diff --git a/.drone.star b/.drone.star index c80d09103..ef304a3a1 100644 --- a/.drone.star +++ b/.drone.star @@ -59,12 +59,12 @@ dirs = { } # OCIS URLs -OCIS_SERVER_NAME = "ocis-server" -OCIS_URL = "https://%s:9200" % OCIS_SERVER_NAME -OCIS_DOMAIN = "%s:9200" % OCIS_SERVER_NAME -FED_OCIS_SERVER_NAME = "federation-ocis-server" -OCIS_FED_URL = "https://%s:10200" % FED_OCIS_SERVER_NAME -OCIS_FED_DOMAIN = "%s:10200" % FED_OCIS_SERVER_NAME +OC_SERVER_NAME = "ocis-server" +OC_URL = "https://%s:9200" % OC_SERVER_NAME +OC_DOMAIN = "%s:9200" % OC_SERVER_NAME +FED_OC_SERVER_NAME = "federation-ocis-server" +OC_FED_URL = "https://%s:10200" % FED_OC_SERVER_NAME +OC_FED_DOMAIN = "%s:10200" % FED_OC_SERVER_NAME # configuration config = { @@ -177,7 +177,7 @@ config = { "EMAIL_PORT": "9000", }, "extraServerEnvironment": { - "OCIS_ADD_RUN_SERVICES": "notifications", + "OC_ADD_RUN_SERVICES": "notifications", "NOTIFICATIONS_SMTP_HOST": "email", "NOTIFICATIONS_SMTP_PORT": "2500", "NOTIFICATIONS_SMTP_INSECURE": "true", @@ -195,8 +195,8 @@ config = { "ANTIVIRUS_SCANNER_TYPE": "clamav", "ANTIVIRUS_CLAMAV_SOCKET": "tcp://clamav:3310", "POSTPROCESSING_STEPS": "virusscan", - "OCIS_ASYNC_UPLOADS": True, - "OCIS_ADD_RUN_SERVICES": "antivirus", + "OC_ASYNC_UPLOADS": True, + "OC_ADD_RUN_SERVICES": "antivirus", "ANTIVIRUS_DEBUG_ADDR": "0.0.0.0:9297", }, }, @@ -220,8 +220,8 @@ config = { "EMAIL_PORT": "9000", }, "extraServerEnvironment": { - "OCIS_ADD_RUN_SERVICES": "ocm,notifications", - "OCIS_ENABLE_OCM": True, + "OC_ADD_RUN_SERVICES": "ocm,notifications", + "OC_ENABLE_OCM": True, "OCM_OCM_INVITE_MANAGER_INSECURE": True, "OCM_OCM_SHARE_PROVIDER_INSECURE": True, "OCM_OCM_STORAGE_PROVIDER_INSECURE": True, @@ -250,7 +250,7 @@ config = { "skip": False, "withRemotePhp": [True], "extraServerEnvironment": { - "OCIS_ADD_RUN_SERVICES": "auth-app", + "OC_ADD_RUN_SERVICES": "auth-app", "PROXY_ENABLE_APP_AUTH": True, }, }, @@ -264,8 +264,8 @@ config = { "extraServerEnvironment": { "ANTIVIRUS_SCANNER_TYPE": "clamav", "ANTIVIRUS_CLAMAV_SOCKET": "tcp://clamav:3310", - "OCIS_ASYNC_UPLOADS": True, - "OCIS_ADD_RUN_SERVICES": "antivirus", + "OC_ASYNC_UPLOADS": True, + "OC_ADD_RUN_SERVICES": "antivirus", }, }, }, @@ -1033,16 +1033,16 @@ def localApiTests(ctx, name, suites, storage = "ocis", extra_environment = {}, w expected_failures_file = "%s/expected-failures-localAPI-on-%s-storage.md" % (test_dir, storage.upper()) environment = { - "TEST_SERVER_URL": OCIS_URL, - "TEST_SERVER_FED_URL": OCIS_FED_URL, - "OCIS_REVA_DATA_ROOT": "%s" % (dirs["ocisRevaDataRoot"] if storage == "owncloud" else ""), + "TEST_SERVER_URL": OC_URL, + "TEST_SERVER_FED_URL": OC_FED_URL, + "OC_REVA_DATA_ROOT": "%s" % (dirs["ocisRevaDataRoot"] if storage == "owncloud" else ""), "SEND_SCENARIO_LINE_REFERENCES": "true", "STORAGE_DRIVER": storage, "BEHAT_SUITES": ",".join(suites), "BEHAT_FILTER_TAGS": "~@skip&&~@skipOnGraph&&~@skipOnOcis-%s-Storage" % ("OC" if storage == "owncloud" else "OCIS"), "EXPECTED_FAILURES_FILE": expected_failures_file, "UPLOAD_DELETE_WAIT_TIME": "1" if storage == "owncloud" else 0, - "OCIS_WRAPPER_URL": "http://%s:5200" % OCIS_SERVER_NAME, + "OC_WRAPPER_URL": "http://%s:5200" % OC_SERVER_NAME, "WITH_REMOTE_PHP": with_remote_php, "COLLABORATION_SERVICE_URL": "http://wopi-fakeoffice:9300", } @@ -1079,7 +1079,7 @@ def cs3ApiTests(ctx, storage, accounts_hash_difficulty = 4): "image": OC_CS3_API_VALIDATOR, "environment": {}, "commands": [ - "/usr/bin/cs3api-validator /var/lib/cs3api-validator --endpoint=%s:9142" % OCIS_SERVER_NAME, + "/usr/bin/cs3api-validator /var/lib/cs3api-validator --endpoint=%s:9142" % OC_SERVER_NAME, ], }, ], @@ -1129,7 +1129,7 @@ def wopiValidatorTests(ctx, storage, wopiServerType, accounts_hash_difficulty = ] else: extra_server_environment = { - "OCIS_EXCLUDE_RUN_SERVICES": "app-provider", + "OC_EXCLUDE_RUN_SERVICES": "app-provider", } wopiServer = wopiCollaborationService("fakeoffice") @@ -1187,10 +1187,10 @@ def wopiValidatorTests(ctx, storage, wopiServerType, accounts_hash_difficulty = "image": OC_CI_ALPINE, "environment": {}, "commands": [ - "curl -v -X PUT '%s/remote.php/webdav/test.wopitest' -k --fail --retry-connrefused --retry 7 --retry-all-errors -u admin:admin -D headers.txt" % OCIS_URL, + "curl -v -X PUT '%s/remote.php/webdav/test.wopitest' -k --fail --retry-connrefused --retry 7 --retry-all-errors -u admin:admin -D headers.txt" % OC_URL, "cat headers.txt", "export FILE_ID=$(cat headers.txt | sed -n -e 's/^.*Oc-Fileid: //p')", - "export URL=\"%s/app/open?app_name=FakeOffice&file_id=$FILE_ID\"" % OCIS_URL, + "export URL=\"%s/app/open?app_name=FakeOffice&file_id=$FILE_ID\"" % OC_URL, "export URL=$(echo $URL | tr -d '[:cntrl:]')", "curl -v -X POST \"$URL\" -k --fail --retry-connrefused --retry 7 --retry-all-errors -u admin:admin > open.json", "cat open.json", @@ -1232,8 +1232,8 @@ def coreApiTests(ctx, part_number = 1, number_of_parts = 1, with_remote_php = Fa "name": "oC10ApiTests-%s" % part_number, "image": OC_CI_PHP % DEFAULT_PHP_VERSION, "environment": { - "TEST_SERVER_URL": OCIS_URL, - "OCIS_REVA_DATA_ROOT": "%s" % (dirs["ocisRevaDataRoot"] if storage == "owncloud" else ""), + "TEST_SERVER_URL": OC_URL, + "OC_REVA_DATA_ROOT": "%s" % (dirs["ocisRevaDataRoot"] if storage == "owncloud" else ""), "SEND_SCENARIO_LINE_REFERENCES": "true", "STORAGE_DRIVER": storage, "BEHAT_FILTER_TAGS": filterTags, @@ -1242,7 +1242,7 @@ def coreApiTests(ctx, part_number = 1, number_of_parts = 1, with_remote_php = Fa "ACCEPTANCE_TEST_TYPE": "core-api", "EXPECTED_FAILURES_FILE": expected_failures_file, "UPLOAD_DELETE_WAIT_TIME": "1" if storage == "owncloud" else 0, - "OCIS_WRAPPER_URL": "http://%s:5200" % OCIS_SERVER_NAME, + "OC_WRAPPER_URL": "http://%s:5200" % OC_SERVER_NAME, "WITH_REMOTE_PHP": with_remote_php, }, "commands": [ @@ -1293,7 +1293,7 @@ def e2eTestPipeline(ctx): } extra_server_environment = { - "OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST": "%s" % dirs["bannedPasswordList"], + "OC_PASSWORD_POLICY_BANNED_PASSWORDS_LIST": "%s" % dirs["bannedPasswordList"], } e2e_trigger = { @@ -1353,7 +1353,7 @@ def e2eTestPipeline(ctx): "name": "e2e-tests", "image": OC_CI_NODEJS % DEFAULT_NODEJS_VERSION, "environment": { - "BASE_URL_OCIS": OCIS_DOMAIN, + "BASE_URL_OCIS": OC_DOMAIN, "HEADLESS": "true", "RETRY": "1", "WEB_UI_CONFIG_FILE": "%s/%s" % (dirs["base"], dirs["ocisConfig"]), @@ -1424,28 +1424,28 @@ def multiServiceE2ePipeline(ctx): return pipelines extra_server_environment = { - "OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST": "%s" % dirs["bannedPasswordList"], - "OCIS_JWT_SECRET": "some-ocis-jwt-secret", - "OCIS_SERVICE_ACCOUNT_ID": "service-account-id", - "OCIS_SERVICE_ACCOUNT_SECRET": "service-account-secret", - "OCIS_EXCLUDE_RUN_SERVICES": "storage-users", - "OCIS_GATEWAY_GRPC_ADDR": "0.0.0.0:9142", + "OC_PASSWORD_POLICY_BANNED_PASSWORDS_LIST": "%s" % dirs["bannedPasswordList"], + "OC_JWT_SECRET": "some-ocis-jwt-secret", + "OC_SERVICE_ACCOUNT_ID": "service-account-id", + "OC_SERVICE_ACCOUNT_SECRET": "service-account-secret", + "OC_EXCLUDE_RUN_SERVICES": "storage-users", + "OC_GATEWAY_GRPC_ADDR": "0.0.0.0:9142", "SETTINGS_GRPC_ADDR": "0.0.0.0:9191", "GATEWAY_STORAGE_USERS_MOUNT_ID": "storage-users-id", } storage_users_environment = { - "OCIS_CORS_ALLOW_ORIGINS": "%s,https://%s:9201" % (OCIS_URL, OCIS_SERVER_NAME), + "OC_CORS_ALLOW_ORIGINS": "%s,https://%s:9201" % (OC_URL, OC_SERVER_NAME), "STORAGE_USERS_JWT_SECRET": "some-ocis-jwt-secret", "STORAGE_USERS_MOUNT_ID": "storage-users-id", "STORAGE_USERS_SERVICE_ACCOUNT_ID": "service-account-id", "STORAGE_USERS_SERVICE_ACCOUNT_SECRET": "service-account-secret", - "STORAGE_USERS_GATEWAY_GRPC_ADDR": "%s:9142" % OCIS_SERVER_NAME, - "STORAGE_USERS_EVENTS_ENDPOINT": "%s:9233" % OCIS_SERVER_NAME, - "STORAGE_USERS_DATA_GATEWAY_URL": "%s/data" % OCIS_URL, - "OCIS_CACHE_STORE": "nats-js-kv", - "OCIS_CACHE_STORE_NODES": "%s:9233" % OCIS_SERVER_NAME, - "MICRO_REGISTRY_ADDRESS": "%s:9233" % OCIS_SERVER_NAME, + "STORAGE_USERS_GATEWAY_GRPC_ADDR": "%s:9142" % OC_SERVER_NAME, + "STORAGE_USERS_EVENTS_ENDPOINT": "%s:9233" % OC_SERVER_NAME, + "STORAGE_USERS_DATA_GATEWAY_URL": "%s/data" % OC_URL, + "OC_CACHE_STORE": "nats-js-kv", + "OC_CACHE_STORE_NODES": "%s:9233" % OC_SERVER_NAME, + "MICRO_REGISTRY_ADDRESS": "%s:9233" % OC_SERVER_NAME, } storage_users1_environment = { "STORAGE_USERS_GRPC_ADDR": "storageusers1:9157", @@ -1501,7 +1501,7 @@ def multiServiceE2ePipeline(ctx): "name": "e2e-tests", "image": OC_CI_NODEJS % DEFAULT_NODEJS_VERSION, "environment": { - "BASE_URL_OCIS": OCIS_DOMAIN, + "BASE_URL_OCIS": OC_DOMAIN, "HEADLESS": "true", "RETRY": "1", }, @@ -2320,24 +2320,24 @@ def notify(ctx): def ocisServer(storage = "ocis", accounts_hash_difficulty = 4, volumes = [], depends_on = [], deploy_type = "", extra_server_environment = {}, with_wrapper = False, tika_enabled = False): user = "0:0" - container_name = OCIS_SERVER_NAME + container_name = OC_SERVER_NAME environment = { - "OCIS_URL": OCIS_URL, - "OCIS_CONFIG_DIR": "/root/.ocis/config", # needed for checking config later + "OC_URL": OC_URL, + "OC_CONFIG_DIR": "/root/.ocis/config", # needed for checking config later "STORAGE_USERS_DRIVER": "%s" % (storage), "PROXY_ENABLE_BASIC_AUTH": True, "WEB_UI_CONFIG_FILE": "%s/%s" % (dirs["base"], dirs["ocisConfig"]), - "OCIS_LOG_LEVEL": "error", + "OC_LOG_LEVEL": "error", "IDM_CREATE_DEMO_USERS": True, # needed for litmus and cs3api-validator tests "IDM_ADMIN_PASSWORD": "admin", # override the random admin password from `ocis init` "FRONTEND_SEARCH_MIN_LENGTH": "2", - "OCIS_ASYNC_UPLOADS": True, - "OCIS_EVENTS_ENABLE_TLS": False, + "OC_ASYNC_UPLOADS": True, + "OC_EVENTS_ENABLE_TLS": False, "NATS_NATS_HOST": "0.0.0.0", "NATS_NATS_PORT": 9233, - "OCIS_JWT_SECRET": "some-ocis-jwt-secret", + "OC_JWT_SECRET": "some-ocis-jwt-secret", "EVENTHISTORY_STORE": "memory", - "OCIS_TRANSLATION_PATH": "%s/tests/config/translations" % dirs["base"], + "OC_TRANSLATION_PATH": "%s/tests/config/translations" % dirs["base"], # debug addresses required for running services health tests "ACTIVITYLOG_DEBUG_ADDR": "0.0.0.0:9197", "APP_PROVIDER_DEBUG_ADDR": "0.0.0.0:9165", @@ -2384,7 +2384,7 @@ def ocisServer(storage = "ocis", accounts_hash_difficulty = 4, volumes = [], dep if deploy_type == "cs3api_validator": environment["GATEWAY_GRPC_ADDR"] = "0.0.0.0:9142" # make gateway available to cs3api-validator - environment["OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD"] = False + environment["OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD"] = False if deploy_type == "wopi_validator": environment["GATEWAY_GRPC_ADDR"] = "0.0.0.0:9142" # make gateway available to wopi server @@ -2394,12 +2394,12 @@ def ocisServer(storage = "ocis", accounts_hash_difficulty = 4, volumes = [], dep environment["APP_PROVIDER_WOPI_APP_URL"] = "http://fakeoffice:8080" environment["APP_PROVIDER_WOPI_INSECURE"] = "true" environment["APP_PROVIDER_WOPI_WOPI_SERVER_EXTERNAL_URL"] = "http://wopi-fakeoffice:9300" - environment["APP_PROVIDER_WOPI_FOLDER_URL_BASE_URL"] = OCIS_URL + environment["APP_PROVIDER_WOPI_FOLDER_URL_BASE_URL"] = OC_URL if deploy_type == "federation": - environment["OCIS_URL"] = OCIS_FED_URL - environment["PROXY_HTTP_ADDR"] = OCIS_FED_DOMAIN - container_name = FED_OCIS_SERVER_NAME + environment["OC_URL"] = OC_FED_URL + environment["PROXY_HTTP_ADDR"] = OC_FED_DOMAIN + container_name = FED_OC_SERVER_NAME if tika_enabled: environment["FRONTEND_FULL_TEXT_SEARCH_ENABLED"] = True @@ -2421,7 +2421,7 @@ def ocisServer(storage = "ocis", accounts_hash_difficulty = 4, volumes = [], dep wrapper_commands = [ "make -C %s build" % dirs["ocisWrapper"], - "%s/bin/ociswrapper serve --bin %s --url %s --admin-username admin --admin-password admin" % (dirs["ocisWrapper"], ocis_bin, environment["OCIS_URL"]), + "%s/bin/ociswrapper serve --bin %s --url %s --admin-username admin --admin-password admin" % (dirs["ocisWrapper"], ocis_bin, environment["OC_URL"]), ] wait_for_ocis = { @@ -2430,7 +2430,7 @@ def ocisServer(storage = "ocis", accounts_hash_difficulty = 4, volumes = [], dep "commands": [ # wait for ocis-server to be ready (5 minutes) "timeout 300 bash -c 'while [ $(curl -sk -uadmin:admin " + - "%s/graph/v1.0/users/admin " % environment["OCIS_URL"] + + "%s/graph/v1.0/users/admin " % environment["OC_URL"] + "-w %{http_code} -o /dev/null) != 200 ]; do sleep 1; done'", ], "depends_on": depends_on, @@ -2445,7 +2445,7 @@ def ocisServer(storage = "ocis", accounts_hash_difficulty = 4, volumes = [], dep "user": user, "commands": [ "%s init --insecure true" % ocis_bin, - "cat $OCIS_CONFIG_DIR/ocis.yaml", + "cat $OC_CONFIG_DIR/ocis.yaml", "cp tests/config/drone/app-registry.yaml /root/.ocis/config/app-registry.yaml", ] + (wrapper_commands), "volumes": volumes, @@ -2872,7 +2872,7 @@ def litmus(ctx, storage): "environment": environment, "commands": [ "source .env", - 'export LITMUS_URL="%s/remote.php/webdav"' % OCIS_URL, + 'export LITMUS_URL="%s/remote.php/webdav"' % OC_URL, litmusCommand, ], }, @@ -2882,7 +2882,7 @@ def litmus(ctx, storage): "environment": environment, "commands": [ "source .env", - 'export LITMUS_URL="%s/remote.php/dav/files/admin"' % OCIS_URL, + 'export LITMUS_URL="%s/remote.php/dav/files/admin"' % OC_URL, litmusCommand, ], }, @@ -2892,7 +2892,7 @@ def litmus(ctx, storage): "environment": environment, "commands": [ "source .env", - 'export LITMUS_URL="%s/remote.php/dav/files/admin/Shares/new_folder/"' % OCIS_URL, + 'export LITMUS_URL="%s/remote.php/dav/files/admin/Shares/new_folder/"' % OC_URL, litmusCommand, ], }, @@ -2902,7 +2902,7 @@ def litmus(ctx, storage): "environment": environment, "commands": [ "source .env", - 'export LITMUS_URL="%s/remote.php/webdav/Shares/new_folder/"' % OCIS_URL, + 'export LITMUS_URL="%s/remote.php/webdav/Shares/new_folder/"' % OC_URL, litmusCommand, ], }, @@ -2916,7 +2916,7 @@ def litmus(ctx, storage): # }, # "commands": [ # "source .env", - # "export LITMUS_URL='%s/remote.php/dav/public-files/'$PUBLIC_TOKEN" % OCIS_URL, + # "export LITMUS_URL='%s/remote.php/dav/public-files/'$PUBLIC_TOKEN" % OC_URL, # litmusCommand, # ], # }, @@ -2926,7 +2926,7 @@ def litmus(ctx, storage): "environment": environment, "commands": [ "source .env", - "export LITMUS_URL='%s/remote.php/dav/spaces/'$SPACE_ID" % OCIS_URL, + "export LITMUS_URL='%s/remote.php/dav/spaces/'$SPACE_ID" % OC_URL, litmusCommand, ], }, @@ -2949,7 +2949,7 @@ def setupForLitmus(): "name": "setup-for-litmus", "image": OC_UBUNTU, "environment": { - "TEST_SERVER_URL": OCIS_URL, + "TEST_SERVER_URL": OC_URL, }, "commands": [ "bash ./tests/config/drone/setup-for-litmus.sh", @@ -3155,7 +3155,7 @@ def wopiCollaborationService(name): environment = { "MICRO_REGISTRY": "nats-js-kv", - "MICRO_REGISTRY_ADDRESS": "%s:9233" % OCIS_SERVER_NAME, + "MICRO_REGISTRY_ADDRESS": "%s:9233" % OC_SERVER_NAME, "COLLABORATION_LOG_LEVEL": "debug", "COLLABORATION_GRPC_ADDR": "0.0.0.0:9301", "COLLABORATION_HTTP_ADDR": "0.0.0.0:9300", @@ -3163,7 +3163,7 @@ def wopiCollaborationService(name): "COLLABORATION_APP_PROOF_DISABLE": "true", "COLLABORATION_APP_INSECURE": "true", "COLLABORATION_CS3API_DATAGATEWAY_INSECURE": "true", - "OCIS_JWT_SECRET": "some-ocis-jwt-secret", + "OC_JWT_SECRET": "some-ocis-jwt-secret", "COLLABORATION_WOPI_SECRET": "some-wopi-secret", } @@ -3216,13 +3216,13 @@ def logRequests(): def k6LoadTests(ctx): ocis_remote_environment = { - "SSH_OCIS_REMOTE": { + "SSH_OC_REMOTE": { "from_secret": "k6_ssh_ocis_remote", }, - "SSH_OCIS_USERNAME": { + "SSH_OC_USERNAME": { "from_secret": "k6_ssh_ocis_user", }, - "SSH_OCIS_PASSWORD": { + "SSH_OC_PASSWORD": { "from_secret": "k6_ssh_ocis_pass", }, "TEST_SERVER_URL": { @@ -3342,7 +3342,7 @@ def collaboraService(): "detach": True, "environment": { "DONT_GEN_SSL_CERT": "set", - "extra_params": "--o:ssl.enable=true --o:ssl.termination=true --o:welcome.enable=false --o:net.frame_ancestors=%s" % OCIS_URL, + "extra_params": "--o:ssl.enable=true --o:ssl.termination=true --o:welcome.enable=false --o:net.frame_ancestors=%s" % OC_URL, }, "commands": [ "coolconfig generate-proof-key", diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md index f4373366c..cce10fe81 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.md +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -28,8 +28,8 @@ Please describe how you started the server and provide a list of relevant enviro

```console -OCIS_XXX=somevalue -OCIS_YYY=somevalue +OC_XXX=somevalue +OC_YYY=somevalue PROXY_XXX=somevalue ``` diff --git a/.make/go.mk b/.make/go.mk index 5f5847fa2..75c514d48 100644 --- a/.make/go.mk +++ b/.make/go.mk @@ -1,5 +1,5 @@ -OCIS_REPO := github.com/owncloud/ocis/v2 -IMPORT := ($OCIS_REPO)/$(NAME) +OC_REPO := github.com/owncloud/ocis/v2 +IMPORT := ($OC_REPO)/$(NAME) BIN := bin DIST := dist @@ -37,8 +37,8 @@ ifndef DATE DATE := $(shell date -u '+%Y%m%d') endif -LDFLAGS += -X google.golang.org/protobuf/reflect/protoregistry.conflictPolicy=warn -s -w -X "$(OCIS_REPO)/ocis-pkg/version.String=$(STRING)" -X "$(OCIS_REPO)/ocis-pkg/version.Tag=$(VERSION)" -X "$(OCIS_REPO)/ocis-pkg/version.Date=$(DATE)" -DEBUG_LDFLAGS += -X google.golang.org/protobuf/reflect/protoregistry.conflictPolicy=warn -X "$(OCIS_REPO)/ocis-pkg/version.String=$(STRING)" -X "$(OCIS_REPO)/ocis-pkg/version.Tag=$(VERSION)" -X "$(OCIS_REPO)/ocis-pkg/version.Date=$(DATE)" +LDFLAGS += -X google.golang.org/protobuf/reflect/protoregistry.conflictPolicy=warn -s -w -X "$(OC_REPO)/ocis-pkg/version.String=$(STRING)" -X "$(OC_REPO)/ocis-pkg/version.Tag=$(VERSION)" -X "$(OC_REPO)/ocis-pkg/version.Date=$(DATE)" +DEBUG_LDFLAGS += -X google.golang.org/protobuf/reflect/protoregistry.conflictPolicy=warn -X "$(OC_REPO)/ocis-pkg/version.String=$(STRING)" -X "$(OC_REPO)/ocis-pkg/version.Tag=$(VERSION)" -X "$(OC_REPO)/ocis-pkg/version.Date=$(DATE)" GCFLAGS += all=-N -l diff --git a/.make/release.mk b/.make/release.mk index bbe7a1fdc..68f3a2425 100644 --- a/.make/release.mk +++ b/.make/release.mk @@ -10,8 +10,8 @@ release-dirs: @mkdir -p $(DIST)/binaries $(DIST)/release # docker specific packaging flags -DOCKER_LDFLAGS += -X "$(OCIS_REPO)/ocis-pkg/config/defaults.BaseDataPathType=path" -X "$(OCIS_REPO)/ocis-pkg/config/defaults.BaseDataPathValue=/var/lib/ocis" -DOCKER_LDFLAGS += -X "$(OCIS_REPO)/ocis-pkg/config/defaults.BaseConfigPathType=path" -X "$(OCIS_REPO)/ocis-pkg/config/defaults.BaseConfigPathValue=/etc/ocis" +DOCKER_LDFLAGS += -X "$(OC_REPO)/ocis-pkg/config/defaults.BaseDataPathType=path" -X "$(OC_REPO)/ocis-pkg/config/defaults.BaseDataPathValue=/var/lib/ocis" +DOCKER_LDFLAGS += -X "$(OC_REPO)/ocis-pkg/config/defaults.BaseConfigPathType=path" -X "$(OC_REPO)/ocis-pkg/config/defaults.BaseConfigPathValue=/etc/ocis" # We can't link statically when vips is enabled but we still # prefer static linking where possible diff --git a/.vscode/launch.json b/.vscode/launch.json index d39ef63e6..b9506cd09 100644 --- a/.vscode/launch.json +++ b/.vscode/launch.json @@ -25,32 +25,32 @@ "args": ["server"], "env": { // log settings for human developers - "OCIS_LOG_LEVEL": "debug", - "OCIS_LOG_PRETTY": "true", - "OCIS_LOG_COLOR": "true", + "OC_LOG_LEVEL": "debug", + "OC_LOG_PRETTY": "true", + "OC_LOG_COLOR": "true", // set insecure options because we don't have valid certificates in dev environments - "OCIS_INSECURE": "true", + "OC_INSECURE": "true", // enable basic auth for dev setup so that we can use curl for testing "PROXY_ENABLE_BASIC_AUTH": "true", // demo users "IDM_CREATE_DEMO_USERS": "true", - // OCIS_RUN_SERVICES allows to start a subset of services even in the supervised mode - //"OCIS_RUN_SERVICES": "settings,storage-system,graph,idp,idm,ocs,store,thumbnails,web,webdav,frontend,gateway,users,groups,auth-basic,storage-authmachine,storage-users,storage-shares,storage-publiclink,storage-system,app-provider,sharing,proxy,ocdav", + // OC_RUN_SERVICES allows to start a subset of services even in the supervised mode + //"OC_RUN_SERVICES": "settings,storage-system,graph,idp,idm,ocs,store,thumbnails,web,webdav,frontend,gateway,users,groups,auth-basic,storage-authmachine,storage-users,storage-shares,storage-publiclink,storage-system,app-provider,sharing,proxy,ocdav", /* * Keep secrets and passwords in one block to allow easy uncommenting */ // user id of "admin", for user creation and admin role assignement - "OCIS_ADMIN_USER_ID": "some-admin-user-id-0000-000000000000", // FIXME currently must have the length of a UUID, see reva/pkg/storage/utils/decomposedfs/spaces.go:228 + "OC_ADMIN_USER_ID": "some-admin-user-id-0000-000000000000", // FIXME currently must have the length of a UUID, see reva/pkg/storage/utils/decomposedfs/spaces.go:228 // admin user default password "IDM_ADMIN_PASSWORD": "admin", // system user - "OCIS_SYSTEM_USER_ID": "some-system-user-id-000-000000000000", // FIXME currently must have the length of a UUID, see reva/pkg/storage/utils/decomposedfs/spaces.go:228 - "OCIS_SYSTEM_USER_API_KEY": "some-system-user-machine-auth-api-key", + "OC_SYSTEM_USER_ID": "some-system-user-id-000-000000000000", // FIXME currently must have the length of a UUID, see reva/pkg/storage/utils/decomposedfs/spaces.go:228 + "OC_SYSTEM_USER_API_KEY": "some-system-user-machine-auth-api-key", // set some hardcoded secrets - "OCIS_JWT_SECRET": "some-ocis-jwt-secret", - "OCIS_MACHINE_AUTH_API_KEY": "some-ocis-machine-auth-api-key", - "OCIS_TRANSFER_SECRET": "some-ocis-transfer-secret", + "OC_JWT_SECRET": "some-ocis-jwt-secret", + "OC_MACHINE_AUTH_API_KEY": "some-ocis-machine-auth-api-key", + "OC_TRANSFER_SECRET": "some-ocis-transfer-secret", // collaboration "COLLABORATION_WOPIAPP_SECRET": "some-wopi-secret", // idm ldap @@ -71,8 +71,8 @@ "GRAPH_APPLICATION_ID": "application-1", // service accounts - "OCIS_SERVICE_ACCOUNT_ID": "service-account-id", - "OCIS_SERVICE_ACCOUNT_SECRET": "service-account-secret" + "OC_SERVICE_ACCOUNT_ID": "service-account-id", + "OC_SERVICE_ACCOUNT_SECRET": "service-account-secret" } }, { @@ -88,14 +88,14 @@ "OCM_OCM_INVITE_MANAGER_INSECURE": "true", "OCM_OCM_SHARE_PROVIDER_INSECURE": "true", "OCM_OCM_STORAGE_PROVIDER_INSECURE": "true", - "OCIS_BASE_DATA_PATH": "${env:HOME}/.ocis-10200", - "OCIS_CONFIG_DIR": "${env:HOME}/.ocis-10200/config", - "OCIS_EVENTS_ENDPOINT": "127.0.0.1:10233", - "OCIS_LDAP_URI": "ldaps://localhost:10235", - "OCIS_RUNTIME_PORT": "10250", - "OCIS_URL": "https://localhost:10200", - "OCIS_ADD_RUN_SERVICES": "ocm", - "OCIS_ENABLE_OCM": "true", + "OC_BASE_DATA_PATH": "${env:HOME}/.ocis-10200", + "OC_CONFIG_DIR": "${env:HOME}/.ocis-10200/config", + "OC_EVENTS_ENDPOINT": "127.0.0.1:10233", + "OC_LDAP_URI": "ldaps://localhost:10235", + "OC_RUNTIME_PORT": "10250", + "OC_URL": "https://localhost:10200", + "OC_ADD_RUN_SERVICES": "ocm", + "OC_ENABLE_OCM": "true", "APP_PROVIDER_DEBUG_ADDR": "127.0.0.1:10165", "APP_PROVIDER_GRPC_ADDR": "127.0.0.1:10164", "APP_REGISTRY_DEBUG_ADDR": "127.0.0.1:10243", @@ -172,30 +172,30 @@ "WEBDAV_HTTP_ADDR": "127.0.0.1:10115", "WEBFINGER_DEBUG_ADDR": "127.0.0.1:10279", "WEBFINGER_HTTP_ADDR": "127.0.0.1:10275", - "OCIS_SERVICE_ACCOUNT_ID": "serviceaccount", - "OCIS_SERVICE_ACCOUNT_SECRET": "serviceaccountsecret", - "OCIS_DECOMPOSEDFS_PROPAGATOR": "async", + "OC_SERVICE_ACCOUNT_ID": "serviceaccount", + "OC_SERVICE_ACCOUNT_SECRET": "serviceaccountsecret", + "OC_DECOMPOSEDFS_PROPAGATOR": "async", "STORAGE_USERS_ASYNC_PROPAGATOR_PROPAGATION_DELAY": "10s", "TLS_INSECURE": "true", - "OCIS_INSECURE": "true", + "OC_INSECURE": "true", "IDP_ACCESS_TOKEN_EXPIRATION": "9000", "GATEWAY_STORAGE_USERS_MOUNT_ID": "storage-users-1", "STORAGE_USERS_MOUNT_ID": "storage-users-1", "MICRO_REGISTRY": "memory", "SHARING_PUBLIC_DRIVER": "jsoncs3", "FRONTEND_OCS_RESOURCE_INFO_CACHE_TTL": "0", - "OCIS_LOG_LEVEL": "info", - "OCIS_LOG_PRETTY": "true", - "OCIS_LOG_COLOR": "true", + "OC_LOG_LEVEL": "info", + "OC_LOG_PRETTY": "true", + "OC_LOG_COLOR": "true", "PROXY_ENABLE_BASIC_AUTH": "true", "IDM_CREATE_DEMO_USERS": "true", - "OCIS_ADMIN_USER_ID": "some-admin-user-id-0000-000000000000", + "OC_ADMIN_USER_ID": "some-admin-user-id-0000-000000000000", "IDM_ADMIN_PASSWORD": "admin", - "OCIS_SYSTEM_USER_ID": "some-system-user-id-000-000000000000", - "OCIS_SYSTEM_USER_API_KEY": "some-system-user-machine-auth-api-key", - "OCIS_JWT_SECRET": "some-ocis-jwt-secret", - "OCIS_MACHINE_AUTH_API_KEY": "some-ocis-machine-auth-api-key", - "OCIS_TRANSFER_SECRET": "some-ocis-transfer-secret", + "OC_SYSTEM_USER_ID": "some-system-user-id-000-000000000000", + "OC_SYSTEM_USER_API_KEY": "some-system-user-machine-auth-api-key", + "OC_JWT_SECRET": "some-ocis-jwt-secret", + "OC_MACHINE_AUTH_API_KEY": "some-ocis-machine-auth-api-key", + "OC_TRANSFER_SECRET": "some-ocis-transfer-secret", "IDM_SVC_PASSWORD": "some-ldap-idm-password", "GRAPH_LDAP_BIND_PASSWORD": "some-ldap-idm-password", "IDM_REVASVC_PASSWORD": "some-ldap-reva-password", diff --git a/Makefile b/Makefile index 3d7a62c6c..f1eb734bc 100644 --- a/Makefile +++ b/Makefile @@ -21,7 +21,7 @@ L10N_MODULES := \ services/settings # if you add a module here please also add it to the .drone.star file -OCIS_MODULES = \ +OC_MODULES = \ services/activitylog \ services/antivirus \ services/app-provider \ @@ -143,19 +143,19 @@ composer.lock: composer.json .PHONY: generate generate: - @for mod in $(OCIS_MODULES); do \ + @for mod in $(OC_MODULES); do \ $(MAKE) -C $$mod generate || exit 1; \ done .PHONY: vet vet: - @for mod in $(OCIS_MODULES); do \ + @for mod in $(OC_MODULES); do \ $(MAKE) --no-print-directory -C $$mod vet || exit 1; \ done .PHONY: clean clean: - @for mod in $(OCIS_MODULES); do \ + @for mod in $(OC_MODULES); do \ $(MAKE) --no-print-directory -C $$mod clean || exit 1; \ done @@ -164,7 +164,7 @@ docs-generate: # empty the folders first to only have files that are generated without remnants find docs/services/_includes/ -type f \( -name "*" ! -name ".git*" ! -name "_*" \) -delete || exit 1 - @for mod in $(OCIS_MODULES); do \ + @for mod in $(OC_MODULES); do \ $(MAKE) --no-print-directory -C $$mod docs-generate || exit 1; \ done @@ -177,20 +177,20 @@ check-env-var-annotations: .PHONY: ci-go-generate ci-go-generate: - @for mod in $(OCIS_MODULES); do \ + @for mod in $(OC_MODULES); do \ $(MAKE) --no-print-directory -C $$mod ci-go-generate || exit 1; \ done .PHONY: ci-node-generate ci-node-generate: @if [ $(MAKE_DEPTH) -le 1 ]; then \ - for mod in $(OCIS_MODULES); do \ + for mod in $(OC_MODULES); do \ $(MAKE) --no-print-directory -C $$mod ci-node-generate || exit 1; \ done; fi; .PHONY: go-mod-tidy go-mod-tidy: - @for mod in $(OCIS_MODULES); do \ + @for mod in $(OC_MODULES); do \ $(MAKE) --no-print-directory -C $$mod go-mod-tidy || exit 1; \ done @@ -201,7 +201,7 @@ test: .PHONY: go-coverage go-coverage: @if [ ! -f coverage.out ]; then $(MAKE) test &>/dev/null; fi; - @for mod in $(OCIS_MODULES); do \ + @for mod in $(OC_MODULES); do \ echo -n "% coverage $$mod: "; $(MAKE) --no-print-directory -C $$mod go-coverage || exit 1; \ done @@ -213,7 +213,7 @@ protobuf: .PHONY: golangci-lint golangci-lint: - @for mod in $(OCIS_MODULES); do \ + @for mod in $(OC_MODULES); do \ $(MAKE) --no-print-directory -C $$mod golangci-lint; \ done @@ -223,7 +223,7 @@ ci-golangci-lint: $(GOLANGCI_LINT) .PHONY: golangci-lint-fix golangci-lint-fix: - @for mod in $(OCIS_MODULES); do \ + @for mod in $(OC_MODULES); do \ $(MAKE) --no-print-directory -C $$mod golangci-lint-fix; \ done @@ -251,7 +251,7 @@ ci-go-check-licenses: $(GO_LICENSES) .PHONY: ci-node-check-licenses ci-node-check-licenses: - @for mod in $(OCIS_MODULES); do \ + @for mod in $(OC_MODULES); do \ echo -e "% check-license $$mod:"; $(MAKE) --no-print-directory -C $$mod ci-node-check-licenses || exit 1; \ done @@ -263,7 +263,7 @@ ci-go-save-licenses: $(GO_LICENSES) .PHONY: ci-node-save-licenses ci-node-save-licenses: - @for mod in $(OCIS_MODULES); do \ + @for mod in $(OC_MODULES); do \ $(MAKE) --no-print-directory -C $$mod ci-node-save-licenses || exit 1; \ done diff --git a/deployments/continuous-deployment-config/ocis_full/master.yml b/deployments/continuous-deployment-config/ocis_full/master.yml index 99a52c249..ec22c3ed7 100644 --- a/deployments/continuous-deployment-config/ocis_full/master.yml +++ b/deployments/continuous-deployment-config/ocis_full/master.yml @@ -30,9 +30,9 @@ env: INSECURE: "false" TRAEFIK_ACME_MAIL: julian.koberg@kiteworks.com - OCIS_DOCKER_TAG: master - OCIS_DOCKER_IMAGE: owncloud/ocis-rolling - OCIS_DOMAIN: ocis.ocis.master.owncloud.works + OC_DOCKER_TAG: master + OC_DOCKER_IMAGE: owncloud/ocis-rolling + OC_DOMAIN: ocis.ocis.master.owncloud.works COMPANION_DOMAIN: companion.ocis.master.owncloud.works COMPANION_IMAGE: owncloud/uppy-companion:3.12.13-owncloud WOPISERVER_DOMAIN: wopiserver.ocis.master.owncloud.works @@ -48,5 +48,5 @@ TELEMETRY_SERVE_DOMAIN: telemetry.ocis.master.owncloud.works JAEGER_COLLECTOR: jaeger-collector.infra.owncloud.works:443 TELEGRAF_SPECIFIC_CONFIG: ocis_full - OCIS_URL: ocis.ocis.master.owncloud.works - OCIS_DEPLOYMENT_ID: continuous-deployment-ocis-master + OC_URL: ocis.ocis.master.owncloud.works + OC_DEPLOYMENT_ID: continuous-deployment-ocis-master diff --git a/deployments/continuous-deployment-config/ocis_full/onlyoffice-master.yml b/deployments/continuous-deployment-config/ocis_full/onlyoffice-master.yml index 164f5949d..72ed867c9 100644 --- a/deployments/continuous-deployment-config/ocis_full/onlyoffice-master.yml +++ b/deployments/continuous-deployment-config/ocis_full/onlyoffice-master.yml @@ -30,9 +30,9 @@ env: INSECURE: "false" TRAEFIK_ACME_MAIL: julian.koberg@kiteworks.com - OCIS_DOCKER_TAG: master - OCIS_DOCKER_IMAGE: owncloud/ocis-rolling - OCIS_DOMAIN: ocis.ocis-onlyoffice.master.owncloud.works + OC_DOCKER_TAG: master + OC_DOCKER_IMAGE: owncloud/ocis-rolling + OC_DOMAIN: ocis.ocis-onlyoffice.master.owncloud.works COMPANION_DOMAIN: companion.ocis-onlyoffice.master.owncloud.works COMPANION_IMAGE: owncloud/uppy-companion:3.12.13-owncloud WOPISERVER_ONLYOFFICE_DOMAIN: wopiserver-oo.ocis-onlyoffice.master.owncloud.works @@ -48,5 +48,5 @@ TELEMETRY_SERVE_DOMAIN: telemetry.ocis-onlyoffice.master.owncloud.works JAEGER_COLLECTOR: jaeger-collector.infra.owncloud.works:443 TELEGRAF_SPECIFIC_CONFIG: ocis_onlyoffice - OCIS_URL: ocis.ocis-onlyoffice.master.owncloud.works - OCIS_DEPLOYMENT_ID: continuous-deployment-ocis-onlyoffice-master + OC_URL: ocis.ocis-onlyoffice.master.owncloud.works + OC_DEPLOYMENT_ID: continuous-deployment-ocis-onlyoffice-master diff --git a/deployments/continuous-deployment-config/ocis_full/onlyoffice-rolling.yml b/deployments/continuous-deployment-config/ocis_full/onlyoffice-rolling.yml index a886e4787..108057ee5 100644 --- a/deployments/continuous-deployment-config/ocis_full/onlyoffice-rolling.yml +++ b/deployments/continuous-deployment-config/ocis_full/onlyoffice-rolling.yml @@ -30,9 +30,9 @@ env: INSECURE: "false" TRAEFIK_ACME_MAIL: julian.koberg@kiteworks.com - OCIS_DOCKER_TAG: 6.6.1 - OCIS_DOCKER_IMAGE: owncloud/ocis-rolling - OCIS_DOMAIN: ocis.ocis-onlyoffice.rolling.owncloud.works + OC_DOCKER_TAG: 6.6.1 + OC_DOCKER_IMAGE: owncloud/ocis-rolling + OC_DOMAIN: ocis.ocis-onlyoffice.rolling.owncloud.works COMPANION_DOMAIN: companion.ocis-onlyoffice.rolling.owncloud.works COMPANION_IMAGE: owncloud/uppy-companion:3.12.13-owncloud WOPISERVER_ONLYOFFICE_DOMAIN: wopiserver-oo.ocis-onlyoffice.rolling.owncloud.works @@ -48,5 +48,5 @@ TELEMETRY_SERVE_DOMAIN: telemetry.ocis-onlyoffice.rolling.owncloud.works JAEGER_COLLECTOR: jaeger-collector.infra.owncloud.works:443 TELEGRAF_SPECIFIC_CONFIG: ocis_onlyoffice - OCIS_URL: ocis.ocis-onlyoffice.rolling.owncloud.works - OCIS_DEPLOYMENT_ID: continuous-deployment-ocis-onlyoffice-rolling + OC_URL: ocis.ocis-onlyoffice.rolling.owncloud.works + OC_DEPLOYMENT_ID: continuous-deployment-ocis-onlyoffice-rolling diff --git a/deployments/continuous-deployment-config/ocis_full/production.yml b/deployments/continuous-deployment-config/ocis_full/production.yml index a0dde8823..18000a3d7 100644 --- a/deployments/continuous-deployment-config/ocis_full/production.yml +++ b/deployments/continuous-deployment-config/ocis_full/production.yml @@ -30,8 +30,8 @@ env: INSECURE: "false" TRAEFIK_ACME_MAIL: julian.koberg@kiteworks.com - OCIS_DOCKER_TAG: 7.0.0 - OCIS_DOMAIN: ocis.ocis.production.owncloud.works + OC_DOCKER_TAG: 7.0.0 + OC_DOMAIN: ocis.ocis.production.owncloud.works COMPANION_DOMAIN: companion.ocis.production.owncloud.works COMPANION_IMAGE: owncloud/uppy-companion:3.12.13-owncloud WOPISERVER_DOMAIN: wopiserver.ocis.production.owncloud.works @@ -47,5 +47,5 @@ TELEMETRY_SERVE_DOMAIN: telemetry.ocis.production.owncloud.works JAEGER_COLLECTOR: jaeger-collector.infra.owncloud.works:443 TELEGRAF_SPECIFIC_CONFIG: ocis_wopi - OCIS_URL: ocis.ocis.production.owncloud.works - OCIS_DEPLOYMENT_ID: continuous-deployment-ocis-production + OC_URL: ocis.ocis.production.owncloud.works + OC_DEPLOYMENT_ID: continuous-deployment-ocis-production diff --git a/deployments/continuous-deployment-config/ocis_full/rolling.yml b/deployments/continuous-deployment-config/ocis_full/rolling.yml index d08b02e69..fa22515c5 100644 --- a/deployments/continuous-deployment-config/ocis_full/rolling.yml +++ b/deployments/continuous-deployment-config/ocis_full/rolling.yml @@ -30,9 +30,9 @@ env: INSECURE: "false" TRAEFIK_ACME_MAIL: julian.koberg@kiteworks.com - OCIS_DOCKER_TAG: 6.6.1 - OCIS_DOCKER_IMAGE: owncloud/ocis-rolling - OCIS_DOMAIN: ocis.ocis.rolling.owncloud.works + OC_DOCKER_TAG: 6.6.1 + OC_DOCKER_IMAGE: owncloud/ocis-rolling + OC_DOMAIN: ocis.ocis.rolling.owncloud.works COMPANION_DOMAIN: companion.ocis.rolling.owncloud.works COMPANION_IMAGE: owncloud/uppy-companion:3.12.13-owncloud WOPISERVER_DOMAIN: wopiserver.ocis.rolling.owncloud.works @@ -48,5 +48,5 @@ TELEMETRY_SERVE_DOMAIN: telemetry.ocis.rolling.owncloud.works JAEGER_COLLECTOR: jaeger-collector.infra.owncloud.works:443 TELEGRAF_SPECIFIC_CONFIG: ocis_full - OCIS_URL: ocis.ocis.rolling.owncloud.works - OCIS_DEPLOYMENT_ID: continuous-deployment-ocis-rolling + OC_URL: ocis.ocis.rolling.owncloud.works + OC_DEPLOYMENT_ID: continuous-deployment-ocis-rolling diff --git a/deployments/continuous-deployment-config/ocis_full/s3-rolling.yml b/deployments/continuous-deployment-config/ocis_full/s3-rolling.yml index fb32524fc..05ea10323 100644 --- a/deployments/continuous-deployment-config/ocis_full/s3-rolling.yml +++ b/deployments/continuous-deployment-config/ocis_full/s3-rolling.yml @@ -30,9 +30,9 @@ env: INSECURE: "false" TRAEFIK_ACME_MAIL: julian.koberg@kiteworks.com - OCIS_DOCKER_TAG: 6.6.1 - OCIS_DOCKER_IMAGE: owncloud/ocis-rolling - OCIS_DOMAIN: ocis.ocis-s3.rolling.owncloud.works + OC_DOCKER_TAG: 6.6.1 + OC_DOCKER_IMAGE: owncloud/ocis-rolling + OC_DOMAIN: ocis.ocis-s3.rolling.owncloud.works COMPANION_DOMAIN: companion.ocis-s3.rolling.owncloud.works COMPANION_IMAGE: owncloud/uppy-companion:3.12.13-owncloud WOPISERVER_DOMAIN: wopiserver.ocis-s3.rolling.owncloud.works @@ -49,5 +49,5 @@ TELEMETRY_SERVE_DOMAIN: telemetry.ocis-s3.rolling.owncloud.works JAEGER_COLLECTOR: jaeger-collector.infra.owncloud.works:443 TELEGRAF_SPECIFIC_CONFIG: ocis_full - OCIS_URL: ocis.ocis-s3.rolling.owncloud.works - OCIS_DEPLOYMENT_ID: continuous-deployment-ocis-s3-rolling + OC_URL: ocis.ocis-s3.rolling.owncloud.works + OC_DEPLOYMENT_ID: continuous-deployment-ocis-s3-rolling diff --git a/deployments/continuous-deployment-config/ocis_keycloak/rolling.yml b/deployments/continuous-deployment-config/ocis_keycloak/rolling.yml index b79742d31..644e932a5 100644 --- a/deployments/continuous-deployment-config/ocis_keycloak/rolling.yml +++ b/deployments/continuous-deployment-config/ocis_keycloak/rolling.yml @@ -30,9 +30,9 @@ env: INSECURE: "false" TRAEFIK_ACME_MAIL: julian.koberg@kiteworks.com - OCIS_DOCKER_TAG: 6.6.1 - OCIS_DOCKER_IMAGE: owncloud/ocis-rolling - OCIS_DOMAIN: ocis.ocis-keycloak.rolling.owncloud.works + OC_DOCKER_TAG: 6.6.1 + OC_DOCKER_IMAGE: owncloud/ocis-rolling + OC_DOMAIN: ocis.ocis-keycloak.rolling.owncloud.works KEYCLOAK_DOMAIN: keycloak.ocis-keycloak.rolling.owncloud.works COMPOSE_FILE: docker-compose.yml:monitoring_tracing/docker-compose-additions.yml - name: monitoring @@ -43,5 +43,5 @@ TELEMETRY_SERVE_DOMAIN: telemetry.ocis-keycloak.rolling.owncloud.works JAEGER_COLLECTOR: jaeger-collector.infra.owncloud.works:443 TELEGRAF_SPECIFIC_CONFIG: ocis_single_container - OCIS_URL: ocis.ocis-keycloak.rolling.owncloud.works - OCIS_DEPLOYMENT_ID: continuous-deployment-ocis-keycloak-rolling + OC_URL: ocis.ocis-keycloak.rolling.owncloud.works + OC_DEPLOYMENT_ID: continuous-deployment-ocis-keycloak-rolling diff --git a/deployments/continuous-deployment-config/ocis_ldap/rolling.yml b/deployments/continuous-deployment-config/ocis_ldap/rolling.yml index 4ef6e0a2a..3b6e30b8b 100644 --- a/deployments/continuous-deployment-config/ocis_ldap/rolling.yml +++ b/deployments/continuous-deployment-config/ocis_ldap/rolling.yml @@ -30,9 +30,9 @@ env: INSECURE: "false" TRAEFIK_ACME_MAIL: julian.koberg@kiteworks.com - OCIS_DOCKER_TAG: 6.6.1 - OCIS_DOCKER_IMAGE: owncloud/ocis-rolling - OCIS_DOMAIN: ocis.ocis-ldap.rolling.owncloud.works + OC_DOCKER_TAG: 6.6.1 + OC_DOCKER_IMAGE: owncloud/ocis-rolling + OC_DOMAIN: ocis.ocis-ldap.rolling.owncloud.works LDAP_MANAGER_DOMAIN: ldap.ocis-ldap.rolling.owncloud.works COMPOSE_FILE: docker-compose.yml:monitoring_tracing/docker-compose-additions.yml - name: monitoring @@ -43,5 +43,5 @@ TELEMETRY_SERVE_DOMAIN: telemetry.ocis-ldap.rolling.owncloud.works JAEGER_COLLECTOR: jaeger-collector.infra.owncloud.works:443 TELEGRAF_SPECIFIC_CONFIG: ocis_single_container - OCIS_URL: ocis.ocis-ldap.rolling.owncloud.works - OCIS_DEPLOYMENT_ID: continuous-deployment-ocis-ldap-rolling + OC_URL: ocis.ocis-ldap.rolling.owncloud.works + OC_DEPLOYMENT_ID: continuous-deployment-ocis-ldap-rolling diff --git a/deployments/examples/oc10_ocis_parallel/.env b/deployments/examples/oc10_ocis_parallel/.env index 111d8a20d..da990f94b 100644 --- a/deployments/examples/oc10_ocis_parallel/.env +++ b/deployments/examples/oc10_ocis_parallel/.env @@ -23,13 +23,13 @@ CLOUD_DOMAIN= ### oCIS settings ### # oCIS version. Defaults to "latest" -OCIS_DOCKER_TAG= +OC_DOCKER_TAG= # JWT secret which is used for the storage provider. Must be changed in order to have a secure oCIS. Defaults to "Pive-Fumkiu4" -OCIS_JWT_SECRET= +OC_JWT_SECRET= # JWT secret which is used for uploads to create transfer tokens. Must be changed in order to have a secure oCIS. Defaults to "replace-me-with-a-transfer-secret" STORAGE_TRANSFER_SECRET= # Machine auth api key secret. Must be changed in order to have a secure oCIS. Defaults to "change-me-please" -OCIS_MACHINE_AUTH_API_KEY= +OC_MACHINE_AUTH_API_KEY= ### oCIS settings ### # oC10 version. Defaults to "latest" diff --git a/deployments/examples/oc10_ocis_parallel/docker-compose.yml b/deployments/examples/oc10_ocis_parallel/docker-compose.yml index 9e9339c42..f0a09c2a2 100644 --- a/deployments/examples/oc10_ocis_parallel/docker-compose.yml +++ b/deployments/examples/oc10_ocis_parallel/docker-compose.yml @@ -58,7 +58,7 @@ services: - ocis-data:/var/lib/ocis ocis: - image: owncloud/ocis:${OCIS_DOCKER_TAG:-latest} + image: owncloud/ocis:${OC_DOCKER_TAG:-latest} networks: ocis-net: user: "33:33" # equals the user "www-data" for oC10 @@ -73,7 +73,7 @@ services: # - /entrypoint-override.sh environment: # Keycloak IDP specific configuration - OCIS_OIDC_ISSUER: https://${KEYCLOAK_DOMAIN:-keycloak.owncloud.test}/auth/realms/${KEYCLOAK_REALM:-owncloud} + OC_OIDC_ISSUER: https://${KEYCLOAK_DOMAIN:-keycloak.owncloud.test}/auth/realms/${KEYCLOAK_REALM:-owncloud} PROXY_OIDC_REWRITE_WELLKNOWN: "true" WEB_OIDC_CLIENT_ID: ocis-web WEB_OIDC_SCOPE: openid profile email owncloud @@ -81,19 +81,19 @@ services: GRAPH_IDENTITY_BACKEND: ldap GRAPH_LDAP_SERVER_WRITE_ENABLED: "false" # LDAP bind - OCIS_LDAP_URI: "ldaps://openldap" - OCIS_LDAP_INSECURE: "true" - OCIS_LDAP_BIND_DN: "cn=admin,dc=owncloud,dc=com" - OCIS_LDAP_BIND_PASSWORD: ${LDAP_ADMIN_PASSWORD:-admin} + OC_LDAP_URI: "ldaps://openldap" + OC_LDAP_INSECURE: "true" + OC_LDAP_BIND_DN: "cn=admin,dc=owncloud,dc=com" + OC_LDAP_BIND_PASSWORD: ${LDAP_ADMIN_PASSWORD:-admin} # LDAP user settings PROXY_USER_OIDC_CLAIM: ocis.user.uuid # claim was added in Keycloak PROXY_USER_CS3_CLAIM: userid # equals LDAP_USER_SCHEMA_ID - OCIS_LDAP_GROUP_BASE_DN: "ou=groups,dc=owncloud,dc=com" - OCIS_LDAP_GROUP_SCHEMA_ID: "ownclouduuid" - OCIS_LDAP_GROUP_FILTER: "(objectclass=owncloud)" - OCIS_LDAP_USER_BASE_DN: "ou=users,dc=owncloud,dc=com" - OCIS_LDAP_USER_SCHEMA_ID: "ownclouduuid" - OCIS_LDAP_USER_FILTER: "(objectclass=owncloud)" + OC_LDAP_GROUP_BASE_DN: "ou=groups,dc=owncloud,dc=com" + OC_LDAP_GROUP_SCHEMA_ID: "ownclouduuid" + OC_LDAP_GROUP_FILTER: "(objectclass=owncloud)" + OC_LDAP_USER_BASE_DN: "ou=users,dc=owncloud,dc=com" + OC_LDAP_USER_SCHEMA_ID: "ownclouduuid" + OC_LDAP_USER_FILTER: "(objectclass=owncloud)" # ownCloudSQL storage driver STORAGE_USERS_DRIVER: "owncloudsql" STORAGE_USERS_OWNCLOUDSQL_DATADIR: "/mnt/data/files" @@ -112,20 +112,20 @@ services: SHARING_USER_OWNCLOUDSQL_DB_PORT: 3306 SHARING_USER_OWNCLOUDSQL_DB_NAME: "owncloud" # ownCloud storage readonly - OCIS_STORAGE_READ_ONLY: "false" # TODO: conflict with OWNCLOUDSQL -> https://github.com/owncloud/ocis/issues/2303 + OC_STORAGE_READ_ONLY: "false" # TODO: conflict with OWNCLOUDSQL -> https://github.com/owncloud/ocis/issues/2303 # General oCIS config - # OCIS_RUN_SERVICES specifies to start all fullstack services except idm and idp. These are replaced by external services - OCIS_RUN_SERVICES: app-registry,app-provider,auth-basic,auth-machine,frontend,gateway,graph,groups,nats,notifications,ocdav,ocs,proxy,search,settings,sharing,storage-system,storage-publiclink,storage-shares,storage-users,store,thumbnails,users,web,webdav - OCIS_LOG_LEVEL: ${OCIS_LOG_LEVEL:-info} - OCIS_LOG_COLOR: "${OCIS_LOG_COLOR:-false}" - OCIS_URL: https://${CLOUD_DOMAIN:-cloud.owncloud.test} + # OC_RUN_SERVICES specifies to start all fullstack services except idm and idp. These are replaced by external services + OC_RUN_SERVICES: app-registry,app-provider,auth-basic,auth-machine,frontend,gateway,graph,groups,nats,notifications,ocdav,ocs,proxy,search,settings,sharing,storage-system,storage-publiclink,storage-shares,storage-users,store,thumbnails,users,web,webdav + OC_LOG_LEVEL: ${OC_LOG_LEVEL:-info} + OC_LOG_COLOR: "${OC_LOG_COLOR:-false}" + OC_URL: https://${CLOUD_DOMAIN:-cloud.owncloud.test} PROXY_TLS: "false" # do not use SSL between Traefik and oCIS # INSECURE: needed if oCIS / Traefik is using self generated certificates - OCIS_INSECURE: "${INSECURE:-false}" + OC_INSECURE: "${INSECURE:-false}" # basic auth (not recommended, but needed for e.g., WebDav clients that do not support OpenID Connect) PROXY_ENABLE_BASIC_AUTH: "${PROXY_ENABLE_BASIC_AUTH:-false}" # password policies - OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST: "banned-password-list.txt" + OC_PASSWORD_POLICY_BANNED_PASSWORDS_LIST: "banned-password-list.txt" volumes: - ./config/ocis/banned-password-list.txt:/etc/ocis/banned-password-list.txt - ./config/ocis/proxy.yaml:/etc/ocis/proxy.yaml diff --git a/deployments/examples/oc10_ocis_parallel/monitoring_tracing/docker-compose-additions.yml b/deployments/examples/oc10_ocis_parallel/monitoring_tracing/docker-compose-additions.yml index f53140697..d3b9965d8 100644 --- a/deployments/examples/oc10_ocis_parallel/monitoring_tracing/docker-compose-additions.yml +++ b/deployments/examples/oc10_ocis_parallel/monitoring_tracing/docker-compose-additions.yml @@ -5,9 +5,9 @@ services: ocis: environment: # tracing - OCIS_TRACING_ENABLED: "true" - OCIS_TRACING_TYPE: "jaeger" - OCIS_TRACING_ENDPOINT: jaeger-agent:6831 + OC_TRACING_ENABLED: "true" + OC_TRACING_TYPE: "jaeger" + OC_TRACING_ENDPOINT: jaeger-agent:6831 # metrics # if oCIS runs as a single process, all /metrics endpoints # will expose the same metrics, so it's sufficient to query one endpoint diff --git a/deployments/examples/ocis_full/.env b/deployments/examples/ocis_full/.env index 1e5374454..8beabe8e5 100644 --- a/deployments/examples/ocis_full/.env +++ b/deployments/examples/ocis_full/.env @@ -39,13 +39,13 @@ OCIS=:ocis.yml # For production releases: "owncloud/ocis" # For rolling releases: "owncloud/ocis-rolling" # Defaults to production if not set otherwise -OCIS_DOCKER_IMAGE=owncloud/ocis-rolling +OC_DOCKER_IMAGE=owncloud/ocis-rolling # The oCIS container version. # Defaults to "latest" and points to the latest stable tag. -OCIS_DOCKER_TAG= +OC_DOCKER_TAG= # Domain of oCIS, where you can find the frontend. # Defaults to "ocis.owncloud.test" -OCIS_DOMAIN= +OC_DOMAIN= # oCIS admin user password. Defaults to "admin". ADMIN_PASSWORD= # Demo users should not be created on a production instance, @@ -66,8 +66,8 @@ LOG_LEVEL= # Leaving it default stores data in docker internal volumes. # For more details see: # https://doc.owncloud.com/ocis/next/deployment/general/general-info.html#default-paths -# OCIS_CONFIG_DIR=/your/local/ocis/config -# OCIS_DATA_DIR=/your/local/ocis/data +# OC_CONFIG_DIR=/your/local/ocis/config +# OC_DATA_DIR=/your/local/ocis/data # S3 Storage configuration - optional # Infinite Scale supports S3 storage as primary storage. diff --git a/deployments/examples/ocis_full/collabora.yml b/deployments/examples/ocis_full/collabora.yml index cbcf71e61..642b8638e 100644 --- a/deployments/examples/ocis_full/collabora.yml +++ b/deployments/examples/ocis_full/collabora.yml @@ -13,7 +13,7 @@ services: GRAPH_AVAILABLE_ROLES: "b1e2218d-eef8-4d4c-b82d-0f1a1b48f3b5,a8d5fe5e-96e3-418d-825b-534dbdf22b99,fb6c3e19-e378-47e5-b277-9732f9de6e21,58c63c02-1d89-4572-916a-870abc5a1b7d,2d00ce52-1fc2-4dbc-8b95-a73b73395f5a,1c996275-f1c9-4e71-abdf-a42f6495e960,312c0871-5ef7-4b3a-85b6-0e4074c64049,aa97fe03-7980-45ac-9e50-b325749fd7e6" collaboration: - image: ${OCIS_DOCKER_IMAGE:-owncloud/ocis}:${OCIS_DOCKER_TAG:-latest} + image: ${OC_DOCKER_IMAGE:-owncloud/ocis}:${OC_DOCKER_TAG:-latest} networks: ocis-net: depends_on: @@ -37,10 +37,10 @@ services: COLLABORATION_APP_INSECURE: "${INSECURE:-true}" COLLABORATION_CS3API_DATAGATEWAY_INSECURE: "${INSECURE:-true}" COLLABORATION_LOG_LEVEL: ${LOG_LEVEL:-info} - OCIS_URL: https://${OCIS_DOMAIN:-ocis.owncloud.test} + OC_URL: https://${OC_DOMAIN:-ocis.owncloud.test} volumes: # configure the .env file to use own paths instead of docker internal volumes - - ${OCIS_CONFIG_DIR:-ocis-config}:/etc/ocis + - ${OC_CONFIG_DIR:-ocis-config}:/etc/ocis labels: - "traefik.enable=true" - "traefik.http.routers.collaboration.entrypoints=https" @@ -65,7 +65,7 @@ services: --o:ssl.ssl_verification=${COLLABORA_SSL_VERIFICATION:-true} \ --o:ssl.termination=true \ --o:welcome.enable=false \ - --o:net.frame_ancestors=${OCIS_DOMAIN:-ocis.owncloud.test} + --o:net.frame_ancestors=${OC_DOMAIN:-ocis.owncloud.test} username: ${COLLABORA_ADMIN_USER:-admin} password: ${COLLABORA_ADMIN_PASSWORD:-admin} cap_add: diff --git a/deployments/examples/ocis_full/inbucket.yml b/deployments/examples/ocis_full/inbucket.yml index 5b8c6087b..d4a89e235 100644 --- a/deployments/examples/ocis_full/inbucket.yml +++ b/deployments/examples/ocis_full/inbucket.yml @@ -4,8 +4,8 @@ services: environment: NOTIFICATIONS_SMTP_HOST: inbucket NOTIFICATIONS_SMTP_PORT: 2500 - NOTIFICATIONS_SMTP_SENDER: oCIS notifications - NOTIFICATIONS_SMTP_USERNAME: notifications@${OCIS_DOMAIN:-ocis.owncloud.test} + NOTIFICATIONS_SMTP_SENDER: oCIS notifications + NOTIFICATIONS_SMTP_USERNAME: notifications@${OC_DOMAIN:-ocis.owncloud.test} # the mail catcher uses self signed certificates NOTIFICATIONS_SMTP_INSECURE: "true" diff --git a/deployments/examples/ocis_full/monitoring_tracing/monitoring-oo.yml b/deployments/examples/ocis_full/monitoring_tracing/monitoring-oo.yml index 396ed1b3f..cc883dc35 100644 --- a/deployments/examples/ocis_full/monitoring_tracing/monitoring-oo.yml +++ b/deployments/examples/ocis_full/monitoring_tracing/monitoring-oo.yml @@ -4,9 +4,9 @@ services: ocis: environment: # tracing - OCIS_TRACING_ENABLED: "true" - OCIS_TRACING_TYPE: "jaeger" - OCIS_TRACING_ENDPOINT: jaeger-agent:6831 + OC_TRACING_ENABLED: "true" + OC_TRACING_TYPE: "jaeger" + OC_TRACING_ENDPOINT: jaeger-agent:6831 # metrics # if oCIS runs as a single process, all /metrics endpoints # will expose the same metrics, so it's sufficient to query one endpoint @@ -15,9 +15,9 @@ services: collaboration-oo: environment: # tracing - OCIS_TRACING_ENABLED: "true" - OCIS_TRACING_TYPE: "jaeger" - OCIS_TRACING_ENDPOINT: jaeger-agent:6831 + OC_TRACING_ENABLED: "true" + OC_TRACING_TYPE: "jaeger" + OC_TRACING_ENDPOINT: jaeger-agent:6831 # metrics COLLABORATION_DEBUG_ADDR: 0.0.0.0:9304 diff --git a/deployments/examples/ocis_full/monitoring_tracing/monitoring.yml b/deployments/examples/ocis_full/monitoring_tracing/monitoring.yml index 9fcc6a31e..7258a2d9e 100644 --- a/deployments/examples/ocis_full/monitoring_tracing/monitoring.yml +++ b/deployments/examples/ocis_full/monitoring_tracing/monitoring.yml @@ -4,9 +4,9 @@ services: ocis: environment: # tracing - OCIS_TRACING_ENABLED: "true" - OCIS_TRACING_TYPE: "jaeger" - OCIS_TRACING_ENDPOINT: jaeger-agent:6831 + OC_TRACING_ENABLED: "true" + OC_TRACING_TYPE: "jaeger" + OC_TRACING_ENDPOINT: jaeger-agent:6831 # metrics # if oCIS runs as a single process, all /metrics endpoints # will expose the same metrics, so it's sufficient to query one endpoint @@ -15,9 +15,9 @@ services: collaboration: environment: # tracing - OCIS_TRACING_ENABLED: "true" - OCIS_TRACING_TYPE: "jaeger" - OCIS_TRACING_ENDPOINT: jaeger-agent:6831 + OC_TRACING_ENABLED: "true" + OC_TRACING_TYPE: "jaeger" + OC_TRACING_ENDPOINT: jaeger-agent:6831 # metrics COLLABORATION_DEBUG_ADDR: 0.0.0.0:9304 diff --git a/deployments/examples/ocis_full/ocis.yml b/deployments/examples/ocis_full/ocis.yml index ea3b28294..91726ab07 100644 --- a/deployments/examples/ocis_full/ocis.yml +++ b/deployments/examples/ocis_full/ocis.yml @@ -4,9 +4,9 @@ services: networks: ocis-net: aliases: - - ${OCIS_DOMAIN:-ocis.owncloud.test} + - ${OC_DOMAIN:-ocis.owncloud.test} ocis: - image: ${OCIS_DOCKER_IMAGE:-owncloud/ocis}:${OCIS_DOCKER_TAG:-latest} + image: ${OC_DOCKER_IMAGE:-owncloud/ocis}:${OC_DOCKER_TAG:-latest} # changelog: https://github.com/owncloud/ocis/tree/master/changelog # release notes: https://doc.owncloud.com/ocis_release_notes.html networks: @@ -19,17 +19,17 @@ services: command: ["-c", "ocis init || true; ocis server"] environment: # enable services that are not started automatically - OCIS_ADD_RUN_SERVICES: ${START_ADDITIONAL_SERVICES} - OCIS_URL: https://${OCIS_DOMAIN:-ocis.owncloud.test} - OCIS_LOG_LEVEL: ${LOG_LEVEL:-info} - OCIS_LOG_COLOR: "${LOG_PRETTY:-false}" - OCIS_LOG_PRETTY: "${LOG_PRETTY:-false}" + OC_ADD_RUN_SERVICES: ${START_ADDITIONAL_SERVICES} + OC_URL: https://${OC_DOMAIN:-ocis.owncloud.test} + OC_LOG_LEVEL: ${LOG_LEVEL:-info} + OC_LOG_COLOR: "${LOG_PRETTY:-false}" + OC_LOG_PRETTY: "${LOG_PRETTY:-false}" # do not use SSL between Traefik and oCIS PROXY_TLS: "false" # make the REVA gateway accessible to the app drivers GATEWAY_GRPC_ADDR: 0.0.0.0:9142 # INSECURE: needed if oCIS / Traefik is using self generated certificates - OCIS_INSECURE: "${INSECURE:-false}" + OC_INSECURE: "${INSECURE:-false}" # basic auth (not recommended, but needed for eg. WebDav clients that do not support OpenID Connect) PROXY_ENABLE_BASIC_AUTH: "${PROXY_ENABLE_BASIC_AUTH:-false}" # admin user password @@ -39,7 +39,7 @@ services: # email server (if configured) NOTIFICATIONS_SMTP_HOST: "${SMTP_HOST}" NOTIFICATIONS_SMTP_PORT: "${SMTP_PORT}" - NOTIFICATIONS_SMTP_SENDER: "${SMTP_SENDER:-oCIS notifications }" + NOTIFICATIONS_SMTP_SENDER: "${SMTP_SENDER:-oCIS notifications }" NOTIFICATIONS_SMTP_USERNAME: "${SMTP_USERNAME}" NOTIFICATIONS_SMTP_INSECURE: "${SMTP_INSECURE}" # make the registry available to the app provider containers @@ -52,18 +52,18 @@ services: ONLYOFFICE_DOMAIN: ${ONLYOFFICE_DOMAIN:-onlyoffice.owncloud.test} COMPANION_DOMAIN: ${COMPANION_DOMAIN:-companion.owncloud.test} # enable to allow using the banned passwords list - OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST: banned-password-list.txt + OC_PASSWORD_POLICY_BANNED_PASSWORDS_LIST: banned-password-list.txt volumes: - ./config/ocis/app-registry.yaml:/etc/ocis/app-registry.yaml - ./config/ocis/csp.yaml:/etc/ocis/csp.yaml - ./config/ocis/banned-password-list.txt:/etc/ocis/banned-password-list.txt # configure the .env file to use own paths instead of docker internal volumes - - ${OCIS_CONFIG_DIR:-ocis-config}:/etc/ocis - - ${OCIS_DATA_DIR:-ocis-data}:/var/lib/ocis + - ${OC_CONFIG_DIR:-ocis-config}:/etc/ocis + - ${OC_DATA_DIR:-ocis-data}:/var/lib/ocis labels: - "traefik.enable=true" - "traefik.http.routers.ocis.entrypoints=https" - - "traefik.http.routers.ocis.rule=Host(`${OCIS_DOMAIN:-ocis.owncloud.test}`)" + - "traefik.http.routers.ocis.rule=Host(`${OC_DOMAIN:-ocis.owncloud.test}`)" - "traefik.http.routers.ocis.tls.certresolver=http" - "traefik.http.routers.ocis.service=ocis" - "traefik.http.services.ocis.loadbalancer.server.port=9200" diff --git a/deployments/examples/ocis_full/onlyoffice.yml b/deployments/examples/ocis_full/onlyoffice.yml index 5b6ddaf5c..7d55b2081 100644 --- a/deployments/examples/ocis_full/onlyoffice.yml +++ b/deployments/examples/ocis_full/onlyoffice.yml @@ -8,7 +8,7 @@ services: - ${WOPISERVER_ONLYOFFICE_DOMAIN:-wopiserver-oo.owncloud.test} collaboration-oo: - image: ${OCIS_DOCKER_IMAGE:-owncloud/ocis}:${OCIS_DOCKER_TAG:-latest} + image: ${OC_DOCKER_IMAGE:-owncloud/ocis}:${OC_DOCKER_TAG:-latest} networks: ocis-net: depends_on: @@ -33,10 +33,10 @@ services: COLLABORATION_CS3API_DATAGATEWAY_INSECURE: "${INSECURE:-true}" COLLABORATION_LOG_LEVEL: ${LOG_LEVEL:-info} COLLABORATION_APP_PROOF_DISABLE: "true" - OCIS_URL: https://${OCIS_DOMAIN:-ocis.owncloud.test} + OC_URL: https://${OC_DOMAIN:-ocis.owncloud.test} volumes: # configure the .env file to use own paths instead of docker internal volumes - - ${OCIS_CONFIG_DIR:-ocis-config}:/etc/ocis + - ${OC_CONFIG_DIR:-ocis-config}:/etc/ocis labels: - "traefik.enable=true" - "traefik.http.routers.collaboration-oo.entrypoints=https" diff --git a/deployments/examples/ocis_full/web_extensions/importer.yml b/deployments/examples/ocis_full/web_extensions/importer.yml index 82f36486b..d062d358b 100644 --- a/deployments/examples/ocis_full/web_extensions/importer.yml +++ b/deployments/examples/ocis_full/web_extensions/importer.yml @@ -32,7 +32,7 @@ services: COMPANION_DATADIR: /tmp/companion/ COMPANION_DOMAIN: ${COMPANION_DOMAIN:-companion.owncloud.test} COMPANION_PROTOCOL: https - COMPANION_UPLOAD_URLS: "^https://${OCIS_DOMAIN:-ocis.owncloud.test}/" + COMPANION_UPLOAD_URLS: "^https://${OC_DOMAIN:-ocis.owncloud.test}/" COMPANION_ONEDRIVE_KEY: "${COMPANION_ONEDRIVE_KEY}" COMPANION_ONEDRIVE_SECRET: "${COMPANION_ONEDRIVE_SECRET}" volumes: diff --git a/deployments/examples/ocis_hello/.env b/deployments/examples/ocis_hello/.env index 78aa04d87..1b43903fa 100644 --- a/deployments/examples/ocis_hello/.env +++ b/deployments/examples/ocis_hello/.env @@ -14,9 +14,9 @@ TRAEFIK_ACME_MAIL= ### oCIS settings ### # oCIS version. Defaults to "latest" -OCIS_DOCKER_TAG= +OC_DOCKER_TAG= # Domain of oCIS, where you can find the frontend. Defaults to "ocis.owncloud.test" -OCIS_DOMAIN= +OC_DOMAIN= # oCIS admin user password. Defaults to "admin". ADMIN_PASSWORD= # The demo users should not be created on a production instance @@ -25,7 +25,7 @@ DEMO_USERS= ### oCIS Hello settings ### # oCIS Hello version. Defaults to "latest" -OCIS_HELLO_DOCKER_TAG= +OC_HELLO_DOCKER_TAG= # If you want to use debugging and tracing with this stack, # you need uncomment following line. Please see documentation at diff --git a/deployments/examples/ocis_hello/docker-compose.yml b/deployments/examples/ocis_hello/docker-compose.yml index 5cde3042c..2d0c1819e 100644 --- a/deployments/examples/ocis_hello/docker-compose.yml +++ b/deployments/examples/ocis_hello/docker-compose.yml @@ -7,7 +7,7 @@ services: networks: ocis-net: aliases: - - ${OCIS_DOMAIN:-ocis.owncloud.test} + - ${OC_DOMAIN:-ocis.owncloud.test} command: - "--log.level=${TRAEFIK_LOG_LEVEL:-ERROR}" # letsencrypt configuration @@ -47,7 +47,7 @@ services: restart: always ocis: - image: owncloud/ocis:${OCIS_DOCKER_TAG:-latest} + image: owncloud/ocis:${OC_DOCKER_TAG:-latest} networks: ocis-net: entrypoint: @@ -57,14 +57,14 @@ services: # therefore we ignore the error and then start the ocis server command: ["-c", "ocis init || true; ocis server"] environment: - OCIS_URL: https://${OCIS_DOMAIN:-ocis.owncloud.test} - OCIS_LOG_LEVEL: ${OCIS_LOG_LEVEL:-info} - OCIS_LOG_COLOR: "${OCIS_LOG_COLOR:-false}" + OC_URL: https://${OC_DOMAIN:-ocis.owncloud.test} + OC_LOG_LEVEL: ${OC_LOG_LEVEL:-info} + OC_LOG_COLOR: "${OC_LOG_COLOR:-false}" PROXY_TLS: "false" # do not use SSL between Traefik and oCIS # make settings service available to oCIS Hello SETTINGS_GRPC_ADDR: 0.0.0.0:9191 # INSECURE: needed if oCIS / Traefik is using self generated certificates - OCIS_INSECURE: "${INSECURE:-false}" + OC_INSECURE: "${INSECURE:-false}" # basic auth (not recommended, but needed for e.g., WebDav clients that do not support OpenID Connect) PROXY_ENABLE_BASIC_AUTH: "${PROXY_ENABLE_BASIC_AUTH:-false}" # admin user password @@ -72,7 +72,7 @@ services: # demo users IDM_CREATE_DEMO_USERS: "${DEMO_USERS:-false}" # password policies - OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST: "banned-password-list.txt" + OC_PASSWORD_POLICY_BANNED_PASSWORDS_LIST: "banned-password-list.txt" volumes: - ./config/ocis/banned-password-list.txt:/etc/ocis/banned-password-list.txt - ./config/ocis/proxy.yaml:/etc/ocis/proxy.yaml @@ -82,7 +82,7 @@ services: labels: - "traefik.enable=true" - "traefik.http.routers.ocis.entrypoints=https" - - "traefik.http.routers.ocis.rule=Host(`${OCIS_DOMAIN:-ocis.owncloud.test}`)" + - "traefik.http.routers.ocis.rule=Host(`${OC_DOMAIN:-ocis.owncloud.test}`)" - "traefik.http.routers.ocis.tls.certresolver=http" - "traefik.http.routers.ocis.service=ocis" - "traefik.http.services.ocis.loadbalancer.server.port=9200" @@ -91,11 +91,11 @@ services: restart: always ocis-hello: - image: owncloud/ocis-hello:${OCIS_HELLO_DOCKER_TAG:-latest} + image: owncloud/ocis-hello:${OC_HELLO_DOCKER_TAG:-latest} networks: ocis-net: environment: - OCIS_LOG_LEVEL: ${OCIS_LOG_LEVEL:-info} + OC_LOG_LEVEL: ${OC_LOG_LEVEL:-info} logging: driver: "local" restart: always diff --git a/deployments/examples/ocis_hello/monitoring_tracing/docker-compose-additions.yml b/deployments/examples/ocis_hello/monitoring_tracing/docker-compose-additions.yml index f53140697..d3b9965d8 100644 --- a/deployments/examples/ocis_hello/monitoring_tracing/docker-compose-additions.yml +++ b/deployments/examples/ocis_hello/monitoring_tracing/docker-compose-additions.yml @@ -5,9 +5,9 @@ services: ocis: environment: # tracing - OCIS_TRACING_ENABLED: "true" - OCIS_TRACING_TYPE: "jaeger" - OCIS_TRACING_ENDPOINT: jaeger-agent:6831 + OC_TRACING_ENABLED: "true" + OC_TRACING_TYPE: "jaeger" + OC_TRACING_ENDPOINT: jaeger-agent:6831 # metrics # if oCIS runs as a single process, all /metrics endpoints # will expose the same metrics, so it's sufficient to query one endpoint diff --git a/deployments/examples/ocis_keycloak/.env b/deployments/examples/ocis_keycloak/.env index 59b76c8d5..dbc271308 100644 --- a/deployments/examples/ocis_keycloak/.env +++ b/deployments/examples/ocis_keycloak/.env @@ -18,11 +18,11 @@ TRAEFIK_ACME_MAIL= ### oCIS settings ### # oCIS version. Defaults to "latest" -OCIS_DOCKER_TAG= +OC_DOCKER_TAG= # Domain of oCIS, where you can find the frontend. Defaults to "ocis.owncloud.test" -OCIS_DOMAIN= +OC_DOMAIN= # owncloud Web openid connect client id. Defaults to "web" -OCIS_OIDC_CLIENT_ID= +OC_OIDC_CLIENT_ID= ### Keycloak ### # Domain of Keycloak, where you can find the management and authentication frontend. Defaults to "keycloak.owncloud.test" diff --git a/deployments/examples/ocis_keycloak/config/keycloak/docker-entrypoint-override.sh b/deployments/examples/ocis_keycloak/config/keycloak/docker-entrypoint-override.sh index 26e94a6dc..a5033d941 100644 --- a/deployments/examples/ocis_keycloak/config/keycloak/docker-entrypoint-override.sh +++ b/deployments/examples/ocis_keycloak/config/keycloak/docker-entrypoint-override.sh @@ -2,7 +2,7 @@ printenv # replace oCIS domain in keycloak realm import mkdir /opt/keycloak/data/import -sed -e "s/ocis.owncloud.test/${OCIS_DOMAIN}/g" /opt/keycloak/data/import-dist/ocis-realm.json > /opt/keycloak/data/import/ocis-realm.json +sed -e "s/ocis.owncloud.test/${OC_DOMAIN}/g" /opt/keycloak/data/import-dist/ocis-realm.json > /opt/keycloak/data/import/ocis-realm.json # run original docker-entrypoint /opt/keycloak/bin/kc.sh "$@" diff --git a/deployments/examples/ocis_keycloak/docker-compose.yml b/deployments/examples/ocis_keycloak/docker-compose.yml index d09343c22..302cf386a 100644 --- a/deployments/examples/ocis_keycloak/docker-compose.yml +++ b/deployments/examples/ocis_keycloak/docker-compose.yml @@ -7,7 +7,7 @@ services: networks: ocis-net: aliases: - - ${OCIS_DOMAIN:-ocis.owncloud.test} + - ${OC_DOMAIN:-ocis.owncloud.test} - ${KEYCLOAK_DOMAIN:-keycloak.owncloud.test} command: - "--log.level=${TRAEFIK_LOG_LEVEL:-ERROR}" @@ -48,7 +48,7 @@ services: restart: always ocis: - image: ${OCIS_DOCKER_IMAGE:-owncloud/ocis}:${OCIS_DOCKER_TAG:-latest} + image: ${OC_DOCKER_IMAGE:-owncloud/ocis}:${OC_DOCKER_TAG:-latest} networks: ocis-net: entrypoint: @@ -61,24 +61,24 @@ services: # Keycloak IDP specific configuration PROXY_AUTOPROVISION_ACCOUNTS: "true" PROXY_ROLE_ASSIGNMENT_DRIVER: "oidc" - OCIS_OIDC_ISSUER: https://${KEYCLOAK_DOMAIN:-keycloak.owncloud.test}/realms/${KEYCLOAK_REALM:-oCIS} + OC_OIDC_ISSUER: https://${KEYCLOAK_DOMAIN:-keycloak.owncloud.test}/realms/${KEYCLOAK_REALM:-oCIS} PROXY_OIDC_REWRITE_WELLKNOWN: "true" - WEB_OIDC_CLIENT_ID: ${OCIS_OIDC_CLIENT_ID:-web} + WEB_OIDC_CLIENT_ID: ${OC_OIDC_CLIENT_ID:-web} # general config - OCIS_URL: https://${OCIS_DOMAIN:-ocis.owncloud.test} - OCIS_LOG_LEVEL: ${OCIS_LOG_LEVEL:-info} - OCIS_LOG_COLOR: "${OCIS_LOG_COLOR:-false}" + OC_URL: https://${OC_DOMAIN:-ocis.owncloud.test} + OC_LOG_LEVEL: ${OC_LOG_LEVEL:-info} + OC_LOG_COLOR: "${OC_LOG_COLOR:-false}" PROXY_TLS: "false" # do not use SSL between Traefik and oCIS PROXY_USER_OIDC_CLAIM: "preferred_username" PROXY_USER_CS3_CLAIM: "username" # INSECURE: needed if oCIS / Traefik is using self generated certificates - OCIS_INSECURE: "${INSECURE:-false}" - OCIS_ADMIN_USER_ID: "" - OCIS_EXCLUDE_RUN_SERVICES: "idp" + OC_INSECURE: "${INSECURE:-false}" + OC_ADMIN_USER_ID: "" + OC_EXCLUDE_RUN_SERVICES: "idp" GRAPH_ASSIGN_DEFAULT_USER_ROLE: "false" GRAPH_USERNAME_MATCH: "none" # password policies - OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST: "banned-password-list.txt" + OC_PASSWORD_POLICY_BANNED_PASSWORDS_LIST: "banned-password-list.txt" PROXY_CSP_CONFIG_FILE_LOCATION: /etc/ocis/csp.yaml KEYCLOAK_DOMAIN: ${KEYCLOAK_DOMAIN:-keycloak.owncloud.test} volumes: @@ -89,7 +89,7 @@ services: labels: - "traefik.enable=true" - "traefik.http.routers.ocis.entrypoints=https" - - "traefik.http.routers.ocis.rule=Host(`${OCIS_DOMAIN:-ocis.owncloud.test}`)" + - "traefik.http.routers.ocis.rule=Host(`${OC_DOMAIN:-ocis.owncloud.test}`)" - "traefik.http.routers.ocis.tls.certresolver=http" - "traefik.http.routers.ocis.service=ocis" - "traefik.http.services.ocis.loadbalancer.server.port=9200" @@ -121,7 +121,7 @@ services: - "./config/keycloak/docker-entrypoint-override.sh:/opt/keycloak/bin/docker-entrypoint-override.sh" - "./config/keycloak/ocis-realm.dist.json:/opt/keycloak/data/import-dist/ocis-realm.json" environment: - OCIS_DOMAIN: ${OCIS_DOMAIN:-ocis.owncloud.test} + OC_DOMAIN: ${OC_DOMAIN:-ocis.owncloud.test} KC_HOSTNAME: ${KEYCLOAK_DOMAIN:-keycloak.owncloud.test} KC_DB: postgres KC_DB_URL: "jdbc:postgresql://postgres:5432/keycloak" diff --git a/deployments/examples/ocis_keycloak/monitoring_tracing/docker-compose-additions.yml b/deployments/examples/ocis_keycloak/monitoring_tracing/docker-compose-additions.yml index f53140697..d3b9965d8 100644 --- a/deployments/examples/ocis_keycloak/monitoring_tracing/docker-compose-additions.yml +++ b/deployments/examples/ocis_keycloak/monitoring_tracing/docker-compose-additions.yml @@ -5,9 +5,9 @@ services: ocis: environment: # tracing - OCIS_TRACING_ENABLED: "true" - OCIS_TRACING_TYPE: "jaeger" - OCIS_TRACING_ENDPOINT: jaeger-agent:6831 + OC_TRACING_ENABLED: "true" + OC_TRACING_TYPE: "jaeger" + OC_TRACING_ENDPOINT: jaeger-agent:6831 # metrics # if oCIS runs as a single process, all /metrics endpoints # will expose the same metrics, so it's sufficient to query one endpoint diff --git a/deployments/examples/ocis_ldap/.env b/deployments/examples/ocis_ldap/.env index f1c5232e7..ac41a7727 100644 --- a/deployments/examples/ocis_ldap/.env +++ b/deployments/examples/ocis_ldap/.env @@ -18,15 +18,15 @@ TRAEFIK_ACME_MAIL= ### oCIS settings ### # oCIS version. Defaults to "latest" -OCIS_DOCKER_TAG= +OC_DOCKER_TAG= # Domain of oCIS, where you can find the frontend. Defaults to "ocis.owncloud.test" -OCIS_DOMAIN= +OC_DOMAIN= # JWT secret which is used for the storage provider. Must be changed in order to have a secure oCIS. Defaults to "Pive-Fumkiu4" -OCIS_JWT_SECRET= +OC_JWT_SECRET= # JWT secret which is used for uploads to create transfer tokens. Must be changed in order to have a secure oCIS. Defaults to "replace-me-with-a-transfer-secret" STORAGE_TRANSFER_SECRET= # Machine auth api key secret. Must be changed in order to have a secure oCIS. Defaults to "change-me-please" -OCIS_MACHINE_AUTH_API_KEY= +OC_MACHINE_AUTH_API_KEY= ### LDAP server settings ### # Password of LDAP user "cn=admin,dc=owncloud,dc=com". Defaults to "admin" diff --git a/deployments/examples/ocis_ldap/docker-compose.yml b/deployments/examples/ocis_ldap/docker-compose.yml index 6807eb969..be3767c3f 100644 --- a/deployments/examples/ocis_ldap/docker-compose.yml +++ b/deployments/examples/ocis_ldap/docker-compose.yml @@ -7,7 +7,7 @@ services: networks: ocis-net: aliases: - - ${OCIS_DOMAIN:-ocis.owncloud.test} + - ${OC_DOMAIN:-ocis.owncloud.test} command: - "--log.level=${TRAEFIK_LOG_LEVEL:-ERROR}" # letsencrypt configuration @@ -47,7 +47,7 @@ services: restart: always ocis: - image: ${OCIS_DOCKER_IMAGE:-owncloud/ocis}:${OCIS_DOCKER_TAG:-latest} + image: ${OC_DOCKER_IMAGE:-owncloud/ocis}:${OC_DOCKER_TAG:-latest} networks: ocis-net: depends_on: @@ -60,36 +60,36 @@ services: command: [ "-c", "ocis init || true; ocis server" ] environment: # users/groups from ldap - OCIS_LDAP_URI: ldaps://ldap-server:1636 - OCIS_LDAP_INSECURE: "true" - OCIS_LDAP_BIND_DN: "cn=admin,dc=owncloud,dc=com" - OCIS_LDAP_BIND_PASSWORD: ${LDAP_ADMIN_PASSWORD:-admin} - OCIS_LDAP_GROUP_BASE_DN: "ou=groups,dc=owncloud,dc=com" - OCIS_LDAP_GROUP_FILTER: "(objectclass=owncloud)" - OCIS_LDAP_GROUP_OBJECTCLASS: "groupOfNames" - OCIS_LDAP_USER_BASE_DN: "ou=users,dc=owncloud,dc=com" - OCIS_LDAP_USER_FILTER: "(objectclass=owncloud)" - OCIS_LDAP_USER_OBJECTCLASS: "inetOrgPerson" + OC_LDAP_URI: ldaps://ldap-server:1636 + OC_LDAP_INSECURE: "true" + OC_LDAP_BIND_DN: "cn=admin,dc=owncloud,dc=com" + OC_LDAP_BIND_PASSWORD: ${LDAP_ADMIN_PASSWORD:-admin} + OC_LDAP_GROUP_BASE_DN: "ou=groups,dc=owncloud,dc=com" + OC_LDAP_GROUP_FILTER: "(objectclass=owncloud)" + OC_LDAP_GROUP_OBJECTCLASS: "groupOfNames" + OC_LDAP_USER_BASE_DN: "ou=users,dc=owncloud,dc=com" + OC_LDAP_USER_FILTER: "(objectclass=owncloud)" + OC_LDAP_USER_OBJECTCLASS: "inetOrgPerson" LDAP_LOGIN_ATTRIBUTES: "uid" - OCIS_ADMIN_USER_ID: "ddc2004c-0977-11eb-9d3f-a793888cd0f8" + OC_ADMIN_USER_ID: "ddc2004c-0977-11eb-9d3f-a793888cd0f8" IDP_LDAP_LOGIN_ATTRIBUTE: "uid" IDP_LDAP_UUID_ATTRIBUTE: "ownclouduuid" IDP_LDAP_UUID_ATTRIBUTE_TYPE: binary GRAPH_LDAP_SERVER_WRITE_ENABLED: "true" # assuming the external ldap is writable GRAPH_LDAP_REFINT_ENABLED: "true" # osixia has refint enabled. - # OCIS_RUN_SERVICES specifies to start all services except glauth, idm and accounts. These are replaced by external services - OCIS_EXCLUDE_RUN_SERVICES: idm + # OC_RUN_SERVICES specifies to start all services except glauth, idm and accounts. These are replaced by external services + OC_EXCLUDE_RUN_SERVICES: idm # General oCIS config - OCIS_URL: https://${OCIS_DOMAIN:-ocis.owncloud.test} - OCIS_LOG_LEVEL: ${OCIS_LOG_LEVEL:-info} - OCIS_LOG_COLOR: "${OCIS_LOG_COLOR:-false}" + OC_URL: https://${OC_DOMAIN:-ocis.owncloud.test} + OC_LOG_LEVEL: ${OC_LOG_LEVEL:-info} + OC_LOG_COLOR: "${OC_LOG_COLOR:-false}" PROXY_TLS: "false" # do not use SSL between Traefik and oCIS # INSECURE: needed if oCIS / Traefik is using self generated certificates - OCIS_INSECURE: "${INSECURE:-false}" + OC_INSECURE: "${INSECURE:-false}" # basic auth (not recommended, but needed for e.g., WebDav clients that do not support OpenID Connect) PROXY_ENABLE_BASIC_AUTH: "${PROXY_ENABLE_BASIC_AUTH:-false}" # password policies - OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST: "banned-password-list.txt" + OC_PASSWORD_POLICY_BANNED_PASSWORDS_LIST: "banned-password-list.txt" volumes: - ./config/ocis/banned-password-list.txt:/etc/ocis/banned-password-list.txt - ocis-config:/etc/ocis @@ -97,7 +97,7 @@ services: labels: - "traefik.enable=true" - "traefik.http.routers.ocis.entrypoints=https" - - "traefik.http.routers.ocis.rule=Host(`${OCIS_DOMAIN:-ocis.owncloud.test}`)" + - "traefik.http.routers.ocis.rule=Host(`${OC_DOMAIN:-ocis.owncloud.test}`)" - "traefik.http.routers.ocis.tls.certresolver=http" - "traefik.http.routers.ocis.service=ocis" - "traefik.http.services.ocis.loadbalancer.server.port=9200" diff --git a/deployments/examples/ocis_ldap/monitoring_tracing/docker-compose-additions.yml b/deployments/examples/ocis_ldap/monitoring_tracing/docker-compose-additions.yml index f53140697..d3b9965d8 100644 --- a/deployments/examples/ocis_ldap/monitoring_tracing/docker-compose-additions.yml +++ b/deployments/examples/ocis_ldap/monitoring_tracing/docker-compose-additions.yml @@ -5,9 +5,9 @@ services: ocis: environment: # tracing - OCIS_TRACING_ENABLED: "true" - OCIS_TRACING_TYPE: "jaeger" - OCIS_TRACING_ENDPOINT: jaeger-agent:6831 + OC_TRACING_ENABLED: "true" + OC_TRACING_TYPE: "jaeger" + OC_TRACING_ENDPOINT: jaeger-agent:6831 # metrics # if oCIS runs as a single process, all /metrics endpoints # will expose the same metrics, so it's sufficient to query one endpoint diff --git a/docs/helpers/README.md b/docs/helpers/README.md index 12dabfdca..4e56011f6 100644 --- a/docs/helpers/README.md +++ b/docs/helpers/README.md @@ -71,7 +71,7 @@ For details on deprecation see the [deprecating-variables](https://github.com/ow Global envvars are gathered by checking if the envvar is available in more than one service. The table created is similar to the service-dependent envvar table but additionally contains a column with all service names where this envvar occurs. The output is rendered in list form where each item is clickable and automatically points to the corresponding service page. The template file can be found at `docs/templates/ADOC_global.tmpl`. -If global envvars do not appear in the list of globals, before checking if the code works, do a manual search in the ocis/services folder with `grep -rn OCIS_xxx` if the envvar in question appears at least twice. If the envvar only appears once, the helpers code works correct. +If global envvars do not appear in the list of globals, before checking if the code works, do a manual search in the ocis/services folder with `grep -rn OC_xxx` if the envvar in question appears at least twice. If the envvar only appears once, the helpers code works correct. ## Extended Envvars diff --git a/docs/helpers/changed_envvars.py b/docs/helpers/changed_envvars.py index 3ead89878..4890a276f 100644 --- a/docs/helpers/changed_envvars.py +++ b/docs/helpers/changed_envvars.py @@ -149,7 +149,7 @@ def create_table(type_text, source_dict, from_version, to_version, date_today, t # added and removed envvars # first add all ocis_ for key, value in source_dict.items(): - if key.startswith('OCIS_'): + if key.startswith('OC_'): a += add_adoc_line_1( 'xref:deployment/services/env-vars-special-scope.adoc[Special Scope Envvars]', key, @@ -158,7 +158,7 @@ def create_table(type_text, source_dict, from_version, to_version, date_today, t ) # then add all others for key, value in source_dict.items(): - if not key.startswith('OCIS_'): + if not key.startswith('OC_'): a += add_adoc_line_1( 'xref:{s-path}/xxx.adoc[xxx]', key, @@ -169,7 +169,7 @@ def create_table(type_text, source_dict, from_version, to_version, date_today, t # deprecated envvars # first add all ocis_ for key, value in source_dict.items(): - if key.startswith('OCIS_'): + if key.startswith('OC_'): a += add_adoc_line_2( 'xref:deployment/services/env-vars-special-scope.adoc[Special Scope Envvars]', key, @@ -179,7 +179,7 @@ def create_table(type_text, source_dict, from_version, to_version, date_today, t ) # then add all others for key, value in source_dict.items(): - if not key.startswith('OCIS_'): + if not key.startswith('OC_'): a += add_adoc_line_2( 'xref:{s-path}/xxx.adoc[xxx]', key, diff --git a/docs/helpers/configenvextractor.go b/docs/helpers/configenvextractor.go index 41b1e451d..1e231a776 100644 --- a/docs/helpers/configenvextractor.go +++ b/docs/helpers/configenvextractor.go @@ -69,8 +69,8 @@ func runIntermediateCode(intermediateCodePath string) { fmt.Println("Running intermediate go code for " + intermediateCodePath) defaultConfigPath := "/etc/ocis" defaultDataPath := "/var/lib/ocis" - os.Setenv("OCIS_BASE_DATA_PATH", defaultDataPath) - os.Setenv("OCIS_CONFIG_DIR", defaultConfigPath) + os.Setenv("OC_BASE_DATA_PATH", defaultDataPath) + os.Setenv("OC_CONFIG_DIR", defaultConfigPath) out, err := exec.Command("go", "run", intermediateCodePath).CombinedOutput() if err != nil { log.Fatal(string(out), err) diff --git a/docs/helpers/env_vars.yaml b/docs/helpers/env_vars.yaml index 080db827f..b85fb36de 100644 --- a/docs/helpers/env_vars.yaml +++ b/docs/helpers/env_vars.yaml @@ -1,5 +1,5 @@ ACTIVITYLOG_CORS_ALLOW_CREDENTIALS: - name: OCIS_CORS_ALLOW_CREDENTIALS;ACTIVITYLOG_CORS_ALLOW_CREDENTIALS + name: OC_CORS_ALLOW_CREDENTIALS;ACTIVITYLOG_CORS_ALLOW_CREDENTIALS defaultValue: "true" type: bool description: 'Allow credentials for CORS.See following chapter for more details: @@ -9,7 +9,7 @@ ACTIVITYLOG_CORS_ALLOW_CREDENTIALS: removalVersion: "" deprecationInfo: "" ACTIVITYLOG_CORS_ALLOW_HEADERS: - name: OCIS_CORS_ALLOW_HEADERS;ACTIVITYLOG_CORS_ALLOW_HEADERS + name: OC_CORS_ALLOW_HEADERS;ACTIVITYLOG_CORS_ALLOW_HEADERS defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id Ocs-Apirequest]' type: '[]string' @@ -21,7 +21,7 @@ ACTIVITYLOG_CORS_ALLOW_HEADERS: removalVersion: "" deprecationInfo: "" ACTIVITYLOG_CORS_ALLOW_METHODS: - name: OCIS_CORS_ALLOW_METHODS;ACTIVITYLOG_CORS_ALLOW_METHODS + name: OC_CORS_ALLOW_METHODS;ACTIVITYLOG_CORS_ALLOW_METHODS defaultValue: '[GET]' type: '[]string' description: 'A list of allowed CORS methods. See following chapter for more details: @@ -32,7 +32,7 @@ ACTIVITYLOG_CORS_ALLOW_METHODS: removalVersion: "" deprecationInfo: "" ACTIVITYLOG_CORS_ALLOW_ORIGINS: - name: OCIS_CORS_ALLOW_ORIGINS;ACTIVITYLOG_CORS_ALLOW_ORIGINS + name: OC_CORS_ALLOW_ORIGINS;ACTIVITYLOG_CORS_ALLOW_ORIGINS defaultValue: '[*]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: @@ -99,7 +99,7 @@ ACTIVITYLOG_HTTP_ROOT: removalVersion: "" deprecationInfo: "" ACTIVITYLOG_JWT_SECRET: - name: OCIS_JWT_SECRET;ACTIVITYLOG_JWT_SECRET + name: OC_JWT_SECRET;ACTIVITYLOG_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. @@ -108,7 +108,7 @@ ACTIVITYLOG_JWT_SECRET: removalVersion: "" deprecationInfo: "" ACTIVITYLOG_LOG_COLOR: - name: OCIS_LOG_COLOR;ACTIVITYLOG_LOG_COLOR + name: OC_LOG_COLOR;ACTIVITYLOG_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -117,7 +117,7 @@ ACTIVITYLOG_LOG_COLOR: removalVersion: "" deprecationInfo: "" ACTIVITYLOG_LOG_FILE: - name: OCIS_LOG_FILE;ACTIVITYLOG_LOG_FILE + name: OC_LOG_FILE;ACTIVITYLOG_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -126,7 +126,7 @@ ACTIVITYLOG_LOG_FILE: removalVersion: "" deprecationInfo: "" ACTIVITYLOG_LOG_LEVEL: - name: OCIS_LOG_LEVEL;ACTIVITYLOG_LOG_LEVEL + name: OC_LOG_LEVEL;ACTIVITYLOG_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -136,7 +136,7 @@ ACTIVITYLOG_LOG_LEVEL: removalVersion: "" deprecationInfo: "" ACTIVITYLOG_LOG_PRETTY: - name: OCIS_LOG_PRETTY;ACTIVITYLOG_LOG_PRETTY + name: OC_LOG_PRETTY;ACTIVITYLOG_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -145,7 +145,7 @@ ACTIVITYLOG_LOG_PRETTY: removalVersion: "" deprecationInfo: "" ACTIVITYLOG_SERVICE_ACCOUNT_ID: - name: OCIS_SERVICE_ACCOUNT_ID;ACTIVITYLOG_SERVICE_ACCOUNT_ID + name: OC_SERVICE_ACCOUNT_ID;ACTIVITYLOG_SERVICE_ACCOUNT_ID defaultValue: "" type: string description: The ID of the service account the service should use. See the 'auth-service' @@ -155,7 +155,7 @@ ACTIVITYLOG_SERVICE_ACCOUNT_ID: removalVersion: "" deprecationInfo: "" ACTIVITYLOG_SERVICE_ACCOUNT_SECRET: - name: OCIS_SERVICE_ACCOUNT_SECRET;ACTIVITYLOG_SERVICE_ACCOUNT_SECRET + name: OC_SERVICE_ACCOUNT_SECRET;ACTIVITYLOG_SERVICE_ACCOUNT_SECRET defaultValue: "" type: string description: The service account secret. @@ -164,7 +164,7 @@ ACTIVITYLOG_SERVICE_ACCOUNT_SECRET: removalVersion: "" deprecationInfo: "" ACTIVITYLOG_STORE: - name: OCIS_PERSISTENT_STORE;ACTIVITYLOG_STORE + name: OC_PERSISTENT_STORE;ACTIVITYLOG_STORE defaultValue: nats-js-kv type: string description: 'The type of the store. Supported values are: ''memory'', ''nats-js-kv'', @@ -174,7 +174,7 @@ ACTIVITYLOG_STORE: removalVersion: "" deprecationInfo: "" ACTIVITYLOG_STORE_AUTH_PASSWORD: - name: OCIS_PERSISTENT_STORE_AUTH_PASSWORD;ACTIVITYLOG_STORE_AUTH_PASSWORD + name: OC_PERSISTENT_STORE_AUTH_PASSWORD;ACTIVITYLOG_STORE_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the store. Only applies when store @@ -184,7 +184,7 @@ ACTIVITYLOG_STORE_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" ACTIVITYLOG_STORE_AUTH_USERNAME: - name: OCIS_PERSISTENT_STORE_AUTH_USERNAME;ACTIVITYLOG_STORE_AUTH_USERNAME + name: OC_PERSISTENT_STORE_AUTH_USERNAME;ACTIVITYLOG_STORE_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the store. Only applies when store @@ -203,7 +203,7 @@ ACTIVITYLOG_STORE_DATABASE: removalVersion: "" deprecationInfo: "" ACTIVITYLOG_STORE_NODES: - name: OCIS_PERSISTENT_STORE_NODES;ACTIVITYLOG_STORE_NODES + name: OC_PERSISTENT_STORE_NODES;ACTIVITYLOG_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. This has no effect @@ -224,7 +224,7 @@ ACTIVITYLOG_STORE_TABLE: removalVersion: "" deprecationInfo: "" ACTIVITYLOG_STORE_TTL: - name: OCIS_PERSISTENT_STORE_TTL;ACTIVITYLOG_STORE_TTL + name: OC_PERSISTENT_STORE_TTL;ACTIVITYLOG_STORE_TTL defaultValue: 0s type: Duration description: Time to live for events in the store. See the Environment Variable @@ -234,7 +234,7 @@ ACTIVITYLOG_STORE_TTL: removalVersion: "" deprecationInfo: "" ACTIVITYLOG_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;ACTIVITYLOG_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;ACTIVITYLOG_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -244,7 +244,7 @@ ACTIVITYLOG_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" ACTIVITYLOG_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;ACTIVITYLOG_TRACING_ENABLED + name: OC_TRACING_ENABLED;ACTIVITYLOG_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -253,7 +253,7 @@ ACTIVITYLOG_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" ACTIVITYLOG_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;ACTIVITYLOG_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;ACTIVITYLOG_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -262,7 +262,7 @@ ACTIVITYLOG_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" ACTIVITYLOG_TRACING_TYPE: - name: OCIS_TRACING_TYPE;ACTIVITYLOG_TRACING_TYPE + name: OC_TRACING_TYPE;ACTIVITYLOG_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -272,7 +272,7 @@ ACTIVITYLOG_TRACING_TYPE: removalVersion: "" deprecationInfo: "" ACTIVITYLOG_TRANSLATION_PATH: - name: OCIS_TRANSLATION_PATH;ACTIVITYLOG_TRANSLATION_PATH + name: OC_TRANSLATION_PATH;ACTIVITYLOG_TRANSLATION_PATH defaultValue: "" type: string description: (optional) Set this to a path with custom translations to overwrite @@ -341,7 +341,7 @@ ANTIVIRUS_DEBUG_ZPAGES: removalVersion: "" deprecationInfo: "" ANTIVIRUS_EVENTS_AUTH_PASSWORD: - name: OCIS_EVENTS_AUTH_PASSWORD;ANTIVIRUS_EVENTS_AUTH_PASSWORD + name: OC_EVENTS_AUTH_PASSWORD;ANTIVIRUS_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the events broker. The events broker @@ -351,7 +351,7 @@ ANTIVIRUS_EVENTS_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" ANTIVIRUS_EVENTS_AUTH_USERNAME: - name: OCIS_EVENTS_AUTH_USERNAME;ANTIVIRUS_EVENTS_AUTH_USERNAME + name: OC_EVENTS_AUTH_USERNAME;ANTIVIRUS_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the events broker. The events broker @@ -361,7 +361,7 @@ ANTIVIRUS_EVENTS_AUTH_USERNAME: removalVersion: "" deprecationInfo: "" ANTIVIRUS_EVENTS_CLUSTER: - name: OCIS_EVENTS_CLUSTER;ANTIVIRUS_EVENTS_CLUSTER + name: OC_EVENTS_CLUSTER;ANTIVIRUS_EVENTS_CLUSTER defaultValue: ocis-cluster type: string description: The clusterID of the event system. The event system is the message @@ -372,7 +372,7 @@ ANTIVIRUS_EVENTS_CLUSTER: removalVersion: "" deprecationInfo: "" ANTIVIRUS_EVENTS_ENABLE_TLS: - name: OCIS_EVENTS_ENABLE_TLS;ANTIVIRUS_EVENTS_ENABLE_TLS + name: OC_EVENTS_ENABLE_TLS;ANTIVIRUS_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker @@ -382,7 +382,7 @@ ANTIVIRUS_EVENTS_ENABLE_TLS: removalVersion: "" deprecationInfo: "" ANTIVIRUS_EVENTS_ENDPOINT: - name: OCIS_EVENTS_ENDPOINT;ANTIVIRUS_EVENTS_ENDPOINT + name: OC_EVENTS_ENDPOINT;ANTIVIRUS_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing @@ -392,7 +392,7 @@ ANTIVIRUS_EVENTS_ENDPOINT: removalVersion: "" deprecationInfo: "" ANTIVIRUS_EVENTS_TLS_INSECURE: - name: OCIS_INSECURE;ANTIVIRUS_EVENTS_TLS_INSECURE + name: OC_INSECURE;ANTIVIRUS_EVENTS_TLS_INSECURE defaultValue: "false" type: bool description: Whether to verify the server TLS certificates. @@ -401,7 +401,7 @@ ANTIVIRUS_EVENTS_TLS_INSECURE: removalVersion: "" deprecationInfo: "" ANTIVIRUS_EVENTS_TLS_ROOT_CA_CERTIFICATE: - name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;ANTIVIRUS_EVENTS_TLS_ROOT_CA_CERTIFICATE + name: OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;ANTIVIRUS_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. @@ -452,7 +452,7 @@ ANTIVIRUS_INFECTED_FILE_HANDLING: removalVersion: "" deprecationInfo: "" ANTIVIRUS_LOG_COLOR: - name: OCIS_LOG_COLOR;ANTIVIRUS_LOG_COLOR + name: OC_LOG_COLOR;ANTIVIRUS_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -461,7 +461,7 @@ ANTIVIRUS_LOG_COLOR: removalVersion: "" deprecationInfo: "" ANTIVIRUS_LOG_FILE: - name: OCIS_LOG_FILE;ANTIVIRUS_LOG_FILE + name: OC_LOG_FILE;ANTIVIRUS_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -470,7 +470,7 @@ ANTIVIRUS_LOG_FILE: removalVersion: "" deprecationInfo: "" ANTIVIRUS_LOG_LEVEL: - name: OCIS_LOG_LEVEL;ANTIVIRUS_LOG_LEVEL + name: OC_LOG_LEVEL;ANTIVIRUS_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -480,7 +480,7 @@ ANTIVIRUS_LOG_LEVEL: removalVersion: "" deprecationInfo: "" ANTIVIRUS_LOG_PRETTY: - name: OCIS_LOG_PRETTY;ANTIVIRUS_LOG_PRETTY + name: OC_LOG_PRETTY;ANTIVIRUS_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -510,7 +510,7 @@ ANTIVIRUS_SCANNER_TYPE: removalVersion: "" deprecationInfo: "" ANTIVIRUS_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;ANTIVIRUS_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;ANTIVIRUS_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -520,7 +520,7 @@ ANTIVIRUS_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" ANTIVIRUS_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;ANTIVIRUS_TRACING_ENABLED + name: OC_TRACING_ENABLED;ANTIVIRUS_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -529,7 +529,7 @@ ANTIVIRUS_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" ANTIVIRUS_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;ANTIVIRUS_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;ANTIVIRUS_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -538,7 +538,7 @@ ANTIVIRUS_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" ANTIVIRUS_TRACING_TYPE: - name: OCIS_TRACING_TYPE;ANTIVIRUS_TRACING_TYPE + name: OC_TRACING_TYPE;ANTIVIRUS_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -624,7 +624,7 @@ APP_PROVIDER_GRPC_ADDR: removalVersion: "" deprecationInfo: "" APP_PROVIDER_GRPC_PROTOCOL: - name: OCIS_GRPC_PROTOCOL;APP_PROVIDER_GRPC_PROTOCOL + name: OC_GRPC_PROTOCOL;APP_PROVIDER_GRPC_PROTOCOL defaultValue: tcp type: string description: The transport protocol of the GPRC service. @@ -633,7 +633,7 @@ APP_PROVIDER_GRPC_PROTOCOL: removalVersion: "" deprecationInfo: "" APP_PROVIDER_JWT_SECRET: - name: OCIS_JWT_SECRET;APP_PROVIDER_JWT_SECRET + name: OC_JWT_SECRET;APP_PROVIDER_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. @@ -642,7 +642,7 @@ APP_PROVIDER_JWT_SECRET: removalVersion: "" deprecationInfo: "" APP_PROVIDER_LOG_COLOR: - name: OCIS_LOG_COLOR;APP_PROVIDER_LOG_COLOR + name: OC_LOG_COLOR;APP_PROVIDER_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -651,7 +651,7 @@ APP_PROVIDER_LOG_COLOR: removalVersion: "" deprecationInfo: "" APP_PROVIDER_LOG_FILE: - name: OCIS_LOG_FILE;APP_PROVIDER_LOG_FILE + name: OC_LOG_FILE;APP_PROVIDER_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -660,7 +660,7 @@ APP_PROVIDER_LOG_FILE: removalVersion: "" deprecationInfo: "" APP_PROVIDER_LOG_LEVEL: - name: OCIS_LOG_LEVEL;APP_PROVIDER_LOG_LEVEL + name: OC_LOG_LEVEL;APP_PROVIDER_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -670,7 +670,7 @@ APP_PROVIDER_LOG_LEVEL: removalVersion: "" deprecationInfo: "" APP_PROVIDER_LOG_PRETTY: - name: OCIS_LOG_PRETTY;APP_PROVIDER_LOG_PRETTY + name: OC_LOG_PRETTY;APP_PROVIDER_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -691,7 +691,7 @@ APP_PROVIDER_SERVICE_NAME: removalVersion: "" deprecationInfo: "" APP_PROVIDER_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;APP_PROVIDER_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;APP_PROVIDER_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -701,7 +701,7 @@ APP_PROVIDER_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" APP_PROVIDER_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;APP_PROVIDER_TRACING_ENABLED + name: OC_TRACING_ENABLED;APP_PROVIDER_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -710,7 +710,7 @@ APP_PROVIDER_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" APP_PROVIDER_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;APP_PROVIDER_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;APP_PROVIDER_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -719,7 +719,7 @@ APP_PROVIDER_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" APP_PROVIDER_TRACING_TYPE: - name: OCIS_TRACING_TYPE;APP_PROVIDER_TRACING_TYPE + name: OC_TRACING_TYPE;APP_PROVIDER_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -783,7 +783,7 @@ APP_PROVIDER_WOPI_APP_URL: removalVersion: "" deprecationInfo: "" APP_PROVIDER_WOPI_DISABLE_CHAT: - name: APP_PROVIDER_WOPI_DISABLE_CHAT;OCIS_WOPI_DISABLE_CHAT + name: APP_PROVIDER_WOPI_DISABLE_CHAT;OC_WOPI_DISABLE_CHAT defaultValue: "false" type: bool description: Disable the chat functionality of the office app. @@ -792,7 +792,7 @@ APP_PROVIDER_WOPI_DISABLE_CHAT: removalVersion: "" deprecationInfo: "" APP_PROVIDER_WOPI_FOLDER_URL_BASE_URL: - name: OCIS_URL;APP_PROVIDER_WOPI_FOLDER_URL_BASE_URL + name: OC_URL;APP_PROVIDER_WOPI_FOLDER_URL_BASE_URL defaultValue: https://localhost:9200/ type: string description: Base url to navigate back from the app to the containing folder in @@ -890,7 +890,7 @@ APP_REGISTRY_GRPC_ADDR: removalVersion: "" deprecationInfo: "" APP_REGISTRY_GRPC_PROTOCOL: - name: OCIS_GRPC_PROTOCOL;APP_REGISTRY_GRPC_PROTOCOL + name: OC_GRPC_PROTOCOL;APP_REGISTRY_GRPC_PROTOCOL defaultValue: tcp type: string description: The transport protocol of the GRPC service. @@ -899,7 +899,7 @@ APP_REGISTRY_GRPC_PROTOCOL: removalVersion: "" deprecationInfo: "" APP_REGISTRY_JWT_SECRET: - name: OCIS_JWT_SECRET;APP_REGISTRY_JWT_SECRET + name: OC_JWT_SECRET;APP_REGISTRY_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. @@ -908,7 +908,7 @@ APP_REGISTRY_JWT_SECRET: removalVersion: "" deprecationInfo: "" APP_REGISTRY_LOG_COLOR: - name: OCIS_LOG_COLOR;APP_REGISTRY_LOG_COLOR + name: OC_LOG_COLOR;APP_REGISTRY_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -917,7 +917,7 @@ APP_REGISTRY_LOG_COLOR: removalVersion: "" deprecationInfo: "" APP_REGISTRY_LOG_FILE: - name: OCIS_LOG_FILE;APP_REGISTRY_LOG_FILE + name: OC_LOG_FILE;APP_REGISTRY_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -926,7 +926,7 @@ APP_REGISTRY_LOG_FILE: removalVersion: "" deprecationInfo: "" APP_REGISTRY_LOG_LEVEL: - name: OCIS_LOG_LEVEL;APP_REGISTRY_LOG_LEVEL + name: OC_LOG_LEVEL;APP_REGISTRY_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -936,7 +936,7 @@ APP_REGISTRY_LOG_LEVEL: removalVersion: "" deprecationInfo: "" APP_REGISTRY_LOG_PRETTY: - name: OCIS_LOG_PRETTY;APP_REGISTRY_LOG_PRETTY + name: OC_LOG_PRETTY;APP_REGISTRY_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -945,7 +945,7 @@ APP_REGISTRY_LOG_PRETTY: removalVersion: "" deprecationInfo: "" APP_REGISTRY_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;APP_REGISTRY_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;APP_REGISTRY_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -955,7 +955,7 @@ APP_REGISTRY_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" APP_REGISTRY_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;APP_REGISTRY_TRACING_ENABLED + name: OC_TRACING_ENABLED;APP_REGISTRY_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -964,7 +964,7 @@ APP_REGISTRY_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" APP_REGISTRY_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;APP_REGISTRY_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;APP_REGISTRY_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -973,7 +973,7 @@ APP_REGISTRY_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" APP_REGISTRY_TRACING_TYPE: - name: OCIS_TRACING_TYPE;APP_REGISTRY_TRACING_TYPE + name: OC_TRACING_TYPE;APP_REGISTRY_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -1021,7 +1021,7 @@ AUDIT_DEBUG_ZPAGES: removalVersion: "" deprecationInfo: "" AUDIT_EVENTS_AUTH_PASSWORD: - name: OCIS_EVENTS_AUTH_PASSWORD;AUDIT_EVENTS_AUTH_PASSWORD + name: OC_EVENTS_AUTH_PASSWORD;AUDIT_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the events broker. The events broker @@ -1031,7 +1031,7 @@ AUDIT_EVENTS_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" AUDIT_EVENTS_AUTH_USERNAME: - name: OCIS_EVENTS_AUTH_USERNAME;AUDIT_EVENTS_AUTH_USERNAME + name: OC_EVENTS_AUTH_USERNAME;AUDIT_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the events broker. The events broker @@ -1041,7 +1041,7 @@ AUDIT_EVENTS_AUTH_USERNAME: removalVersion: "" deprecationInfo: "" AUDIT_EVENTS_CLUSTER: - name: OCIS_EVENTS_CLUSTER;AUDIT_EVENTS_CLUSTER + name: OC_EVENTS_CLUSTER;AUDIT_EVENTS_CLUSTER defaultValue: ocis-cluster type: string description: The clusterID of the event system. The event system is the message @@ -1052,7 +1052,7 @@ AUDIT_EVENTS_CLUSTER: removalVersion: "" deprecationInfo: "" AUDIT_EVENTS_ENABLE_TLS: - name: OCIS_EVENTS_ENABLE_TLS;AUDIT_EVENTS_ENABLE_TLS + name: OC_EVENTS_ENABLE_TLS;AUDIT_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker @@ -1062,7 +1062,7 @@ AUDIT_EVENTS_ENABLE_TLS: removalVersion: "" deprecationInfo: "" AUDIT_EVENTS_ENDPOINT: - name: OCIS_EVENTS_ENDPOINT;AUDIT_EVENTS_ENDPOINT + name: OC_EVENTS_ENDPOINT;AUDIT_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing @@ -1072,7 +1072,7 @@ AUDIT_EVENTS_ENDPOINT: removalVersion: "" deprecationInfo: "" AUDIT_EVENTS_TLS_INSECURE: - name: OCIS_INSECURE;AUDIT_EVENTS_TLS_INSECURE + name: OC_INSECURE;AUDIT_EVENTS_TLS_INSECURE defaultValue: "false" type: bool description: Whether to verify the server TLS certificates. @@ -1081,7 +1081,7 @@ AUDIT_EVENTS_TLS_INSECURE: removalVersion: "" deprecationInfo: "" AUDIT_EVENTS_TLS_ROOT_CA_CERTIFICATE: - name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;AUDIT_EVENTS_TLS_ROOT_CA_CERTIFICATE + name: OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;AUDIT_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. @@ -1111,7 +1111,7 @@ AUDIT_FORMAT: removalVersion: "" deprecationInfo: "" AUDIT_LOG_COLOR: - name: OCIS_LOG_COLOR;AUDIT_LOG_COLOR + name: OC_LOG_COLOR;AUDIT_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -1120,7 +1120,7 @@ AUDIT_LOG_COLOR: removalVersion: "" deprecationInfo: "" AUDIT_LOG_FILE: - name: OCIS_LOG_FILE;AUDIT_LOG_FILE + name: OC_LOG_FILE;AUDIT_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -1129,7 +1129,7 @@ AUDIT_LOG_FILE: removalVersion: "" deprecationInfo: "" AUDIT_LOG_LEVEL: - name: OCIS_LOG_LEVEL;AUDIT_LOG_LEVEL + name: OC_LOG_LEVEL;AUDIT_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -1139,7 +1139,7 @@ AUDIT_LOG_LEVEL: removalVersion: "" deprecationInfo: "" AUDIT_LOG_PRETTY: - name: OCIS_LOG_PRETTY;AUDIT_LOG_PRETTY + name: OC_LOG_PRETTY;AUDIT_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -1166,7 +1166,7 @@ AUDIT_LOG_TO_FILE: removalVersion: "" deprecationInfo: "" AUDIT_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;AUDIT_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;AUDIT_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -1176,7 +1176,7 @@ AUDIT_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" AUDIT_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;AUDIT_TRACING_ENABLED + name: OC_TRACING_ENABLED;AUDIT_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -1185,7 +1185,7 @@ AUDIT_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" AUDIT_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;AUDIT_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;AUDIT_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -1194,7 +1194,7 @@ AUDIT_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" AUDIT_TRACING_TYPE: - name: OCIS_TRACING_TYPE;AUDIT_TRACING_TYPE + name: OC_TRACING_TYPE;AUDIT_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -1204,7 +1204,7 @@ AUDIT_TRACING_TYPE: removalVersion: "" deprecationInfo: "" AUTH_APP_CORS_ALLOW_CREDENTIALS: - name: OCIS_CORS_ALLOW_CREDENTIALS;AUTH_APP_CORS_ALLOW_CREDENTIALS + name: OC_CORS_ALLOW_CREDENTIALS;AUTH_APP_CORS_ALLOW_CREDENTIALS defaultValue: "true" type: bool description: 'Allow credentials for CORS.See following chapter for more details: @@ -1214,7 +1214,7 @@ AUTH_APP_CORS_ALLOW_CREDENTIALS: removalVersion: "" deprecationInfo: "" AUTH_APP_CORS_ALLOW_HEADERS: - name: OCIS_CORS_ALLOW_HEADERS;AUTH_APP_CORS_ALLOW_HEADERS + name: OC_CORS_ALLOW_HEADERS;AUTH_APP_CORS_ALLOW_HEADERS defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id Ocs-Apirequest]' type: '[]string' @@ -1226,7 +1226,7 @@ AUTH_APP_CORS_ALLOW_HEADERS: removalVersion: "" deprecationInfo: "" AUTH_APP_CORS_ALLOW_METHODS: - name: OCIS_CORS_ALLOW_METHODS;AUTH_APP_CORS_ALLOW_METHODS + name: OC_CORS_ALLOW_METHODS;AUTH_APP_CORS_ALLOW_METHODS defaultValue: '[GET POST DELETE]' type: '[]string' description: 'A list of allowed CORS methods. See following chapter for more details: @@ -1237,7 +1237,7 @@ AUTH_APP_CORS_ALLOW_METHODS: removalVersion: "" deprecationInfo: "" AUTH_APP_CORS_ALLOW_ORIGINS: - name: OCIS_CORS_ALLOW_ORIGINS;AUTH_APP_CORS_ALLOW_ORIGINS + name: OC_CORS_ALLOW_ORIGINS;AUTH_APP_CORS_ALLOW_ORIGINS defaultValue: '[*]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: @@ -1305,7 +1305,7 @@ AUTH_APP_GRPC_ADDR: removalVersion: "" deprecationInfo: "" AUTH_APP_GRPC_PROTOCOL: - name: OCIS_GRPC_PROTOCOL;AUTH_APP_GRPC_PROTOCOL + name: OC_GRPC_PROTOCOL;AUTH_APP_GRPC_PROTOCOL defaultValue: tcp type: string description: The transport protocol of the GRPC service. @@ -1332,7 +1332,7 @@ AUTH_APP_HTTP_ROOT: removalVersion: "" deprecationInfo: "" AUTH_APP_JWT_SECRET: - name: OCIS_JWT_SECRET;AUTH_APP_JWT_SECRET + name: OC_JWT_SECRET;AUTH_APP_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. @@ -1341,7 +1341,7 @@ AUTH_APP_JWT_SECRET: removalVersion: "" deprecationInfo: "" AUTH_APP_LOG_COLOR: - name: OCIS_LOG_COLOR;AUTH_APP_LOG_COLOR + name: OC_LOG_COLOR;AUTH_APP_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -1350,7 +1350,7 @@ AUTH_APP_LOG_COLOR: removalVersion: "" deprecationInfo: "" AUTH_APP_LOG_FILE: - name: OCIS_LOG_FILE;AUTH_APP_LOG_FILE + name: OC_LOG_FILE;AUTH_APP_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -1359,7 +1359,7 @@ AUTH_APP_LOG_FILE: removalVersion: "" deprecationInfo: "" AUTH_APP_LOG_LEVEL: - name: OCIS_LOG_LEVEL;AUTH_APP_LOG_LEVEL + name: OC_LOG_LEVEL;AUTH_APP_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -1369,7 +1369,7 @@ AUTH_APP_LOG_LEVEL: removalVersion: "" deprecationInfo: "" AUTH_APP_LOG_PRETTY: - name: OCIS_LOG_PRETTY;AUTH_APP_LOG_PRETTY + name: OC_LOG_PRETTY;AUTH_APP_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -1378,7 +1378,7 @@ AUTH_APP_LOG_PRETTY: removalVersion: "" deprecationInfo: "" AUTH_APP_MACHINE_AUTH_API_KEY: - name: OCIS_MACHINE_AUTH_API_KEY;AUTH_APP_MACHINE_AUTH_API_KEY + name: OC_MACHINE_AUTH_API_KEY;AUTH_APP_MACHINE_AUTH_API_KEY defaultValue: "" type: string description: The machine auth API key used to validate internal requests necessary @@ -1399,7 +1399,7 @@ AUTH_APP_SKIP_USER_GROUPS_IN_TOKEN: removalVersion: "" deprecationInfo: "" AUTH_APP_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;AUTH_APP_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;AUTH_APP_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -1409,7 +1409,7 @@ AUTH_APP_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" AUTH_APP_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;AUTH_APP_TRACING_ENABLED + name: OC_TRACING_ENABLED;AUTH_APP_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -1418,7 +1418,7 @@ AUTH_APP_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" AUTH_APP_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;AUTH_APP_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;AUTH_APP_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -1427,7 +1427,7 @@ AUTH_APP_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" AUTH_APP_TRACING_TYPE: - name: OCIS_TRACING_TYPE;AUTH_APP_TRACING_TYPE + name: OC_TRACING_TYPE;AUTH_APP_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -1485,7 +1485,7 @@ AUTH_BASIC_DEBUG_ZPAGES: removalVersion: "" deprecationInfo: "" AUTH_BASIC_DISABLE_USER_MECHANISM: - name: OCIS_LDAP_DISABLE_USER_MECHANISM;AUTH_BASIC_DISABLE_USER_MECHANISM + name: OC_LDAP_DISABLE_USER_MECHANISM;AUTH_BASIC_DISABLE_USER_MECHANISM defaultValue: attribute type: string description: An option to control the behavior for disabling users. Valid options @@ -1498,7 +1498,7 @@ AUTH_BASIC_DISABLE_USER_MECHANISM: removalVersion: "" deprecationInfo: "" AUTH_BASIC_DISABLED_USERS_GROUP_DN: - name: OCIS_LDAP_DISABLED_USERS_GROUP_DN;AUTH_BASIC_DISABLED_USERS_GROUP_DN + name: OC_LDAP_DISABLED_USERS_GROUP_DN;AUTH_BASIC_DISABLED_USERS_GROUP_DN defaultValue: cn=DisabledUsersGroup,ou=groups,o=libregraph-idm type: string description: The distinguished name of the group to which added users will be classified @@ -1517,7 +1517,7 @@ AUTH_BASIC_GRPC_ADDR: removalVersion: "" deprecationInfo: "" AUTH_BASIC_GRPC_PROTOCOL: - name: OCIS_GRPC_PROTOCOL;AUTH_BASIC_GRPC_PROTOCOL + name: OC_GRPC_PROTOCOL;AUTH_BASIC_GRPC_PROTOCOL defaultValue: tcp type: string description: The transport protocol of the GRPC service. @@ -1526,7 +1526,7 @@ AUTH_BASIC_GRPC_PROTOCOL: removalVersion: "" deprecationInfo: "" AUTH_BASIC_IDP_URL: - name: OCIS_URL;OCIS_OIDC_ISSUER;AUTH_BASIC_IDP_URL + name: OC_URL;OC_OIDC_ISSUER;AUTH_BASIC_IDP_URL defaultValue: https://localhost:9200 type: string description: The identity provider value to set in the userids of the CS3 user objects @@ -1536,7 +1536,7 @@ AUTH_BASIC_IDP_URL: removalVersion: "" deprecationInfo: "" AUTH_BASIC_JWT_SECRET: - name: OCIS_JWT_SECRET;AUTH_BASIC_JWT_SECRET + name: OC_JWT_SECRET;AUTH_BASIC_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. @@ -1545,7 +1545,7 @@ AUTH_BASIC_JWT_SECRET: removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_BIND_DN: - name: OCIS_LDAP_BIND_DN;AUTH_BASIC_LDAP_BIND_DN + name: OC_LDAP_BIND_DN;AUTH_BASIC_LDAP_BIND_DN defaultValue: uid=reva,ou=sysusers,o=libregraph-idm type: string description: LDAP DN to use for simple bind authentication with the target LDAP @@ -1555,7 +1555,7 @@ AUTH_BASIC_LDAP_BIND_DN: removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_BIND_PASSWORD: - name: OCIS_LDAP_BIND_PASSWORD;AUTH_BASIC_LDAP_BIND_PASSWORD + name: OC_LDAP_BIND_PASSWORD;AUTH_BASIC_LDAP_BIND_PASSWORD defaultValue: "" type: string description: Password to use for authenticating the 'bind_dn'. @@ -1564,18 +1564,18 @@ AUTH_BASIC_LDAP_BIND_PASSWORD: removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_CACERT: - name: OCIS_LDAP_CACERT;AUTH_BASIC_LDAP_CACERT + name: OC_LDAP_CACERT;AUTH_BASIC_LDAP_CACERT defaultValue: /var/lib/ocis/idm/ldap.crt type: string description: Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root - directory derives from $OCIS_BASE_DATA_PATH/idm. + directory derives from $OC_BASE_DATA_PATH/idm. