + defaultValue: "false" + type: bool + description: Set this to 'true' to automatically provision users that do not yet + exist in the users service on-demand upon first sign-in. To use this a write-enabled + libregraph user backend needs to be setup an running. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_DEBUG_ADDR: + name: PROXY_DEBUG_ADDR + defaultValue: 127.0.0.1:9205 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_DEBUG_PPROF: + name: PROXY_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_DEBUG_TOKEN: + name: PROXY_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_DEBUG_ZPAGES: + name: PROXY_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing in-memory + traces. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_ENABLE_BASIC_AUTH: + name: PROXY_ENABLE_BASIC_AUTH + defaultValue: "false" + type: bool + description: Set this to true to enable 'basic authentication' (username/password). + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_ENABLE_PRESIGNEDURLS: + name: PROXY_ENABLE_PRESIGNEDURLS + defaultValue: "true" + type: bool + description: Allow OCS to get a signing key to sign requests. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_HTTP_ADDR: + name: PROXY_HTTP_ADDR + defaultValue: 0.0.0.0:9200 + type: string + description: The bind address of the HTTP service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_HTTP_ROOT: + name: PROXY_HTTP_ROOT + defaultValue: / + type: string + description: Subdirectory that serves as the root for this HTTP service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_HTTPS_CACERT: + name: PROXY_HTTPS_CACERT + defaultValue: "" + type: string + description: Path/File for the root CA certificate used to validate the server’s + TLS certificate for https enabled backend services. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_INSECURE_BACKENDS: + name: PROXY_INSECURE_BACKENDS + defaultValue: "false" + type: bool + description: Disable TLS certificate validation for all HTTP backend connections. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_LOG_COLOR: + name: OCIS_LOG_COLOR;PROXY_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_LOG_FILE: + name: OCIS_LOG_FILE;PROXY_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_LOG_LEVEL: + name: OCIS_LOG_LEVEL;PROXY_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_LOG_PRETTY: + name: OCIS_LOG_PRETTY;PROXY_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_MACHINE_AUTH_API_KEY: + name: OCIS_MACHINE_AUTH_API_KEY;PROXY_MACHINE_AUTH_API_KEY + defaultValue: "" + type: string + description: Machine auth API key used to validate internal requests necessary to + access resources from other services. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_OIDC_ACCESS_TOKEN_VERIFY_METHOD: + name: PROXY_OIDC_ACCESS_TOKEN_VERIFY_METHOD + defaultValue: jwt + type: string + description: Sets how OIDC access tokens should be verified. Possible values are + 'none' and 'jwt'. When using 'none', no special validation apart from using it + for accessing the IPD's userinfo endpoint will be done. When using 'jwt', it tries + to parse the access token as a jwt token and verifies the signature using the + keys published on the IDP's 'jwks_uri'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_OIDC_INSECURE: + name: OCIS_INSECURE;PROXY_OIDC_INSECURE + defaultValue: "false" + type: bool + description: Disable TLS certificate validation for connections to the IDP. Note + that this is not recommended for production environments. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_OIDC_ISSUER: + name: OCIS_URL;OCIS_OIDC_ISSUER;PROXY_OIDC_ISSUER + defaultValue: https://localhost:9200 + type: string + description: URL of the OIDC issuer. It defaults to URL of the builtin IDP. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_OIDC_JWKS_REFRESH_INTERVAL: + name: PROXY_OIDC_JWKS_REFRESH_INTERVAL + defaultValue: "60" + type: uint64 + description: The interval for refreshing the JWKS (JSON Web Key Set) in minutes + in the background via a new HTTP request to the IDP. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_OIDC_JWKS_REFRESH_RATE_LIMIT: + name: PROXY_OIDC_JWKS_REFRESH_RATE_LIMIT + defaultValue: "60" + type: uint64 + description: Limits the rate in seconds at which refresh requests are performed + for unknown keys. This is used to prevent malicious clients from imposing high + network load on the IDP via ocis. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_OIDC_JWKS_REFRESH_TIMEOUT: + name: PROXY_OIDC_JWKS_REFRESH_TIMEOUT + defaultValue: "10" + type: uint64 + description: The timeout in seconds for an outgoing JWKS request. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_OIDC_JWKS_REFRESH_UNKNOWN_KID: + name: PROXY_OIDC_JWKS_REFRESH_UNKNOWN_KID + defaultValue: "true" + type: bool + description: If set to 'true', the JWKS refresh request will occur every time an + unknown KEY ID (KID) is seen. Always set a 'refresh_limit' when enabling this. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_OIDC_REWRITE_WELLKNOWN: + name: PROXY_OIDC_REWRITE_WELLKNOWN + defaultValue: "false" + type: bool + description: Enables rewriting the /.well-known/openid-configuration to the configured + OIDC issuer. Needed by the Desktop Client, Android Client and iOS Client to discover + the OIDC provider. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_OIDC_SKIP_USER_INFO: + name: PROXY_OIDC_SKIP_USER_INFO + defaultValue: "false" + type: bool + description: Do not look up user claims at the userinfo endpoint and directly read + them from the access token. Incompatible with 'PROXY_OIDC_ACCESS_TOKEN_VERIFY_METHOD=none'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_OIDC_USERINFO_CACHE_AUTH_PASSWORD: + name: OCIS_CACHE_AUTH_PASSWORD;PROXY_OIDC_USERINFO_CACHE_AUTH_PASSWORD + defaultValue: "" + type: string + description: The password to authenticate with the cache. Only applies when store + type 'nats-js-kv' is configured. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_OIDC_USERINFO_CACHE_AUTH_USERNAME: + name: OCIS_CACHE_AUTH_USERNAME;PROXY_OIDC_USERINFO_CACHE_AUTH_USERNAME + defaultValue: "" + type: string + description: The username to authenticate with the cache. Only applies when store + type 'nats-js-kv' is configured. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_OIDC_USERINFO_CACHE_DISABLE_PERSISTENCE: + name: OCIS_CACHE_DISABLE_PERSISTENCE;PROXY_OIDC_USERINFO_CACHE_DISABLE_PERSISTENCE + defaultValue: "false" + type: bool + description: Disables persistence of the cache. Only applies when store type 'nats-js-kv' + is configured. Defaults to false. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_OIDC_USERINFO_CACHE_SIZE: + name: OCIS_CACHE_SIZE;PROXY_OIDC_USERINFO_CACHE_SIZE + defaultValue: "0" + type: int + description: The maximum quantity of items in the user info cache. Only applies + when store type 'ocmem' is configured. Defaults to 512 which is derived from the + ocmem package though not exclicitely set as default. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_OIDC_USERINFO_CACHE_STORE: + name: OCIS_CACHE_STORE;PROXY_OIDC_USERINFO_CACHE_STORE + defaultValue: memory + type: string + description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'', + ''nats-js-kv'', ''noop''. See the text description for details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_OIDC_USERINFO_CACHE_STORE_NODES: + name: OCIS_CACHE_STORE_NODES;PROXY_OIDC_USERINFO_CACHE_STORE_NODES + defaultValue: '[127.0.0.1:9233]' + type: '[]string' + description: A list of nodes to access the configured store. This has no effect + when 'memory' or 'ocmem' stores are configured. Note that the behaviour how nodes + are used is dependent on the library of the configured store. See the Environment + Variable Types description for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_OIDC_USERINFO_CACHE_TABLE: + name: PROXY_OIDC_USERINFO_CACHE_TABLE + defaultValue: "" + type: string + description: The database table the store should use. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_OIDC_USERINFO_CACHE_TTL: + name: OCIS_CACHE_TTL;PROXY_OIDC_USERINFO_CACHE_TTL + defaultValue: 10s + type: Duration + description: Default time to live for user info in the user info cache. Only applied + when access tokens has no expiration. See the Environment Variable Types description + for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_POLICIES_QUERY: + name: PROXY_POLICIES_QUERY + defaultValue: "" + type: string + description: Defines the 'Complete Rules' variable defined in the rego rule set + this step uses for its evaluation. Rules default to deny if the variable was not + found. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE: + name: OCIS_CACHE_STORE;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE + defaultValue: nats-js-kv + type: string + description: 'The type of the signing key store. Supported values are: ''redis-sentinel'', + ''nats-js-kv'' and ''ocisstoreservice'' (deprecated). See the text description + for details.' + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_PASSWORD: + name: OCIS_CACHE_AUTH_PASSWORD;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_PASSWORD + defaultValue: "" + type: string + description: The password to authenticate with the store. Only applies when store + type 'nats-js-kv' is configured. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_USERNAME: + name: OCIS_CACHE_AUTH_USERNAME;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_USERNAME + defaultValue: "" + type: string + description: The username to authenticate with the store. Only applies when store + type 'nats-js-kv' is configured. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_DISABLE_PERSISTENCE: + name: OCIS_CACHE_DISABLE_PERSISTENCE;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_DISABLE_PERSISTENCE + defaultValue: "true" + type: bool + description: Disables persistence of the store. Only applies when store type 'nats-js-kv' + is configured. Defaults to true. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES: + name: OCIS_CACHE_STORE_NODES;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES + defaultValue: '[127.0.0.1:9233]' + type: '[]string' + description: A list of nodes to access the configured store. Note that the behaviour + how nodes are used is dependent on the library of the configured store. See the + Environment Variable Types description for more details. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_TTL: + name: OCIS_CACHE_TTL;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_TTL + defaultValue: 12h0m0s + type: Duration + description: Default time to live for signing keys. See the Environment Variable + Types description for more details. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_ROLE_ASSIGNMENT_DRIVER: + name: PROXY_ROLE_ASSIGNMENT_DRIVER + defaultValue: default + type: string + description: 'The mechanism that should be used to assign roles to user upon login. + Supported values: ''default'' or ''oidc''. ''default'' will assign the role ''user'' + to users which don''t have a role assigned at the time they login. ''oidc'' will + assign the role based on the value of a claim (configured via PROXY_ROLE_ASSIGNMENT_OIDC_CLAIM) + from the users OIDC claims.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_ROLE_ASSIGNMENT_OIDC_CLAIM: + name: PROXY_ROLE_ASSIGNMENT_OIDC_CLAIM + defaultValue: roles + type: string + description: The OIDC claim used to create the users role assignment. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_SERVICE_ACCOUNT_ID: + name: OCIS_SERVICE_ACCOUNT_ID;PROXY_SERVICE_ACCOUNT_ID + defaultValue: "" + type: string + description: The ID of the service account the service should use. See the 'auth-service' + service description for more details. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_SERVICE_ACCOUNT_SECRET: + name: OCIS_SERVICE_ACCOUNT_SECRET;PROXY_SERVICE_ACCOUNT_SECRET + defaultValue: "" + type: string + description: The service account secret. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_TLS: + name: PROXY_TLS + defaultValue: "true" + type: bool + description: Enable/Disable HTTPS for external HTTP services. Must be set to 'true' + if the built-in IDP service an no reverse proxy is used. See the text description + for details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;PROXY_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;PROXY_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;PROXY_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_TRACING_TYPE: + name: OCIS_TRACING_TYPE;PROXY_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_TRANSPORT_TLS_CERT: + name: PROXY_TRANSPORT_TLS_CERT + defaultValue: /var/lib/ocis/proxy/server.crt + type: string + description: Path/File name of the TLS server certificate (in PEM format) for the + external http services. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/proxy. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_TRANSPORT_TLS_KEY: + name: PROXY_TRANSPORT_TLS_KEY + defaultValue: /var/lib/ocis/proxy/server.key + type: string + description: Path/File name for the TLS certificate key (in PEM format) for the + server certificate to use for the external http services. If not defined, the + root directory derives from $OCIS_BASE_DATA_PATH:/proxy. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_USER_CS3_CLAIM: + name: PROXY_USER_CS3_CLAIM + defaultValue: username + type: string + description: The name of a CS3 user attribute (claim) that should be mapped to the + 'user_oidc_claim'. Supported values are 'username', 'mail' and 'userid'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_USER_OIDC_CLAIM: + name: PROXY_USER_OIDC_CLAIM + defaultValue: preferred_username + type: string + description: The name of an OpenID Connect claim that is used for resolving users + with the account backend. The value of the claim must hold a per user unique, + stable and non re-assignable identifier. The availability of claims depends on + your Identity Provider. There are common claims available for most Identity providers + like 'email' or 'preferred_username' but you can also add your own claim. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SEARCH_CONTENT_EXTRACTION_SIZE_LIMIT: + name: SEARCH_CONTENT_EXTRACTION_SIZE_LIMIT + defaultValue: "20971520" + type: uint64 + description: Maximum file size in bytes that is allowed for content extraction. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SEARCH_DEBUG_ADDR: + name: SEARCH_DEBUG_ADDR + defaultValue: 127.0.0.1:9224 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SEARCH_DEBUG_PPROF: + name: SEARCH_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SEARCH_DEBUG_TOKEN: + name: SEARCH_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SEARCH_DEBUG_ZPAGES: + name: SEARCH_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing in-memory + traces. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SEARCH_ENGINE_BLEVE_DATA_PATH: + name: SEARCH_ENGINE_BLEVE_DATA_PATH + defaultValue: /var/lib/ocis/search + type: string + description: The directory where the filesystem will store search data. If not defined, + the root directory derives from $OCIS_BASE_DATA_PATH:/search. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SEARCH_ENGINE_TYPE: + name: SEARCH_ENGINE_TYPE + defaultValue: bleve + type: string + description: 'Defines which search engine to use. Defaults to ''bleve''. Supported + values are: ''bleve''.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SEARCH_EVENTS_ASYNC_UPLOADS: + name: OCIS_ASYNC_UPLOADS;SEARCH_EVENTS_ASYNC_UPLOADS + defaultValue: "true" + type: bool + description: Enable asynchronous file uploads. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SEARCH_EVENTS_AUTH_PASSWORD: + name: OCIS_EVENTS_AUTH_PASSWORD;SEARCH_EVENTS_AUTH_PASSWORD + defaultValue: "" + type: string + description: The password to authenticate with the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SEARCH_EVENTS_AUTH_USERNAME: + name: OCIS_EVENTS_AUTH_USERNAME;SEARCH_EVENTS_AUTH_USERNAME + defaultValue: "" + type: string + description: The username to authenticate with the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SEARCH_EVENTS_CLUSTER: + name: OCIS_EVENTS_CLUSTER;SEARCH_EVENTS_CLUSTER + defaultValue: ocis-cluster + type: string + description: The clusterID of the event system. The event system is the message + queuing service. It is used as message broker for the microservice architecture. + Mandatory when using NATS as event system. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SEARCH_EVENTS_ENABLE_TLS: + name: OCIS_EVENTS_ENABLE_TLS;SEARCH_EVENTS_ENABLE_TLS + defaultValue: "false" + type: bool + description: Enable TLS for the connection to the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SEARCH_EVENTS_ENDPOINT: + name: OCIS_EVENTS_ENDPOINT;SEARCH_EVENTS_ENDPOINT + defaultValue: 127.0.0.1:9233 + type: string + description: The address of the event system. The event system is the message queuing + service. It is used as message broker for the microservice architecture. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SEARCH_EVENTS_NUM_CONSUMERS: + name: SEARCH_EVENTS_NUM_CONSUMERS + defaultValue: "0" + type: int + description: The amount of concurrent event consumers to start. Event consumers + are used for searching files. Multiple consumers increase parallelisation, but + will also increase CPU and memory demands. The default value is 0. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SEARCH_EVENTS_REINDEX_DEBOUNCE_DURATION: + name: SEARCH_EVENTS_REINDEX_DEBOUNCE_DURATION + defaultValue: "1000" + type: int + description: The duration in milliseconds the reindex debouncer waits before triggering + a reindex of a space that was modified. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SEARCH_EVENTS_TLS_INSECURE: + name: OCIS_INSECURE;SEARCH_EVENTS_TLS_INSECURE + defaultValue: "false" + type: bool + description: Whether to verify the server TLS certificates. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SEARCH_EVENTS_TLS_ROOT_CA_CERTIFICATE: + name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;SEARCH_EVENTS_TLS_ROOT_CA_CERTIFICATE + defaultValue: "" + type: string + description: The root CA certificate used to validate the server's TLS certificate. + If provided SEARCH_EVENTS_TLS_INSECURE will be seen as false. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SEARCH_EXTRACTOR_CS3SOURCE_INSECURE: + name: OCIS_INSECURE;SEARCH_EXTRACTOR_CS3SOURCE_INSECURE + defaultValue: "false" + type: bool + description: Ignore untrusted SSL certificates when connecting to the CS3 source. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SEARCH_EXTRACTOR_TIKA_CLEAN_STOP_WORDS: + name: SEARCH_EXTRACTOR_TIKA_CLEAN_STOP_WORDS + defaultValue: "true" + type: bool + description: Defines if stop words should be cleaned or not. See the documentation + for more details. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SEARCH_EXTRACTOR_TIKA_TIKA_URL: + name: SEARCH_EXTRACTOR_TIKA_TIKA_URL + defaultValue: http://127.0.0.1:9998 + type: string + description: URL of the tika server. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SEARCH_EXTRACTOR_TYPE: + name: SEARCH_EXTRACTOR_TYPE + defaultValue: basic + type: string + description: 'Defines the content extraction engine. Defaults to ''basic''. Supported + values are: ''basic'' and ''tika''.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SEARCH_GRPC_ADDR: + name: SEARCH_GRPC_ADDR + defaultValue: 127.0.0.1:9220 + type: string + description: The bind address of the GRPC service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SEARCH_JWT_SECRET: + name: OCIS_JWT_SECRET;SEARCH_JWT_SECRET + defaultValue: "" + type: string + description: The secret to mint and validate jwt tokens. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SEARCH_LOG_COLOR: + name: OCIS_LOG_COLOR;SEARCH_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SEARCH_LOG_FILE: + name: OCIS_LOG_FILE;SEARCH_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SEARCH_LOG_LEVEL: + name: OCIS_LOG_LEVEL;SEARCH_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SEARCH_LOG_PRETTY: + name: OCIS_LOG_PRETTY;SEARCH_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SEARCH_SERVICE_ACCOUNT_ID: + name: OCIS_SERVICE_ACCOUNT_ID;SEARCH_SERVICE_ACCOUNT_ID + defaultValue: "" + type: string + description: The ID of the service account the service should use. See the 'auth-service' + service description for more details. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SEARCH_SERVICE_ACCOUNT_SECRET: + name: OCIS_SERVICE_ACCOUNT_SECRET;SEARCH_SERVICE_ACCOUNT_SECRET + defaultValue: "" + type: string + description: The service account secret. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SEARCH_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;SEARCH_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SEARCH_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;SEARCH_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SEARCH_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;SEARCH_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SEARCH_TRACING_TYPE: + name: OCIS_TRACING_TYPE;SEARCH_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SETTINGS_ADMIN_USER_ID: + name: OCIS_ADMIN_USER_ID;SETTINGS_ADMIN_USER_ID + defaultValue: "" + type: string + description: ID of the user that should receive admin privileges. Consider that + the UUID can be encoded in some LDAP deployment configurations like in .ldif files. + These need to be decoded beforehand. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SETTINGS_BUNDLES_PATH: + name: SETTINGS_BUNDLES_PATH + defaultValue: "" + type: string + description: The path to a JSON file with a list of bundles. If not defined, the + default bundles will be loaded. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SETTINGS_CACHE_AUTH_PASSWORD: + name: OCIS_CACHE_AUTH_PASSWORD;SETTINGS_CACHE_AUTH_PASSWORD + defaultValue: "" + type: string + description: The password to authenticate with the cache. Only applies when store + type 'nats-js-kv' is configured. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SETTINGS_CACHE_AUTH_USERNAME: + name: OCIS_CACHE_AUTH_USERNAME;SETTINGS_CACHE_AUTH_USERNAME + defaultValue: "" + type: string + description: The username to authenticate with the cache. Only applies when store + type 'nats-js-kv' is configured. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SETTINGS_CACHE_DISABLE_PERSISTENCE: + name: OCIS_CACHE_DISABLE_PERSISTENCE;SETTINGS_CACHE_DISABLE_PERSISTENCE + defaultValue: "false" + type: bool + description: Disables persistence of the cache. Only applies when store type 'nats-js-kv' + is configured. Defaults to false. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SETTINGS_CACHE_SIZE: + name: OCIS_CACHE_SIZE;SETTINGS_CACHE_SIZE + defaultValue: "0" + type: int + description: The maximum quantity of items in the cache. Only applies when store + type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package + though not exclicitely set as default. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SETTINGS_CACHE_STORE: + name: OCIS_CACHE_STORE;SETTINGS_CACHE_STORE + defaultValue: memory + type: string + description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'', + ''nats-js-kv'', ''noop''. See the text description for details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SETTINGS_CACHE_STORE_NODES: + name: OCIS_CACHE_STORE_NODES;SETTINGS_CACHE_STORE_NODES + defaultValue: '[127.0.0.1:9233]' + type: '[]string' + description: A list of nodes to access the configured store. This has no effect + when 'memory' or 'ocmem' stores are configured. Note that the behaviour how nodes + are used is dependent on the library of the configured store. See the Environment + Variable Types description for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SETTINGS_CACHE_TTL: + name: OCIS_CACHE_TTL;SETTINGS_CACHE_TTL + defaultValue: 10m0s + type: Duration + description: Default time to live for entries in the cache. Only applied when access + tokens has no expiration. See the Environment Variable Types description for more + details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SETTINGS_CORS_ALLOW_CREDENTIALS: + name: OCIS_CORS_ALLOW_CREDENTIALS;SETTINGS_CORS_ALLOW_CREDENTIALS + defaultValue: "true" + type: bool + description: 'Allow credentials for CORS.See following chapter for more details: + *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SETTINGS_CORS_ALLOW_HEADERS: + name: OCIS_CORS_ALLOW_HEADERS;SETTINGS_CORS_ALLOW_HEADERS + defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id]' + type: '[]string' + description: 'A list of allowed CORS headers. See following chapter for more details: + *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SETTINGS_CORS_ALLOW_METHODS: + name: OCIS_CORS_ALLOW_METHODS;SETTINGS_CORS_ALLOW_METHODS + defaultValue: '[GET POST PUT PATCH DELETE OPTIONS]' + type: '[]string' + description: 'A list of allowed CORS methods. See following chapter for more details: + *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SETTINGS_CORS_ALLOW_ORIGINS: + name: OCIS_CORS_ALLOW_ORIGINS;SETTINGS_CORS_ALLOW_ORIGINS + defaultValue: '[*]' + type: '[]string' + description: 'A list of allowed CORS origins. See following chapter for more details: + *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SETTINGS_DATA_PATH: + name: SETTINGS_DATA_PATH + defaultValue: /var/lib/ocis/settings + type: string + description: The directory where the filesystem storage will store ocis settings. + If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/settings. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SETTINGS_DEBUG_ADDR: + name: SETTINGS_DEBUG_ADDR + defaultValue: 127.0.0.1:9194 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SETTINGS_DEBUG_PPROF: + name: SETTINGS_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SETTINGS_DEBUG_TOKEN: + name: SETTINGS_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SETTINGS_DEBUG_ZPAGES: + name: SETTINGS_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing in-memory + traces. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SETTINGS_DIRECTORY_CACHE_TABLE: + name: SETTINGS_DIRECTORY_CACHE_TABLE + defaultValue: settings_dirs + type: string + description: The database table the store should use for the directory cache. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SETTINGS_FILE_CACHE_TABLE: + name: SETTINGS_FILE_CACHE_TABLE + defaultValue: settings_files + type: string + description: The database table the store should use for the file cache. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SETTINGS_GRPC_ADDR: + name: SETTINGS_GRPC_ADDR + defaultValue: 127.0.0.1:9191 + type: string + description: The bind address of the GRPC service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SETTINGS_HTTP_ADDR: + name: SETTINGS_HTTP_ADDR + defaultValue: 127.0.0.1:9190 + type: string + description: The bind address of the HTTP service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SETTINGS_HTTP_ROOT: + name: SETTINGS_HTTP_ROOT + defaultValue: / + type: string + description: Subdirectory that serves as the root for this HTTP service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SETTINGS_JWT_SECRET: + name: OCIS_JWT_SECRET;SETTINGS_JWT_SECRET + defaultValue: "" + type: string + description: The secret to mint and validate jwt tokens. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SETTINGS_LOG_COLOR: + name: OCIS_LOG_COLOR;SETTINGS_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SETTINGS_LOG_FILE: + name: OCIS_LOG_FILE;SETTINGS_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SETTINGS_LOG_LEVEL: + name: OCIS_LOG_LEVEL;SETTINGS_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SETTINGS_LOG_PRETTY: + name: OCIS_LOG_PRETTY;SETTINGS_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SETTINGS_SERVICE_ACCOUNT_IDS: + name: SETTINGS_SERVICE_ACCOUNT_IDS;OCIS_SERVICE_ACCOUNT_ID + defaultValue: '[service-user-id]' + type: '[]string' + description: 'The list of all service account IDs. These will be assigned the hidden + ''service-account'' role. Note: When using ''OCIS_SERVICE_ACCOUNT_ID'' this will + contain only one value while ''SETTINGS_SERVICE_ACCOUNT_IDS'' can have multiple. + See the ''auth-service'' service description for more details about service accounts.' + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SETTINGS_SETUP_DEFAULT_ASSIGNMENTS: + name: SETTINGS_SETUP_DEFAULT_ASSIGNMENTS;IDM_CREATE_DEMO_USERS + defaultValue: "false" + type: bool + description: The default role assignments the demo users should be setup. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SETTINGS_STORE_TYPE: + name: SETTINGS_STORE_TYPE + defaultValue: metadata + type: string + description: Store type configures the persistency driver. Supported values are + 'metadata' and 'filesystem'. Note that the value 'filesystem' is considered deprecated. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SETTINGS_SYSTEM_USER_ID: + name: OCIS_SYSTEM_USER_ID;SETTINGS_SYSTEM_USER_ID + defaultValue: "" + type: string + description: ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID + for the STORAGE-SYSTEM system user in this config option which is then used to + reference the user. Any reasonable long string is possible, preferably this would + be an UUIDv4 format. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SETTINGS_SYSTEM_USER_IDP: + name: OCIS_SYSTEM_USER_IDP;SETTINGS_SYSTEM_USER_IDP + defaultValue: internal + type: string + description: IDP of the oCIS STORAGE-SYSTEM system user. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SETTINGS_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;SETTINGS_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SETTINGS_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;SETTINGS_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SETTINGS_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;SETTINGS_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SETTINGS_TRACING_TYPE: + name: OCIS_TRACING_TYPE;SETTINGS_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_DEBUG_ADDR: + name: SHARING_DEBUG_ADDR + defaultValue: 127.0.0.1:9151 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_DEBUG_PPROF: + name: SHARING_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_DEBUG_TOKEN: + name: SHARING_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_DEBUG_ZPAGES: + name: SHARING_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing in-memory + traces. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_ENABLE_RESHARING: + name: OCIS_ENABLE_RESHARING;FRONTEND_ENABLE_RESHARING + defaultValue: "true" + type: bool + description: Changing this value is NOT supported. Enables the support for resharing + in the clients. + introductionVersion: pre5.0 + deprecationVersion: "5.0" + removalVersion: "" + deprecationInfo: Resharing will be removed in the future. +SHARING_EVENTS_AUTH_PASSWORD: + name: OCIS_EVENTS_AUTH_PASSWORD;SHARING_EVENTS_AUTH_PASSWORD + defaultValue: "" + type: string + description: Password for the events broker. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_EVENTS_AUTH_USERNAME: + name: OCIS_EVENTS_AUTH_USERNAME;SHARING_EVENTS_AUTH_USERNAME + defaultValue: "" + type: string + description: Username for the events broker. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_EVENTS_CLUSTER: + name: OCIS_EVENTS_CLUSTER;SHARING_EVENTS_CLUSTER + defaultValue: ocis-cluster + type: string + description: The clusterID of the event system. The event system is the message + queuing service. It is used as message broker for the microservice architecture. + Mandatory when using NATS as event system. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_EVENTS_ENABLE_TLS: + name: OCIS_EVENTS_ENABLE_TLS;SHARING_EVENTS_ENABLE_TLS + defaultValue: "false" + type: bool + description: Enable TLS for the connection to the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_EVENTS_ENDPOINT: + name: OCIS_EVENTS_ENDPOINT;SHARING_EVENTS_ENDPOINT + defaultValue: 127.0.0.1:9233 + type: string + description: The address of the event system. The event system is the message queuing + service. It is used as message broker for the microservice architecture. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_EVENTS_TLS_INSECURE: + name: OCIS_INSECURE;SHARING_EVENTS_TLS_INSECURE + defaultValue: "false" + type: bool + description: Whether to verify the server TLS certificates. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_EVENTS_TLS_ROOT_CA_CERTIFICATE: + name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;SHARING_EVENTS_TLS_ROOT_CA_CERTIFICATE + defaultValue: "" + type: string + description: The root CA certificate used to validate the server's TLS certificate. + If provided SHARING_EVENTS_TLS_INSECURE will be seen as false. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_GRPC_ADDR: + name: SHARING_GRPC_ADDR + defaultValue: 127.0.0.1:9150 + type: string + description: The bind address of the GRPC service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_GRPC_PROTOCOL: + name: SHARING_GRPC_PROTOCOL + defaultValue: tcp + type: string + description: The transport protocol of the GRPC service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_JWT_SECRET: + name: OCIS_JWT_SECRET;SHARING_JWT_SECRET + defaultValue: "" + type: string + description: The secret to mint and validate jwt tokens. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_LOG_COLOR: + name: OCIS_LOG_COLOR;SHARING_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_LOG_FILE: + name: OCIS_LOG_FILE;SHARING_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_LOG_LEVEL: + name: OCIS_LOG_LEVEL;SHARING_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_LOG_PRETTY: + name: OCIS_LOG_PRETTY;SHARING_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_OCM_PROVIDER_AUTHORIZER_DRIVER: + name: SHARING_OCM_PROVIDER_AUTHORIZER_DRIVER + defaultValue: json + type: string + description: Driver to be used to persist ocm invites. Supported value is only 'json'. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_PASSWORD_POLICY_BANNED_PASSWORDS_LIST: + name: OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST;FRONTEND_PASSWORD_POLICY_BANNED_PASSWORDS_LIST + defaultValue: "" + type: string + description: Path to the 'banned passwords list' file. See the documentation for + more details. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_PASSWORD_POLICY_DISABLED: + name: OCIS_PASSWORD_POLICY_DISABLED;FRONTEND_PASSWORD_POLICY_DISABLED + defaultValue: "false" + type: bool + description: Disable the password policy. Defaults to false if not set. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_PASSWORD_POLICY_MIN_CHARACTERS: + name: OCIS_PASSWORD_POLICY_MIN_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_CHARACTERS + defaultValue: "8" + type: int + description: Define the minimum password length. Defaults to 8 if not set. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_PASSWORD_POLICY_MIN_DIGITS: + name: OCIS_PASSWORD_POLICY_MIN_DIGITS;FRONTEND_PASSWORD_POLICY_MIN_DIGITS + defaultValue: "1" + type: int + description: Define the minimum number of digits. Defaults to 1 if not set. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS: + name: OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS + defaultValue: "1" + type: int + description: Define the minimum number of uppercase letters. Defaults to 1 if not + set. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS: + name: OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS + defaultValue: "1" + type: int + description: Define the minimum number of characters from the special characters + list to be present. Defaults to 1 if not set. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS: + name: OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS + defaultValue: "1" + type: int + description: Define the minimum number of lowercase letters. Defaults to 1 if not + set. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_PUBLIC_CS3_PROVIDER_ADDR: + name: SHARING_PUBLIC_CS3_PROVIDER_ADDR + defaultValue: com.owncloud.api.storage-system + type: string + description: GRPC address of the STORAGE-SYSTEM service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_PUBLIC_CS3_SYSTEM_USER_API_KEY: + name: OCIS_SYSTEM_USER_API_KEY;SHARING_PUBLIC_CS3_SYSTEM_USER_API_KEY + defaultValue: "" + type: string + description: API key for the STORAGE-SYSTEM system user. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_PUBLIC_CS3_SYSTEM_USER_ID: + name: OCIS_SYSTEM_USER_ID;SHARING_PUBLIC_CS3_SYSTEM_USER_ID + defaultValue: "" + type: string + description: ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID + for the STORAGE-SYSTEM system user in this config option which is then used to + reference the user. Any reasonable long string is possible, preferably this would + be an UUIDv4 format. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_PUBLIC_CS3_SYSTEM_USER_IDP: + name: OCIS_SYSTEM_USER_IDP;SHARING_PUBLIC_CS3_SYSTEM_USER_IDP + defaultValue: internal + type: string + description: IDP of the oCIS STORAGE-SYSTEM system user. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_PUBLIC_DRIVER: + name: SHARING_PUBLIC_DRIVER + defaultValue: jsoncs3 + type: string + description: Driver to be used to persist public shares. Supported values are 'jsoncs3', + 'json' and 'cs3' (deprecated). + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_PUBLIC_JSON_FILE: + name: SHARING_PUBLIC_JSON_FILE + defaultValue: /var/lib/ocis/storage/publicshares.json + type: string + description: Path to the JSON file where public share meta-data will be stored. + This JSON file contains the information about public shares that have been created. + If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_PUBLIC_JSONCS3_PROVIDER_ADDR: + name: SHARING_PUBLIC_JSONCS3_PROVIDER_ADDR + defaultValue: com.owncloud.api.storage-system + type: string + description: GRPC address of the STORAGE-SYSTEM service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_PUBLIC_JSONCS3_SYSTEM_USER_API_KEY: + name: OCIS_SYSTEM_USER_API_KEY;SHARING_PUBLIC_JSONCS3_SYSTEM_USER_API_KEY + defaultValue: "" + type: string + description: API key for the STORAGE-SYSTEM system user. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_PUBLIC_JSONCS3_SYSTEM_USER_ID: + name: OCIS_SYSTEM_USER_ID;SHARING_PUBLIC_JSONCS3_SYSTEM_USER_ID + defaultValue: "" + type: string + description: ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID + for the STORAGE-SYSTEM system user in this config option which is then used to + reference the user. Any reasonable long string is possible, preferably this would + be an UUIDv4 format. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_PUBLIC_JSONCS3_SYSTEM_USER_IDP: + name: OCIS_SYSTEM_USER_IDP;SHARING_PUBLIC_JSONCS3_SYSTEM_USER_IDP + defaultValue: internal + type: string + description: IDP of the oCIS STORAGE-SYSTEM system user. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD: + name: OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD + defaultValue: "true" + type: bool + description: Set this to true if you want to enforce passwords on all public shares. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD: + name: OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD + defaultValue: "false" + type: bool + description: Set this to true if you want to enforce passwords on Uploader, Editor + or Contributor shares. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_SKIP_USER_GROUPS_IN_TOKEN: + name: SHARING_SKIP_USER_GROUPS_IN_TOKEN + defaultValue: "false" + type: bool + description: Disables the loading of user's group memberships from the reva access + token. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;SHARING_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;SHARING_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;SHARING_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_TRACING_TYPE: + name: OCIS_TRACING_TYPE;SHARING_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_USER_CS3_PROVIDER_ADDR: + name: SHARING_USER_CS3_PROVIDER_ADDR + defaultValue: com.owncloud.api.storage-system + type: string + description: GRPC address of the STORAGE-SYSTEM service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_USER_CS3_SYSTEM_USER_API_KEY: + name: OCIS_SYSTEM_USER_API_KEY;SHARING_USER_CS3_SYSTEM_USER_API_KEY + defaultValue: "" + type: string + description: API key for the STORAGE-SYSTEM system user. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_USER_CS3_SYSTEM_USER_ID: + name: OCIS_SYSTEM_USER_ID;SHARING_USER_CS3_SYSTEM_USER_ID + defaultValue: "" + type: string + description: ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID + for the STORAGE-SYSTEM system user in this config option which is then used to + reference the user. Any reasonable long string is possible, preferably this would + be an UUIDv4 format. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_USER_CS3_SYSTEM_USER_IDP: + name: OCIS_SYSTEM_USER_IDP;SHARING_USER_CS3_SYSTEM_USER_IDP + defaultValue: internal + type: string + description: IDP of the oCIS STORAGE-SYSTEM system user. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_USER_DRIVER: + name: SHARING_USER_DRIVER + defaultValue: jsoncs3 + type: string + description: Driver to be used to persist shares. Supported values are 'jsoncs3', + 'json', 'cs3' (deprecated) and 'owncloudsql'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_USER_JSON_FILE: + name: SHARING_USER_JSON_FILE + defaultValue: /var/lib/ocis/storage/shares.json + type: string + description: Path to the JSON file where shares will be persisted. If not defined, + the root directory derives from $OCIS_BASE_DATA_PATH:/storage. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_USER_JSONCS3_CACHE_TTL: + name: SHARING_USER_JSONCS3_CACHE_TTL + defaultValue: "0" + type: int + description: TTL for the internal caches in seconds. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_USER_JSONCS3_PROVIDER_ADDR: + name: SHARING_USER_JSONCS3_PROVIDER_ADDR + defaultValue: com.owncloud.api.storage-system + type: string + description: GRPC address of the STORAGE-SYSTEM service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_USER_JSONCS3_SYSTEM_USER_API_KEY: + name: OCIS_SYSTEM_USER_API_KEY + defaultValue: "" + type: string + description: API key for the STORAGE-SYSTEM system user. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_USER_JSONCS3_SYSTEM_USER_ID: + name: OCIS_SYSTEM_USER_ID;SETTINGS_SYSTEM_USER_ID + defaultValue: "" + type: string + description: ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID + for the STORAGE-SYSTEM system user in this config option which is then used to + reference the user. Any reasonable long string is possible, preferably this would + be an UUIDv4 format. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_USER_JSONCS3_SYSTEM_USER_IDP: + name: OCIS_SYSTEM_USER_IDP;SETTINGS_SYSTEM_USER_IDP + defaultValue: internal + type: string + description: IDP of the oCIS STORAGE-SYSTEM system user. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_USER_OWNCLOUDSQL_DB_HOST: + name: SHARING_USER_OWNCLOUDSQL_DB_HOST + defaultValue: mysql + type: string + description: Hostname or IP of the database server. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_USER_OWNCLOUDSQL_DB_NAME: + name: SHARING_USER_OWNCLOUDSQL_DB_NAME + defaultValue: owncloud + type: string + description: Name of the database to be used. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_USER_OWNCLOUDSQL_DB_PASSWORD: + name: SHARING_USER_OWNCLOUDSQL_DB_PASSWORD + defaultValue: "" + type: string + description: Password for the database. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_USER_OWNCLOUDSQL_DB_PORT: + name: SHARING_USER_OWNCLOUDSQL_DB_PORT + defaultValue: "3306" + type: int + description: Port that the database server is listening on. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_USER_OWNCLOUDSQL_DB_USERNAME: + name: SHARING_USER_OWNCLOUDSQL_DB_USERNAME + defaultValue: owncloud + type: string + description: Username for the database. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SHARING_USER_OWNCLOUDSQL_USER_STORAGE_MOUNT_ID: + name: SHARING_USER_OWNCLOUDSQL_USER_STORAGE_MOUNT_ID + defaultValue: "" + type: string + description: Mount ID of the ownCloudSQL users storage for mapping ownCloud 10 shares. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SSE_CORS_ALLOW_CREDENTIALS: + name: OCIS_CORS_ALLOW_CREDENTIALS;SSE_CORS_ALLOW_CREDENTIALS + defaultValue: "true" + type: bool + description: 'Allow credentials for CORS.See following chapter for more details: + *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.' + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SSE_CORS_ALLOW_HEADERS: + name: OCIS_CORS_ALLOW_HEADERS;SSE_CORS_ALLOW_HEADERS + defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id + Ocs-Apirequest]' + type: '[]string' + description: 'A list of allowed CORS headers. See following chapter for more details: + *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. + See the Environment Variable Types description for more details.' + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SSE_CORS_ALLOW_METHODS: + name: OCIS_CORS_ALLOW_METHODS;SSE_CORS_ALLOW_METHODS + defaultValue: '[GET]' + type: '[]string' + description: 'A list of allowed CORS methods. See following chapter for more details: + *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. + See the Environment Variable Types description for more details.' + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SSE_CORS_ALLOW_ORIGINS: + name: OCIS_CORS_ALLOW_ORIGINS;SSE_CORS_ALLOW_ORIGINS + defaultValue: '[*]' + type: '[]string' + description: 'A list of allowed CORS origins. See following chapter for more details: + *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. + See the Environment Variable Types description for more details.' + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SSE_DEBUG_ADDR: + name: SSE_DEBUG_ADDR + defaultValue: 127.0.0.1:9135 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SSE_DEBUG_PPROF: + name: SSE_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SSE_DEBUG_TOKEN: + name: SSE_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SSE_DEBUG_ZPAGES: + name: SSE_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing in-memory + traces. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SSE_EVENTS_AUTH_PASSWORD: + name: OCIS_EVENTS_AUTH_PASSWORD;SSE_EVENTS_AUTH_PASSWORD + defaultValue: "" + type: string + description: The password to authenticate with the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SSE_EVENTS_AUTH_USERNAME: + name: OCIS_EVENTS_AUTH_USERNAME;SSE_EVENTS_AUTH_USERNAME + defaultValue: "" + type: string + description: The username to authenticate with the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SSE_EVENTS_CLUSTER: + name: OCIS_EVENTS_CLUSTER;SSE_EVENTS_CLUSTER + defaultValue: ocis-cluster + type: string + description: The clusterID of the event system. The event system is the message + queuing service. It is used as message broker for the microservice architecture. + Mandatory when using NATS as event system. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SSE_EVENTS_ENABLE_TLS: + name: OCIS_EVENTS_ENABLE_TLS;SSE_EVENTS_ENABLE_TLS + defaultValue: "false" + type: bool + description: Enable TLS for the connection to the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SSE_EVENTS_ENDPOINT: + name: OCIS_EVENTS_ENDPOINT;SSE_EVENTS_ENDPOINT + defaultValue: 127.0.0.1:9233 + type: string + description: The address of the event system. The event system is the message queuing + service. It is used as message broker for the microservice architecture. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SSE_EVENTS_TLS_INSECURE: + name: OCIS_INSECURE;SSE_EVENTS_TLS_INSECURE + defaultValue: "false" + type: bool + description: Whether to verify the server TLS certificates. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SSE_EVENTS_TLS_ROOT_CA_CERTIFICATE: + name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;SSE_EVENTS_TLS_ROOT_CA_CERTIFICATE + defaultValue: "" + type: string + description: The root CA certificate used to validate the server's TLS certificate. + If provided SSE_EVENTS_TLS_INSECURE will be seen as false. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SSE_HTTP_ADDR: + name: SSE_HTTP_ADDR + defaultValue: 127.0.0.1:0 + type: string + description: The bind address of the HTTP service. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SSE_HTTP_ROOT: + name: SSE_HTTP_ROOT + defaultValue: / + type: string + description: Subdirectory that serves as the root for this HTTP service. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SSE_JWT_SECRET: + name: OCIS_JWT_SECRET;SSE_JWT_SECRET + defaultValue: "" + type: string + description: The secret to mint and validate jwt tokens. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SSE_LOG_COLOR: + name: OCIS_LOG_COLOR;SSE_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SSE_LOG_FILE: + name: OCIS_LOG_FILE;SSE_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SSE_LOG_LEVEL: + name: OCIS_LOG_LEVEL;SSE_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SSE_LOG_PRETTY: + name: OCIS_LOG_PRETTY;SSE_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SSE_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;SSE_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SSE_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;SSE_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SSE_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;SSE_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SSE_TRACING_TYPE: + name: OCIS_TRACING_TYPE;SSE_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_GATEWAY_GRPC_ADDR: + name: STORAGE_GATEWAY_GRPC_ADDR + defaultValue: com.owncloud.api.storage-system + type: string + description: GRPC address of the STORAGE-SYSTEM service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_GRPC_ADDR: + name: STORAGE_GRPC_ADDR + defaultValue: com.owncloud.api.storage-system + type: string + description: GRPC address of the STORAGE-SYSTEM service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_PUBLICLINK_DEBUG_ADDR: + name: STORAGE_PUBLICLINK_DEBUG_ADDR + defaultValue: 127.0.0.1:9179 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_PUBLICLINK_DEBUG_PPROF: + name: STORAGE_PUBLICLINK_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_PUBLICLINK_DEBUG_TOKEN: + name: STORAGE_PUBLICLINK_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_PUBLICLINK_DEBUG_ZPAGES: + name: STORAGE_PUBLICLINK_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing in-memory + traces. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_PUBLICLINK_GRPC_ADDR: + name: STORAGE_PUBLICLINK_GRPC_ADDR + defaultValue: 127.0.0.1:9178 + type: string + description: The bind address of the GRPC service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_PUBLICLINK_GRPC_PROTOCOL: + name: STORAGE_PUBLICLINK_GRPC_PROTOCOL + defaultValue: tcp + type: string + description: The transport protocol of the GRPC service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_PUBLICLINK_JWT_SECRET: + name: OCIS_JWT_SECRET;STORAGE_PUBLICLINK_JWT_SECRET + defaultValue: "" + type: string + description: The secret to mint and validate jwt tokens. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_PUBLICLINK_LOG_COLOR: + name: OCIS_LOG_COLOR;STORAGE_PUBLICLINK_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_PUBLICLINK_LOG_FILE: + name: OCIS_LOG_FILE;STORAGE_PUBLICLINK_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_PUBLICLINK_LOG_LEVEL: + name: OCIS_LOG_LEVEL;STORAGE_PUBLICLINK_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_PUBLICLINK_LOG_PRETTY: + name: OCIS_LOG_PRETTY;STORAGE_PUBLICLINK_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_PUBLICLINK_SKIP_USER_GROUPS_IN_TOKEN: + name: STORAGE_PUBLICLINK_SKIP_USER_GROUPS_IN_TOKEN + defaultValue: "false" + type: bool + description: Disables the loading of user's group memberships from the reva access + token. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_PUBLICLINK_STORAGE_PROVIDER_MOUNT_ID: + name: STORAGE_PUBLICLINK_STORAGE_PROVIDER_MOUNT_ID + defaultValue: 7993447f-687f-490d-875c-ac95e89a62a4 + type: string + description: Mount ID of this storage. Admins can set the ID for the storage in + this config option manually which is then used to reference the storage. Any reasonable + long string is possible, preferably this would be an UUIDv4 format. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_PUBLICLINK_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;STORAGE_PUBLICLINK_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_PUBLICLINK_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;STORAGE_PUBLICLINK_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_PUBLICLINK_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;STORAGE_PUBLICLINK_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_PUBLICLINK_TRACING_TYPE: + name: OCIS_TRACING_TYPE;STORAGE_PUBLICLINK_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SHARES_DEBUG_ADDR: + name: STORAGE_SHARES_DEBUG_ADDR + defaultValue: 127.0.0.1:9156 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SHARES_DEBUG_PPROF: + name: STORAGE_SHARES_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SHARES_DEBUG_TOKEN: + name: STORAGE_SHARES_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SHARES_DEBUG_ZPAGES: + name: STORAGE_SHARES_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing in-memory + traces. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SHARES_GRPC_ADDR: + name: STORAGE_SHARES_GRPC_ADDR + defaultValue: 127.0.0.1:9154 + type: string + description: The bind address of the GRPC service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SHARES_GRPC_PROTOCOL: + name: STORAGE_SHARES_GRPC_PROTOCOL + defaultValue: tcp + type: string + description: The transport protocol of the GRPC service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SHARES_JWT_SECRET: + name: OCIS_JWT_SECRET;STORAGE_SHARES_JWT_SECRET + defaultValue: "" + type: string + description: The secret to mint and validate jwt tokens. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SHARES_LOG_COLOR: + name: OCIS_LOG_COLOR;STORAGE_SHARES_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SHARES_LOG_FILE: + name: OCIS_LOG_FILE;STORAGE_SHARES_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SHARES_LOG_LEVEL: + name: OCIS_LOG_LEVEL;STORAGE_SHARES_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SHARES_LOG_PRETTY: + name: OCIS_LOG_PRETTY;STORAGE_SHARES_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SHARES_MOUNT_ID: + name: STORAGE_SHARES_MOUNT_ID + defaultValue: 7639e57c-4433-4a12-8201-722fd0009154 + type: string + description: Mount ID of this storage. Admins can set the ID for the storage in + this config option manually which is then used to reference the storage. Any reasonable + long string is possible, preferably this would be an UUIDv4 format. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SHARES_READ_ONLY: + name: STORAGE_SHARES_READ_ONLY + defaultValue: "false" + type: bool + description: Set this storage to be read-only. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SHARES_SKIP_USER_GROUPS_IN_TOKEN: + name: STORAGE_SHARES_SKIP_USER_GROUPS_IN_TOKEN + defaultValue: "false" + type: bool + description: Disables the loading of user's group memberships from the reva access + token. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SHARES_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;STORAGE_SHARES_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SHARES_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;STORAGE_SHARES_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SHARES_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;STORAGE_SHARES_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SHARES_TRACING_TYPE: + name: OCIS_TRACING_TYPE;STORAGE_SHARES_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SHARES_USER_SHARE_PROVIDER_ENDPOINT: + name: STORAGE_SHARES_USER_SHARE_PROVIDER_ENDPOINT + defaultValue: com.owncloud.api.sharing + type: string + description: GRPC endpoint of the SHARING service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SYSTEM_CACHE_AUTH_PASSWORD: + name: OCIS_CACHE_AUTH_PASSWORD;STORAGE_SYSTEM_CACHE_AUTH_PASSWORD + defaultValue: "" + type: string + description: Password for the configured store. Only applies when store type 'nats-js-kv' + is configured. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SYSTEM_CACHE_AUTH_USERNAME: + name: OCIS_CACHE_AUTH_USERNAME;STORAGE_SYSTEM_CACHE_AUTH_USERNAME + defaultValue: "" + type: string + description: Username for the configured store. Only applies when store type 'nats-js-kv' + is configured. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SYSTEM_CACHE_DISABLE_PERSISTENCE: + name: OCIS_CACHE_DISABLE_PERSISTENCE;STORAGE_SYSTEM_CACHE_DISABLE_PERSISTENCE + defaultValue: "false" + type: bool + description: Disables persistence of the cache. Only applies when store type 'nats-js-kv' + is configured. Defaults to false. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SYSTEM_CACHE_SIZE: + name: OCIS_CACHE_SIZE;STORAGE_SYSTEM_CACHE_SIZE + defaultValue: "0" + type: int + description: The maximum quantity of items in the user info cache. Only applies + when store type 'ocmem' is configured. Defaults to 512 which is derived from the + ocmem package though not exclicitely set as default. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SYSTEM_CACHE_STORE: + name: OCIS_CACHE_STORE;STORAGE_SYSTEM_CACHE_STORE + defaultValue: memory + type: string + description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'', + ''nats-js-kv'', ''noop''. See the text description for details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SYSTEM_CACHE_STORE_NODES: + name: OCIS_CACHE_STORE_NODES;STORAGE_SYSTEM_CACHE_STORE_NODES + defaultValue: '[127.0.0.1:9233]' + type: '[]string' + description: A list of nodes to access the configured store. This has no effect + when 'memory' or 'ocmem' stores are configured. Note that the behaviour how nodes + are used is dependent on the library of the configured store. See the Environment + Variable Types description for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SYSTEM_CACHE_TTL: + name: OCIS_CACHE_TTL;STORAGE_SYSTEM_CACHE_TTL + defaultValue: 24m0s + type: Duration + description: Default time to live for user info in the user info cache. Only applied + when access tokens has no expiration. See the Environment Variable Types description + for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SYSTEM_DATA_SERVER_URL: + name: STORAGE_SYSTEM_DATA_SERVER_URL + defaultValue: http://localhost:9216/data + type: string + description: URL of the data server, needs to be reachable by other services using + this service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SYSTEM_DEBUG_ADDR: + name: STORAGE_SYSTEM_DEBUG_ADDR + defaultValue: 127.0.0.1:9217 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SYSTEM_DEBUG_PPROF: + name: STORAGE_SYSTEM_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SYSTEM_DEBUG_TOKEN: + name: STORAGE_SYSTEM_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SYSTEM_DEBUG_ZPAGES: + name: STORAGE_SYSTEM_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing in-memory + traces. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SYSTEM_DRIVER: + name: STORAGE_SYSTEM_DRIVER + defaultValue: ocis + type: string + description: The driver which should be used by the service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SYSTEM_GRPC_ADDR: + name: STORAGE_SYSTEM_GRPC_ADDR + defaultValue: 127.0.0.1:9215 + type: string + description: The bind address of the GRPC service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SYSTEM_GRPC_PROTOCOL: + name: STORAGE_SYSTEM_GRPC_PROTOCOL + defaultValue: tcp + type: string + description: The transport protocol of the GPRC service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SYSTEM_HTTP_ADDR: + name: STORAGE_SYSTEM_HTTP_ADDR + defaultValue: 127.0.0.1:9216 + type: string + description: The bind address of the HTTP service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SYSTEM_HTTP_PROTOCOL: + name: STORAGE_SYSTEM_HTTP_PROTOCOL + defaultValue: tcp + type: string + description: The transport protocol of the HTTP service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SYSTEM_JWT_SECRET: + name: OCIS_JWT_SECRET;STORAGE_SYSTEM_JWT_SECRET + defaultValue: "" + type: string + description: The secret to mint and validate jwt tokens. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SYSTEM_LOG_COLOR: + name: OCIS_LOG_COLOR;STORAGE_SYSTEM_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SYSTEM_LOG_FILE: + name: OCIS_LOG_FILE;STORAGE_SYSTEM_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SYSTEM_LOG_LEVEL: + name: OCIS_LOG_LEVEL;STORAGE_SYSTEM_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SYSTEM_LOG_PRETTY: + name: OCIS_LOG_PRETTY;STORAGE_SYSTEM_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SYSTEM_OCIS_LOCK_CYCLE_DURATION_FACTOR: + name: STORAGE_SYSTEM_OCIS_LOCK_CYCLE_DURATION_FACTOR + defaultValue: "30" + type: int + description: When trying to lock files, ocis will multiply the cycle with this factor + and use it as a millisecond timeout. Values of 0 or below will be ignored and + the default value of 30 will be used. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SYSTEM_OCIS_MAX_ACQUIRE_LOCK_CYCLES: + name: STORAGE_SYSTEM_OCIS_MAX_ACQUIRE_LOCK_CYCLES + defaultValue: "20" + type: int + description: When trying to lock files, ocis will try this amount of times to acquire + the lock before failing. After each try it will wait for an increasing amount + of time. Values of 0 or below will be ignored and the default value of 20 will + be used. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SYSTEM_OCIS_METADATA_BACKEND: + name: OCIS_DECOMPOSEDFS_METADATA_BACKEND;STORAGE_SYSTEM_OCIS_METADATA_BACKEND + defaultValue: messagepack + type: string + description: The backend to use for storing metadata. Supported values are 'messagepack' + and 'xattrs'. The setting 'messagepack' uses a dedicated file to store file metadata + while 'xattrs' uses extended attributes to store file metadata. Defaults to 'messagepack'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SYSTEM_OCIS_ROOT: + name: STORAGE_SYSTEM_OCIS_ROOT + defaultValue: /var/lib/ocis/storage/metadata + type: string + description: Path for the directory where the STORAGE-SYSTEM service stores it's + persistent data. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SYSTEM_SKIP_USER_GROUPS_IN_TOKEN: + name: STORAGE_SYSTEM_SKIP_USER_GROUPS_IN_TOKEN + defaultValue: "false" + type: bool + description: Disables the loading of user's group memberships from the reva access + token. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SYSTEM_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;STORAGE_SYSTEM_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SYSTEM_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;STORAGE_SYSTEM_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SYSTEM_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;STORAGE_SYSTEM_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_SYSTEM_TRACING_TYPE: + name: OCIS_TRACING_TYPE;STORAGE_SYSTEM_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_ASYNC_PROPAGATOR_PROPAGATION_DELAY: + name: STORAGE_USERS_ASYNC_PROPAGATOR_PROPAGATION_DELAY + defaultValue: 0s + type: Duration + description: The delay between a change made to a tree and the propagation start + on treesize and treetime. Multiple propagations are computed to a single one. + See the Environment Variable Types description for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_CLI_MAX_ATTEMPTS_RENAME_FILE: + name: STORAGE_USERS_CLI_MAX_ATTEMPTS_RENAME_FILE + defaultValue: "0" + type: int + description: The maximum number of attempts to rename a file when a user restores + a file to an existing destination with the same name. The minimum value is 100. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_CORS_ALLOW_CREDENTIALS: + name: OCIS_CORS_ALLOW_CREDENTIALS;STORAGE_USERS_CORS_ALLOW_CREDENTIALS + defaultValue: "true" + type: bool + description: 'Allow credentials for CORS.See following chapter for more details: + *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_CORS_ALLOW_HEADERS: + name: OCIS_CORS_ALLOW_HEADERS;STORAGE_USERS_CORS_ALLOW_HEADERS + defaultValue: '[Authorization Origin X-Requested-With X-Request-Id X-HTTP-Method-Override + Content-Type Upload-Length Upload-Offset Tus-Resumable Upload-Metadata Upload-Defer-Length + Upload-Concat Upload-Incomplete Upload-Draft-Interop-Version]' + type: '[]string' + description: 'A list of allowed CORS headers. See following chapter for more details: + *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_CORS_ALLOW_METHODS: + name: OCIS_CORS_ALLOW_METHODS;STORAGE_USERS_CORS_ALLOW_METHODS + defaultValue: '[POST HEAD PATCH OPTIONS GET DELETE]' + type: '[]string' + description: 'A list of allowed CORS methods. See following chapter for more details: + *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_CORS_ALLOW_ORIGINS: + name: OCIS_CORS_ALLOW_ORIGINS;STORAGE_USERS_CORS_ALLOW_ORIGINS + defaultValue: '[*]' + type: '[]string' + description: 'A list of allowed CORS origins. See following chapter for more details: + *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_CORS_EXPOSE_HEADERS: + name: OCIS_CORS_EXPOSE_HEADERS;STORAGE_USERS_CORS_EXPOSE_HEADERS + defaultValue: '[Upload-Offset Location Upload-Length Tus-Version Tus-Resumable Tus-Max-Size + Tus-Extension Upload-Metadata Upload-Defer-Length Upload-Concat Upload-Incomplete + Upload-Draft-Interop-Version]' + type: '[]string' + description: 'A list of exposed CORS headers. See following chapter for more details: + *Access-Control-Expose-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_CORS_MAX_AGE: + name: OCIS_CORS_MAX_AGE;STORAGE_USERS_CORS_MAX_AGE + defaultValue: "86400" + type: uint + description: 'The max cache duration of preflight headers. See following chapter + for more details: *Access-Control-Max-Age* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_DATA_GATEWAY_URL: + name: STORAGE_USERS_DATA_GATEWAY_URL + defaultValue: https://localhost:9200/data + type: string + description: URL of the data gateway server + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_DATA_SERVER_URL: + name: STORAGE_USERS_DATA_SERVER_URL + defaultValue: http://localhost:9158/data + type: string + description: URL of the data server, needs to be reachable by the data gateway provided + by the frontend service or the user if directly exposed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_DEBUG_ADDR: + name: STORAGE_USERS_DEBUG_ADDR + defaultValue: 127.0.0.1:9159 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_DEBUG_PPROF: + name: STORAGE_USERS_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_DEBUG_TOKEN: + name: STORAGE_USERS_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_DEBUG_ZPAGES: + name: STORAGE_USERS_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing in-memory + traces. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_DRIVER: + name: STORAGE_USERS_DRIVER + defaultValue: ocis + type: string + description: 'The storage driver which should be used by the service. Defaults to + ''ocis'', Supported values are: ''ocis'', ''s3ng'' and ''owncloudsql''. The ''ocis'' + driver stores all data (blob and meta data) in an POSIX compliant volume. The + ''s3ng'' driver stores metadata in a POSIX compliant volume and uploads blobs + to the s3 bucket.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_EVENTS_AUTH_PASSWORD: + name: OCIS_EVENTS_AUTH_PASSWORD;STORAGE_USERS_EVENTS_AUTH_PASSWORD + defaultValue: "" + type: string + description: The password to authenticate with the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_EVENTS_AUTH_USERNAME: + name: OCIS_EVENTS_AUTH_USERNAME;STORAGE_USERS_EVENTS_AUTH_USERNAME + defaultValue: "" + type: string + description: The username to authenticate with the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_EVENTS_CLUSTER: + name: OCIS_EVENTS_CLUSTER;STORAGE_USERS_EVENTS_CLUSTER + defaultValue: ocis-cluster + type: string + description: The clusterID of the event system. The event system is the message + queuing service. It is used as message broker for the microservice architecture. + Mandatory when using NATS as event system. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_EVENTS_ENABLE_TLS: + name: OCIS_EVENTS_ENABLE_TLS;STORAGE_USERS_EVENTS_ENABLE_TLS + defaultValue: "false" + type: bool + description: Enable TLS for the connection to the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_EVENTS_ENDPOINT: + name: OCIS_EVENTS_ENDPOINT;STORAGE_USERS_EVENTS_ENDPOINT + defaultValue: 127.0.0.1:9233 + type: string + description: The address of the event system. The event system is the message queuing + service. It is used as message broker for the microservice architecture. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_EVENTS_NUM_CONSUMERS: + name: STORAGE_USERS_EVENTS_NUM_CONSUMERS + defaultValue: "0" + type: int + description: The amount of concurrent event consumers to start. Event consumers + are used for post-processing files. Multiple consumers increase parallelisation, + but will also increase CPU and memory demands. The setting has no effect when + the OCIS_ASYNC_UPLOADS is set to false. The default and minimum value is 1. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_EVENTS_TLS_INSECURE: + name: OCIS_INSECURE;STORAGE_USERS_EVENTS_TLS_INSECURE + defaultValue: "false" + type: bool + description: Whether to verify the server TLS certificates. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_EVENTS_TLS_ROOT_CA_CERTIFICATE: + name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;STORAGE_USERS_EVENTS_TLS_ROOT_CA_CERTIFICATE + defaultValue: "" + type: string + description: The root CA certificate used to validate the server's TLS certificate. + If provided STORAGE_USERS_EVENTS_TLS_INSECURE will be seen as false. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_EXPOSE_DATA_SERVER: + name: STORAGE_USERS_EXPOSE_DATA_SERVER + defaultValue: "false" + type: bool + description: Exposes the data server directly to users and bypasses the data gateway. + Ensure that the data server address is reachable by users. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_FILEMETADATA_CACHE_AUTH_PASSWORD: + name: OCIS_CACHE_AUTH_PASSWORD;SETTINGS_CACHE_AUTH_PASSWORD + defaultValue: "" + type: string + description: The password to authenticate with the cache. Only applies when store + type 'nats-js-kv' is configured. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_FILEMETADATA_CACHE_AUTH_USERNAME: + name: OCIS_CACHE_AUTH_USERNAME;SETTINGS_CACHE_AUTH_USERNAME + defaultValue: "" + type: string + description: The username to authenticate with the cache. Only applies when store + type 'nats-js-kv' is configured. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_FILEMETADATA_CACHE_DISABLE_PERSISTENCE: + name: OCIS_CACHE_DISABLE_PERSISTENCE;SETTINGS_CACHE_DISABLE_PERSISTENCE + defaultValue: "false" + type: bool + description: Disables persistence of the cache. Only applies when store type 'nats-js-kv' + is configured. Defaults to false. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_FILEMETADATA_CACHE_SIZE: + name: OCIS_CACHE_SIZE;SETTINGS_CACHE_SIZE + defaultValue: "0" + type: int + description: The maximum quantity of items in the cache. Only applies when store + type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package + though not exclicitely set as default. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_FILEMETADATA_CACHE_STORE: + name: OCIS_CACHE_STORE;SETTINGS_CACHE_STORE + defaultValue: memory + type: string + description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'', + ''nats-js-kv'', ''noop''. See the text description for details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_FILEMETADATA_CACHE_STORE_NODES: + name: OCIS_CACHE_STORE_NODES;SETTINGS_CACHE_STORE_NODES + defaultValue: '[127.0.0.1:9233]' + type: '[]string' + description: A list of nodes to access the configured store. This has no effect + when 'memory' or 'ocmem' stores are configured. Note that the behaviour how nodes + are used is dependent on the library of the configured store. See the Environment + Variable Types description for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_FILEMETADATA_CACHE_TTL: + name: OCIS_CACHE_TTL;SETTINGS_CACHE_TTL + defaultValue: 10m0s + type: Duration + description: Default time to live for entries in the cache. Only applied when access + tokens has no expiration. See the Environment Variable Types description for more + details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_GATEWAY_GRPC_ADDR: + name: OCIS_GATEWAY_GRPC_ADDR;GATEWAY_GRPC_ADDR + defaultValue: 127.0.0.1:9142 + type: string + description: The bind address of the GRPC service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_GRACEFUL_SHUTDOWN_TIMEOUT: + name: STORAGE_USERS_GRACEFUL_SHUTDOWN_TIMEOUT + defaultValue: "30" + type: int + description: 'The number of seconds to wait for the ''storage-users'' service to + shutdown cleanly before exiting with an error that gets logged. Note: This setting + is only applicable when running the ''storage-users'' service as a standalone + service. See the text description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_GRPC_ADDR: + name: STORAGE_USERS_GRPC_ADDR + defaultValue: 127.0.0.1:9157 + type: string + description: The bind address of the GRPC service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_GRPC_PROTOCOL: + name: STORAGE_USERS_GRPC_PROTOCOL + defaultValue: tcp + type: string + description: The transport protocol of the GPRC service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_HTTP_ADDR: + name: STORAGE_USERS_HTTP_ADDR + defaultValue: 127.0.0.1:9158 + type: string + description: The bind address of the HTTP service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_HTTP_PROTOCOL: + name: STORAGE_USERS_HTTP_PROTOCOL + defaultValue: tcp + type: string + description: The transport protocol of the HTTP service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_ID_CACHE_AUTH_PASSWORD: + name: OCIS_CACHE_AUTH_PASSWORD;STORAGE_USERS_ID_CACHE_AUTH_PASSWORD + defaultValue: "" + type: string + description: The password to authenticate with the cache store. Only applies when + store type 'nats-js-kv' is configured. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_ID_CACHE_AUTH_USERNAME: + name: OCIS_CACHE_AUTH_USERNAME;STORAGE_USERS_ID_CACHE_AUTH_USERNAME + defaultValue: "" + type: string + description: The username to authenticate with the cache store. Only applies when + store type 'nats-js-kv' is configured. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_ID_CACHE_DISABLE_PERSISTENCE: + name: OCIS_CACHE_DISABLE_PERSISTENCE;STORAGE_USERS_ID_CACHE_DISABLE_PERSISTENCE + defaultValue: "false" + type: bool + description: Disables persistence of the cache. Only applies when store type 'nats-js-kv' + is configured. Defaults to false. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_ID_CACHE_SIZE: + name: OCIS_CACHE_SIZE;STORAGE_USERS_ID_CACHE_SIZE + defaultValue: "0" + type: int + description: The maximum quantity of items in the user info cache. Only applies + when store type 'ocmem' is configured. Defaults to 512 which is derived from the + ocmem package though not exclicitely set as default. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_ID_CACHE_STORE: + name: OCIS_CACHE_STORE;STORAGE_USERS_ID_CACHE_STORE + defaultValue: memory + type: string + description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'', + ''nats-js-kv'', ''noop''. See the text description for details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_ID_CACHE_STORE_NODES: + name: OCIS_CACHE_STORE_NODES;STORAGE_USERS_ID_CACHE_STORE_NODES + defaultValue: '[127.0.0.1:9233]' + type: '[]string' + description: A list of nodes to access the configured store. This has no effect + when 'memory' or 'ocmem' stores are configured. Note that the behaviour how nodes + are used is dependent on the library of the configured store. See the Environment + Variable Types description for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_ID_CACHE_TTL: + name: OCIS_CACHE_TTL;STORAGE_USERS_ID_CACHE_TTL + defaultValue: 24m0s + type: Duration + description: Default time to live for user info in the user info cache. Only applied + when access tokens have no expiration. Defaults to 300s which is derived from + the underlaying package though not explicitly set as default. See the Environment + Variable Types description for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_JWT_SECRET: + name: OCIS_JWT_SECRET;STORAGE_USERS_JWT_SECRET + defaultValue: "" + type: string + description: The secret to mint and validate jwt tokens. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_LOG_COLOR: + name: OCIS_LOG_COLOR;STORAGE_USERS_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_LOG_FILE: + name: OCIS_LOG_FILE;STORAGE_USERS_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_LOG_LEVEL: + name: OCIS_LOG_LEVEL;STORAGE_USERS_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_LOG_PRETTY: + name: OCIS_LOG_PRETTY;STORAGE_USERS_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_MACHINE_AUTH_API_KEY: + name: OCIS_MACHINE_AUTH_API_KEY;STORAGE_USERS_MACHINE_AUTH_API_KEY + defaultValue: "" + type: string + description: Machine auth API key used to validate internal requests necessary for + the access to resources from other services. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_MOUNT_ID: + name: STORAGE_USERS_MOUNT_ID + defaultValue: "" + type: string + description: Mount ID of this storage. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_OCIS_GENERAL_SPACE_ALIAS_TEMPLATE: + name: STORAGE_USERS_OCIS_GENERAL_SPACE_ALIAS_TEMPLATE + defaultValue: '{{.SpaceType}}/{{.SpaceName \| replace " " "-" \| + lower}}' + type: string + description: Template string to construct general space aliases. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_OCIS_LOCK_CYCLE_DURATION_FACTOR: + name: STORAGE_USERS_OCIS_LOCK_CYCLE_DURATION_FACTOR + defaultValue: "30" + type: int + description: When trying to lock files, ocis will multiply the cycle with this factor + and use it as a millisecond timeout. Values of 0 or below will be ignored and + the default value of 30 will be used. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_OCIS_MAX_ACQUIRE_LOCK_CYCLES: + name: STORAGE_USERS_OCIS_MAX_ACQUIRE_LOCK_CYCLES + defaultValue: "20" + type: int + description: When trying to lock files, ocis will try this amount of times to acquire + the lock before failing. After each try it will wait for an increasing amount + of time. Values of 0 or below will be ignored and the default value of 20 will + be used. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_OCIS_MAX_CONCURRENCY: + name: STORAGE_USERS_OCIS_MAX_CONCURRENCY + defaultValue: "5" + type: int + description: Maximum number of concurrent go-routines. Higher values can potentially + get work done faster but will also cause more load on the system. Values of 0 + or below will be ignored and the default value of 100 will be used. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_OCIS_MAX_QUOTA: + name: OCIS_SPACES_MAX_QUOTA;FRONTEND_MAX_QUOTA + defaultValue: "0" + type: uint64 + description: Set the global max quota value in bytes. A value of 0 equals unlimited. + The value is provided via capabilities. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_OCIS_METADATA_BACKEND: + name: OCIS_DECOMPOSEDFS_METADATA_BACKEND;STORAGE_SYSTEM_OCIS_METADATA_BACKEND + defaultValue: messagepack + type: string + description: The backend to use for storing metadata. Supported values are 'messagepack' + and 'xattrs'. The setting 'messagepack' uses a dedicated file to store file metadata + while 'xattrs' uses extended attributes to store file metadata. Defaults to 'messagepack'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_OCIS_PERMISSIONS_ENDPOINT: + name: STORAGE_USERS_PERMISSION_ENDPOINT;STORAGE_USERS_S3NG_PERMISSIONS_ENDPOINT + defaultValue: com.owncloud.api.settings + type: string + description: Endpoint of the permissions service. The endpoints can differ for 'ocis' + and 's3ng'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_OCIS_PERSONAL_SPACE_ALIAS_TEMPLATE: + name: STORAGE_USERS_OCIS_PERSONAL_SPACE_ALIAS_TEMPLATE + defaultValue: '{{.SpaceType}}/{{.User.Username \| lower}}' + type: string + description: Template string to construct personal space aliases. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_OCIS_PROPAGATOR: + name: OCIS_DECOMPOSEDFS_PROPAGATOR;STORAGE_USERS_S3NG_PROPAGATOR + defaultValue: sync + type: string + description: The propagator used for decomposedfs. At the moment, only 'sync' is + fully supported, 'async' is available as an experimental option. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_OCIS_ROOT: + name: STORAGE_USERS_OCIS_ROOT + defaultValue: /var/lib/ocis/storage/users + type: string + description: The directory where the filesystem storage will store blobs and metadata. + If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage/users. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_OCIS_SHARE_FOLDER: + name: STORAGE_USERS_OCIS_SHARE_FOLDER + defaultValue: /Shares + type: string + description: Name of the folder jailing all shares. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_OCIS_USER_LAYOUT: + name: STORAGE_USERS_OCIS_USER_LAYOUT + defaultValue: '{{.Id.OpaqueId}}' + type: string + description: Template string for the user storage layout in the user directory. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_OWNCLOUDSQL_DATADIR: + name: STORAGE_USERS_OWNCLOUDSQL_DATADIR + defaultValue: /var/lib/ocis/storage/owncloud + type: string + description: The directory where the filesystem storage will store SQL migration + data. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage/owncloud. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_OWNCLOUDSQL_DB_HOST: + name: STORAGE_USERS_OWNCLOUDSQL_DB_HOST + defaultValue: "" + type: string + description: Hostname or IP of the database server. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_OWNCLOUDSQL_DB_NAME: + name: STORAGE_USERS_OWNCLOUDSQL_DB_NAME + defaultValue: owncloud + type: string + description: Name of the database to be used. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_OWNCLOUDSQL_DB_PASSWORD: + name: STORAGE_USERS_OWNCLOUDSQL_DB_PASSWORD + defaultValue: owncloud + type: string + description: Password for the database. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_OWNCLOUDSQL_DB_PORT: + name: STORAGE_USERS_OWNCLOUDSQL_DB_PORT + defaultValue: "3306" + type: int + description: Port that the database server is listening on. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_OWNCLOUDSQL_DB_USERNAME: + name: STORAGE_USERS_OWNCLOUDSQL_DB_USERNAME + defaultValue: owncloud + type: string + description: Username for the database. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_OWNCLOUDSQL_LAYOUT: + name: STORAGE_USERS_OWNCLOUDSQL_LAYOUT + defaultValue: '{{.Username}}' + type: string + description: Path layout to use to navigate into a users folder in an owncloud data + directory + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_OWNCLOUDSQL_SHARE_FOLDER: + name: STORAGE_USERS_OWNCLOUDSQL_SHARE_FOLDER + defaultValue: /Shares + type: string + description: Name of the folder jailing all shares. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_OWNCLOUDSQL_UPLOADINFO_DIR: + name: STORAGE_USERS_OWNCLOUDSQL_UPLOADINFO_DIR + defaultValue: /var/lib/ocis/storage/uploadinfo + type: string + description: The directory where the filesystem will store uploads temporarily. + If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage/uploadinfo. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_OWNCLOUDSQL_USERS_PROVIDER_ENDPOINT: + name: STORAGE_USERS_OWNCLOUDSQL_USERS_PROVIDER_ENDPOINT + defaultValue: com.owncloud.api.users + type: string + description: Endpoint of the users provider. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_PERMISSION_ENDPOINT: + name: STORAGE_USERS_PERMISSION_ENDPOINT;STORAGE_USERS_S3NG_PERMISSIONS_ENDPOINT + defaultValue: com.owncloud.api.settings + type: string + description: Endpoint of the permissions service. The endpoints can differ for 'ocis' + and 's3ng'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_PURGE_TRASH_BIN_PERSONAL_DELETE_BEFORE: + name: STORAGE_USERS_PURGE_TRASH_BIN_PERSONAL_DELETE_BEFORE + defaultValue: 720h0m0s + type: Duration + description: Specifies the period of time in which items that have been in the personal + trash-bin for longer than this value should be deleted. A value of 0 means no + automatic deletion. See the Environment Variable Types description for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_PURGE_TRASH_BIN_PROJECT_DELETE_BEFORE: + name: STORAGE_USERS_PURGE_TRASH_BIN_PROJECT_DELETE_BEFORE + defaultValue: 720h0m0s + type: Duration + description: Specifies the period of time in which items that have been in the project + trash-bin for longer than this value should be deleted. A value of 0 means no + automatic deletion. See the Environment Variable Types description for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_PURGE_TRASH_BIN_USER_ID: + name: OCIS_ADMIN_USER_ID;SETTINGS_ADMIN_USER_ID + defaultValue: "" + type: string + description: ID of the user that should receive admin privileges. Consider that + the UUID can be encoded in some LDAP deployment configurations like in .ldif files. + These need to be decoded beforehand. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_READ_ONLY: + name: STORAGE_USERS_READ_ONLY + defaultValue: "false" + type: bool + description: Set this storage to be read-only. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_S3NG_ACCESS_KEY: + name: STORAGE_USERS_S3NG_ACCESS_KEY + defaultValue: "" + type: string + description: Access key for the S3 bucket. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_S3NG_BUCKET: + name: STORAGE_USERS_S3NG_BUCKET + defaultValue: "" + type: string + description: Name of the S3 bucket. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_S3NG_ENDPOINT: + name: STORAGE_USERS_S3NG_ENDPOINT + defaultValue: "" + type: string + description: Endpoint for the S3 bucket. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_S3NG_GENERAL_SPACE_ALIAS_TEMPLATE: + name: STORAGE_USERS_S3NG_GENERAL_SPACE_ALIAS_TEMPLATE + defaultValue: '{{.SpaceType}}/{{.SpaceName \| replace " " "-" \| + lower}}' + type: string + description: Template string to construct general space aliases. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_S3NG_LOCK_CYCLE_DURATION_FACTOR: + name: STORAGE_USERS_S3NG_LOCK_CYCLE_DURATION_FACTOR + defaultValue: "30" + type: int + description: When trying to lock files, ocis will multiply the cycle with this factor + and use it as a millisecond timeout. Values of 0 or below will be ignored and + the default value of 30 will be used. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_S3NG_MAX_ACQUIRE_LOCK_CYCLES: + name: STORAGE_USERS_S3NG_MAX_ACQUIRE_LOCK_CYCLES + defaultValue: "20" + type: int + description: When trying to lock files, ocis will try this amount of times to acquire + the lock before failing. After each try it will wait for an increasing amount + of time. Values of 0 or below will be ignored and the default value of 20 will + be used. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_S3NG_MAX_CONCURRENCY: + name: STORAGE_USERS_S3NG_MAX_CONCURRENCY + defaultValue: "5" + type: int + description: Maximum number of concurrent go-routines. Higher values can potentially + get work done faster but will also cause more load on the system. Values of 0 + or below will be ignored and the default value of 100 will be used. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_S3NG_METADATA_BACKEND: + name: STORAGE_USERS_S3NG_METADATA_BACKEND + defaultValue: messagepack + type: string + description: The backend to use for storing metadata. Supported values are 'xattrs' + and 'messagepack'. The setting 'xattrs' uses extended attributes to store file + metadata while 'messagepack' uses a dedicated file to store file metadata. Defaults + to 'xattrs'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_S3NG_PERMISSIONS_ENDPOINT: + name: STORAGE_USERS_PERMISSION_ENDPOINT;STORAGE_USERS_S3NG_PERMISSIONS_ENDPOINT + defaultValue: com.owncloud.api.settings + type: string + description: Endpoint of the permissions service. The endpoints can differ for 'ocis' + and 's3ng'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_S3NG_PERSONAL_SPACE_ALIAS_TEMPLATE: + name: STORAGE_USERS_S3NG_PERSONAL_SPACE_ALIAS_TEMPLATE + defaultValue: '{{.SpaceType}}/{{.User.Username \| lower}}' + type: string + description: Template string to construct personal space aliases. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_S3NG_PROPAGATOR: + name: OCIS_DECOMPOSEDFS_PROPAGATOR;STORAGE_USERS_S3NG_PROPAGATOR + defaultValue: sync + type: string + description: The propagator used for decomposedfs. At the moment, only 'sync' is + fully supported, 'async' is available as an experimental option. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_S3NG_PUT_OBJECT_CONCURRENT_STREAM_PARTS: + name: STORAGE_USERS_S3NG_PUT_OBJECT_CONCURRENT_STREAM_PARTS + defaultValue: "true" + type: bool + description: Always precreate parts when copying objects to S3. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_S3NG_PUT_OBJECT_DISABLE_CONTENT_SHA256: + name: STORAGE_USERS_S3NG_PUT_OBJECT_DISABLE_CONTENT_SHA256 + defaultValue: "false" + type: bool + description: Disable sending content sha256 when copying objects to S3. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_S3NG_PUT_OBJECT_DISABLE_MULTIPART: + name: STORAGE_USERS_S3NG_PUT_OBJECT_DISABLE_MULTIPART + defaultValue: "true" + type: bool + description: Disable multipart uploads when copying objects to S3 + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_S3NG_PUT_OBJECT_NUM_THREADS: + name: STORAGE_USERS_S3NG_PUT_OBJECT_NUM_THREADS + defaultValue: "4" + type: uint + description: Number of concurrent uploads to use when copying objects to S3. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_S3NG_PUT_OBJECT_PART_SIZE: + name: STORAGE_USERS_S3NG_PUT_OBJECT_PART_SIZE + defaultValue: "0" + type: uint64 + description: Part size for concurrent uploads to S3. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_S3NG_PUT_OBJECT_SEND_CONTENT_MD5: + name: STORAGE_USERS_S3NG_PUT_OBJECT_SEND_CONTENT_MD5 + defaultValue: "true" + type: bool + description: Send a Content-MD5 header when copying objects to S3. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_S3NG_REGION: + name: STORAGE_USERS_S3NG_REGION + defaultValue: default + type: string + description: Region of the S3 bucket. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_S3NG_ROOT: + name: STORAGE_USERS_S3NG_ROOT + defaultValue: /var/lib/ocis/storage/users + type: string + description: The directory where the filesystem storage will store metadata for + blobs. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage/users. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_S3NG_SECRET_KEY: + name: STORAGE_USERS_S3NG_SECRET_KEY + defaultValue: "" + type: string + description: Secret key for the S3 bucket. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_S3NG_SHARE_FOLDER: + name: STORAGE_USERS_S3NG_SHARE_FOLDER + defaultValue: /Shares + type: string + description: Name of the folder jailing all shares. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_S3NG_USER_LAYOUT: + name: STORAGE_USERS_S3NG_USER_LAYOUT + defaultValue: '{{.Id.OpaqueId}}' + type: string + description: Template string for the user storage layout in the user directory. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_SERVICE_ACCOUNT_ID: + name: OCIS_SERVICE_ACCOUNT_ID;STORAGE_USERS_SERVICE_ACCOUNT_ID + defaultValue: "" + type: string + description: The ID of the service account the service should use. See the 'auth-service' + service description for more details. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_SERVICE_ACCOUNT_SECRET: + name: OCIS_SERVICE_ACCOUNT_SECRET;STORAGE_USERS_SERVICE_ACCOUNT_SECRET + defaultValue: "" + type: string + description: The service account secret. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_SKIP_USER_GROUPS_IN_TOKEN: + name: STORAGE_USERS_SKIP_USER_GROUPS_IN_TOKEN + defaultValue: "false" + type: bool + description: Disables the loading of user's group memberships from the reva access + token. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;STORAGE_USERS_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;STORAGE_USERS_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;STORAGE_USERS_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_TRACING_TYPE: + name: OCIS_TRACING_TYPE;STORAGE_USERS_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_TRANSFER_EXPIRES: + name: STORAGE_USERS_TRANSFER_EXPIRES + defaultValue: "86400" + type: int64 + description: The time after which the token for upload postprocessing expires + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_UPLOAD_EXPIRATION: + name: STORAGE_USERS_UPLOAD_EXPIRATION + defaultValue: "86400" + type: int64 + description: Duration in seconds after which uploads will expire. Note that when + setting this to a low number, uploads could be cancelled before they are finished + and return a 403 to the user. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORE_DATA_PATH: + name: STORE_DATA_PATH + defaultValue: /var/lib/ocis/store + type: string + description: The directory where the filesystem storage will store ocis settings. + If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/store. + introductionVersion: pre5.0 + deprecationVersion: "5.0" + removalVersion: 6.0.0 + deprecationInfo: The store service is optional and will be removed. +STORE_DEBUG_ADDR: + name: STORE_DEBUG_ADDR + defaultValue: 127.0.0.1:9464 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: pre5.0 + deprecationVersion: "5.0" + removalVersion: 6.0.0 + deprecationInfo: The store service is optional and will be removed. +STORE_DEBUG_PPROF: + name: STORE_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling. + introductionVersion: pre5.0 + deprecationVersion: "5.0" + removalVersion: 6.0.0 + deprecationInfo: The store service is optional and will be removed. +STORE_DEBUG_TOKEN: + name: STORE_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint. + introductionVersion: pre5.0 + deprecationVersion: "5.0" + removalVersion: 6.0.0 + deprecationInfo: The store service is optional and will be removed. +STORE_DEBUG_ZPAGES: + name: STORE_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing in-memory + traces. + introductionVersion: pre5.0 + deprecationVersion: "5.0" + removalVersion: 6.0.0 + deprecationInfo: The store service is optional and will be removed. +STORE_GRPC_ADDR: + name: STORE_GRPC_ADDR + defaultValue: 127.0.0.1:9460 + type: string + description: The bind address of the GRPC service. + introductionVersion: pre5.0 + deprecationVersion: "5.0" + removalVersion: 6.0.0 + deprecationInfo: The store service is optional and will be removed. +STORE_LOG_COLOR: + name: OCIS_LOG_COLOR;STORE_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: pre5.0 + deprecationVersion: "5.0" + removalVersion: 6.0.0 + deprecationInfo: The store service is optional and will be removed. +STORE_LOG_FILE: + name: OCIS_LOG_FILE;STORE_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: pre5.0 + deprecationVersion: "5.0" + removalVersion: 6.0.0 + deprecationInfo: The store service is optional and will be removed. +STORE_LOG_LEVEL: + name: OCIS_LOG_LEVEL;STORE_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: pre5.0 + deprecationVersion: "5.0" + removalVersion: 6.0.0 + deprecationInfo: The store service is optional and will be removed. +STORE_LOG_PRETTY: + name: OCIS_LOG_PRETTY;STORE_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: pre5.0 + deprecationVersion: "5.0" + removalVersion: 6.0.0 + deprecationInfo: The store service is optional and will be removed. +STORE_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;STORE_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: pre5.0 + deprecationVersion: "5.0" + removalVersion: 6.0.0 + deprecationInfo: The store service is optional and will be removed. +STORE_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;STORE_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: pre5.0 + deprecationVersion: "5.0" + removalVersion: 6.0.0 + deprecationInfo: The store service is optional and will be removed. +STORE_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;STORE_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: pre5.0 + deprecationVersion: "5.0" + removalVersion: 6.0.0 + deprecationInfo: The store service is optional and will be removed. +STORE_TRACING_TYPE: + name: OCIS_TRACING_TYPE;STORE_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: pre5.0 + deprecationVersion: "5.0" + removalVersion: 6.0.0 + deprecationInfo: The store service is optional and will be removed. +THUMBNAILS_CS3SOURCE_INSECURE: + name: OCIS_INSECURE;THUMBNAILS_CS3SOURCE_INSECURE + defaultValue: "false" + type: bool + description: Ignore untrusted SSL certificates when connecting to the CS3 source. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +THUMBNAILS_DATA_ENDPOINT: + name: THUMBNAILS_DATA_ENDPOINT + defaultValue: http://127.0.0.1:9186/thumbnails/data + type: string + description: The HTTP endpoint where the actual thumbnail file can be downloaded. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +THUMBNAILS_DEBUG_ADDR: + name: THUMBNAILS_DEBUG_ADDR + defaultValue: 127.0.0.1:9189 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +THUMBNAILS_DEBUG_PPROF: + name: THUMBNAILS_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +THUMBNAILS_DEBUG_TOKEN: + name: THUMBNAILS_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +THUMBNAILS_DEBUG_ZPAGES: + name: THUMBNAILS_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing in-memory + traces. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +THUMBNAILS_FILESYSTEMSTORAGE_ROOT: + name: THUMBNAILS_FILESYSTEMSTORAGE_ROOT + defaultValue: /var/lib/ocis/thumbnails + type: string + description: The directory where the filesystem storage will store the thumbnails. + If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/thumbnails. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +THUMBNAILS_GRPC_ADDR: + name: THUMBNAILS_GRPC_ADDR + defaultValue: 127.0.0.1:9185 + type: string + description: The bind address of the GRPC service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +THUMBNAILS_HTTP_ADDR: + name: THUMBNAILS_HTTP_ADDR + defaultValue: 127.0.0.1:9186 + type: string + description: The bind address of the HTTP service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +THUMBNAILS_HTTP_ROOT: + name: THUMBNAILS_HTTP_ROOT + defaultValue: /thumbnails + type: string + description: Subdirectory that serves as the root for this HTTP service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +THUMBNAILS_LOG_COLOR: + name: OCIS_LOG_COLOR;THUMBNAILS_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +THUMBNAILS_LOG_FILE: + name: OCIS_LOG_FILE;THUMBNAILS_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +THUMBNAILS_LOG_LEVEL: + name: OCIS_LOG_LEVEL;THUMBNAILS_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +THUMBNAILS_LOG_PRETTY: + name: OCIS_LOG_PRETTY;THUMBNAILS_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +THUMBNAILS_RESOLUTIONS: + name: THUMBNAILS_RESOLUTIONS + defaultValue: '[16x16 32x32 64x64 128x128 1080x1920 1920x1080 2160x3840 3840x2160 + 4320x7680 7680x4320]' + type: '[]string' + description: The supported list of target resolutions in the format WidthxHeight + like 32x32. You can define any resolution as required. See the Environment Variable + Types description for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +THUMBNAILS_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;THUMBNAILS_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +THUMBNAILS_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;THUMBNAILS_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +THUMBNAILS_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;THUMBNAILS_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +THUMBNAILS_TRACING_TYPE: + name: OCIS_TRACING_TYPE;THUMBNAILS_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +THUMBNAILS_TRANSFER_TOKEN: + name: THUMBNAILS_TRANSFER_TOKEN + defaultValue: "" + type: string + description: The secret to sign JWT to download the actual thumbnail file. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +THUMBNAILS_TXT_FONTMAP_FILE: + name: THUMBNAILS_TXT_FONTMAP_FILE + defaultValue: "" + type: string + description: The path to a font file for txt thumbnails. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +THUMBNAILS_WEBDAVSOURCE_INSECURE: + name: OCIS_INSECURE;THUMBNAILS_WEBDAVSOURCE_INSECURE + defaultValue: "false" + type: bool + description: Ignore untrusted SSL certificates when connecting to the webdav source. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERLOG_CORS_ALLOW_CREDENTIALS: + name: OCIS_CORS_ALLOW_CREDENTIALS;USERLOG_CORS_ALLOW_CREDENTIALS + defaultValue: "true" + type: bool + description: 'Allow credentials for CORS.See following chapter for more details: + *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERLOG_CORS_ALLOW_HEADERS: + name: OCIS_CORS_ALLOW_HEADERS;USERLOG_CORS_ALLOW_HEADERS + defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id + Ocs-Apirequest]' + type: '[]string' + description: 'A list of allowed CORS headers. See following chapter for more details: + *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERLOG_CORS_ALLOW_METHODS: + name: OCIS_CORS_ALLOW_METHODS;USERLOG_CORS_ALLOW_METHODS + defaultValue: '[GET]' + type: '[]string' + description: 'A list of allowed CORS methods. See following chapter for more details: + *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERLOG_CORS_ALLOW_ORIGINS: + name: OCIS_CORS_ALLOW_ORIGINS;USERLOG_CORS_ALLOW_ORIGINS + defaultValue: '[*]' + type: '[]string' + description: 'A list of allowed CORS origins. See following chapter for more details: + *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERLOG_DEBUG_ADDR: + name: USERLOG_DEBUG_ADDR + defaultValue: 127.0.0.1:9210 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERLOG_DEBUG_PPROF: + name: USERLOG_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERLOG_DEBUG_TOKEN: + name: USERLOG_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERLOG_DEBUG_ZPAGES: + name: USERLOG_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing in-memory + traces. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERLOG_EVENTS_AUTH_PASSWORD: + name: OCIS_EVENTS_AUTH_PASSWORD;USERLOG_EVENTS_AUTH_PASSWORD + defaultValue: "" + type: string + description: The password to authenticate with the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERLOG_EVENTS_AUTH_USERNAME: + name: OCIS_EVENTS_AUTH_USERNAME;USERLOG_EVENTS_AUTH_USERNAME + defaultValue: "" + type: string + description: The username to authenticate with the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERLOG_EVENTS_CLUSTER: + name: OCIS_EVENTS_CLUSTER;USERLOG_EVENTS_CLUSTER + defaultValue: ocis-cluster + type: string + description: The clusterID of the event system. The event system is the message + queuing service. It is used as message broker for the microservice architecture. + Mandatory when using NATS as event system. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERLOG_EVENTS_ENABLE_TLS: + name: OCIS_EVENTS_ENABLE_TLS;USERLOG_EVENTS_ENABLE_TLS + defaultValue: "false" + type: bool + description: Enable TLS for the connection to the events broker. The events broker + is the ocis service which receives and delivers events between the services. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERLOG_EVENTS_ENDPOINT: + name: OCIS_EVENTS_ENDPOINT;USERLOG_EVENTS_ENDPOINT + defaultValue: 127.0.0.1:9233 + type: string + description: The address of the event system. The event system is the message queuing + service. It is used as message broker for the microservice architecture. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERLOG_EVENTS_TLS_INSECURE: + name: OCIS_INSECURE;USERLOG_EVENTS_TLS_INSECURE + defaultValue: "false" + type: bool + description: Whether to verify the server TLS certificates. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERLOG_EVENTS_TLS_ROOT_CA_CERTIFICATE: + name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;USERLOG_EVENTS_TLS_ROOT_CA_CERTIFICATE + defaultValue: "" + type: string + description: The root CA certificate used to validate the server's TLS certificate. + If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERLOG_GLOBAL_NOTIFICATIONS_SECRET: + name: USERLOG_GLOBAL_NOTIFICATIONS_SECRET + defaultValue: "" + type: string + description: The secret to secure the global notifications endpoint. Only system + admins and users knowing that secret can call the global notifications POST/DELETE + endpoints. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERLOG_HTTP_ADDR: + name: USERLOG_HTTP_ADDR + defaultValue: 127.0.0.1:0 + type: string + description: The bind address of the HTTP service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERLOG_HTTP_ROOT: + name: USERLOG_HTTP_ROOT + defaultValue: / + type: string + description: Subdirectory that serves as the root for this HTTP service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERLOG_JWT_SECRET: + name: OCIS_JWT_SECRET;USERLOG_JWT_SECRET + defaultValue: "" + type: string + description: The secret to mint and validate jwt tokens. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERLOG_LOG_COLOR: + name: OCIS_LOG_COLOR;USERLOG_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERLOG_LOG_FILE: + name: OCIS_LOG_FILE;USERLOG_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERLOG_LOG_LEVEL: + name: OCIS_LOG_LEVEL;USERLOG_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERLOG_LOG_PRETTY: + name: OCIS_LOG_PRETTY;USERLOG_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERLOG_SERVICE_ACCOUNT_ID: + name: SETTINGS_SERVICE_ACCOUNT_IDS;OCIS_SERVICE_ACCOUNT_ID + defaultValue: "" + type: '[]string' + description: 'The list of all service account IDs. These will be assigned the hidden + ''service-account'' role. Note: When using ''OCIS_SERVICE_ACCOUNT_ID'' this will + contain only one value while ''SETTINGS_SERVICE_ACCOUNT_IDS'' can have multiple. + See the ''auth-service'' service description for more details about service accounts.' + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERLOG_SERVICE_ACCOUNT_SECRET: + name: OCIS_SERVICE_ACCOUNT_SECRET;PROXY_SERVICE_ACCOUNT_SECRET + defaultValue: "" + type: string + description: The service account secret. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERLOG_STORE: + name: OCIS_PERSISTENT_STORE;EVENTHISTORY_STORE + defaultValue: memory + type: string + description: 'The type of the store. Supported values are: ''memory'', ''ocmem'', + ''etcd'', ''redis'', ''redis-sentinel'', ''nats-js'', ''noop''. See the text description + for details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERLOG_STORE_AUTH_PASSWORD: + name: OCIS_PERSISTENT_STORE_AUTH_PASSWORD;EVENTHISTORY_STORE_AUTH_PASSWORD + defaultValue: "" + type: string + description: The password to authenticate with the store. Only applies when store + type 'nats-js-kv' is configured. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERLOG_STORE_AUTH_USERNAME: + name: OCIS_PERSISTENT_STORE_AUTH_USERNAME;EVENTHISTORY_STORE_AUTH_USERNAME + defaultValue: "" + type: string + description: The username to authenticate with the store. Only applies when store + type 'nats-js-kv' is configured. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERLOG_STORE_DATABASE: + name: USERLOG_STORE_DATABASE + defaultValue: userlog + type: string + description: The database name the configured store should use. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERLOG_STORE_NODES: + name: OCIS_PERSISTENT_STORE_NODES;EVENTHISTORY_STORE_NODES + defaultValue: '[]' + type: '[]string' + description: A list of nodes to access the configured store. This has no effect + when 'memory' or 'ocmem' stores are configured. Note that the behaviour how nodes + are used is dependent on the library of the configured store. See the Environment + Variable Types description for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERLOG_STORE_SIZE: + name: OCIS_PERSISTENT_STORE_SIZE;EVENTHISTORY_STORE_SIZE + defaultValue: "0" + type: int + description: The maximum quantity of items in the store. Only applies when store + type 'ocmem' is configured. Defaults to 512 which is derived and used from the + ocmem package though no explicit default was set. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERLOG_STORE_TABLE: + name: USERLOG_STORE_TABLE + defaultValue: events + type: string + description: The database table the store should use. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERLOG_STORE_TTL: + name: OCIS_PERSISTENT_STORE_TTL;EVENTHISTORY_STORE_TTL + defaultValue: 336h0m0s + type: Duration + description: Time to live for events in the store. Defaults to '336h' (2 weeks). + See the Environment Variable Types description for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERLOG_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;USERLOG_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERLOG_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;USERLOG_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERLOG_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;USERLOG_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERLOG_TRACING_TYPE: + name: OCIS_TRACING_TYPE;USERLOG_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERLOG_TRANSLATION_PATH: + name: OCIS_TRANSLATION_PATH;NOTIFICATIONS_TRANSLATION_PATH + defaultValue: "" + type: string + description: (optional) Set this to a path with custom translations to overwrite + the builtin translations. Note that file and folder naming rules apply, see the + documentation for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_DEBUG_ADDR: + name: USERS_DEBUG_ADDR + defaultValue: 127.0.0.1:9145 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_DEBUG_PPROF: + name: USERS_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_DEBUG_TOKEN: + name: USERS_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_DEBUG_ZPAGES: + name: USERS_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing in-memory + traces. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_DRIVER: + name: USERS_DRIVER + defaultValue: ldap + type: string + description: The driver which should be used by the users service. Supported values + are 'ldap' and 'owncloudsql'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_GRPC_ADDR: + name: USERS_GRPC_ADDR + defaultValue: 127.0.0.1:9144 + type: string + description: The bind address of the GRPC service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_GRPC_PROTOCOL: + name: USERS_GRPC_PROTOCOL + defaultValue: tcp + type: string + description: The transport protocol of the GPRC service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_IDP_URL: + name: OCIS_URL;OCIS_OIDC_ISSUER;PROXY_OIDC_ISSUER + defaultValue: https://localhost:9200 + type: string + description: URL of the OIDC issuer. It defaults to URL of the builtin IDP. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_JWT_SECRET: + name: OCIS_JWT_SECRET;USERS_JWT_SECRET + defaultValue: "" + type: string + description: The secret to mint and validate jwt tokens. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_LDAP_BIND_DN: + name: OCIS_LDAP_BIND_DN;AUTH_BASIC_LDAP_BIND_DN + defaultValue: uid=reva,ou=sysusers,o=libregraph-idm + type: string + description: LDAP DN to use for simple bind authentication with the target LDAP + server. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_LDAP_BIND_PASSWORD: + name: OCIS_LDAP_BIND_PASSWORD;AUTH_BASIC_LDAP_BIND_PASSWORD + defaultValue: "" + type: string + description: Password to use for authenticating the 'bind_dn'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_LDAP_CACERT: + name: OCIS_LDAP_CACERT;AUTH_BASIC_LDAP_CACERT + defaultValue: /var/lib/ocis/idm/ldap.crt + type: string + description: Path/File name for the root CA certificate (in PEM format) used to + validate TLS server certificates of the LDAP service. If not defined, the root + directory derives from $OCIS_BASE_DATA_PATH:/idm. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_LDAP_DISABLE_USER_MECHANISM: + name: OCIS_LDAP_DISABLE_USER_MECHANISM;AUTH_BASIC_DISABLE_USER_MECHANISM + defaultValue: attribute + type: string + description: An option to control the behavior for disabling users. Valid options + are 'none', 'attribute' and 'group'. If set to 'group', disabling a user via API + will add the user to the configured group for disabled users, if set to 'attribute' + this will be done in the ldap user entry, if set to 'none' the disable request + is not processed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_LDAP_DISABLED_USERS_GROUP_DN: + name: OCIS_LDAP_DISABLED_USERS_GROUP_DN;AUTH_BASIC_DISABLED_USERS_GROUP_DN + defaultValue: cn=DisabledUsersGroup,ou=groups,o=libregraph-idm + type: string + description: The distinguished name of the group to which added users will be classified + as disabled when 'disable_user_mechanism' is set to 'group'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_LDAP_GROUP_BASE_DN: + name: OCIS_LDAP_GROUP_BASE_DN;AUTH_BASIC_LDAP_GROUP_BASE_DN + defaultValue: ou=groups,o=libregraph-idm + type: string + description: Search base DN for looking up LDAP groups. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_LDAP_GROUP_FILTER: + name: OCIS_LDAP_GROUP_FILTER;AUTH_BASIC_LDAP_GROUP_FILTER + defaultValue: "" + type: string + description: LDAP filter to add to the default filters for group searches. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_LDAP_GROUP_OBJECTCLASS: + name: OCIS_LDAP_GROUP_OBJECTCLASS;AUTH_BASIC_LDAP_GROUP_OBJECTCLASS + defaultValue: groupOfNames + type: string + description: The object class to use for groups in the default group search filter + ('groupOfNames'). + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_LDAP_GROUP_SCHEMA_DISPLAYNAME: + name: OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME;AUTH_BASIC_LDAP_GROUP_SCHEMA_DISPLAYNAME + defaultValue: cn + type: string + description: LDAP Attribute to use for the displayname of groups (often the same + as groupname attribute). + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_LDAP_GROUP_SCHEMA_GROUPNAME: + name: OCIS_LDAP_GROUP_SCHEMA_GROUPNAME;AUTH_BASIC_LDAP_GROUP_SCHEMA_GROUPNAME + defaultValue: cn + type: string + description: LDAP Attribute to use for the name of groups. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_LDAP_GROUP_SCHEMA_ID: + name: OCIS_LDAP_GROUP_SCHEMA_ID;AUTH_BASIC_LDAP_GROUP_SCHEMA_ID + defaultValue: ownclouduuid + type: string + description: LDAP Attribute to use as the unique id for groups. This should be a + stable globally unique id (e.g. a UUID). + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING: + name: OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;AUTH_BASIC_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING + defaultValue: "false" + type: bool + description: Set this to true if the defined 'id' attribute for groups is of the + 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute + of Active Directory for the group IDs. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_LDAP_GROUP_SCHEMA_MAIL: + name: OCIS_LDAP_GROUP_SCHEMA_MAIL;AUTH_BASIC_LDAP_GROUP_SCHEMA_MAIL + defaultValue: mail + type: string + description: LDAP Attribute to use for the email address of groups (can be empty). + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_LDAP_GROUP_SCHEMA_MEMBER: + name: OCIS_LDAP_GROUP_SCHEMA_MEMBER;AUTH_BASIC_LDAP_GROUP_SCHEMA_MEMBER + defaultValue: member + type: string + description: LDAP Attribute that is used for group members. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_LDAP_GROUP_SCOPE: + name: OCIS_LDAP_GROUP_SCOPE;AUTH_BASIC_LDAP_GROUP_SCOPE + defaultValue: sub + type: string + description: LDAP search scope to use when looking up groups. Supported values are + 'base', 'one' and 'sub'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_LDAP_INSECURE: + name: OCIS_LDAP_INSECURE;AUTH_BASIC_LDAP_INSECURE + defaultValue: "false" + type: bool + description: Disable TLS certificate validation for the LDAP connections. Do not + set this in production environments. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_LDAP_URI: + name: OCIS_LDAP_URI;AUTH_BASIC_LDAP_URI + defaultValue: ldaps://localhost:9235 + type: string + description: URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' + and 'ldap://' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_LDAP_USER_BASE_DN: + name: OCIS_LDAP_USER_BASE_DN;AUTH_BASIC_LDAP_USER_BASE_DN + defaultValue: ou=users,o=libregraph-idm + type: string + description: Search base DN for looking up LDAP users. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_LDAP_USER_ENABLED_ATTRIBUTE: + name: OCIS_LDAP_USER_ENABLED_ATTRIBUTE;AUTH_BASIC_LDAP_USER_ENABLED_ATTRIBUTE + defaultValue: ownCloudUserEnabled + type: string + description: LDAP attribute to use as a flag telling if the user is enabled or disabled. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_LDAP_USER_FILTER: + name: OCIS_LDAP_USER_FILTER;AUTH_BASIC_LDAP_USER_FILTER + defaultValue: "" + type: string + description: LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_LDAP_USER_OBJECTCLASS: + name: OCIS_LDAP_USER_OBJECTCLASS;AUTH_BASIC_LDAP_USER_OBJECTCLASS + defaultValue: inetOrgPerson + type: string + description: The object class to use for users in the default user search filter + ('inetOrgPerson'). + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_LDAP_USER_SCHEMA_DISPLAYNAME: + name: OCIS_LDAP_USER_SCHEMA_DISPLAYNAME;AUTH_BASIC_LDAP_USER_SCHEMA_DISPLAYNAME + defaultValue: displayname + type: string + description: LDAP Attribute to use for the displayname of users. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_LDAP_USER_SCHEMA_ID: + name: OCIS_LDAP_USER_SCHEMA_ID;AUTH_BASIC_LDAP_USER_SCHEMA_ID + defaultValue: ownclouduuid + type: string + description: LDAP Attribute to use as the unique ID for users. This should be a + stable globally unique ID like a UUID. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING: + name: OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;AUTH_BASIC_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING + defaultValue: "false" + type: bool + description: Set this to true if the defined 'ID' attribute for users is of the + 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute + of Active Directory for the user IDs. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_LDAP_USER_SCHEMA_MAIL: + name: OCIS_LDAP_USER_SCHEMA_MAIL;AUTH_BASIC_LDAP_USER_SCHEMA_MAIL + defaultValue: mail + type: string + description: LDAP Attribute to use for the email address of users. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_LDAP_USER_SCHEMA_USERNAME: + name: OCIS_LDAP_USER_SCHEMA_USERNAME;AUTH_BASIC_LDAP_USER_SCHEMA_USERNAME + defaultValue: uid + type: string + description: LDAP Attribute to use for username of users. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_LDAP_USER_SCOPE: + name: OCIS_LDAP_USER_SCOPE;AUTH_BASIC_LDAP_USER_SCOPE + defaultValue: sub + type: string + description: LDAP search scope to use when looking up users. Supported values are + 'base', 'one' and 'sub'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_LDAP_USER_SUBSTRING_FILTER_TYPE: + name: LDAP_USER_SUBSTRING_FILTER_TYPE;USERS_LDAP_USER_SUBSTRING_FILTER_TYPE + defaultValue: any + type: string + description: 'Type of substring search filter to use for substring searches for + users. Possible values: ''initial'' for doing prefix only searches, ''final'' + for doing suffix only searches or ''any'' for doing full substring searches' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_LDAP_USER_TYPE_ATTRIBUTE: + name: OCIS_LDAP_USER_SCHEMA_USER_TYPE;GRAPH_LDAP_USER_TYPE_ATTRIBUTE + defaultValue: ownCloudUserType + type: string + description: LDAP Attribute to distinguish between 'Member' and 'Guest' users. Default + is 'ownCloudUserType'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_LOG_COLOR: + name: OCIS_LOG_COLOR;USERS_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_LOG_FILE: + name: OCIS_LOG_FILE;USERS_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_LOG_LEVEL: + name: OCIS_LOG_LEVEL;USERS_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_LOG_PRETTY: + name: OCIS_LOG_PRETTY;USERS_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_OWNCLOUDSQL_DB_HOST: + name: USERS_OWNCLOUDSQL_DB_HOST + defaultValue: mysql + type: string + description: Hostname of the database server. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_OWNCLOUDSQL_DB_NAME: + name: USERS_OWNCLOUDSQL_DB_NAME + defaultValue: owncloud + type: string + description: Name of the owncloud database. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_OWNCLOUDSQL_DB_PASSWORD: + name: USERS_OWNCLOUDSQL_DB_PASSWORD + defaultValue: secret + type: string + description: Password for the database user. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_OWNCLOUDSQL_DB_PORT: + name: USERS_OWNCLOUDSQL_DB_PORT + defaultValue: "3306" + type: int + description: Network port to use for the database connection. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_OWNCLOUDSQL_DB_USERNAME: + name: USERS_OWNCLOUDSQL_DB_USERNAME + defaultValue: owncloud + type: string + description: Database user to use for authenticating with the owncloud database. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_OWNCLOUDSQL_ENABLE_MEDIAL_SEARCH: + name: USERS_OWNCLOUDSQL_ENABLE_MEDIAL_SEARCH + defaultValue: "false" + type: bool + description: Allow 'medial search' when searching for users instead of just doing + a prefix search. This allows finding 'Alice' when searching for 'lic'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_OWNCLOUDSQL_IDP: + name: USERS_OWNCLOUDSQL_IDP + defaultValue: https://localhost:9200 + type: string + description: The identity provider value to set in the userids of the CS3 user objects + for users returned by this user provider. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_OWNCLOUDSQL_JOIN_OWNCLOUD_UUID: + name: USERS_OWNCLOUDSQL_JOIN_OWNCLOUD_UUID + defaultValue: "false" + type: bool + description: Join the user properties table to read user IDs. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_OWNCLOUDSQL_JOIN_USERNAME: + name: USERS_OWNCLOUDSQL_JOIN_USERNAME + defaultValue: "false" + type: bool + description: Join the user properties table to read usernames + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_OWNCLOUDSQL_NOBODY: + name: USERS_OWNCLOUDSQL_NOBODY + defaultValue: "90" + type: int64 + description: Fallback number if no numeric UID and GID properties are provided. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_SKIP_USER_GROUPS_IN_TOKEN: + name: USERS_SKIP_USER_GROUPS_IN_TOKEN + defaultValue: "false" + type: bool + description: Disables the loading of user's group memberships from the reva access + token. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;USERS_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;USERS_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;USERS_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +USERS_TRACING_TYPE: + name: OCIS_TRACING_TYPE;USERS_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_ASSET_APPS_PATH: + name: WEB_ASSET_APPS_PATH + defaultValue: /var/lib/ocis/web/assets/apps + type: string + description: Serve ownCloud Web apps assets from a path on the filesystem instead + of the builtin assets. + introductionVersion: "5.1" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_ASSET_CORE_PATH: + name: WEB_ASSET_CORE_PATH + defaultValue: /var/lib/ocis/web/assets/core + type: string + description: Serve ownCloud Web assets from a path on the filesystem instead of + the builtin assets. + introductionVersion: "5.1" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_ASSET_PATH: + name: WEB_ASSET_PATH + defaultValue: "" + type: string + description: Serve ownCloud Web assets from a path on the filesystem instead of + the builtin assets. + introductionVersion: pre5.0 + deprecationVersion: 5.1.0 + removalVersion: 6.0.0 + deprecationInfo: The WEB_ASSET_PATH is deprecated and will be removed in the future. +WEB_CACHE_TTL: + name: WEB_CACHE_TTL + defaultValue: "604800" + type: int + description: Cache policy in seconds for ownCloud Web assets. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_CORS_ALLOW_CREDENTIALS: + name: OCIS_CORS_ALLOW_CREDENTIALS;WEB_CORS_ALLOW_CREDENTIALS + defaultValue: "true" + type: bool + description: 'Allow credentials for CORS. See following chapter for more details: + *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_CORS_ALLOW_HEADERS: + name: OCIS_CORS_ALLOW_HEADERS;WEB_CORS_ALLOW_HEADERS + defaultValue: '[Origin Accept Content-Type Depth Authorization Ocs-Apirequest If-None-Match + If-Match Destination Overwrite X-Request-Id X-Requested-With Tus-Resumable Tus-Checksum-Algorithm + Upload-Concat Upload-Length Upload-Metadata Upload-Defer-Length Upload-Expires + Upload-Checksum Upload-Offset X-HTTP-Method-Override]' + type: '[]string' + description: 'A list of allowed CORS headers. See following chapter for more details: + *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_CORS_ALLOW_METHODS: + name: OCIS_CORS_ALLOW_METHODS;WEB_CORS_ALLOW_METHODS + defaultValue: '[OPTIONS HEAD GET PUT PATCH POST DELETE MKCOL PROPFIND PROPPATCH + MOVE COPY REPORT SEARCH]' + type: '[]string' + description: 'A list of allowed CORS methods. See following chapter for more details: + *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_CORS_ALLOW_ORIGINS: + name: OCIS_CORS_ALLOW_ORIGINS;WEB_CORS_ALLOW_ORIGINS + defaultValue: '[*]' + type: '[]string' + description: 'A list of allowed CORS origins. See following chapter for more details: + *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_DEBUG_ADDR: + name: WEB_DEBUG_ADDR + defaultValue: 127.0.0.1:9104 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_DEBUG_PPROF: + name: WEB_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_DEBUG_TOKEN: + name: WEB_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_DEBUG_ZPAGES: + name: WEB_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing in-memory + traces. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_GATEWAY_GRPC_ADDR: + name: WEB_GATEWAY_GRPC_ADDR + defaultValue: com.owncloud.api.gateway + type: string + description: The bind address of the GRPC service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_HTTP_ADDR: + name: WEB_HTTP_ADDR + defaultValue: 127.0.0.1:9100 + type: string + description: The bind address of the HTTP service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_HTTP_ROOT: + name: WEB_HTTP_ROOT + defaultValue: / + type: string + description: Subdirectory that serves as the root for this HTTP service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_JWT_SECRET: + name: OCIS_JWT_SECRET;WEB_JWT_SECRET + defaultValue: "" + type: string + description: The secret to mint and validate jwt tokens. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_LOG_COLOR: + name: OCIS_LOG_COLOR;WEB_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_LOG_FILE: + name: OCIS_LOG_FILE;WEB_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_LOG_LEVEL: + name: OCIS_LOG_LEVEL;WEB_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_LOG_PRETTY: + name: OCIS_LOG_PRETTY;WEB_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_OIDC_AUTHORITY: + name: OCIS_URL;OCIS_OIDC_ISSUER;WEB_OIDC_AUTHORITY + defaultValue: https://localhost:9200 + type: string + description: URL of the OIDC issuer. It defaults to URL of the builtin IDP. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_OIDC_CLIENT_ID: + name: OCIS_OIDC_CLIENT_ID;WEB_OIDC_CLIENT_ID + defaultValue: web + type: string + description: The OIDC client ID which ownCloud Web uses. This client needs to be + set up in your IDP. Note that this setting has no effect when using the builtin + IDP. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_OIDC_METADATA_URL: + name: WEB_OIDC_METADATA_URL + defaultValue: https://localhost:9200/.well-known/openid-configuration + type: string + description: URL for the OIDC well-known configuration endpoint. Defaults to the + oCIS API URL + '/.well-known/openid-configuration'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_OIDC_POST_LOGOUT_REDIRECT_URI: + name: WEB_OIDC_POST_LOGOUT_REDIRECT_URI + defaultValue: "" + type: string + description: This value needs to point to a valid and reachable web page. The web + client will trigger a redirect to that page directly after the logout action. + The default value is empty and redirects to the login page. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_OIDC_RESPONSE_TYPE: + name: WEB_OIDC_RESPONSE_TYPE + defaultValue: code + type: string + description: The OIDC response type to use for authentication. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_OIDC_SCOPE: + name: WEB_OIDC_SCOPE + defaultValue: openid profile email + type: string + description: OIDC scopes to request during authentication to authorize access to + user details. Defaults to 'openid profile email'. Values are separated by blank. + More example values but not limited to are 'address' or 'phone' etc. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_OPTION_CONCURRENT_REQUESTS_RESOURCE_BATCH_ACTIONS: + name: WEB_OPTION_CONCURRENT_REQUESTS_RESOURCE_BATCH_ACTIONS + defaultValue: "0" + type: int + description: Defines the maximum number of concurrent requests per file/folder/space + batch action. Defaults to 4. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_OPTION_CONCURRENT_REQUESTS_SHARES_CREATE: + name: WEB_OPTION_CONCURRENT_REQUESTS_SHARES_CREATE + defaultValue: "0" + type: int + description: Defines the maximum number of concurrent requests per sharing invite + batch. Defaults to 4. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_OPTION_CONCURRENT_REQUESTS_SHARES_LIST: + name: WEB_OPTION_CONCURRENT_REQUESTS_SHARES_LIST + defaultValue: "0" + type: int + description: Defines the maximum number of concurrent requests when loading individual + share information inside listings. Defaults to 2. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_OPTION_CONCURRENT_REQUESTS_SSE: + name: WEB_OPTION_CONCURRENT_REQUESTS_SSE + defaultValue: "0" + type: int + description: Defines the maximum number of concurrent requests in SSE event handlers. + Defaults to 4. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_OPTION_CONTEXTHELPERS_READ_MORE: + name: WEB_OPTION_CONTEXTHELPERS_READ_MORE + defaultValue: "true" + type: bool + description: Specifies whether the 'Read more' link should be displayed or not. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_OPTION_DISABLE_FEEDBACK_LINK: + name: WEB_OPTION_DISABLE_FEEDBACK_LINK + defaultValue: "false" + type: bool + description: Set this option to 'true' to disable the feedback link in the topbar. + Keeping it enabled by setting the value to 'false' or with the absence of the + option, allows ownCloud to get feedback from your user base through a dedicated + survey website. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_OPTION_DISABLE_PREVIEWS: + name: OCIS_DISABLE_PREVIEWS;WEBDAV_DISABLE_PREVIEWS + defaultValue: "false" + type: bool + description: Set this option to 'true' to disable rendering of thumbnails triggered + via webdav access. Note that when disabled, all access to preview related webdav + paths will return a 404. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_OPTION_DISABLED_EXTENSIONS: + name: WEB_OPTION_DISABLED_EXTENSIONS + defaultValue: '[]' + type: '[]string' + description: 'A list to disable specific Web extensions identified by their ID. + The ID can e.g. be taken from the ''index.ts'' file of the web extension. Example: + ''com.github.owncloud.web.files.search,com.github.owncloud.web.files.print''. + See the Environment Variable Types description for more details.' + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_OPTION_HOME_FOLDER: + name: WEB_OPTION_HOME_FOLDER + defaultValue: "" + type: string + description: Specifies a folder that is used when the user navigates 'home'. Navigating + home gets triggered by clicking on the 'All files' menu item. The user will not + be jailed in that directory, it simply serves as a default location. A static + location can be provided, or variables of the user object to come up with a user + specific home path can be used. This uses the twig template variable style and + allows picking a value or a substring of a value of the authenticated user. Examples + are '/Shares', '/{{.Id}}' and '/{{substr 0 3 .Id}}/{{.Id}'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_OPTION_HOVERABLE_QUICK_ACTIONS: + name: WEB_OPTION_HOVERABLE_QUICK_ACTIONS + defaultValue: "false" + type: bool + description: Set this option to 'true' to hide quick actions (buttons appearing + on file rows) and only show them when the user hovers over the row with his mouse. + Defaults to 'false'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_OPTION_LOGIN_URL: + name: WEB_OPTION_LOGIN_URL + defaultValue: "" + type: string + description: 'Specifies the target URL to the login page. This is helpful when an + external IdP is used. This option is disabled by default. Example URL like: https://www.myidp.com/login.' + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_OPTION_LOGOUT_URL: + name: WEB_OPTION_LOGOUT_URL + defaultValue: "" + type: string + description: Adds a link to the user's profile page to point him to an external + page, where he can manage his session and devices. This is helpful when an external + IdP is used. This option is disabled by default. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_OPTION_OPEN_APPS_IN_TAB: + name: WEB_OPTION_OPEN_APPS_IN_TAB + defaultValue: "false" + type: bool + description: Configures whether apps and extensions should generally open in a new + tab. Defaults to false. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_OPTION_OPEN_LINKS_WITH_DEFAULT_APP: + name: WEB_OPTION_OPEN_LINKS_WITH_DEFAULT_APP + defaultValue: "true" + type: bool + description: Specifies whether single file link shares should be opened with the + default app or not. If not opened by the default app, the Web UI just displays + the file details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_OPTION_PREVIEW_FILE_MIMETYPES: + name: WEB_OPTION_PREVIEW_FILE_MIMETYPES + defaultValue: '[image/gif image/png image/jpeg text/plain image/tiff image/bmp image/x-ms-bmp + application/vnd.geogebra.slides]' + type: '[]string' + description: A list of mimeTypes to specify which ones will be previewed in the + UI. For example, to only preview jpg and text files, set this option to 'image/jpeg,text/plain'. + See the Environment Variable Types description for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_OPTION_ROUTING_ID_BASED: + name: WEB_OPTION_ROUTING_ID_BASED + defaultValue: "true" + type: bool + description: 'Enable or disable fileIds being added to the URL. Defaults to ''true'', + because otherwise spaces with name clashes cannot be resolved correctly. Note: + Only disable this if you can guarantee on the server side, that spaces of the + same namespace cannot have name clashes.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_OPTION_RUNNING_ON_EOS: + name: WEB_OPTION_RUNNING_ON_EOS + defaultValue: "false" + type: bool + description: Set this option to 'true' if running on an EOS storage backend (https://eos-web.web.cern.ch/eos-web/) + to enable its specific features. Defaults to 'false'. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_OPTION_SHARING_RECIPIENTS_PER_PAGE: + name: WEB_OPTION_SHARING_RECIPIENTS_PER_PAGE + defaultValue: "200" + type: int + description: Sets the number of users shown as recipients in the dropdown menu when + sharing resources. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_OPTION_SIDEBAR_SHARES_SHOW_ALL_ON_LOAD: + name: WEB_OPTION_SIDEBAR_SHARES_SHOW_ALL_ON_LOAD + defaultValue: "false" + type: bool + description: Sets the list of the (link) shares list in the sidebar to be initially + expanded. Default is a collapsed state, only showing the first three shares. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_OPTION_TOKEN_STORAGE_LOCAL: + name: WEB_OPTION_TOKEN_STORAGE_LOCAL + defaultValue: "true" + type: bool + description: Specifies whether the access token will be stored in the local storage + when set to 'true' or in the session storage when set to 'false'. If stored in + the local storage, login state will be persisted across multiple browser tabs, + means no additional logins are required. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_OPTION_USER_LIST_REQUIRES_FILTER: + name: WEB_OPTION_USER_LIST_REQUIRES_FILTER + defaultValue: "false" + type: bool + description: Defines whether one or more filters must be set in order to list users + in the Web admin settings. Set this option to 'true' if running in an environment + with a lot of users and listing all users could slow down performance. Defaults + to 'false'. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;WEB_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;WEB_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;WEB_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_TRACING_TYPE: + name: OCIS_TRACING_TYPE;WEB_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_UI_CONFIG_FILE: + name: WEB_UI_CONFIG_FILE + defaultValue: "" + type: string + description: Read the ownCloud Web json based configuration from this path/file. + The config file takes precedence over WEB_OPTION_xxx environment variables. See + the text description for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_UI_CONFIG_SERVER: + name: OCIS_URL;WEB_UI_CONFIG_SERVER + defaultValue: https://localhost:9200 + type: string + description: URL, where the oCIS APIs are reachable for ownCloud Web. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_UI_THEME_PATH: + name: WEB_UI_THEME_PATH + defaultValue: /themes/owncloud/theme.json + type: string + description: Subpath/file to load the theme. Will be appended to the URL of the + theme server. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEB_UI_THEME_SERVER: + name: OCIS_URL;WEB_UI_THEME_SERVER + defaultValue: https://localhost:9200 + type: string + description: Base URL to load themes from. Will be prepended to the theme path. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBDAV_CORS_ALLOW_CREDENTIALS: + name: OCIS_CORS_ALLOW_CREDENTIALS;WEBDAV_CORS_ALLOW_CREDENTIALS + defaultValue: "true" + type: bool + description: 'Allow credentials for CORS.See following chapter for more details: + *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBDAV_CORS_ALLOW_HEADERS: + name: OCIS_CORS_ALLOW_HEADERS;WEBDAV_CORS_ALLOW_HEADERS + defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id + Cache-Control]' + type: '[]string' + description: 'A list of allowed CORS headers. See following chapter for more details: + *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBDAV_CORS_ALLOW_METHODS: + name: OCIS_CORS_ALLOW_METHODS;WEBDAV_CORS_ALLOW_METHODS + defaultValue: '[GET POST PUT PATCH DELETE OPTIONS]' + type: '[]string' + description: 'A list of allowed CORS methods. See following chapter for more details: + *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBDAV_CORS_ALLOW_ORIGINS: + name: OCIS_CORS_ALLOW_ORIGINS;WEBDAV_CORS_ALLOW_ORIGINS + defaultValue: '[*]' + type: '[]string' + description: 'A list of allowed CORS origins. See following chapter for more details: + *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBDAV_DEBUG_ADDR: + name: WEBDAV_DEBUG_ADDR + defaultValue: 127.0.0.1:9119 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBDAV_DEBUG_PPROF: + name: WEBDAV_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBDAV_DEBUG_TOKEN: + name: WEBDAV_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBDAV_DEBUG_ZPAGES: + name: WEBDAV_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing in-memory + traces. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBDAV_DISABLE_PREVIEWS: + name: OCIS_DISABLE_PREVIEWS;WEBDAV_DISABLE_PREVIEWS + defaultValue: "false" + type: bool + description: Set this option to 'true' to disable rendering of thumbnails triggered + via webdav access. Note that when disabled, all access to preview related webdav + paths will return a 404. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBDAV_HTTP_ADDR: + name: WEBDAV_HTTP_ADDR + defaultValue: 127.0.0.1:9115 + type: string + description: The bind address of the HTTP service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBDAV_HTTP_ROOT: + name: WEBDAV_HTTP_ROOT + defaultValue: / + type: string + description: Subdirectory that serves as the root for this HTTP service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBDAV_LOG_COLOR: + name: OCIS_LOG_COLOR;WEBDAV_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBDAV_LOG_FILE: + name: OCIS_LOG_FILE;WEBDAV_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBDAV_LOG_LEVEL: + name: OCIS_LOG_LEVEL;WEBDAV_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBDAV_LOG_PRETTY: + name: OCIS_LOG_PRETTY;WEBDAV_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBDAV_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;WEBDAV_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBDAV_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;WEBDAV_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBDAV_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;WEBDAV_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBDAV_TRACING_TYPE: + name: OCIS_TRACING_TYPE;WEBDAV_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBDAV_WEBDAV_NAMESPACE: + name: WEBDAV_WEBDAV_NAMESPACE + defaultValue: /users/{{.Id.OpaqueId}} + type: string + description: CS3 path layout to use when forwarding /webdav requests + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBFINGER_CORS_ALLOW_CREDENTIALS: + name: OCIS_CORS_ALLOW_CREDENTIALS;WEBFINGER_CORS_ALLOW_CREDENTIALS + defaultValue: "false" + type: bool + description: 'Allow credentials for CORS.See following chapter for more details: + *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBFINGER_CORS_ALLOW_HEADERS: + name: OCIS_CORS_ALLOW_HEADERS;WEBFINGER_CORS_ALLOW_HEADERS + defaultValue: '[]' + type: '[]string' + description: 'A list of allowed CORS headers. See following chapter for more details: + *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBFINGER_CORS_ALLOW_METHODS: + name: OCIS_CORS_ALLOW_METHODS;WEBFINGER_CORS_ALLOW_METHODS + defaultValue: '[]' + type: '[]string' + description: 'A list of allowed CORS methods. See following chapter for more details: + *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBFINGER_CORS_ALLOW_ORIGINS: + name: OCIS_CORS_ALLOW_ORIGINS;WEBFINGER_CORS_ALLOW_ORIGINS + defaultValue: '[*]' + type: '[]string' + description: 'A list of allowed CORS origins. See following chapter for more details: + *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. + See the Environment Variable Types description for more details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBFINGER_DEBUG_ADDR: + name: WEBFINGER_DEBUG_ADDR + defaultValue: 127.0.0.1:0 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBFINGER_DEBUG_PPROF: + name: WEBFINGER_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBFINGER_DEBUG_TOKEN: + name: WEBFINGER_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBFINGER_DEBUG_ZPAGES: + name: WEBFINGER_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing in-memory + traces. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBFINGER_HTTP_ADDR: + name: WEBFINGER_HTTP_ADDR + defaultValue: 127.0.0.1:0 + type: string + description: The bind address of the HTTP service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBFINGER_HTTP_ROOT: + name: WEBFINGER_HTTP_ROOT + defaultValue: / + type: string + description: Subdirectory that serves as the root for this HTTP service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBFINGER_INSECURE: + name: OCIS_INSECURE;WEBFINGER_INSECURE + defaultValue: "false" + type: bool + description: Allow insecure connections to the WEBFINGER service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBFINGER_LOG_COLOR: + name: OCIS_LOG_COLOR;WEBFINGER_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBFINGER_LOG_FILE: + name: OCIS_LOG_FILE;WEBFINGER_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBFINGER_LOG_LEVEL: + name: OCIS_LOG_LEVEL;WEBFINGER_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBFINGER_LOG_PRETTY: + name: OCIS_LOG_PRETTY;WEBFINGER_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBFINGER_OIDC_ISSUER: + name: OCIS_URL;OCIS_OIDC_ISSUER;WEBFINGER_OIDC_ISSUER + defaultValue: https://localhost:9200 + type: string + description: The identity provider href for the openid-discovery relation. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBFINGER_OWNCLOUD_SERVER_INSTANCE_URL: + name: OCIS_URL;WEBFINGER_OWNCLOUD_SERVER_INSTANCE_URL + defaultValue: https://localhost:9200 + type: string + description: The URL for the legacy ownCloud server instance relation (not to be + confused with the product ownCloud Server). It defaults to the OCIS_URL but can + be overridden to support some reverse proxy corner cases. To shard the deployment, + multiple instances can be configured in the configuration file. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBFINGER_RELATIONS: + name: WEBFINGER_RELATIONS + defaultValue: '[http://openid.net/specs/connect/1.0/issuer http://webfinger.owncloud/rel/server-instance]' + type: '[]string' + description: A list of relation URIs or registered relation types to add to webfinger + responses. See the Environment Variable Types description for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBFINGER_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;WEBFINGER_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBFINGER_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;WEBFINGER_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBFINGER_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;WEBFINGER_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +WEBFINGER_TRACING_TYPE: + name: OCIS_TRACING_TYPE;WEBFINGER_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" diff --git a/docs/helpers/main.go b/docs/helpers/main.go index 2f150567fb..c0770d066f 100644 --- a/docs/helpers/main.go +++ b/docs/helpers/main.go @@ -1,8 +1,45 @@ package main +import ( + "fmt" + "os" +) + func main() { - RenderTemplates() - GetRogueEnvs() - RenderGlobalVarsTemplate() - GenerateServiceIndexMarkdowns() + if len(os.Args) > 1 { + switch os.Args[1] { + case "templates": + RenderTemplates() + case "rogue": + GetRogueEnvs() + case "globals": + RenderGlobalVarsTemplate() + case "service-index": + GenerateServiceIndexMarkdowns() + case "env-var-delta-table": + // This step is not covered by the all or default case, because it needs explicit arguments + if len(os.Args) != 4 { + fmt.Println("Needs two arguments: env-var-delta-table ") + fmt.Println("Example: env-var-delta-table v5.0.0 v6.0.0") + fmt.Println("Will not generate usable results for versions Prior to v5.0.0") + } else { + RenderEnvVarDeltaTable(os.Args) + } + case "all": + RenderTemplates() + GetRogueEnvs() + RenderGlobalVarsTemplate() + GenerateServiceIndexMarkdowns() + case "help": + fallthrough + default: + fmt.Printf("Usage: %s [templates|rogue|globals|service-index|env-var-delta-table|all|help]\n", os.Args[0]) + } + } else { + // Left here, even though present in the switch case, for backwards compatibility + RenderTemplates() + GetRogueEnvs() + RenderGlobalVarsTemplate() + GenerateServiceIndexMarkdowns() + } } diff --git a/docs/helpers/markdowncreation.go b/docs/helpers/markdowncreation.go index 2893b655f2..2ae8b98ada 100644 --- a/docs/helpers/markdowncreation.go +++ b/docs/helpers/markdowncreation.go @@ -53,7 +53,7 @@ func generateMarkdown(filepath string, servicename string) error { Content: fmt.Sprintf(_configMarkdown, servicename, servicename), }) - tpl := template.Must(template.ParseFiles("index.tmpl")) + tpl := template.Must(template.ParseFiles("templates/index.tmpl")) b := bytes.NewBuffer(nil) if err := tpl.Execute(b, map[string]interface{}{ "ServiceName": head.Header, diff --git a/docs/helpers/adoc-generator.go.tmpl b/docs/helpers/templates/adoc-generator.go.tmpl similarity index 100% rename from docs/helpers/adoc-generator.go.tmpl rename to docs/helpers/templates/adoc-generator.go.tmpl diff --git a/docs/helpers/templates/env-vars-added.md.tmpl b/docs/helpers/templates/env-vars-added.md.tmpl new file mode 100644 index 0000000000..5e3725933a --- /dev/null +++ b/docs/helpers/templates/env-vars-added.md.tmpl @@ -0,0 +1,7 @@ +Added between Version {{ .StartVersion }} and {{ .EndVersion }}. + +| Variable | Description | +| --- | --- | +{{- range $key, $value := .DeltaFields}} +| {{$value.Name}} | {{$value.Description}} | +{{- end}} diff --git a/docs/helpers/templates/env-vars-deprecated.md.tmpl b/docs/helpers/templates/env-vars-deprecated.md.tmpl new file mode 100644 index 0000000000..53c42afd64 --- /dev/null +++ b/docs/helpers/templates/env-vars-deprecated.md.tmpl @@ -0,0 +1,7 @@ +Deprecated between Version {{ .StartVersion }} and {{ .EndVersion }}. + +| Variable | Description | Deprecation Info | +| --- | --- | +{{- range $key, $value := .DeltaFields}} +| {{$value.Name}} | {{$value.Description}} | {{$value.DeprecationInfo}} | +{{- end}} diff --git a/docs/helpers/templates/env-vars-removed.md.tmpl b/docs/helpers/templates/env-vars-removed.md.tmpl new file mode 100644 index 0000000000..c342027873 --- /dev/null +++ b/docs/helpers/templates/env-vars-removed.md.tmpl @@ -0,0 +1,7 @@ +Removed between Version {{ .StartVersion }} and {{ .EndVersion }}. + +| Variable | Description | Deprecation Info | +| --- | --- | +{{- range $key, $value := .DeltaFields}} +| {{$value.Name}} | {{$value.Description}} | {{$value.DeprecationInfo}} | +{{- end}} diff --git a/docs/helpers/templates/envar-delta-table.go.tmpl b/docs/helpers/templates/envar-delta-table.go.tmpl new file mode 100644 index 0000000000..fe173e6a57 --- /dev/null +++ b/docs/helpers/templates/envar-delta-table.go.tmpl @@ -0,0 +1,154 @@ +package main + +import ( + "fmt" + "gopkg.in/yaml.v2" + "html" + "reflect" + "strings" + "log" + "os" + "path/filepath" + + {{- range $key, $value :=.}} + pkg{{$key}} "{{$value}}" + {{- end}} +) + +const yamlSource = "env_vars.yaml" + +type ConfigField struct { + Name string `yaml:"name"` + DefaultValue string `yaml:"defaultValue"` + Type string `yaml:"type"` + Description string `yaml:"description"` + IntroductionVersion string `yaml:"introductionVersion"` + DeprecationVersion string `yaml:"deprecationVersion"` + RemovalVersion string `yaml:"removalVersion"` + DeprecationInfo string `yaml:"deprecationInfo"` +} + +func main() { + fmt.Println("Generating tables for env-var deltas...") + curdir, err := os.Getwd() + if err != nil { + log.Fatal(err) + } + fullYamlPath := filepath.Join(curdir, yamlSource) + var fields []ConfigField + configFields := make(map[string]*ConfigField) + fmt.Printf("Reading existing variable definitions from %s\n", fullYamlPath) + yfile, err := os.ReadFile(fullYamlPath) + if err == nil { + err := yaml.Unmarshal(yfile, configFields) + if err != nil { + log.Fatal(err) + } + } + m := map[string]interface{}{ + {{- range $key, $value := .}} + "{{$value}}": *pkg{{$key}}.FullDefaultConfig(), + {{- end }} + } + for _, conf := range m { + fields = GetAnnotatedVariables(conf) + for _, field := range fields { + variants := strings.Split(field.Name, ";") + for _, variant := range variants { + if (configFields[variant] != nil && configFields[variant].Name == "") || configFields[variant] == nil { + configFields[variant] = &field + } else { + fmt.Printf("%v, duplicate key, merging\n", variant) + if strings.TrimSpace(configFields[variant].DefaultValue) != "" && configFields[variant].DefaultValue != field.DefaultValue { + configFields[variant].DefaultValue = field.DefaultValue + } + if strings.TrimSpace(configFields[variant].Description) != "" && configFields[variant].Description != field.Description { + configFields[variant].Description = field.Description + } + if strings.TrimSpace(configFields[variant].Type) != "" && configFields[variant].Type != field.Type { + configFields[variant].Type = field.Type + } + if strings.TrimSpace(configFields[variant].IntroductionVersion) != "" && configFields[variant].IntroductionVersion != field.IntroductionVersion { + configFields[variant].IntroductionVersion = field.IntroductionVersion + } + if strings.TrimSpace(configFields[variant].DeprecationVersion) != "" && configFields[variant].DeprecationVersion != field.DeprecationVersion { + configFields[variant].DeprecationVersion = field.DeprecationVersion + } + if strings.TrimSpace(configFields[variant].RemovalVersion) != "" && configFields[variant].RemovalVersion != field.RemovalVersion { + configFields[variant].RemovalVersion = field.RemovalVersion + } + if strings.TrimSpace(configFields[variant].Name) != "" && configFields[variant].Name != field.Name { + configFields[variant].Name = field.Name + } + if strings.TrimSpace(configFields[variant].DeprecationInfo) != "" && configFields[variant].DeprecationInfo != field.DeprecationInfo { + // there might be multiple superseeding DeprecationInformations, we might want to keep track of those, that's why we are not overwriting the field + configFields[variant].DeprecationInfo = configFields[variant].DeprecationInfo + " | " + field.DeprecationInfo + } + } + } + } + } + + output, err := yaml.Marshal(configFields) + if err != nil { + log.Fatalf("Could not marshall variables: %v", err) + } + err = os.WriteFile(fullYamlPath, output, 0666) + if err != nil { + log.Fatalf("could not write %s", fullYamlPath) + } + if err := os.Chdir(curdir); err != nil { + log.Fatal(err) + } +} + +func GetAnnotatedVariables(s interface{}) []ConfigField { + t := reflect.TypeOf(s) + v := reflect.ValueOf(s) + + var fields []ConfigField + for i := 0; i < t.NumField(); i++ { + field := t.Field(i) + value := v.Field(i) + + switch value.Kind() { + default: + desc := field.Tag.Get("desc") + env, ok := field.Tag.Lookup("env") + if !ok { + continue + } + introductionVersion := field.Tag.Get("introductionVersion") + deprecationVersion := field.Tag.Get("deprecationVersion") + removalVersion := field.Tag.Get("removalVersion") + deprecationInfo := field.Tag.Get("deprecationInfo") + v := fmt.Sprintf("%v", value.Interface()) + typeName := value.Type().Name() + if typeName == "" { + typeName = value.Type().String() + } + //fields = append(fields, ConfigField{Name: strings.ReplaceAll(env, ";", "
"), DefaultValue: html.EscapeString(strings.Replace(v, "|", "\\|", -1)), Description: desc, Type: typeName}) + fields = append(fields, ConfigField{ + Name: env, + DefaultValue: html.EscapeString(strings.Replace(v, "|", "\\|", -1)), + Description: desc, + Type: typeName, + IntroductionVersion: introductionVersion, + DeprecationVersion: deprecationVersion, + RemovalVersion: removalVersion, + DeprecationInfo: deprecationInfo, + }) + case reflect.Ptr: + // PolicySelectors in the Proxy are being skipped atm + // they are not configurable via env vars, if that changes + // they are probably added to the Sanitize() function + // and this should not be an issue then + if !value.IsZero() && value.Elem().CanInterface() { + fields = append(fields, GetAnnotatedVariables(value.Elem().Interface())...) + } + case reflect.Struct: + fields = append(fields, GetAnnotatedVariables(value.Interface())...) + } + } + return fields +} diff --git a/docs/helpers/environment-variable-docs-generator.go.tmpl b/docs/helpers/templates/environment-variable-docs-generator.go.tmpl similarity index 100% rename from docs/helpers/environment-variable-docs-generator.go.tmpl rename to docs/helpers/templates/environment-variable-docs-generator.go.tmpl diff --git a/docs/helpers/example-config-generator.go.tmpl b/docs/helpers/templates/example-config-generator.go.tmpl similarity index 100% rename from docs/helpers/example-config-generator.go.tmpl rename to docs/helpers/templates/example-config-generator.go.tmpl diff --git a/docs/helpers/index.tmpl b/docs/helpers/templates/index.tmpl similarity index 100% rename from docs/helpers/index.tmpl rename to docs/helpers/templates/index.tmpl diff --git a/vendor/github.com/rogpeppe/go-internal/semver/forward.go b/vendor/github.com/rogpeppe/go-internal/semver/forward.go new file mode 100644 index 0000000000..ad55780155 --- /dev/null +++ b/vendor/github.com/rogpeppe/go-internal/semver/forward.go @@ -0,0 +1,39 @@ +// Package semver is a thin forwarding layer on top of +// [golang.org/x/mod/semver]. See that package for documentation. +// +// Deprecated: use [golang.org/x/mod/semver] instead. +package semver + +import "golang.org/x/mod/semver" + +func IsValid(v string) bool { + return semver.IsValid(v) +} + +func Canonical(v string) string { + return semver.Canonical(v) +} + +func Major(v string) string { + return semver.Major(v) +} + +func MajorMinor(v string) string { + return semver.MajorMinor(v) +} + +func Prerelease(v string) string { + return semver.Prerelease(v) +} + +func Build(v string) string { + return semver.Build(v) +} + +func Compare(v, w string) int { + return semver.Compare(v, w) +} + +func Max(v, w string) string { + return semver.Max(v, w) +} diff --git a/vendor/modules.txt b/vendor/modules.txt index 26b1284090..f36591b8ec 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -1672,6 +1672,7 @@ github.com/rogpeppe/go-internal/internal/syscall/windows github.com/rogpeppe/go-internal/internal/syscall/windows/sysdll github.com/rogpeppe/go-internal/lockedfile github.com/rogpeppe/go-internal/lockedfile/internal/filelock +github.com/rogpeppe/go-internal/semver # github.com/rs/cors v1.10.1 ## explicit; go 1.13 github.com/rs/cors