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_GROUP_BASE_DN: - name: OCIS_LDAP_GROUP_BASE_DN;AUTH_BASIC_LDAP_GROUP_BASE_DN + name: OC_LDAP_GROUP_BASE_DN;AUTH_BASIC_LDAP_GROUP_BASE_DN defaultValue: ou=groups,o=libregraph-idm type: string description: Search base DN for looking up LDAP groups. @@ -1584,7 +1584,7 @@ AUTH_BASIC_LDAP_GROUP_BASE_DN: removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_GROUP_FILTER: - name: OCIS_LDAP_GROUP_FILTER;AUTH_BASIC_LDAP_GROUP_FILTER + name: OC_LDAP_GROUP_FILTER;AUTH_BASIC_LDAP_GROUP_FILTER defaultValue: "" type: string description: LDAP filter to add to the default filters for group searches. @@ -1593,7 +1593,7 @@ AUTH_BASIC_LDAP_GROUP_FILTER: removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_GROUP_OBJECTCLASS: - name: OCIS_LDAP_GROUP_OBJECTCLASS;AUTH_BASIC_LDAP_GROUP_OBJECTCLASS + name: OC_LDAP_GROUP_OBJECTCLASS;AUTH_BASIC_LDAP_GROUP_OBJECTCLASS defaultValue: groupOfNames type: string description: The object class to use for groups in the default group search filter @@ -1603,7 +1603,7 @@ AUTH_BASIC_LDAP_GROUP_OBJECTCLASS: removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_GROUP_SCHEMA_DISPLAYNAME: - name: OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME;AUTH_BASIC_LDAP_GROUP_SCHEMA_DISPLAYNAME + name: OC_LDAP_GROUP_SCHEMA_DISPLAYNAME;AUTH_BASIC_LDAP_GROUP_SCHEMA_DISPLAYNAME defaultValue: cn type: string description: LDAP Attribute to use for the displayname of groups (often the same @@ -1613,7 +1613,7 @@ AUTH_BASIC_LDAP_GROUP_SCHEMA_DISPLAYNAME: removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_GROUP_SCHEMA_GROUPNAME: - name: OCIS_LDAP_GROUP_SCHEMA_GROUPNAME;AUTH_BASIC_LDAP_GROUP_SCHEMA_GROUPNAME + name: OC_LDAP_GROUP_SCHEMA_GROUPNAME;AUTH_BASIC_LDAP_GROUP_SCHEMA_GROUPNAME defaultValue: cn type: string description: LDAP Attribute to use for the name of groups. @@ -1622,7 +1622,7 @@ AUTH_BASIC_LDAP_GROUP_SCHEMA_GROUPNAME: removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_GROUP_SCHEMA_ID: - name: OCIS_LDAP_GROUP_SCHEMA_ID;AUTH_BASIC_LDAP_GROUP_SCHEMA_ID + name: OC_LDAP_GROUP_SCHEMA_ID;AUTH_BASIC_LDAP_GROUP_SCHEMA_ID defaultValue: ownclouduuid type: string description: LDAP Attribute to use as the unique id for groups. This should be a @@ -1632,7 +1632,7 @@ AUTH_BASIC_LDAP_GROUP_SCHEMA_ID: removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING: - name: OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;AUTH_BASIC_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING + name: OC_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;AUTH_BASIC_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING defaultValue: "false" type: bool description: Set this to true if the defined 'id' attribute for groups is of the @@ -1643,7 +1643,7 @@ AUTH_BASIC_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING: removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_GROUP_SCHEMA_MAIL: - name: OCIS_LDAP_GROUP_SCHEMA_MAIL;AUTH_BASIC_LDAP_GROUP_SCHEMA_MAIL + name: OC_LDAP_GROUP_SCHEMA_MAIL;AUTH_BASIC_LDAP_GROUP_SCHEMA_MAIL defaultValue: mail type: string description: LDAP Attribute to use for the email address of groups (can be empty). @@ -1652,7 +1652,7 @@ AUTH_BASIC_LDAP_GROUP_SCHEMA_MAIL: removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_GROUP_SCHEMA_MEMBER: - name: OCIS_LDAP_GROUP_SCHEMA_MEMBER;AUTH_BASIC_LDAP_GROUP_SCHEMA_MEMBER + name: OC_LDAP_GROUP_SCHEMA_MEMBER;AUTH_BASIC_LDAP_GROUP_SCHEMA_MEMBER defaultValue: member type: string description: LDAP Attribute that is used for group members. @@ -1661,7 +1661,7 @@ AUTH_BASIC_LDAP_GROUP_SCHEMA_MEMBER: removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_GROUP_SCOPE: - name: OCIS_LDAP_GROUP_SCOPE;AUTH_BASIC_LDAP_GROUP_SCOPE + name: OC_LDAP_GROUP_SCOPE;AUTH_BASIC_LDAP_GROUP_SCOPE defaultValue: sub type: string description: LDAP search scope to use when looking up groups. Supported values are @@ -1671,7 +1671,7 @@ AUTH_BASIC_LDAP_GROUP_SCOPE: removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_INSECURE: - name: OCIS_LDAP_INSECURE;AUTH_BASIC_LDAP_INSECURE + name: OC_LDAP_INSECURE;AUTH_BASIC_LDAP_INSECURE defaultValue: "false" type: bool description: Disable TLS certificate validation for the LDAP connections. Do not @@ -1691,7 +1691,7 @@ AUTH_BASIC_LDAP_LOGIN_ATTRIBUTES: removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_URI: - name: OCIS_LDAP_URI;AUTH_BASIC_LDAP_URI + name: OC_LDAP_URI;AUTH_BASIC_LDAP_URI defaultValue: ldaps://localhost:9235 type: string description: URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' @@ -1701,7 +1701,7 @@ AUTH_BASIC_LDAP_URI: removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_USER_BASE_DN: - name: OCIS_LDAP_USER_BASE_DN;AUTH_BASIC_LDAP_USER_BASE_DN + name: OC_LDAP_USER_BASE_DN;AUTH_BASIC_LDAP_USER_BASE_DN defaultValue: ou=users,o=libregraph-idm type: string description: Search base DN for looking up LDAP users. @@ -1710,7 +1710,7 @@ AUTH_BASIC_LDAP_USER_BASE_DN: removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_USER_ENABLED_ATTRIBUTE: - name: OCIS_LDAP_USER_ENABLED_ATTRIBUTE;AUTH_BASIC_LDAP_USER_ENABLED_ATTRIBUTE + name: OC_LDAP_USER_ENABLED_ATTRIBUTE;AUTH_BASIC_LDAP_USER_ENABLED_ATTRIBUTE defaultValue: ownCloudUserEnabled type: string description: LDAP attribute to use as a flag telling if the user is enabled or disabled. @@ -1719,7 +1719,7 @@ AUTH_BASIC_LDAP_USER_ENABLED_ATTRIBUTE: removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_USER_FILTER: - name: OCIS_LDAP_USER_FILTER;AUTH_BASIC_LDAP_USER_FILTER + name: OC_LDAP_USER_FILTER;AUTH_BASIC_LDAP_USER_FILTER defaultValue: "" type: string description: LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'. @@ -1728,7 +1728,7 @@ AUTH_BASIC_LDAP_USER_FILTER: removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_USER_OBJECTCLASS: - name: OCIS_LDAP_USER_OBJECTCLASS;AUTH_BASIC_LDAP_USER_OBJECTCLASS + name: OC_LDAP_USER_OBJECTCLASS;AUTH_BASIC_LDAP_USER_OBJECTCLASS defaultValue: inetOrgPerson type: string description: The object class to use for users in the default user search filter @@ -1738,7 +1738,7 @@ AUTH_BASIC_LDAP_USER_OBJECTCLASS: removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_USER_SCHEMA_DISPLAYNAME: - name: OCIS_LDAP_USER_SCHEMA_DISPLAYNAME;AUTH_BASIC_LDAP_USER_SCHEMA_DISPLAYNAME + name: OC_LDAP_USER_SCHEMA_DISPLAYNAME;AUTH_BASIC_LDAP_USER_SCHEMA_DISPLAYNAME defaultValue: displayname type: string description: LDAP Attribute to use for the displayname of users. @@ -1747,7 +1747,7 @@ AUTH_BASIC_LDAP_USER_SCHEMA_DISPLAYNAME: removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_USER_SCHEMA_ID: - name: OCIS_LDAP_USER_SCHEMA_ID;AUTH_BASIC_LDAP_USER_SCHEMA_ID + name: OC_LDAP_USER_SCHEMA_ID;AUTH_BASIC_LDAP_USER_SCHEMA_ID defaultValue: ownclouduuid type: string description: LDAP Attribute to use as the unique ID for users. This should be a @@ -1757,7 +1757,7 @@ AUTH_BASIC_LDAP_USER_SCHEMA_ID: removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING: - name: OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;AUTH_BASIC_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING + name: OC_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;AUTH_BASIC_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING defaultValue: "false" type: bool description: Set this to true if the defined 'ID' attribute for users is of the @@ -1768,7 +1768,7 @@ AUTH_BASIC_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING: removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_USER_SCHEMA_MAIL: - name: OCIS_LDAP_USER_SCHEMA_MAIL;AUTH_BASIC_LDAP_USER_SCHEMA_MAIL + name: OC_LDAP_USER_SCHEMA_MAIL;AUTH_BASIC_LDAP_USER_SCHEMA_MAIL defaultValue: mail type: string description: LDAP Attribute to use for the email address of users. @@ -1777,7 +1777,7 @@ AUTH_BASIC_LDAP_USER_SCHEMA_MAIL: removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_USER_SCHEMA_USERNAME: - name: OCIS_LDAP_USER_SCHEMA_USERNAME;AUTH_BASIC_LDAP_USER_SCHEMA_USERNAME + name: OC_LDAP_USER_SCHEMA_USERNAME;AUTH_BASIC_LDAP_USER_SCHEMA_USERNAME defaultValue: uid type: string description: LDAP Attribute to use for username of users. @@ -1786,7 +1786,7 @@ AUTH_BASIC_LDAP_USER_SCHEMA_USERNAME: removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_USER_SCOPE: - name: OCIS_LDAP_USER_SCOPE;AUTH_BASIC_LDAP_USER_SCOPE + name: OC_LDAP_USER_SCOPE;AUTH_BASIC_LDAP_USER_SCOPE defaultValue: sub type: string description: LDAP search scope to use when looking up users. Supported values are @@ -1796,7 +1796,7 @@ AUTH_BASIC_LDAP_USER_SCOPE: removalVersion: "" deprecationInfo: "" AUTH_BASIC_LOG_COLOR: - name: OCIS_LOG_COLOR;AUTH_BASIC_LOG_COLOR + name: OC_LOG_COLOR;AUTH_BASIC_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -1805,7 +1805,7 @@ AUTH_BASIC_LOG_COLOR: removalVersion: "" deprecationInfo: "" AUTH_BASIC_LOG_FILE: - name: OCIS_LOG_FILE;AUTH_BASIC_LOG_FILE + name: OC_LOG_FILE;AUTH_BASIC_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -1814,7 +1814,7 @@ AUTH_BASIC_LOG_FILE: removalVersion: "" deprecationInfo: "" AUTH_BASIC_LOG_LEVEL: - name: OCIS_LOG_LEVEL;AUTH_BASIC_LOG_LEVEL + name: OC_LOG_LEVEL;AUTH_BASIC_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -1824,7 +1824,7 @@ AUTH_BASIC_LOG_LEVEL: removalVersion: "" deprecationInfo: "" AUTH_BASIC_LOG_PRETTY: - name: OCIS_LOG_PRETTY;AUTH_BASIC_LOG_PRETTY + name: OC_LOG_PRETTY;AUTH_BASIC_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -1926,7 +1926,7 @@ AUTH_BASIC_SKIP_USER_GROUPS_IN_TOKEN: removalVersion: "" deprecationInfo: "" AUTH_BASIC_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;AUTH_BASIC_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;AUTH_BASIC_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -1936,7 +1936,7 @@ AUTH_BASIC_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" AUTH_BASIC_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;AUTH_BASIC_TRACING_ENABLED + name: OC_TRACING_ENABLED;AUTH_BASIC_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -1945,7 +1945,7 @@ AUTH_BASIC_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" AUTH_BASIC_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;AUTH_BASIC_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;AUTH_BASIC_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -1954,7 +1954,7 @@ AUTH_BASIC_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" AUTH_BASIC_TRACING_TYPE: - name: OCIS_TRACING_TYPE;AUTH_BASIC_TRACING_TYPE + name: OC_TRACING_TYPE;AUTH_BASIC_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -2011,7 +2011,7 @@ AUTH_BEARER_GRPC_ADDR: removalVersion: "" deprecationInfo: "" AUTH_BEARER_GRPC_PROTOCOL: - name: OCIS_GRPC_PROTOCOL;AUTH_BEARER_GRPC_PROTOCOL + name: OC_GRPC_PROTOCOL;AUTH_BEARER_GRPC_PROTOCOL defaultValue: tcp type: string description: The transport protocol of the GRPC service. @@ -2020,7 +2020,7 @@ AUTH_BEARER_GRPC_PROTOCOL: removalVersion: "" deprecationInfo: "" AUTH_BEARER_JWT_SECRET: - name: OCIS_JWT_SECRET;AUTH_BEARER_JWT_SECRET + name: OC_JWT_SECRET;AUTH_BEARER_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. @@ -2029,7 +2029,7 @@ AUTH_BEARER_JWT_SECRET: removalVersion: "" deprecationInfo: "" AUTH_BEARER_LOG_COLOR: - name: OCIS_LOG_COLOR;AUTH_BEARER_LOG_COLOR + name: OC_LOG_COLOR;AUTH_BEARER_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -2038,7 +2038,7 @@ AUTH_BEARER_LOG_COLOR: removalVersion: "" deprecationInfo: "" AUTH_BEARER_LOG_FILE: - name: OCIS_LOG_FILE;AUTH_BEARER_LOG_FILE + name: OC_LOG_FILE;AUTH_BEARER_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -2047,7 +2047,7 @@ AUTH_BEARER_LOG_FILE: removalVersion: "" deprecationInfo: "" AUTH_BEARER_LOG_LEVEL: - name: OCIS_LOG_LEVEL;AUTH_BEARER_LOG_LEVEL + name: OC_LOG_LEVEL;AUTH_BEARER_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -2057,7 +2057,7 @@ AUTH_BEARER_LOG_LEVEL: removalVersion: "" deprecationInfo: "" AUTH_BEARER_LOG_PRETTY: - name: OCIS_LOG_PRETTY;AUTH_BEARER_LOG_PRETTY + name: OC_LOG_PRETTY;AUTH_BEARER_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -2084,7 +2084,7 @@ AUTH_BEARER_OIDC_ID_CLAIM: removalVersion: "" deprecationInfo: "" AUTH_BEARER_OIDC_INSECURE: - name: OCIS_INSECURE;AUTH_BEARER_OIDC_INSECURE + name: OC_INSECURE;AUTH_BEARER_OIDC_INSECURE defaultValue: "false" type: bool description: Allow insecure connections to the OIDC issuer. @@ -2093,7 +2093,7 @@ AUTH_BEARER_OIDC_INSECURE: removalVersion: "" deprecationInfo: "" AUTH_BEARER_OIDC_ISSUER: - name: OCIS_URL;OCIS_OIDC_ISSUER;AUTH_BEARER_OIDC_ISSUER + name: OC_URL;OC_OIDC_ISSUER;AUTH_BEARER_OIDC_ISSUER defaultValue: https://localhost:9200 type: string description: URL of the OIDC issuer. It defaults to URL of the builtin IDP. @@ -2122,7 +2122,7 @@ AUTH_BEARER_SKIP_USER_GROUPS_IN_TOKEN: removalVersion: "" deprecationInfo: "" AUTH_BEARER_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;AUTH_BEARER_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;AUTH_BEARER_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -2132,7 +2132,7 @@ AUTH_BEARER_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" AUTH_BEARER_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;AUTH_BEARER_TRACING_ENABLED + name: OC_TRACING_ENABLED;AUTH_BEARER_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -2141,7 +2141,7 @@ AUTH_BEARER_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" AUTH_BEARER_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;AUTH_BEARER_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;AUTH_BEARER_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -2150,7 +2150,7 @@ AUTH_BEARER_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" AUTH_BEARER_TRACING_TYPE: - name: OCIS_TRACING_TYPE;AUTH_BEARER_TRACING_TYPE + name: OC_TRACING_TYPE;AUTH_BEARER_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -2160,7 +2160,7 @@ AUTH_BEARER_TRACING_TYPE: removalVersion: "" deprecationInfo: "" AUTH_MACHINE_API_KEY: - name: OCIS_MACHINE_AUTH_API_KEY;AUTH_MACHINE_API_KEY + name: OC_MACHINE_AUTH_API_KEY;AUTH_MACHINE_API_KEY defaultValue: "" type: string description: Machine auth API key used to validate internal requests necessary for @@ -2217,7 +2217,7 @@ AUTH_MACHINE_GRPC_ADDR: removalVersion: "" deprecationInfo: "" AUTH_MACHINE_GRPC_PROTOCOL: - name: OCIS_GRPC_PROTOCOL;AUTH_MACHINE_GRPC_PROTOCOL + name: OC_GRPC_PROTOCOL;AUTH_MACHINE_GRPC_PROTOCOL defaultValue: tcp type: string description: The transport protocol of the GRPC service. @@ -2226,7 +2226,7 @@ AUTH_MACHINE_GRPC_PROTOCOL: removalVersion: "" deprecationInfo: "" AUTH_MACHINE_JWT_SECRET: - name: OCIS_JWT_SECRET;AUTH_MACHINE_JWT_SECRET + name: OC_JWT_SECRET;AUTH_MACHINE_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. @@ -2235,7 +2235,7 @@ AUTH_MACHINE_JWT_SECRET: removalVersion: "" deprecationInfo: "" AUTH_MACHINE_LOG_COLOR: - name: OCIS_LOG_COLOR;AUTH_MACHINE_LOG_COLOR + name: OC_LOG_COLOR;AUTH_MACHINE_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -2244,7 +2244,7 @@ AUTH_MACHINE_LOG_COLOR: removalVersion: "" deprecationInfo: "" AUTH_MACHINE_LOG_FILE: - name: OCIS_LOG_FILE;AUTH_MACHINE_LOG_FILE + name: OC_LOG_FILE;AUTH_MACHINE_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -2253,7 +2253,7 @@ AUTH_MACHINE_LOG_FILE: removalVersion: "" deprecationInfo: "" AUTH_MACHINE_LOG_LEVEL: - name: OCIS_LOG_LEVEL;AUTH_MACHINE_LOG_LEVEL + name: OC_LOG_LEVEL;AUTH_MACHINE_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -2263,7 +2263,7 @@ AUTH_MACHINE_LOG_LEVEL: removalVersion: "" deprecationInfo: "" AUTH_MACHINE_LOG_PRETTY: - name: OCIS_LOG_PRETTY;AUTH_MACHINE_LOG_PRETTY + name: OC_LOG_PRETTY;AUTH_MACHINE_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -2283,7 +2283,7 @@ AUTH_MACHINE_SKIP_USER_GROUPS_IN_TOKEN: removalVersion: "" deprecationInfo: "" AUTH_MACHINE_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;AUTH_MACHINE_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;AUTH_MACHINE_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -2293,7 +2293,7 @@ AUTH_MACHINE_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" AUTH_MACHINE_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;AUTH_MACHINE_TRACING_ENABLED + name: OC_TRACING_ENABLED;AUTH_MACHINE_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -2302,7 +2302,7 @@ AUTH_MACHINE_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" AUTH_MACHINE_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;AUTH_MACHINE_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;AUTH_MACHINE_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -2311,7 +2311,7 @@ AUTH_MACHINE_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" AUTH_MACHINE_TRACING_TYPE: - name: OCIS_TRACING_TYPE;AUTH_MACHINE_TRACING_TYPE + name: OC_TRACING_TYPE;AUTH_MACHINE_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -2368,7 +2368,7 @@ AUTH_SERVICE_GRPC_ADDR: removalVersion: "" deprecationInfo: "" AUTH_SERVICE_GRPC_PROTOCOL: - name: OCIS_GRPC_PROTOCOL;AUTH_SERVICE_GRPC_PROTOCOL + name: OC_GRPC_PROTOCOL;AUTH_SERVICE_GRPC_PROTOCOL defaultValue: tcp type: string description: The transport protocol of the GRPC service. @@ -2377,7 +2377,7 @@ AUTH_SERVICE_GRPC_PROTOCOL: removalVersion: "" deprecationInfo: "" AUTH_SERVICE_JWT_SECRET: - name: OCIS_JWT_SECRET;AUTH_SERVICE_JWT_SECRET + name: OC_JWT_SECRET;AUTH_SERVICE_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. @@ -2386,7 +2386,7 @@ AUTH_SERVICE_JWT_SECRET: removalVersion: "" deprecationInfo: "" AUTH_SERVICE_LOG_COLOR: - name: OCIS_LOG_COLOR;AUTH_SERVICE_LOG_COLOR + name: OC_LOG_COLOR;AUTH_SERVICE_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -2395,7 +2395,7 @@ AUTH_SERVICE_LOG_COLOR: removalVersion: "" deprecationInfo: "" AUTH_SERVICE_LOG_FILE: - name: OCIS_LOG_FILE;AUTH_SERVICE_LOG_FILE + name: OC_LOG_FILE;AUTH_SERVICE_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -2404,7 +2404,7 @@ AUTH_SERVICE_LOG_FILE: removalVersion: "" deprecationInfo: "" AUTH_SERVICE_LOG_LEVEL: - name: OCIS_LOG_LEVEL;AUTH_SERVICE_LOG_LEVEL + name: OC_LOG_LEVEL;AUTH_SERVICE_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -2414,7 +2414,7 @@ AUTH_SERVICE_LOG_LEVEL: removalVersion: "" deprecationInfo: "" AUTH_SERVICE_LOG_PRETTY: - name: OCIS_LOG_PRETTY;AUTH_SERVICE_LOG_PRETTY + name: OC_LOG_PRETTY;AUTH_SERVICE_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -2423,7 +2423,7 @@ AUTH_SERVICE_LOG_PRETTY: removalVersion: "" deprecationInfo: "" AUTH_SERVICE_SERVICE_ACCOUNT_ID: - name: OCIS_SERVICE_ACCOUNT_ID;AUTH_SERVICE_SERVICE_ACCOUNT_ID + name: OC_SERVICE_ACCOUNT_ID;AUTH_SERVICE_SERVICE_ACCOUNT_ID defaultValue: "" type: string description: The ID of the service account the service should use. See the 'auth-service' @@ -2433,7 +2433,7 @@ AUTH_SERVICE_SERVICE_ACCOUNT_ID: removalVersion: "" deprecationInfo: "" AUTH_SERVICE_SERVICE_ACCOUNT_SECRET: - name: OCIS_SERVICE_ACCOUNT_SECRET;AUTH_SERVICE_SERVICE_ACCOUNT_SECRET + name: OC_SERVICE_ACCOUNT_SECRET;AUTH_SERVICE_SERVICE_ACCOUNT_SECRET defaultValue: "" type: string description: The service account secret. @@ -2442,7 +2442,7 @@ AUTH_SERVICE_SERVICE_ACCOUNT_SECRET: removalVersion: "" deprecationInfo: "" AUTH_SERVICE_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;AUTH_SERVICE_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;AUTH_SERVICE_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -2452,7 +2452,7 @@ AUTH_SERVICE_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" AUTH_SERVICE_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;AUTH_SERVICE_TRACING_ENABLED + name: OC_TRACING_ENABLED;AUTH_SERVICE_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -2461,7 +2461,7 @@ AUTH_SERVICE_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" AUTH_SERVICE_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;AUTH_SERVICE_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;AUTH_SERVICE_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -2470,7 +2470,7 @@ AUTH_SERVICE_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" AUTH_SERVICE_TRACING_TYPE: - name: OCIS_TRACING_TYPE;AUTH_SERVICE_TRACING_TYPE + name: OC_TRACING_TYPE;AUTH_SERVICE_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -2518,7 +2518,7 @@ CLIENTLOG_DEBUG_ZPAGES: removalVersion: "" deprecationInfo: "" CLIENTLOG_EVENTS_AUTH_PASSWORD: - name: OCIS_EVENTS_AUTH_PASSWORD;CLIENTLOG_EVENTS_AUTH_PASSWORD + name: OC_EVENTS_AUTH_PASSWORD;CLIENTLOG_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the events broker. The events broker @@ -2528,7 +2528,7 @@ CLIENTLOG_EVENTS_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" CLIENTLOG_EVENTS_AUTH_USERNAME: - name: OCIS_EVENTS_AUTH_USERNAME;CLIENTLOG_EVENTS_AUTH_USERNAME + name: OC_EVENTS_AUTH_USERNAME;CLIENTLOG_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the events broker. The events broker @@ -2538,7 +2538,7 @@ CLIENTLOG_EVENTS_AUTH_USERNAME: removalVersion: "" deprecationInfo: "" CLIENTLOG_EVENTS_CLUSTER: - name: OCIS_EVENTS_CLUSTER;CLIENTLOG_EVENTS_CLUSTER + name: OC_EVENTS_CLUSTER;CLIENTLOG_EVENTS_CLUSTER defaultValue: ocis-cluster type: string description: The clusterID of the event system. The event system is the message @@ -2549,7 +2549,7 @@ CLIENTLOG_EVENTS_CLUSTER: removalVersion: "" deprecationInfo: "" CLIENTLOG_EVENTS_ENABLE_TLS: - name: OCIS_EVENTS_ENABLE_TLS;CLIENTLOG_EVENTS_ENABLE_TLS + name: OC_EVENTS_ENABLE_TLS;CLIENTLOG_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker @@ -2559,7 +2559,7 @@ CLIENTLOG_EVENTS_ENABLE_TLS: removalVersion: "" deprecationInfo: "" CLIENTLOG_EVENTS_ENDPOINT: - name: OCIS_EVENTS_ENDPOINT;CLIENTLOG_EVENTS_ENDPOINT + name: OC_EVENTS_ENDPOINT;CLIENTLOG_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing @@ -2569,7 +2569,7 @@ CLIENTLOG_EVENTS_ENDPOINT: removalVersion: "" deprecationInfo: "" CLIENTLOG_EVENTS_TLS_INSECURE: - name: OCIS_INSECURE;CLIENTLOG_EVENTS_TLS_INSECURE + name: OC_INSECURE;CLIENTLOG_EVENTS_TLS_INSECURE defaultValue: "false" type: bool description: Whether to verify the server TLS certificates. @@ -2578,7 +2578,7 @@ CLIENTLOG_EVENTS_TLS_INSECURE: removalVersion: "" deprecationInfo: "" CLIENTLOG_EVENTS_TLS_ROOT_CA_CERTIFICATE: - name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;CLIENTLOG_EVENTS_TLS_ROOT_CA_CERTIFICATE + name: OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;CLIENTLOG_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. @@ -2588,7 +2588,7 @@ CLIENTLOG_EVENTS_TLS_ROOT_CA_CERTIFICATE: removalVersion: "" deprecationInfo: "" CLIENTLOG_JWT_SECRET: - name: OCIS_JWT_SECRET;CLIENTLOG_JWT_SECRET + name: OC_JWT_SECRET;CLIENTLOG_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. @@ -2597,7 +2597,7 @@ CLIENTLOG_JWT_SECRET: removalVersion: "" deprecationInfo: "" CLIENTLOG_REVA_GATEWAY: - name: OCIS_REVA_GATEWAY;CLIENTLOG_REVA_GATEWAY + name: OC_REVA_GATEWAY;CLIENTLOG_REVA_GATEWAY defaultValue: com.owncloud.api.gateway type: string description: CS3 gateway used to look up user metadata @@ -2606,7 +2606,7 @@ CLIENTLOG_REVA_GATEWAY: removalVersion: '%%NEXT_PRODUCTION_VERSION%%' deprecationInfo: CLIENTLOG_REVA_GATEWAY removed for simplicity. CLIENTLOG_SERVICE_ACCOUNT_ID: - name: OCIS_SERVICE_ACCOUNT_ID;CLIENTLOG_SERVICE_ACCOUNT_ID + name: OC_SERVICE_ACCOUNT_ID;CLIENTLOG_SERVICE_ACCOUNT_ID defaultValue: "" type: string description: The ID of the service account the service should use. See the 'auth-service' @@ -2616,7 +2616,7 @@ CLIENTLOG_SERVICE_ACCOUNT_ID: removalVersion: "" deprecationInfo: "" CLIENTLOG_SERVICE_ACCOUNT_SECRET: - name: OCIS_SERVICE_ACCOUNT_SECRET;CLIENTLOG_SERVICE_ACCOUNT_SECRET + name: OC_SERVICE_ACCOUNT_SECRET;CLIENTLOG_SERVICE_ACCOUNT_SECRET defaultValue: "" type: string description: The service account secret. @@ -2625,7 +2625,7 @@ CLIENTLOG_SERVICE_ACCOUNT_SECRET: removalVersion: "" deprecationInfo: "" CLIENTLOG_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;CLIENTLOG_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;CLIENTLOG_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -2635,7 +2635,7 @@ CLIENTLOG_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" CLIENTLOG_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;CLIENTLOG_TRACING_ENABLED + name: OC_TRACING_ENABLED;CLIENTLOG_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -2644,7 +2644,7 @@ CLIENTLOG_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" CLIENTLOG_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;CLIENTLOG_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;CLIENTLOG_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -2653,7 +2653,7 @@ CLIENTLOG_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" CLIENTLOG_TRACING_TYPE: - name: OCIS_TRACING_TYPE;CLIENTLOG_TRACING_TYPE + name: OC_TRACING_TYPE;CLIENTLOG_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -2663,7 +2663,7 @@ CLIENTLOG_TRACING_TYPE: removalVersion: "" deprecationInfo: "" CLIENTLOG_USERLOG_LOG_COLOR: - name: OCIS_LOG_COLOR;CLIENTLOG_USERLOG_LOG_COLOR + name: OC_LOG_COLOR;CLIENTLOG_USERLOG_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -2672,7 +2672,7 @@ CLIENTLOG_USERLOG_LOG_COLOR: removalVersion: "" deprecationInfo: "" CLIENTLOG_USERLOG_LOG_FILE: - name: OCIS_LOG_FILE;CLIENTLOG_USERLOG_LOG_FILE + name: OC_LOG_FILE;CLIENTLOG_USERLOG_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -2681,7 +2681,7 @@ CLIENTLOG_USERLOG_LOG_FILE: removalVersion: "" deprecationInfo: "" CLIENTLOG_USERLOG_LOG_LEVEL: - name: OCIS_LOG_LEVEL;CLIENTLOG_USERLOG_LOG_LEVEL + name: OC_LOG_LEVEL;CLIENTLOG_USERLOG_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -2691,7 +2691,7 @@ CLIENTLOG_USERLOG_LOG_LEVEL: removalVersion: "" deprecationInfo: "" CLIENTLOG_USERLOG_LOG_PRETTY: - name: OCIS_LOG_PRETTY;CLIENTLOG_USERLOG_LOG_PRETTY + name: OC_LOG_PRETTY;CLIENTLOG_USERLOG_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -2841,7 +2841,7 @@ COLLABORATION_GRPC_ADDR: removalVersion: "" deprecationInfo: "" COLLABORATION_GRPC_PROTOCOL: - name: OCIS_GRPC_PROTOCOL;COLLABORATION_GRPC_PROTOCOL + name: OC_GRPC_PROTOCOL;COLLABORATION_GRPC_PROTOCOL defaultValue: tcp type: string description: The transport protocol of the GRPC service. @@ -2859,7 +2859,7 @@ COLLABORATION_HTTP_ADDR: removalVersion: "" deprecationInfo: "" COLLABORATION_JWT_SECRET: - name: OCIS_JWT_SECRET;COLLABORATION_JWT_SECRET + name: OC_JWT_SECRET;COLLABORATION_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. @@ -2868,7 +2868,7 @@ COLLABORATION_JWT_SECRET: removalVersion: "" deprecationInfo: "" COLLABORATION_LOG_COLOR: - name: OCIS_LOG_COLOR;COLLABORATION_LOG_COLOR + name: OC_LOG_COLOR;COLLABORATION_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -2877,7 +2877,7 @@ COLLABORATION_LOG_COLOR: removalVersion: "" deprecationInfo: "" COLLABORATION_LOG_FILE: - name: OCIS_LOG_FILE;COLLABORATION_LOG_FILE + name: OC_LOG_FILE;COLLABORATION_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -2886,7 +2886,7 @@ COLLABORATION_LOG_FILE: removalVersion: "" deprecationInfo: "" COLLABORATION_LOG_LEVEL: - name: OCIS_LOG_LEVEL;COLLABORATION_LOG_LEVEL + name: OC_LOG_LEVEL;COLLABORATION_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -2896,7 +2896,7 @@ COLLABORATION_LOG_LEVEL: removalVersion: "" deprecationInfo: "" COLLABORATION_LOG_PRETTY: - name: OCIS_LOG_PRETTY;COLLABORATION_LOG_PRETTY + name: OC_LOG_PRETTY;COLLABORATION_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -2905,7 +2905,7 @@ COLLABORATION_LOG_PRETTY: removalVersion: "" deprecationInfo: "" COLLABORATION_STORE: - name: OCIS_PERSISTENT_STORE;COLLABORATION_STORE + name: OC_PERSISTENT_STORE;COLLABORATION_STORE defaultValue: nats-js-kv type: string description: 'The type of the store. Supported values are: ''memory'', ''nats-js-kv'', @@ -2915,7 +2915,7 @@ COLLABORATION_STORE: removalVersion: "" deprecationInfo: "" COLLABORATION_STORE_AUTH_PASSWORD: - name: OCIS_PERSISTENT_STORE_AUTH_PASSWORD;COLLABORATION_STORE_AUTH_PASSWORD + name: OC_PERSISTENT_STORE_AUTH_PASSWORD;COLLABORATION_STORE_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the store. Only applies when store @@ -2925,7 +2925,7 @@ COLLABORATION_STORE_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" COLLABORATION_STORE_AUTH_USERNAME: - name: OCIS_PERSISTENT_STORE_AUTH_USERNAME;COLLABORATION_STORE_AUTH_USERNAME + name: OC_PERSISTENT_STORE_AUTH_USERNAME;COLLABORATION_STORE_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the store. Only applies when store @@ -2944,7 +2944,7 @@ COLLABORATION_STORE_DATABASE: removalVersion: "" deprecationInfo: "" COLLABORATION_STORE_NODES: - name: OCIS_PERSISTENT_STORE_NODES;COLLABORATION_STORE_NODES + name: OC_PERSISTENT_STORE_NODES;COLLABORATION_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. This has no effect @@ -2965,7 +2965,7 @@ COLLABORATION_STORE_TABLE: removalVersion: "" deprecationInfo: "" COLLABORATION_STORE_TTL: - name: OCIS_PERSISTENT_STORE_TTL;COLLABORATION_STORE_TTL + name: OC_PERSISTENT_STORE_TTL;COLLABORATION_STORE_TTL defaultValue: 30m0s type: Duration description: Time to live for events in the store. Defaults to '30m' (30 minutes). @@ -2975,7 +2975,7 @@ COLLABORATION_STORE_TTL: removalVersion: "" deprecationInfo: "" COLLABORATION_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;COLLABORATION_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;COLLABORATION_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -2985,7 +2985,7 @@ COLLABORATION_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" COLLABORATION_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;COLLABORATION_TRACING_ENABLED + name: OC_TRACING_ENABLED;COLLABORATION_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -2994,7 +2994,7 @@ COLLABORATION_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" COLLABORATION_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;COLLABORATION_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;COLLABORATION_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -3003,7 +3003,7 @@ COLLABORATION_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" COLLABORATION_TRACING_TYPE: - name: OCIS_TRACING_TYPE;COLLABORATION_TRACING_TYPE + name: OC_TRACING_TYPE;COLLABORATION_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -3013,7 +3013,7 @@ COLLABORATION_TRACING_TYPE: removalVersion: "" deprecationInfo: "" COLLABORATION_WOPI_DISABLE_CHAT: - name: COLLABORATION_WOPI_DISABLE_CHAT;OCIS_WOPI_DISABLE_CHAT + name: COLLABORATION_WOPI_DISABLE_CHAT;OC_WOPI_DISABLE_CHAT defaultValue: "false" type: bool description: Disable chat in the office web frontend. This feature applies to OnlyOffice @@ -3116,7 +3116,7 @@ EVENTHISTORY_DEBUG_ZPAGES: removalVersion: "" deprecationInfo: "" EVENTHISTORY_EVENTS_AUTH_PASSWORD: - name: OCIS_EVENTS_AUTH_PASSWORD;EVENTHISTORY_EVENTS_AUTH_PASSWORD + name: OC_EVENTS_AUTH_PASSWORD;EVENTHISTORY_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the events broker. The events broker @@ -3126,7 +3126,7 @@ EVENTHISTORY_EVENTS_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" EVENTHISTORY_EVENTS_AUTH_USERNAME: - name: OCIS_EVENTS_AUTH_USERNAME;EVENTHISTORY_EVENTS_AUTH_USERNAME + name: OC_EVENTS_AUTH_USERNAME;EVENTHISTORY_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the events broker. The events broker @@ -3136,7 +3136,7 @@ EVENTHISTORY_EVENTS_AUTH_USERNAME: removalVersion: "" deprecationInfo: "" EVENTHISTORY_EVENTS_CLUSTER: - name: OCIS_EVENTS_CLUSTER;EVENTHISTORY_EVENTS_CLUSTER + name: OC_EVENTS_CLUSTER;EVENTHISTORY_EVENTS_CLUSTER defaultValue: ocis-cluster type: string description: The clusterID of the event system. The event system is the message @@ -3147,7 +3147,7 @@ EVENTHISTORY_EVENTS_CLUSTER: removalVersion: "" deprecationInfo: "" EVENTHISTORY_EVENTS_ENABLE_TLS: - name: OCIS_EVENTS_ENABLE_TLS;EVENTHISTORY_EVENTS_ENABLE_TLS + name: OC_EVENTS_ENABLE_TLS;EVENTHISTORY_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker @@ -3157,7 +3157,7 @@ EVENTHISTORY_EVENTS_ENABLE_TLS: removalVersion: "" deprecationInfo: "" EVENTHISTORY_EVENTS_ENDPOINT: - name: OCIS_EVENTS_ENDPOINT;EVENTHISTORY_EVENTS_ENDPOINT + name: OC_EVENTS_ENDPOINT;EVENTHISTORY_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing @@ -3167,7 +3167,7 @@ EVENTHISTORY_EVENTS_ENDPOINT: removalVersion: "" deprecationInfo: "" EVENTHISTORY_EVENTS_TLS_INSECURE: - name: OCIS_INSECURE;EVENTHISTORY_EVENTS_TLS_INSECURE + name: OC_INSECURE;EVENTHISTORY_EVENTS_TLS_INSECURE defaultValue: "false" type: bool description: Whether to verify the server TLS certificates. @@ -3176,7 +3176,7 @@ EVENTHISTORY_EVENTS_TLS_INSECURE: removalVersion: "" deprecationInfo: "" EVENTHISTORY_EVENTS_TLS_ROOT_CA_CERTIFICATE: - name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;EVENTHISTORY_EVENTS_TLS_ROOT_CA_CERTIFICATE + name: OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;EVENTHISTORY_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. @@ -3195,7 +3195,7 @@ EVENTHISTORY_GRPC_ADDR: removalVersion: "" deprecationInfo: "" EVENTHISTORY_LOG_COLOR: - name: OCIS_LOG_COLOR;EVENTHISTORY_LOG_COLOR + name: OC_LOG_COLOR;EVENTHISTORY_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -3204,7 +3204,7 @@ EVENTHISTORY_LOG_COLOR: removalVersion: "" deprecationInfo: "" EVENTHISTORY_LOG_FILE: - name: OCIS_LOG_FILE;EVENTHISTORY_LOG_FILE + name: OC_LOG_FILE;EVENTHISTORY_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -3213,7 +3213,7 @@ EVENTHISTORY_LOG_FILE: removalVersion: "" deprecationInfo: "" EVENTHISTORY_LOG_LEVEL: - name: OCIS_LOG_LEVEL;EVENTHISTORY_LOG_LEVEL + name: OC_LOG_LEVEL;EVENTHISTORY_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -3223,7 +3223,7 @@ EVENTHISTORY_LOG_LEVEL: removalVersion: "" deprecationInfo: "" EVENTHISTORY_LOG_PRETTY: - name: OCIS_LOG_PRETTY;EVENTHISTORY_LOG_PRETTY + name: OC_LOG_PRETTY;EVENTHISTORY_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -3232,7 +3232,7 @@ EVENTHISTORY_LOG_PRETTY: removalVersion: "" deprecationInfo: "" EVENTHISTORY_STORE: - name: OCIS_PERSISTENT_STORE;EVENTHISTORY_STORE + name: OC_PERSISTENT_STORE;EVENTHISTORY_STORE defaultValue: nats-js-kv type: string description: 'The type of the store. Supported values are: ''memory'', ''nats-js-kv'', @@ -3242,7 +3242,7 @@ EVENTHISTORY_STORE: removalVersion: "" deprecationInfo: "" EVENTHISTORY_STORE_AUTH_PASSWORD: - name: OCIS_PERSISTENT_STORE_AUTH_PASSWORD;EVENTHISTORY_STORE_AUTH_PASSWORD + name: OC_PERSISTENT_STORE_AUTH_PASSWORD;EVENTHISTORY_STORE_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the store. Only applies when store @@ -3252,7 +3252,7 @@ EVENTHISTORY_STORE_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" EVENTHISTORY_STORE_AUTH_USERNAME: - name: OCIS_PERSISTENT_STORE_AUTH_USERNAME;EVENTHISTORY_STORE_AUTH_USERNAME + name: OC_PERSISTENT_STORE_AUTH_USERNAME;EVENTHISTORY_STORE_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the store. Only applies when store @@ -3271,7 +3271,7 @@ EVENTHISTORY_STORE_DATABASE: removalVersion: "" deprecationInfo: "" EVENTHISTORY_STORE_NODES: - name: OCIS_PERSISTENT_STORE_NODES;EVENTHISTORY_STORE_NODES + name: OC_PERSISTENT_STORE_NODES;EVENTHISTORY_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. This has no effect @@ -3292,7 +3292,7 @@ EVENTHISTORY_STORE_TABLE: removalVersion: "" deprecationInfo: "" EVENTHISTORY_STORE_TTL: - name: OCIS_PERSISTENT_STORE_TTL;EVENTHISTORY_STORE_TTL + name: OC_PERSISTENT_STORE_TTL;EVENTHISTORY_STORE_TTL defaultValue: 336h0m0s type: Duration description: Time to live for events in the store. Defaults to '336h' (2 weeks). @@ -3302,7 +3302,7 @@ EVENTHISTORY_STORE_TTL: removalVersion: "" deprecationInfo: "" EVENTHISTORY_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;EVENTHISTORY_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;EVENTHISTORY_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -3312,7 +3312,7 @@ EVENTHISTORY_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" EVENTHISTORY_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;EVENTHISTORY_TRACING_ENABLED + name: OC_TRACING_ENABLED;EVENTHISTORY_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -3321,7 +3321,7 @@ EVENTHISTORY_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" EVENTHISTORY_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;EVENTHISTORY_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;EVENTHISTORY_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -3330,7 +3330,7 @@ EVENTHISTORY_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" EVENTHISTORY_TRACING_TYPE: - name: OCIS_TRACING_TYPE;EVENTHISTORY_TRACING_TYPE + name: OC_TRACING_TYPE;EVENTHISTORY_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -3340,7 +3340,7 @@ EVENTHISTORY_TRACING_TYPE: removalVersion: "" deprecationInfo: "" FRONTEND_APP_HANDLER_INSECURE: - name: OCIS_INSECURE;FRONTEND_APP_HANDLER_INSECURE + name: OC_INSECURE;FRONTEND_APP_HANDLER_INSECURE defaultValue: "false" type: bool description: Allow insecure connections to the frontend. @@ -3359,7 +3359,7 @@ FRONTEND_APP_HANDLER_SECURE_VIEW_APP_ADDR: removalVersion: "" deprecationInfo: "" FRONTEND_ARCHIVER_INSECURE: - name: OCIS_INSECURE;FRONTEND_ARCHIVER_INSECURE + name: OC_INSECURE;FRONTEND_ARCHIVER_INSECURE defaultValue: "false" type: bool description: Allow insecure connections to the archiver. @@ -3427,7 +3427,7 @@ FRONTEND_CONFIGURABLE_NOTIFICATIONS: removalVersion: "" deprecationInfo: "" FRONTEND_CORS_ALLOW_CREDENTIALS: - name: OCIS_CORS_ALLOW_CREDENTIALS;FRONTEND_CORS_ALLOW_CREDENTIALS + name: OC_CORS_ALLOW_CREDENTIALS;FRONTEND_CORS_ALLOW_CREDENTIALS defaultValue: "false" type: bool description: 'Allow credentials for CORS.See following chapter for more details: @@ -3437,7 +3437,7 @@ FRONTEND_CORS_ALLOW_CREDENTIALS: removalVersion: "" deprecationInfo: "" FRONTEND_CORS_ALLOW_HEADERS: - name: OCIS_CORS_ALLOW_HEADERS;FRONTEND_CORS_ALLOW_HEADERS + name: OC_CORS_ALLOW_HEADERS;FRONTEND_CORS_ALLOW_HEADERS defaultValue: '[Origin Accept Content-Type Depth Authorization Ocs-Apirequest If-None-Match If-Match Destination Overwrite X-Request-Id X-Requested-With Tus-Resumable Tus-Checksum-Algorithm Upload-Concat Upload-Length Upload-Metadata Upload-Defer-Length Upload-Expires @@ -3451,7 +3451,7 @@ FRONTEND_CORS_ALLOW_HEADERS: removalVersion: "" deprecationInfo: "" FRONTEND_CORS_ALLOW_METHODS: - name: OCIS_CORS_ALLOW_METHODS;FRONTEND_CORS_ALLOW_METHODS + name: OC_CORS_ALLOW_METHODS;FRONTEND_CORS_ALLOW_METHODS defaultValue: '[OPTIONS HEAD GET PUT POST PATCH DELETE MKCOL PROPFIND PROPPATCH MOVE COPY REPORT SEARCH]' type: '[]string' @@ -3463,7 +3463,7 @@ FRONTEND_CORS_ALLOW_METHODS: removalVersion: "" deprecationInfo: "" FRONTEND_CORS_ALLOW_ORIGINS: - name: OCIS_CORS_ALLOW_ORIGINS;FRONTEND_CORS_ALLOW_ORIGINS + name: OC_CORS_ALLOW_ORIGINS;FRONTEND_CORS_ALLOW_ORIGINS defaultValue: '[https://localhost:9200]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: @@ -3542,7 +3542,7 @@ FRONTEND_DEFAULT_UPLOAD_PROTOCOL: removalVersion: "" deprecationInfo: "" FRONTEND_DISABLE_SSE: - name: OCIS_DISABLE_SSE;FRONTEND_DISABLE_SSE + name: OC_DISABLE_SSE;FRONTEND_DISABLE_SSE defaultValue: "false" type: bool description: When set to true, clients are informed that the Server-Sent Events @@ -3552,7 +3552,7 @@ FRONTEND_DISABLE_SSE: removalVersion: "" deprecationInfo: "" FRONTEND_EDITION: - name: OCIS_EDITION;FRONTEND_EDITION + name: OC_EDITION;FRONTEND_EDITION defaultValue: Community type: string description: Edition of oCIS. Used for branding purposes. @@ -3570,7 +3570,7 @@ FRONTEND_ENABLE_FAVORITES: removalVersion: "" deprecationInfo: "" FRONTEND_ENABLE_FEDERATED_SHARING_INCOMING: - name: OCIS_ENABLE_OCM;FRONTEND_ENABLE_FEDERATED_SHARING_INCOMING + name: OC_ENABLE_OCM;FRONTEND_ENABLE_FEDERATED_SHARING_INCOMING defaultValue: "false" type: bool description: Changing this value is NOT supported. Enables support for incoming @@ -3580,7 +3580,7 @@ FRONTEND_ENABLE_FEDERATED_SHARING_INCOMING: removalVersion: "" deprecationInfo: "" FRONTEND_ENABLE_FEDERATED_SHARING_OUTGOING: - name: OCIS_ENABLE_OCM;FRONTEND_ENABLE_FEDERATED_SHARING_OUTGOING + name: OC_ENABLE_OCM;FRONTEND_ENABLE_FEDERATED_SHARING_OUTGOING defaultValue: "false" type: bool description: Changing this value is NOT supported. Enables support for outgoing @@ -3590,7 +3590,7 @@ FRONTEND_ENABLE_FEDERATED_SHARING_OUTGOING: removalVersion: "" deprecationInfo: "" FRONTEND_EVENTS_AUTH_PASSWORD: - name: OCIS_EVENTS_AUTH_PASSWORD;FRONTEND_EVENTS_AUTH_PASSWORD + name: OC_EVENTS_AUTH_PASSWORD;FRONTEND_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the events broker. The events broker @@ -3600,7 +3600,7 @@ FRONTEND_EVENTS_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" FRONTEND_EVENTS_AUTH_USERNAME: - name: OCIS_EVENTS_AUTH_USERNAME;FRONTEND_EVENTS_AUTH_USERNAME + name: OC_EVENTS_AUTH_USERNAME;FRONTEND_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the events broker. The events broker @@ -3610,7 +3610,7 @@ FRONTEND_EVENTS_AUTH_USERNAME: removalVersion: "" deprecationInfo: "" FRONTEND_EVENTS_CLUSTER: - name: OCIS_EVENTS_CLUSTER;FRONTEND_EVENTS_CLUSTER + name: OC_EVENTS_CLUSTER;FRONTEND_EVENTS_CLUSTER defaultValue: ocis-cluster type: string description: The clusterID of the event system. The event system is the message @@ -3621,7 +3621,7 @@ FRONTEND_EVENTS_CLUSTER: removalVersion: "" deprecationInfo: "" FRONTEND_EVENTS_ENABLE_TLS: - name: OCIS_EVENTS_ENABLE_TLS;FRONTEND_EVENTS_ENABLE_TLS + name: OC_EVENTS_ENABLE_TLS;FRONTEND_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker @@ -3631,7 +3631,7 @@ FRONTEND_EVENTS_ENABLE_TLS: removalVersion: "" deprecationInfo: "" FRONTEND_EVENTS_ENDPOINT: - name: OCIS_EVENTS_ENDPOINT;FRONTEND_EVENTS_ENDPOINT + name: OC_EVENTS_ENDPOINT;FRONTEND_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing @@ -3641,7 +3641,7 @@ FRONTEND_EVENTS_ENDPOINT: removalVersion: "" deprecationInfo: "" FRONTEND_EVENTS_TLS_INSECURE: - name: OCIS_INSECURE;FRONTEND_EVENTS_TLS_INSECURE + name: OC_INSECURE;FRONTEND_EVENTS_TLS_INSECURE defaultValue: "false" type: bool description: Whether to verify the server TLS certificates. @@ -3696,7 +3696,7 @@ FRONTEND_HTTP_PROTOCOL: removalVersion: "" deprecationInfo: "" FRONTEND_JWT_SECRET: - name: OCIS_JWT_SECRET;FRONTEND_JWT_SECRET + name: OC_JWT_SECRET;FRONTEND_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. @@ -3705,19 +3705,19 @@ FRONTEND_JWT_SECRET: removalVersion: "" deprecationInfo: "" FRONTEND_LDAP_SERVER_WRITE_ENABLED: - name: OCIS_LDAP_SERVER_WRITE_ENABLED;FRONTEND_LDAP_SERVER_WRITE_ENABLED + name: OC_LDAP_SERVER_WRITE_ENABLED;FRONTEND_LDAP_SERVER_WRITE_ENABLED defaultValue: "true" type: bool description: Allow creating, modifying and deleting LDAP users via the GRAPH API. This can only be set to 'true' when keeping default settings for the LDAP user - and group attribute types (the 'OCIS_LDAP_USER_SCHEMA_* and 'OCIS_LDAP_GROUP_SCHEMA_* + and group attribute types (the 'OC_LDAP_USER_SCHEMA_* and 'OC_LDAP_GROUP_SCHEMA_* variables). introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_LOG_COLOR: - name: OCIS_LOG_COLOR;FRONTEND_LOG_COLOR + name: OC_LOG_COLOR;FRONTEND_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -3726,7 +3726,7 @@ FRONTEND_LOG_COLOR: removalVersion: "" deprecationInfo: "" FRONTEND_LOG_FILE: - name: OCIS_LOG_FILE;FRONTEND_LOG_FILE + name: OC_LOG_FILE;FRONTEND_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -3735,7 +3735,7 @@ FRONTEND_LOG_FILE: removalVersion: "" deprecationInfo: "" FRONTEND_LOG_LEVEL: - name: OCIS_LOG_LEVEL;FRONTEND_LOG_LEVEL + name: OC_LOG_LEVEL;FRONTEND_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -3745,7 +3745,7 @@ FRONTEND_LOG_LEVEL: removalVersion: "" deprecationInfo: "" FRONTEND_LOG_PRETTY: - name: OCIS_LOG_PRETTY;FRONTEND_LOG_PRETTY + name: OC_LOG_PRETTY;FRONTEND_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -3754,7 +3754,7 @@ FRONTEND_LOG_PRETTY: removalVersion: "" deprecationInfo: "" FRONTEND_MACHINE_AUTH_API_KEY: - name: OCIS_MACHINE_AUTH_API_KEY;FRONTEND_MACHINE_AUTH_API_KEY + name: OC_MACHINE_AUTH_API_KEY;FRONTEND_MACHINE_AUTH_API_KEY defaultValue: "" type: string description: The machine auth API key used to validate internal requests necessary @@ -3764,7 +3764,7 @@ FRONTEND_MACHINE_AUTH_API_KEY: removalVersion: "" deprecationInfo: "" FRONTEND_MAX_CONCURRENCY: - name: OCIS_MAX_CONCURRENCY;FRONTEND_MAX_CONCURRENCY + name: OC_MAX_CONCURRENCY;FRONTEND_MAX_CONCURRENCY defaultValue: "1" type: int description: Maximum number of concurrent go-routines. Higher values can potentially @@ -3775,7 +3775,7 @@ FRONTEND_MAX_CONCURRENCY: removalVersion: "" deprecationInfo: "" FRONTEND_MAX_QUOTA: - name: OCIS_SPACES_MAX_QUOTA;FRONTEND_MAX_QUOTA + name: OC_SPACES_MAX_QUOTA;FRONTEND_MAX_QUOTA defaultValue: "0" type: uint64 description: Set the global max quota value in bytes. A value of 0 equals unlimited. @@ -3803,7 +3803,7 @@ FRONTEND_OCS_ENABLE_DENIALS: removalVersion: '%%NEXT_PRODUCTION_VERSION%%' deprecationInfo: The OCS API is deprecated FRONTEND_OCS_INCLUDE_OCM_SHAREES: - name: OCIS_ENABLE_OCM;FRONTEND_OCS_INCLUDE_OCM_SHAREES + name: OC_ENABLE_OCM;FRONTEND_OCS_INCLUDE_OCM_SHAREES defaultValue: "false" type: bool description: Include OCM sharees when listing sharees. @@ -3812,7 +3812,7 @@ FRONTEND_OCS_INCLUDE_OCM_SHAREES: removalVersion: '%%NEXT_PRODUCTION_VERSION%%' deprecationInfo: FRONTEND_OCS_INCLUDE_OCM_SHAREES, the OCS API is deprecated FRONTEND_OCS_LIST_OCM_SHARES: - name: OCIS_ENABLE_OCM;FRONTEND_OCS_LIST_OCM_SHARES + name: OC_ENABLE_OCM;FRONTEND_OCS_LIST_OCM_SHARES defaultValue: "true" type: bool description: Include OCM shares when listing shares. See the OCM service documentation @@ -3841,7 +3841,7 @@ FRONTEND_OCS_PREFIX: removalVersion: '%%NEXT_PRODUCTION_VERSION%%' deprecationInfo: The OCS API is deprecated FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD: - name: OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD + name: OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD defaultValue: "true" type: bool description: Set this to true if you want to enforce passwords on all public shares. @@ -3852,7 +3852,7 @@ FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD: | | FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated | FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD: - name: OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD + name: OC_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD defaultValue: "false" type: bool description: Set this to true if you want to enforce passwords for writable shares. @@ -3875,7 +3875,7 @@ FRONTEND_OCS_SHARE_PREFIX: removalVersion: '%%NEXT_PRODUCTION_VERSION%%' deprecationInfo: The OCS API is deprecated FRONTEND_OCS_STAT_CACHE_AUTH_PASSWORD: - name: OCIS_CACHE_AUTH_PASSWORD;FRONTEND_OCS_STAT_CACHE_AUTH_PASSWORD + name: OC_CACHE_AUTH_PASSWORD;FRONTEND_OCS_STAT_CACHE_AUTH_PASSWORD defaultValue: "" type: string description: The password to use for authentication. Only applies when using the @@ -3885,7 +3885,7 @@ FRONTEND_OCS_STAT_CACHE_AUTH_PASSWORD: removalVersion: '%%NEXT_PRODUCTION_VERSION%%' deprecationInfo: FRONTEND_OCS_STAT_CACHE_AUTH_PASSWORD, the OCS API is deprecated FRONTEND_OCS_STAT_CACHE_AUTH_USERNAME: - name: OCIS_CACHE_AUTH_USERNAME;FRONTEND_OCS_STAT_CACHE_AUTH_USERNAME + name: OC_CACHE_AUTH_USERNAME;FRONTEND_OCS_STAT_CACHE_AUTH_USERNAME defaultValue: "" type: string description: The username to use for authentication. Only applies when using the @@ -3895,7 +3895,7 @@ FRONTEND_OCS_STAT_CACHE_AUTH_USERNAME: removalVersion: '%%NEXT_PRODUCTION_VERSION%%' deprecationInfo: FRONTEND_OCS_STAT_CACHE_AUTH_USERNAME, the OCS API is deprecated FRONTEND_OCS_STAT_CACHE_DISABLE_PERSISTENCE: - name: OCIS_CACHE_DISABLE_PERSISTENCE;FRONTEND_OCS_STAT_CACHE_DISABLE_PERSISTENCE + name: OC_CACHE_DISABLE_PERSISTENCE;FRONTEND_OCS_STAT_CACHE_DISABLE_PERSISTENCE defaultValue: "false" type: bool description: Disable persistence of the cache. Only applies when using the 'nats-js-kv' @@ -3905,7 +3905,7 @@ FRONTEND_OCS_STAT_CACHE_DISABLE_PERSISTENCE: removalVersion: '%%NEXT_PRODUCTION_VERSION%%' deprecationInfo: FRONTEND_OCS_STAT_CACHE_DISABLE_PERSISTENCE, the OCS API is deprecated FRONTEND_OCS_STAT_CACHE_STORE: - name: OCIS_CACHE_STORE;FRONTEND_OCS_STAT_CACHE_STORE + name: OC_CACHE_STORE;FRONTEND_OCS_STAT_CACHE_STORE defaultValue: memory type: string description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'', @@ -3915,7 +3915,7 @@ FRONTEND_OCS_STAT_CACHE_STORE: removalVersion: '%%NEXT_PRODUCTION_VERSION%%' deprecationInfo: FRONTEND_OCS_STAT_CACHE_STORE, the OCS API is deprecated FRONTEND_OCS_STAT_CACHE_STORE_NODES: - name: OCIS_CACHE_STORE_NODES;FRONTEND_OCS_STAT_CACHE_STORE_NODES + name: OC_CACHE_STORE_NODES;FRONTEND_OCS_STAT_CACHE_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. This has no effect @@ -3936,7 +3936,7 @@ FRONTEND_OCS_STAT_CACHE_TABLE: removalVersion: '%%NEXT_PRODUCTION_VERSION%%' deprecationInfo: The OCS API is deprecated FRONTEND_OCS_STAT_CACHE_TTL: - name: OCIS_CACHE_TTL;FRONTEND_OCS_STAT_CACHE_TTL + name: OC_CACHE_TTL;FRONTEND_OCS_STAT_CACHE_TTL defaultValue: 5m0s type: Duration description: Default time to live for user info in the cache. Only applied when @@ -3947,7 +3947,7 @@ FRONTEND_OCS_STAT_CACHE_TTL: removalVersion: '%%NEXT_PRODUCTION_VERSION%%' deprecationInfo: FRONTEND_OCS_STAT_CACHE_TTL, the OCS API is deprecated FRONTEND_PASSWORD_POLICY_BANNED_PASSWORDS_LIST: - name: OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST;FRONTEND_PASSWORD_POLICY_BANNED_PASSWORDS_LIST + name: OC_PASSWORD_POLICY_BANNED_PASSWORDS_LIST;FRONTEND_PASSWORD_POLICY_BANNED_PASSWORDS_LIST defaultValue: "" type: string description: Path to the 'banned passwords list' file. This only impacts public @@ -3957,7 +3957,7 @@ FRONTEND_PASSWORD_POLICY_BANNED_PASSWORDS_LIST: removalVersion: "" deprecationInfo: "" FRONTEND_PASSWORD_POLICY_DISABLED: - name: OCIS_PASSWORD_POLICY_DISABLED;FRONTEND_PASSWORD_POLICY_DISABLED + name: OC_PASSWORD_POLICY_DISABLED;FRONTEND_PASSWORD_POLICY_DISABLED defaultValue: "false" type: bool description: Disable the password policy. Defaults to false if not set. @@ -3966,7 +3966,7 @@ FRONTEND_PASSWORD_POLICY_DISABLED: removalVersion: "" deprecationInfo: "" FRONTEND_PASSWORD_POLICY_MIN_CHARACTERS: - name: OCIS_PASSWORD_POLICY_MIN_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_CHARACTERS + name: OC_PASSWORD_POLICY_MIN_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_CHARACTERS defaultValue: "8" type: int description: Define the minimum password length. Defaults to 8 if not set. @@ -3975,7 +3975,7 @@ FRONTEND_PASSWORD_POLICY_MIN_CHARACTERS: removalVersion: "" deprecationInfo: "" FRONTEND_PASSWORD_POLICY_MIN_DIGITS: - name: OCIS_PASSWORD_POLICY_MIN_DIGITS;FRONTEND_PASSWORD_POLICY_MIN_DIGITS + name: OC_PASSWORD_POLICY_MIN_DIGITS;FRONTEND_PASSWORD_POLICY_MIN_DIGITS defaultValue: "1" type: int description: Define the minimum number of digits. Defaults to 1 if not set. @@ -3984,7 +3984,7 @@ FRONTEND_PASSWORD_POLICY_MIN_DIGITS: removalVersion: "" deprecationInfo: "" FRONTEND_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS: - name: OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS + name: OC_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS defaultValue: "1" type: int description: Define the minimum number of uppercase letters. Defaults to 1 if not @@ -3994,7 +3994,7 @@ FRONTEND_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS: removalVersion: "" deprecationInfo: "" FRONTEND_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS: - name: OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS + name: OC_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS defaultValue: "1" type: int description: Define the minimum number of characters from the special characters @@ -4004,7 +4004,7 @@ FRONTEND_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS: removalVersion: "" deprecationInfo: "" FRONTEND_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS: - name: OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS + name: OC_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS defaultValue: "1" type: int description: Define the minimum number of lowercase letters. Defaults to 1 if not @@ -4014,7 +4014,7 @@ FRONTEND_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS: removalVersion: "" deprecationInfo: "" FRONTEND_PUBLIC_URL: - name: OCIS_URL;FRONTEND_PUBLIC_URL + name: OC_URL;FRONTEND_PUBLIC_URL defaultValue: https://localhost:9200 type: string description: The public facing URL of the oCIS frontend. @@ -4047,7 +4047,7 @@ FRONTEND_SEARCH_MIN_LENGTH: removalVersion: "" deprecationInfo: "" FRONTEND_SERVICE_ACCOUNT_ID: - name: OCIS_SERVICE_ACCOUNT_ID;FRONTEND_SERVICE_ACCOUNT_ID + name: OC_SERVICE_ACCOUNT_ID;FRONTEND_SERVICE_ACCOUNT_ID defaultValue: "" type: string description: The ID of the service account the service should use. See the 'auth-service' @@ -4057,7 +4057,7 @@ FRONTEND_SERVICE_ACCOUNT_ID: removalVersion: "" deprecationInfo: "" FRONTEND_SERVICE_ACCOUNT_SECRET: - name: OCIS_SERVICE_ACCOUNT_SECRET;FRONTEND_SERVICE_ACCOUNT_SECRET + name: OC_SERVICE_ACCOUNT_SECRET;FRONTEND_SERVICE_ACCOUNT_SECRET defaultValue: "" type: string description: The service account secret. @@ -4076,7 +4076,7 @@ FRONTEND_SKIP_USER_GROUPS_IN_TOKEN: removalVersion: "" deprecationInfo: "" FRONTEND_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;FRONTEND_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;FRONTEND_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -4086,7 +4086,7 @@ FRONTEND_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" FRONTEND_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;FRONTEND_TRACING_ENABLED + name: OC_TRACING_ENABLED;FRONTEND_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -4095,7 +4095,7 @@ FRONTEND_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" FRONTEND_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;FRONTEND_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;FRONTEND_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -4104,7 +4104,7 @@ FRONTEND_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" FRONTEND_TRACING_TYPE: - name: OCIS_TRACING_TYPE;FRONTEND_TRACING_TYPE + name: OC_TRACING_TYPE;FRONTEND_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -4202,7 +4202,7 @@ GATEWAY_COMMIT_SHARE_TO_STORAGE_GRANT: removalVersion: "" deprecationInfo: "" GATEWAY_CREATE_HOME_CACHE_AUTH_PASSWORD: - name: OCIS_CACHE_AUTH_PASSWORD;GATEWAY_CREATE_HOME_CACHE_AUTH_PASSWORD + name: OC_CACHE_AUTH_PASSWORD;GATEWAY_CREATE_HOME_CACHE_AUTH_PASSWORD defaultValue: "" type: string description: The password to use for authentication. Only applies when store type @@ -4212,7 +4212,7 @@ GATEWAY_CREATE_HOME_CACHE_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" GATEWAY_CREATE_HOME_CACHE_AUTH_USERNAME: - name: OCIS_CACHE_AUTH_USERNAME;GATEWAY_CREATE_HOME_CACHE_AUTH_USERNAME + name: OC_CACHE_AUTH_USERNAME;GATEWAY_CREATE_HOME_CACHE_AUTH_USERNAME defaultValue: "" type: string description: The username to use for authentication. Only applies when store type @@ -4222,7 +4222,7 @@ GATEWAY_CREATE_HOME_CACHE_AUTH_USERNAME: removalVersion: "" deprecationInfo: "" GATEWAY_CREATE_HOME_CACHE_DISABLE_PERSISTENCE: - name: OCIS_CACHE_DISABLE_PERSISTENCE;GATEWAY_CREATE_HOME_CACHE_DISABLE_PERSISTENCE + name: OC_CACHE_DISABLE_PERSISTENCE;GATEWAY_CREATE_HOME_CACHE_DISABLE_PERSISTENCE defaultValue: "false" type: bool description: Disables persistence of the create home cache. Only applies when store @@ -4232,7 +4232,7 @@ GATEWAY_CREATE_HOME_CACHE_DISABLE_PERSISTENCE: removalVersion: "" deprecationInfo: "" GATEWAY_CREATE_HOME_CACHE_STORE: - name: OCIS_CACHE_STORE;GATEWAY_CREATE_HOME_CACHE_STORE + name: OC_CACHE_STORE;GATEWAY_CREATE_HOME_CACHE_STORE defaultValue: memory type: string description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'', @@ -4242,7 +4242,7 @@ GATEWAY_CREATE_HOME_CACHE_STORE: removalVersion: "" deprecationInfo: "" GATEWAY_CREATE_HOME_CACHE_STORE_NODES: - name: OCIS_CACHE_STORE_NODES;GATEWAY_CREATE_HOME_CACHE_STORE_NODES + name: OC_CACHE_STORE_NODES;GATEWAY_CREATE_HOME_CACHE_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. This has no effect @@ -4254,7 +4254,7 @@ GATEWAY_CREATE_HOME_CACHE_STORE_NODES: removalVersion: "" deprecationInfo: "" GATEWAY_CREATE_HOME_CACHE_TTL: - name: OCIS_CACHE_TTL;GATEWAY_CREATE_HOME_CACHE_TTL + name: OC_CACHE_TTL;GATEWAY_CREATE_HOME_CACHE_TTL defaultValue: 5m0s type: Duration description: Default time to live for user info in the cache. Only applied when @@ -4312,7 +4312,7 @@ GATEWAY_DISABLE_HOME_CREATION_ON_LOGIN: removalVersion: "" deprecationInfo: "" GATEWAY_FRONTEND_PUBLIC_URL: - name: OCIS_URL;GATEWAY_FRONTEND_PUBLIC_URL + name: OC_URL;GATEWAY_FRONTEND_PUBLIC_URL defaultValue: https://localhost:9200 type: string description: The public facing URL of the oCIS frontend. @@ -4331,7 +4331,7 @@ GATEWAY_GROUPS_ENDPOINT: removalVersion: "" deprecationInfo: "" GATEWAY_GRPC_ADDR: - name: OCIS_GATEWAY_GRPC_ADDR;GATEWAY_GRPC_ADDR + name: OC_GATEWAY_GRPC_ADDR;GATEWAY_GRPC_ADDR defaultValue: 127.0.0.1:9142 type: string description: The bind address of the GRPC service. @@ -4340,7 +4340,7 @@ GATEWAY_GRPC_ADDR: removalVersion: "" deprecationInfo: "" GATEWAY_GRPC_PROTOCOL: - name: OCIS_GRPC_PROTOCOL;GATEWAY_GRPC_PROTOCOL + name: OC_GRPC_PROTOCOL;GATEWAY_GRPC_PROTOCOL defaultValue: tcp type: string description: The transport protocol of the GRPC service. @@ -4349,7 +4349,7 @@ GATEWAY_GRPC_PROTOCOL: removalVersion: "" deprecationInfo: "" GATEWAY_JWT_SECRET: - name: OCIS_JWT_SECRET;GATEWAY_JWT_SECRET + name: OC_JWT_SECRET;GATEWAY_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. @@ -4358,7 +4358,7 @@ GATEWAY_JWT_SECRET: removalVersion: "" deprecationInfo: "" GATEWAY_LOG_COLOR: - name: OCIS_LOG_COLOR;GATEWAY_LOG_COLOR + name: OC_LOG_COLOR;GATEWAY_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -4367,7 +4367,7 @@ GATEWAY_LOG_COLOR: removalVersion: "" deprecationInfo: "" GATEWAY_LOG_FILE: - name: OCIS_LOG_FILE;GATEWAY_LOG_FILE + name: OC_LOG_FILE;GATEWAY_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -4376,7 +4376,7 @@ GATEWAY_LOG_FILE: removalVersion: "" deprecationInfo: "" GATEWAY_LOG_LEVEL: - name: OCIS_LOG_LEVEL;GATEWAY_LOG_LEVEL + name: OC_LOG_LEVEL;GATEWAY_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -4386,7 +4386,7 @@ GATEWAY_LOG_LEVEL: removalVersion: "" deprecationInfo: "" GATEWAY_LOG_PRETTY: - name: OCIS_LOG_PRETTY;GATEWAY_LOG_PRETTY + name: OC_LOG_PRETTY;GATEWAY_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -4415,7 +4415,7 @@ GATEWAY_PERMISSIONS_ENDPOINT: removalVersion: "" deprecationInfo: "" GATEWAY_PROVIDER_CACHE_AUTH_PASSWORD: - name: OCIS_CACHE_AUTH_PASSWORD;GATEWAY_PROVIDER_CACHE_AUTH_PASSWORD + name: OC_CACHE_AUTH_PASSWORD;GATEWAY_PROVIDER_CACHE_AUTH_PASSWORD defaultValue: "" type: string description: The password to use for authentication. Only applies when store type @@ -4425,7 +4425,7 @@ GATEWAY_PROVIDER_CACHE_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" GATEWAY_PROVIDER_CACHE_AUTH_USERNAME: - name: OCIS_CACHE_AUTH_USERNAME;GATEWAY_PROVIDER_CACHE_AUTH_USERNAME + name: OC_CACHE_AUTH_USERNAME;GATEWAY_PROVIDER_CACHE_AUTH_USERNAME defaultValue: "" type: string description: The username to use for authentication. Only applies when store type @@ -4435,7 +4435,7 @@ GATEWAY_PROVIDER_CACHE_AUTH_USERNAME: removalVersion: "" deprecationInfo: "" GATEWAY_PROVIDER_CACHE_DISABLE_PERSISTENCE: - name: OCIS_CACHE_DISABLE_PERSISTENCE;GATEWAY_PROVIDER_CACHE_DISABLE_PERSISTENCE + name: OC_CACHE_DISABLE_PERSISTENCE;GATEWAY_PROVIDER_CACHE_DISABLE_PERSISTENCE defaultValue: "false" type: bool description: Disables persistence of the provider cache. Only applies when store @@ -4445,7 +4445,7 @@ GATEWAY_PROVIDER_CACHE_DISABLE_PERSISTENCE: removalVersion: "" deprecationInfo: "" GATEWAY_PROVIDER_CACHE_STORE: - name: OCIS_CACHE_STORE;GATEWAY_PROVIDER_CACHE_STORE + name: OC_CACHE_STORE;GATEWAY_PROVIDER_CACHE_STORE defaultValue: noop type: string description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'', @@ -4455,7 +4455,7 @@ GATEWAY_PROVIDER_CACHE_STORE: removalVersion: "" deprecationInfo: "" GATEWAY_PROVIDER_CACHE_STORE_NODES: - name: OCIS_CACHE_STORE_NODES;GATEWAY_PROVIDER_CACHE_STORE_NODES + name: OC_CACHE_STORE_NODES;GATEWAY_PROVIDER_CACHE_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. This has no effect @@ -4467,7 +4467,7 @@ GATEWAY_PROVIDER_CACHE_STORE_NODES: removalVersion: "" deprecationInfo: "" GATEWAY_PROVIDER_CACHE_TTL: - name: OCIS_CACHE_TTL;GATEWAY_PROVIDER_CACHE_TTL + name: OC_CACHE_TTL;GATEWAY_PROVIDER_CACHE_TTL defaultValue: 5m0s type: Duration description: Default time to live for user info in the cache. Only applied when @@ -4576,7 +4576,7 @@ GATEWAY_STORAGE_USERS_MOUNT_ID: removalVersion: "" deprecationInfo: "" GATEWAY_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;GATEWAY_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;GATEWAY_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -4586,7 +4586,7 @@ GATEWAY_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" GATEWAY_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;GATEWAY_TRACING_ENABLED + name: OC_TRACING_ENABLED;GATEWAY_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -4595,7 +4595,7 @@ GATEWAY_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" GATEWAY_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;GATEWAY_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;GATEWAY_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -4604,7 +4604,7 @@ GATEWAY_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" GATEWAY_TRACING_TYPE: - name: OCIS_TRACING_TYPE;GATEWAY_TRACING_TYPE + name: OC_TRACING_TYPE;GATEWAY_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -4675,7 +4675,7 @@ GRAPH_AVAILABLE_ROLES: removalVersion: "" deprecationInfo: "" GRAPH_CACHE_AUTH_PASSWORD: - name: OCIS_CACHE_AUTH_PASSWORD;GRAPH_CACHE_AUTH_PASSWORD + name: OC_CACHE_AUTH_PASSWORD;GRAPH_CACHE_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the cache. Only applies when store @@ -4685,7 +4685,7 @@ GRAPH_CACHE_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" GRAPH_CACHE_AUTH_USERNAME: - name: OCIS_CACHE_AUTH_USERNAME;GRAPH_CACHE_AUTH_USERNAME + name: OC_CACHE_AUTH_USERNAME;GRAPH_CACHE_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the cache. Only applies when store @@ -4695,7 +4695,7 @@ GRAPH_CACHE_AUTH_USERNAME: removalVersion: "" deprecationInfo: "" GRAPH_CACHE_DISABLE_PERSISTENCE: - name: OCIS_CACHE_DISABLE_PERSISTENCE;GRAPH_CACHE_DISABLE_PERSISTENCE + name: OC_CACHE_DISABLE_PERSISTENCE;GRAPH_CACHE_DISABLE_PERSISTENCE defaultValue: "false" type: bool description: Disables persistence of the cache. Only applies when store type 'nats-js-kv' @@ -4705,7 +4705,7 @@ GRAPH_CACHE_DISABLE_PERSISTENCE: removalVersion: "" deprecationInfo: "" GRAPH_CACHE_STORE: - name: OCIS_CACHE_STORE;GRAPH_CACHE_STORE + name: OC_CACHE_STORE;GRAPH_CACHE_STORE defaultValue: memory type: string description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'', @@ -4724,7 +4724,7 @@ GRAPH_CACHE_STORE_DATABASE: removalVersion: "" deprecationInfo: "" GRAPH_CACHE_STORE_NODES: - name: OCIS_CACHE_STORE_NODES;GRAPH_CACHE_STORE_NODES + name: OC_CACHE_STORE_NODES;GRAPH_CACHE_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. This has no effect @@ -4745,7 +4745,7 @@ GRAPH_CACHE_STORE_TABLE: removalVersion: "" deprecationInfo: "" GRAPH_CACHE_TTL: - name: OCIS_CACHE_TTL;GRAPH_CACHE_TTL + name: OC_CACHE_TTL;GRAPH_CACHE_TTL defaultValue: 336h0m0s type: Duration description: Time to live for cache records in the graph. Defaults to '336h' (2 @@ -4755,7 +4755,7 @@ GRAPH_CACHE_TTL: removalVersion: "" deprecationInfo: "" GRAPH_CORS_ALLOW_CREDENTIALS: - name: OCIS_CORS_ALLOW_CREDENTIALS;GRAPH_CORS_ALLOW_CREDENTIALS + name: OC_CORS_ALLOW_CREDENTIALS;GRAPH_CORS_ALLOW_CREDENTIALS defaultValue: "true" type: bool description: 'Allow credentials for CORS.See following chapter for more details: @@ -4765,7 +4765,7 @@ GRAPH_CORS_ALLOW_CREDENTIALS: removalVersion: "" deprecationInfo: "" GRAPH_CORS_ALLOW_HEADERS: - name: OCIS_CORS_ALLOW_HEADERS;GRAPH_CORS_ALLOW_HEADERS + name: OC_CORS_ALLOW_HEADERS;GRAPH_CORS_ALLOW_HEADERS defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id Purge Restore]' type: '[]string' @@ -4777,7 +4777,7 @@ GRAPH_CORS_ALLOW_HEADERS: removalVersion: "" deprecationInfo: "" GRAPH_CORS_ALLOW_METHODS: - name: OCIS_CORS_ALLOW_METHODS;GRAPH_CORS_ALLOW_METHODS + name: OC_CORS_ALLOW_METHODS;GRAPH_CORS_ALLOW_METHODS defaultValue: '[GET POST PUT PATCH DELETE OPTIONS]' type: '[]string' description: 'A list of allowed CORS methods. See following chapter for more details: @@ -4788,7 +4788,7 @@ GRAPH_CORS_ALLOW_METHODS: removalVersion: "" deprecationInfo: "" GRAPH_CORS_ALLOW_ORIGINS: - name: OCIS_CORS_ALLOW_ORIGINS;GRAPH_CORS_ALLOW_ORIGINS + name: OC_CORS_ALLOW_ORIGINS;GRAPH_CORS_ALLOW_ORIGINS defaultValue: '[*]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: @@ -4837,7 +4837,7 @@ GRAPH_DEBUG_ZPAGES: removalVersion: "" deprecationInfo: "" GRAPH_DISABLE_USER_MECHANISM: - name: OCIS_LDAP_DISABLE_USER_MECHANISM;GRAPH_DISABLE_USER_MECHANISM + name: OC_LDAP_DISABLE_USER_MECHANISM;GRAPH_DISABLE_USER_MECHANISM defaultValue: attribute type: string description: An option to control the behavior for disabling users. Supported options @@ -4850,7 +4850,7 @@ GRAPH_DISABLE_USER_MECHANISM: removalVersion: "" deprecationInfo: "" GRAPH_DISABLED_USERS_GROUP_DN: - name: OCIS_LDAP_DISABLED_USERS_GROUP_DN;GRAPH_DISABLED_USERS_GROUP_DN + name: OC_LDAP_DISABLED_USERS_GROUP_DN;GRAPH_DISABLED_USERS_GROUP_DN defaultValue: cn=DisabledUsersGroup,ou=groups,o=libregraph-idm type: string description: The distinguished name of the group to which added users will be classified @@ -4860,7 +4860,7 @@ GRAPH_DISABLED_USERS_GROUP_DN: removalVersion: "" deprecationInfo: "" GRAPH_EVENTS_AUTH_PASSWORD: - name: OCIS_EVENTS_AUTH_PASSWORD;GRAPH_EVENTS_AUTH_PASSWORD + name: OC_EVENTS_AUTH_PASSWORD;GRAPH_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the events broker. The events broker @@ -4870,7 +4870,7 @@ GRAPH_EVENTS_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" GRAPH_EVENTS_AUTH_USERNAME: - name: OCIS_EVENTS_AUTH_USERNAME;GRAPH_EVENTS_AUTH_USERNAME + name: OC_EVENTS_AUTH_USERNAME;GRAPH_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the events broker. The events broker @@ -4880,7 +4880,7 @@ GRAPH_EVENTS_AUTH_USERNAME: removalVersion: "" deprecationInfo: "" GRAPH_EVENTS_CLUSTER: - name: OCIS_EVENTS_CLUSTER;GRAPH_EVENTS_CLUSTER + name: OC_EVENTS_CLUSTER;GRAPH_EVENTS_CLUSTER defaultValue: ocis-cluster type: string description: The clusterID of the event system. The event system is the message @@ -4890,7 +4890,7 @@ GRAPH_EVENTS_CLUSTER: removalVersion: "" deprecationInfo: "" GRAPH_EVENTS_ENABLE_TLS: - name: OCIS_EVENTS_ENABLE_TLS;GRAPH_EVENTS_ENABLE_TLS + name: OC_EVENTS_ENABLE_TLS;GRAPH_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker @@ -4900,7 +4900,7 @@ GRAPH_EVENTS_ENABLE_TLS: removalVersion: "" deprecationInfo: "" GRAPH_EVENTS_ENDPOINT: - name: OCIS_EVENTS_ENDPOINT;GRAPH_EVENTS_ENDPOINT + name: OC_EVENTS_ENDPOINT;GRAPH_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing @@ -4911,7 +4911,7 @@ GRAPH_EVENTS_ENDPOINT: removalVersion: "" deprecationInfo: "" GRAPH_EVENTS_TLS_INSECURE: - name: OCIS_INSECURE;GRAPH_EVENTS_TLS_INSECURE + name: OC_INSECURE;GRAPH_EVENTS_TLS_INSECURE defaultValue: "false" type: bool description: Whether to verify the server TLS certificates. @@ -4920,7 +4920,7 @@ GRAPH_EVENTS_TLS_INSECURE: removalVersion: "" deprecationInfo: "" GRAPH_EVENTS_TLS_ROOT_CA_CERTIFICATE: - name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;GRAPH_EVENTS_TLS_ROOT_CA_CERTIFICATE + name: OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;GRAPH_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. @@ -4987,7 +4987,7 @@ GRAPH_IDENTITY_SEARCH_MIN_LENGTH: removalVersion: "" deprecationInfo: "" GRAPH_INCLUDE_OCM_SHAREES: - name: OCIS_ENABLE_OCM;GRAPH_INCLUDE_OCM_SHAREES + name: OC_ENABLE_OCM;GRAPH_INCLUDE_OCM_SHAREES defaultValue: "false" type: bool description: Include OCM sharees when listing users. @@ -4996,7 +4996,7 @@ GRAPH_INCLUDE_OCM_SHAREES: removalVersion: "" deprecationInfo: "" GRAPH_JWT_SECRET: - name: OCIS_JWT_SECRET;GRAPH_JWT_SECRET + name: OC_JWT_SECRET;GRAPH_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. @@ -5005,7 +5005,7 @@ GRAPH_JWT_SECRET: removalVersion: "" deprecationInfo: "" GRAPH_KEYCLOAK_BASE_PATH: - name: OCIS_KEYCLOAK_BASE_PATH;GRAPH_KEYCLOAK_BASE_PATH + name: OC_KEYCLOAK_BASE_PATH;GRAPH_KEYCLOAK_BASE_PATH defaultValue: "" type: string description: The URL to access keycloak. @@ -5014,7 +5014,7 @@ GRAPH_KEYCLOAK_BASE_PATH: removalVersion: "" deprecationInfo: "" GRAPH_KEYCLOAK_CLIENT_ID: - name: OCIS_KEYCLOAK_CLIENT_ID;GRAPH_KEYCLOAK_CLIENT_ID + name: OC_KEYCLOAK_CLIENT_ID;GRAPH_KEYCLOAK_CLIENT_ID defaultValue: "" type: string description: The client id to authenticate with keycloak. @@ -5023,7 +5023,7 @@ GRAPH_KEYCLOAK_CLIENT_ID: removalVersion: "" deprecationInfo: "" GRAPH_KEYCLOAK_CLIENT_REALM: - name: OCIS_KEYCLOAK_CLIENT_REALM;GRAPH_KEYCLOAK_CLIENT_REALM + name: OC_KEYCLOAK_CLIENT_REALM;GRAPH_KEYCLOAK_CLIENT_REALM defaultValue: "" type: string description: The realm the client is defined in. @@ -5032,7 +5032,7 @@ GRAPH_KEYCLOAK_CLIENT_REALM: removalVersion: "" deprecationInfo: "" GRAPH_KEYCLOAK_CLIENT_SECRET: - name: OCIS_KEYCLOAK_CLIENT_SECRET;GRAPH_KEYCLOAK_CLIENT_SECRET + name: OC_KEYCLOAK_CLIENT_SECRET;GRAPH_KEYCLOAK_CLIENT_SECRET defaultValue: "" type: string description: The client secret to use in authentication. @@ -5041,7 +5041,7 @@ GRAPH_KEYCLOAK_CLIENT_SECRET: removalVersion: "" deprecationInfo: "" GRAPH_KEYCLOAK_INSECURE_SKIP_VERIFY: - name: OCIS_KEYCLOAK_INSECURE_SKIP_VERIFY;GRAPH_KEYCLOAK_INSECURE_SKIP_VERIFY + name: OC_KEYCLOAK_INSECURE_SKIP_VERIFY;GRAPH_KEYCLOAK_INSECURE_SKIP_VERIFY defaultValue: "false" type: bool description: Disable TLS certificate validation for Keycloak connections. Do not @@ -5051,7 +5051,7 @@ GRAPH_KEYCLOAK_INSECURE_SKIP_VERIFY: removalVersion: "" deprecationInfo: "" GRAPH_KEYCLOAK_USER_REALM: - name: OCIS_KEYCLOAK_USER_REALM;GRAPH_KEYCLOAK_USER_REALM + name: OC_KEYCLOAK_USER_REALM;GRAPH_KEYCLOAK_USER_REALM defaultValue: "" type: string description: The realm users are defined. @@ -5060,7 +5060,7 @@ GRAPH_KEYCLOAK_USER_REALM: removalVersion: "" deprecationInfo: "" GRAPH_LDAP_BIND_DN: - name: OCIS_LDAP_BIND_DN;GRAPH_LDAP_BIND_DN + name: OC_LDAP_BIND_DN;GRAPH_LDAP_BIND_DN defaultValue: uid=libregraph,ou=sysusers,o=libregraph-idm type: string description: LDAP DN to use for simple bind authentication with the target LDAP @@ -5070,7 +5070,7 @@ GRAPH_LDAP_BIND_DN: removalVersion: "" deprecationInfo: "" GRAPH_LDAP_BIND_PASSWORD: - name: OCIS_LDAP_BIND_PASSWORD;GRAPH_LDAP_BIND_PASSWORD + name: OC_LDAP_BIND_PASSWORD;GRAPH_LDAP_BIND_PASSWORD defaultValue: "" type: string description: Password to use for authenticating the 'bind_dn'. @@ -5079,12 +5079,12 @@ GRAPH_LDAP_BIND_PASSWORD: removalVersion: "" deprecationInfo: "" GRAPH_LDAP_CACERT: - name: OCIS_LDAP_CACERT;GRAPH_LDAP_CACERT + name: OC_LDAP_CACERT;GRAPH_LDAP_CACERT defaultValue: /var/lib/ocis/idm/ldap.crt type: string description: Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root - directory derives from $OCIS_BASE_DATA_PATH/idm. + directory derives from $OC_BASE_DATA_PATH/idm. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -5099,7 +5099,7 @@ GRAPH_LDAP_EDUCATION_RESOURCES_ENABLED: removalVersion: "" deprecationInfo: "" GRAPH_LDAP_GROUP_BASE_DN: - name: OCIS_LDAP_GROUP_BASE_DN;GRAPH_LDAP_GROUP_BASE_DN + name: OC_LDAP_GROUP_BASE_DN;GRAPH_LDAP_GROUP_BASE_DN defaultValue: ou=groups,o=libregraph-idm type: string description: Search base DN for looking up LDAP groups. @@ -5120,7 +5120,7 @@ GRAPH_LDAP_GROUP_CREATE_BASE_DN: removalVersion: "" deprecationInfo: "" GRAPH_LDAP_GROUP_FILTER: - name: OCIS_LDAP_GROUP_FILTER;GRAPH_LDAP_GROUP_FILTER + name: OC_LDAP_GROUP_FILTER;GRAPH_LDAP_GROUP_FILTER defaultValue: "" type: string description: LDAP filter to add to the default filters for group searches. @@ -5129,7 +5129,7 @@ GRAPH_LDAP_GROUP_FILTER: removalVersion: "" deprecationInfo: "" GRAPH_LDAP_GROUP_ID_ATTRIBUTE: - name: OCIS_LDAP_GROUP_SCHEMA_ID;GRAPH_LDAP_GROUP_ID_ATTRIBUTE + name: OC_LDAP_GROUP_SCHEMA_ID;GRAPH_LDAP_GROUP_ID_ATTRIBUTE defaultValue: owncloudUUID type: string description: LDAP Attribute to use as the unique id for groups. This should be a @@ -5139,7 +5139,7 @@ GRAPH_LDAP_GROUP_ID_ATTRIBUTE: removalVersion: "" deprecationInfo: "" GRAPH_LDAP_GROUP_MEMBER_ATTRIBUTE: - name: OCIS_LDAP_GROUP_SCHEMA_MEMBER;GRAPH_LDAP_GROUP_MEMBER_ATTRIBUTE + name: OC_LDAP_GROUP_SCHEMA_MEMBER;GRAPH_LDAP_GROUP_MEMBER_ATTRIBUTE defaultValue: member type: string description: LDAP Attribute that is used for group members. @@ -5148,7 +5148,7 @@ GRAPH_LDAP_GROUP_MEMBER_ATTRIBUTE: removalVersion: "" deprecationInfo: "" GRAPH_LDAP_GROUP_NAME_ATTRIBUTE: - name: OCIS_LDAP_GROUP_SCHEMA_GROUPNAME;GRAPH_LDAP_GROUP_NAME_ATTRIBUTE + name: OC_LDAP_GROUP_SCHEMA_GROUPNAME;GRAPH_LDAP_GROUP_NAME_ATTRIBUTE defaultValue: cn type: string description: LDAP Attribute to use for the name of groups. @@ -5157,7 +5157,7 @@ GRAPH_LDAP_GROUP_NAME_ATTRIBUTE: removalVersion: "" deprecationInfo: "" GRAPH_LDAP_GROUP_OBJECTCLASS: - name: OCIS_LDAP_GROUP_OBJECTCLASS;GRAPH_LDAP_GROUP_OBJECTCLASS + name: OC_LDAP_GROUP_OBJECTCLASS;GRAPH_LDAP_GROUP_OBJECTCLASS defaultValue: groupOfNames type: string description: The object class to use for groups in the default group search filter @@ -5167,7 +5167,7 @@ GRAPH_LDAP_GROUP_OBJECTCLASS: removalVersion: "" deprecationInfo: "" GRAPH_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING: - name: OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;GRAPH_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING + name: OC_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;GRAPH_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING defaultValue: "false" type: bool description: Set this to true if the defined 'ID' attribute for groups is of the @@ -5178,7 +5178,7 @@ GRAPH_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING: removalVersion: "" deprecationInfo: "" GRAPH_LDAP_GROUP_SEARCH_SCOPE: - name: OCIS_LDAP_GROUP_SCOPE;GRAPH_LDAP_GROUP_SEARCH_SCOPE + name: OC_LDAP_GROUP_SCOPE;GRAPH_LDAP_GROUP_SEARCH_SCOPE defaultValue: sub type: string description: LDAP search scope to use when looking up groups. Supported scopes are @@ -5188,7 +5188,7 @@ GRAPH_LDAP_GROUP_SEARCH_SCOPE: removalVersion: "" deprecationInfo: "" GRAPH_LDAP_INSECURE: - name: OCIS_LDAP_INSECURE;GRAPH_LDAP_INSECURE + name: OC_LDAP_INSECURE;GRAPH_LDAP_INSECURE defaultValue: "false" type: bool description: Disable TLS certificate validation for the LDAP connections. Do not @@ -5302,19 +5302,19 @@ GRAPH_LDAP_SERVER_UUID: removalVersion: "" deprecationInfo: "" GRAPH_LDAP_SERVER_WRITE_ENABLED: - name: OCIS_LDAP_SERVER_WRITE_ENABLED;GRAPH_LDAP_SERVER_WRITE_ENABLED + name: OC_LDAP_SERVER_WRITE_ENABLED;GRAPH_LDAP_SERVER_WRITE_ENABLED defaultValue: "true" type: bool description: Allow creating, modifying and deleting LDAP users via the GRAPH API. This can only be set to 'true' when keeping default settings for the LDAP user - and group attribute types (the 'OCIS_LDAP_USER_SCHEMA_* and 'OCIS_LDAP_GROUP_SCHEMA_* + and group attribute types (the 'OC_LDAP_USER_SCHEMA_* and 'OC_LDAP_GROUP_SCHEMA_* variables). introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_URI: - name: OCIS_LDAP_URI;GRAPH_LDAP_URI + name: OC_LDAP_URI;GRAPH_LDAP_URI defaultValue: ldaps://localhost:9235 type: string description: URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' @@ -5324,7 +5324,7 @@ GRAPH_LDAP_URI: removalVersion: "" deprecationInfo: "" GRAPH_LDAP_USER_BASE_DN: - name: OCIS_LDAP_USER_BASE_DN;GRAPH_LDAP_USER_BASE_DN + name: OC_LDAP_USER_BASE_DN;GRAPH_LDAP_USER_BASE_DN defaultValue: ou=users,o=libregraph-idm type: string description: Search base DN for looking up LDAP users. @@ -5333,7 +5333,7 @@ GRAPH_LDAP_USER_BASE_DN: removalVersion: "" deprecationInfo: "" GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE: - name: OCIS_LDAP_USER_SCHEMA_DISPLAYNAME;LDAP_USER_SCHEMA_DISPLAY_NAME;GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE + name: OC_LDAP_USER_SCHEMA_DISPLAYNAME;LDAP_USER_SCHEMA_DISPLAY_NAME;GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE defaultValue: displayName type: string description: LDAP Attribute to use for the display name of users. @@ -5344,7 +5344,7 @@ GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE: LDAP_USER_SCHEMA_DISPLAY_NAME changing name for consistency | LDAP_USER_SCHEMA_DISPLAY_NAME changing name for consistency GRAPH_LDAP_USER_EMAIL_ATTRIBUTE: - name: OCIS_LDAP_USER_SCHEMA_MAIL;GRAPH_LDAP_USER_EMAIL_ATTRIBUTE + name: OC_LDAP_USER_SCHEMA_MAIL;GRAPH_LDAP_USER_EMAIL_ATTRIBUTE defaultValue: mail type: string description: LDAP Attribute to use for the email address of users. @@ -5353,7 +5353,7 @@ GRAPH_LDAP_USER_EMAIL_ATTRIBUTE: removalVersion: "" deprecationInfo: "" GRAPH_LDAP_USER_FILTER: - name: OCIS_LDAP_USER_FILTER;GRAPH_LDAP_USER_FILTER + name: OC_LDAP_USER_FILTER;GRAPH_LDAP_USER_FILTER defaultValue: "" type: string description: LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'. @@ -5362,7 +5362,7 @@ GRAPH_LDAP_USER_FILTER: removalVersion: "" deprecationInfo: "" GRAPH_LDAP_USER_NAME_ATTRIBUTE: - name: OCIS_LDAP_USER_SCHEMA_USERNAME;GRAPH_LDAP_USER_NAME_ATTRIBUTE + name: OC_LDAP_USER_SCHEMA_USERNAME;GRAPH_LDAP_USER_NAME_ATTRIBUTE defaultValue: uid type: string description: LDAP Attribute to use for username of users. @@ -5371,7 +5371,7 @@ GRAPH_LDAP_USER_NAME_ATTRIBUTE: removalVersion: "" deprecationInfo: "" GRAPH_LDAP_USER_OBJECTCLASS: - name: OCIS_LDAP_USER_OBJECTCLASS;GRAPH_LDAP_USER_OBJECTCLASS + name: OC_LDAP_USER_OBJECTCLASS;GRAPH_LDAP_USER_OBJECTCLASS defaultValue: inetOrgPerson type: string description: The object class to use for users in the default user search filter @@ -5381,7 +5381,7 @@ GRAPH_LDAP_USER_OBJECTCLASS: removalVersion: "" deprecationInfo: "" GRAPH_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING: - name: OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;GRAPH_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING + name: OC_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;GRAPH_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING defaultValue: "false" type: bool description: Set this to true if the defined 'ID' attribute for users is of the @@ -5392,7 +5392,7 @@ GRAPH_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING: removalVersion: "" deprecationInfo: "" GRAPH_LDAP_USER_SCOPE: - name: OCIS_LDAP_USER_SCOPE;GRAPH_LDAP_USER_SCOPE + name: OC_LDAP_USER_SCOPE;GRAPH_LDAP_USER_SCOPE defaultValue: sub type: string description: LDAP search scope to use when looking up users. Supported scopes are @@ -5402,7 +5402,7 @@ GRAPH_LDAP_USER_SCOPE: removalVersion: "" deprecationInfo: "" GRAPH_LDAP_USER_TYPE_ATTRIBUTE: - name: OCIS_LDAP_USER_SCHEMA_USER_TYPE;GRAPH_LDAP_USER_TYPE_ATTRIBUTE + name: OC_LDAP_USER_SCHEMA_USER_TYPE;GRAPH_LDAP_USER_TYPE_ATTRIBUTE defaultValue: ownCloudUserType type: string description: LDAP Attribute to distinguish between 'Member' and 'Guest' users. Default @@ -5412,7 +5412,7 @@ GRAPH_LDAP_USER_TYPE_ATTRIBUTE: removalVersion: "" deprecationInfo: "" GRAPH_LDAP_USER_UID_ATTRIBUTE: - name: OCIS_LDAP_USER_SCHEMA_ID;GRAPH_LDAP_USER_UID_ATTRIBUTE + name: OC_LDAP_USER_SCHEMA_ID;GRAPH_LDAP_USER_UID_ATTRIBUTE defaultValue: owncloudUUID type: string description: LDAP Attribute to use as the unique ID for users. This should be a @@ -5422,7 +5422,7 @@ GRAPH_LDAP_USER_UID_ATTRIBUTE: removalVersion: "" deprecationInfo: "" GRAPH_LOG_COLOR: - name: OCIS_LOG_COLOR;GRAPH_LOG_COLOR + name: OC_LOG_COLOR;GRAPH_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -5431,7 +5431,7 @@ GRAPH_LOG_COLOR: removalVersion: "" deprecationInfo: "" GRAPH_LOG_FILE: - name: OCIS_LOG_FILE;GRAPH_LOG_FILE + name: OC_LOG_FILE;GRAPH_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -5440,7 +5440,7 @@ GRAPH_LOG_FILE: removalVersion: "" deprecationInfo: "" GRAPH_LOG_LEVEL: - name: OCIS_LOG_LEVEL;GRAPH_LOG_LEVEL + name: OC_LOG_LEVEL;GRAPH_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -5450,7 +5450,7 @@ GRAPH_LOG_LEVEL: removalVersion: "" deprecationInfo: "" GRAPH_LOG_PRETTY: - name: OCIS_LOG_PRETTY;GRAPH_LOG_PRETTY + name: OC_LOG_PRETTY;GRAPH_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -5459,7 +5459,7 @@ GRAPH_LOG_PRETTY: removalVersion: "" deprecationInfo: "" GRAPH_MAX_CONCURRENCY: - name: OCIS_MAX_CONCURRENCY;GRAPH_MAX_CONCURRENCY + name: OC_MAX_CONCURRENCY;GRAPH_MAX_CONCURRENCY defaultValue: "20" type: int description: The maximum number of concurrent requests the service will handle. @@ -5468,7 +5468,7 @@ GRAPH_MAX_CONCURRENCY: removalVersion: "" deprecationInfo: "" GRAPH_SERVICE_ACCOUNT_ID: - name: OCIS_SERVICE_ACCOUNT_ID;GRAPH_SERVICE_ACCOUNT_ID + name: OC_SERVICE_ACCOUNT_ID;GRAPH_SERVICE_ACCOUNT_ID defaultValue: "" type: string description: The ID of the service account the service should use. See the 'auth-service' @@ -5478,7 +5478,7 @@ GRAPH_SERVICE_ACCOUNT_ID: removalVersion: "" deprecationInfo: "" GRAPH_SERVICE_ACCOUNT_SECRET: - name: OCIS_SERVICE_ACCOUNT_SECRET;GRAPH_SERVICE_ACCOUNT_SECRET + name: OC_SERVICE_ACCOUNT_SECRET;GRAPH_SERVICE_ACCOUNT_SECRET defaultValue: "" type: string description: The service account secret. @@ -5532,7 +5532,7 @@ GRAPH_SPACES_USERS_CACHE_TTL: removalVersion: "" deprecationInfo: "" GRAPH_SPACES_WEBDAV_BASE: - name: OCIS_URL;GRAPH_SPACES_WEBDAV_BASE + name: OC_URL;GRAPH_SPACES_WEBDAV_BASE defaultValue: https://localhost:9200 type: string description: The public facing URL of WebDAV. @@ -5550,7 +5550,7 @@ GRAPH_SPACES_WEBDAV_PATH: removalVersion: "" deprecationInfo: "" GRAPH_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;GRAPH_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;GRAPH_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -5560,7 +5560,7 @@ GRAPH_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" GRAPH_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;GRAPH_TRACING_ENABLED + name: OC_TRACING_ENABLED;GRAPH_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -5569,7 +5569,7 @@ GRAPH_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" GRAPH_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;GRAPH_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;GRAPH_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -5578,7 +5578,7 @@ GRAPH_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" GRAPH_TRACING_TYPE: - name: OCIS_TRACING_TYPE;GRAPH_TRACING_TYPE + name: OC_TRACING_TYPE;GRAPH_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -5588,7 +5588,7 @@ GRAPH_TRACING_TYPE: removalVersion: "" deprecationInfo: "" GRAPH_TRANSLATION_PATH: - name: OCIS_TRANSLATION_PATH;GRAPH_TRANSLATION_PATH + name: OC_TRANSLATION_PATH;GRAPH_TRANSLATION_PATH defaultValue: "" type: string description: (optional) Set this to a path with custom translations to overwrite @@ -5599,7 +5599,7 @@ GRAPH_TRANSLATION_PATH: removalVersion: "" deprecationInfo: "" GRAPH_USER_ENABLED_ATTRIBUTE: - name: OCIS_LDAP_USER_ENABLED_ATTRIBUTE;GRAPH_USER_ENABLED_ATTRIBUTE + name: OC_LDAP_USER_ENABLED_ATTRIBUTE;GRAPH_USER_ENABLED_ATTRIBUTE defaultValue: ownCloudUserEnabled type: string description: LDAP Attribute to use as a flag telling if the user is enabled or disabled. @@ -5677,7 +5677,7 @@ GROUPS_GRPC_ADDR: removalVersion: "" deprecationInfo: "" GROUPS_GRPC_PROTOCOL: - name: OCIS_GRPC_PROTOCOL;GROUPS_GRPC_PROTOCOL + name: OC_GRPC_PROTOCOL;GROUPS_GRPC_PROTOCOL defaultValue: tcp type: string description: The transport protocol of the GRPC service. @@ -5686,7 +5686,7 @@ GROUPS_GRPC_PROTOCOL: removalVersion: "" deprecationInfo: "" GROUPS_IDP_URL: - name: OCIS_URL;OCIS_OIDC_ISSUER;GROUPS_IDP_URL + name: OC_URL;OC_OIDC_ISSUER;GROUPS_IDP_URL defaultValue: https://localhost:9200 type: string description: The identity provider value to set in the group IDs of the CS3 group @@ -5696,7 +5696,7 @@ GROUPS_IDP_URL: removalVersion: "" deprecationInfo: "" GROUPS_JWT_SECRET: - name: OCIS_JWT_SECRET;GROUPS_JWT_SECRET + name: OC_JWT_SECRET;GROUPS_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. @@ -5705,7 +5705,7 @@ GROUPS_JWT_SECRET: removalVersion: "" deprecationInfo: "" GROUPS_LDAP_BIND_DN: - name: OCIS_LDAP_BIND_DN;GROUPS_LDAP_BIND_DN + name: OC_LDAP_BIND_DN;GROUPS_LDAP_BIND_DN defaultValue: uid=reva,ou=sysusers,o=libregraph-idm type: string description: LDAP DN to use for simple bind authentication with the target LDAP @@ -5715,7 +5715,7 @@ GROUPS_LDAP_BIND_DN: removalVersion: "" deprecationInfo: "" GROUPS_LDAP_BIND_PASSWORD: - name: OCIS_LDAP_BIND_PASSWORD;GROUPS_LDAP_BIND_PASSWORD + name: OC_LDAP_BIND_PASSWORD;GROUPS_LDAP_BIND_PASSWORD defaultValue: "" type: string description: Password to use for authenticating the 'bind_dn'. @@ -5724,18 +5724,18 @@ GROUPS_LDAP_BIND_PASSWORD: removalVersion: "" deprecationInfo: "" GROUPS_LDAP_CACERT: - name: OCIS_LDAP_CACERT;GROUPS_LDAP_CACERT + name: OC_LDAP_CACERT;GROUPS_LDAP_CACERT defaultValue: /var/lib/ocis/idm/ldap.crt type: string description: Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root - directory derives from $OCIS_BASE_DATA_PATH/idm. + directory derives from $OC_BASE_DATA_PATH/idm. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_LDAP_GROUP_BASE_DN: - name: OCIS_LDAP_GROUP_BASE_DN;GROUPS_LDAP_GROUP_BASE_DN + name: OC_LDAP_GROUP_BASE_DN;GROUPS_LDAP_GROUP_BASE_DN defaultValue: ou=groups,o=libregraph-idm type: string description: Search base DN for looking up LDAP groups. @@ -5744,7 +5744,7 @@ GROUPS_LDAP_GROUP_BASE_DN: removalVersion: "" deprecationInfo: "" GROUPS_LDAP_GROUP_FILTER: - name: OCIS_LDAP_GROUP_FILTER;GROUPS_LDAP_GROUP_FILTER + name: OC_LDAP_GROUP_FILTER;GROUPS_LDAP_GROUP_FILTER defaultValue: "" type: string description: LDAP filter to add to the default filters for group searches. @@ -5753,7 +5753,7 @@ GROUPS_LDAP_GROUP_FILTER: removalVersion: "" deprecationInfo: "" GROUPS_LDAP_GROUP_OBJECTCLASS: - name: OCIS_LDAP_GROUP_OBJECTCLASS;GROUPS_LDAP_GROUP_OBJECTCLASS + name: OC_LDAP_GROUP_OBJECTCLASS;GROUPS_LDAP_GROUP_OBJECTCLASS defaultValue: groupOfNames type: string description: The object class to use for groups in the default group search filter @@ -5763,7 +5763,7 @@ GROUPS_LDAP_GROUP_OBJECTCLASS: removalVersion: "" deprecationInfo: "" GROUPS_LDAP_GROUP_SCHEMA_DISPLAYNAME: - name: OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME;GROUPS_LDAP_GROUP_SCHEMA_DISPLAYNAME + name: OC_LDAP_GROUP_SCHEMA_DISPLAYNAME;GROUPS_LDAP_GROUP_SCHEMA_DISPLAYNAME defaultValue: cn type: string description: LDAP Attribute to use for the displayname of groups (often the same @@ -5773,7 +5773,7 @@ GROUPS_LDAP_GROUP_SCHEMA_DISPLAYNAME: removalVersion: "" deprecationInfo: "" GROUPS_LDAP_GROUP_SCHEMA_GROUPNAME: - name: OCIS_LDAP_GROUP_SCHEMA_GROUPNAME;GROUPS_LDAP_GROUP_SCHEMA_GROUPNAME + name: OC_LDAP_GROUP_SCHEMA_GROUPNAME;GROUPS_LDAP_GROUP_SCHEMA_GROUPNAME defaultValue: cn type: string description: LDAP Attribute to use for the name of groups. @@ -5782,7 +5782,7 @@ GROUPS_LDAP_GROUP_SCHEMA_GROUPNAME: removalVersion: "" deprecationInfo: "" GROUPS_LDAP_GROUP_SCHEMA_ID: - name: OCIS_LDAP_GROUP_SCHEMA_ID;GROUPS_LDAP_GROUP_SCHEMA_ID + name: OC_LDAP_GROUP_SCHEMA_ID;GROUPS_LDAP_GROUP_SCHEMA_ID defaultValue: ownclouduuid type: string description: LDAP Attribute to use as the unique id for groups. This should be a @@ -5792,7 +5792,7 @@ GROUPS_LDAP_GROUP_SCHEMA_ID: removalVersion: "" deprecationInfo: "" GROUPS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING: - name: OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;GROUPS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING + name: OC_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;GROUPS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING defaultValue: "false" type: bool description: Set this to true if the defined 'id' attribute for groups is of the @@ -5803,7 +5803,7 @@ GROUPS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING: removalVersion: "" deprecationInfo: "" GROUPS_LDAP_GROUP_SCHEMA_MAIL: - name: OCIS_LDAP_GROUP_SCHEMA_MAIL;GROUPS_LDAP_GROUP_SCHEMA_MAIL + name: OC_LDAP_GROUP_SCHEMA_MAIL;GROUPS_LDAP_GROUP_SCHEMA_MAIL defaultValue: mail type: string description: LDAP Attribute to use for the email address of groups (can be empty). @@ -5812,7 +5812,7 @@ GROUPS_LDAP_GROUP_SCHEMA_MAIL: removalVersion: "" deprecationInfo: "" GROUPS_LDAP_GROUP_SCHEMA_MEMBER: - name: OCIS_LDAP_GROUP_SCHEMA_MEMBER;GROUPS_LDAP_GROUP_SCHEMA_MEMBER + name: OC_LDAP_GROUP_SCHEMA_MEMBER;GROUPS_LDAP_GROUP_SCHEMA_MEMBER defaultValue: member type: string description: LDAP Attribute that is used for group members. @@ -5821,7 +5821,7 @@ GROUPS_LDAP_GROUP_SCHEMA_MEMBER: removalVersion: "" deprecationInfo: "" GROUPS_LDAP_GROUP_SCOPE: - name: OCIS_LDAP_GROUP_SCOPE;GROUPS_LDAP_GROUP_SCOPE + name: OC_LDAP_GROUP_SCOPE;GROUPS_LDAP_GROUP_SCOPE defaultValue: sub type: string description: LDAP search scope to use when looking up groups. Supported scopes are @@ -5843,7 +5843,7 @@ GROUPS_LDAP_GROUP_SUBSTRING_FILTER_TYPE: removalVersion: "" deprecationInfo: "" GROUPS_LDAP_INSECURE: - name: OCIS_LDAP_INSECURE;GROUPS_LDAP_INSECURE + name: OC_LDAP_INSECURE;GROUPS_LDAP_INSECURE defaultValue: "false" type: bool description: Disable TLS certificate validation for the LDAP connections. Do not @@ -5853,7 +5853,7 @@ GROUPS_LDAP_INSECURE: removalVersion: "" deprecationInfo: "" GROUPS_LDAP_URI: - name: OCIS_LDAP_URI;GROUPS_LDAP_URI + name: OC_LDAP_URI;GROUPS_LDAP_URI defaultValue: ldaps://localhost:9235 type: string description: URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' @@ -5863,7 +5863,7 @@ GROUPS_LDAP_URI: removalVersion: "" deprecationInfo: "" GROUPS_LDAP_USER_BASE_DN: - name: OCIS_LDAP_USER_BASE_DN;GROUPS_LDAP_USER_BASE_DN + name: OC_LDAP_USER_BASE_DN;GROUPS_LDAP_USER_BASE_DN defaultValue: ou=users,o=libregraph-idm type: string description: Search base DN for looking up LDAP users. @@ -5872,7 +5872,7 @@ GROUPS_LDAP_USER_BASE_DN: removalVersion: "" deprecationInfo: "" GROUPS_LDAP_USER_FILTER: - name: OCIS_LDAP_USER_FILTER;GROUPS_LDAP_USER_FILTER + name: OC_LDAP_USER_FILTER;GROUPS_LDAP_USER_FILTER defaultValue: "" type: string description: LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'. @@ -5881,7 +5881,7 @@ GROUPS_LDAP_USER_FILTER: removalVersion: "" deprecationInfo: "" GROUPS_LDAP_USER_OBJECTCLASS: - name: OCIS_LDAP_USER_OBJECTCLASS;GROUPS_LDAP_USER_OBJECTCLASS + name: OC_LDAP_USER_OBJECTCLASS;GROUPS_LDAP_USER_OBJECTCLASS defaultValue: inetOrgPerson type: string description: The object class to use for users in the default user search filter @@ -5891,7 +5891,7 @@ GROUPS_LDAP_USER_OBJECTCLASS: removalVersion: "" deprecationInfo: "" GROUPS_LDAP_USER_SCHEMA_DISPLAYNAME: - name: OCIS_LDAP_USER_SCHEMA_DISPLAYNAME;GROUPS_LDAP_USER_SCHEMA_DISPLAYNAME + name: OC_LDAP_USER_SCHEMA_DISPLAYNAME;GROUPS_LDAP_USER_SCHEMA_DISPLAYNAME defaultValue: displayname type: string description: LDAP Attribute to use for the displayname of users. @@ -5900,7 +5900,7 @@ GROUPS_LDAP_USER_SCHEMA_DISPLAYNAME: removalVersion: "" deprecationInfo: "" GROUPS_LDAP_USER_SCHEMA_ID: - name: OCIS_LDAP_USER_SCHEMA_ID;GROUPS_LDAP_USER_SCHEMA_ID + name: OC_LDAP_USER_SCHEMA_ID;GROUPS_LDAP_USER_SCHEMA_ID defaultValue: ownclouduuid type: string description: LDAP Attribute to use as the unique id for users. This should be a @@ -5910,7 +5910,7 @@ GROUPS_LDAP_USER_SCHEMA_ID: removalVersion: "" deprecationInfo: "" GROUPS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING: - name: OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;GROUPS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING + name: OC_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;GROUPS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING defaultValue: "false" type: bool description: Set this to true if the defined 'ID' attribute for users is of the @@ -5921,7 +5921,7 @@ GROUPS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING: removalVersion: "" deprecationInfo: "" GROUPS_LDAP_USER_SCHEMA_MAIL: - name: OCIS_LDAP_USER_SCHEMA_MAIL;GROUPS_LDAP_USER_SCHEMA_MAIL + name: OC_LDAP_USER_SCHEMA_MAIL;GROUPS_LDAP_USER_SCHEMA_MAIL defaultValue: mail type: string description: LDAP Attribute to use for the email address of users. @@ -5930,7 +5930,7 @@ GROUPS_LDAP_USER_SCHEMA_MAIL: removalVersion: "" deprecationInfo: "" GROUPS_LDAP_USER_SCHEMA_USERNAME: - name: OCIS_LDAP_USER_SCHEMA_USERNAME;GROUPS_LDAP_USER_SCHEMA_USERNAME + name: OC_LDAP_USER_SCHEMA_USERNAME;GROUPS_LDAP_USER_SCHEMA_USERNAME defaultValue: uid type: string description: LDAP Attribute to use for username of users. @@ -5939,7 +5939,7 @@ GROUPS_LDAP_USER_SCHEMA_USERNAME: removalVersion: "" deprecationInfo: "" GROUPS_LDAP_USER_SCOPE: - name: OCIS_LDAP_USER_SCOPE;GROUPS_LDAP_USER_SCOPE + name: OC_LDAP_USER_SCOPE;GROUPS_LDAP_USER_SCOPE defaultValue: sub type: string description: LDAP search scope to use when looking up users. Supported scopes are @@ -5949,7 +5949,7 @@ GROUPS_LDAP_USER_SCOPE: removalVersion: "" deprecationInfo: "" GROUPS_LOG_COLOR: - name: OCIS_LOG_COLOR;GROUPS_LOG_COLOR + name: OC_LOG_COLOR;GROUPS_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -5958,7 +5958,7 @@ GROUPS_LOG_COLOR: removalVersion: "" deprecationInfo: "" GROUPS_LOG_FILE: - name: OCIS_LOG_FILE;GROUPS_LOG_FILE + name: OC_LOG_FILE;GROUPS_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -5967,7 +5967,7 @@ GROUPS_LOG_FILE: removalVersion: "" deprecationInfo: "" GROUPS_LOG_LEVEL: - name: OCIS_LOG_LEVEL;GROUPS_LOG_LEVEL + name: OC_LOG_LEVEL;GROUPS_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -5977,7 +5977,7 @@ GROUPS_LOG_LEVEL: removalVersion: "" deprecationInfo: "" GROUPS_LOG_PRETTY: - name: OCIS_LOG_PRETTY;GROUPS_LOG_PRETTY + name: OC_LOG_PRETTY;GROUPS_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -6088,7 +6088,7 @@ GROUPS_SKIP_USER_GROUPS_IN_TOKEN: removalVersion: "" deprecationInfo: "" GROUPS_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;GROUPS_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;GROUPS_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -6098,7 +6098,7 @@ GROUPS_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" GROUPS_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;GROUPS_TRACING_ENABLED + name: OC_TRACING_ENABLED;GROUPS_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -6107,7 +6107,7 @@ GROUPS_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" GROUPS_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;GROUPS_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;GROUPS_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -6116,7 +6116,7 @@ GROUPS_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" GROUPS_TRACING_TYPE: - name: OCIS_TRACING_TYPE;GROUPS_TRACING_TYPE + name: OC_TRACING_TYPE;GROUPS_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -6136,7 +6136,7 @@ IDM_ADMIN_PASSWORD: removalVersion: "" deprecationInfo: "" IDM_ADMIN_USER_ID: - name: OCIS_ADMIN_USER_ID;IDM_ADMIN_USER_ID + name: OC_ADMIN_USER_ID;IDM_ADMIN_USER_ID defaultValue: "" type: string description: ID of the user that should receive admin privileges. Consider that @@ -6160,7 +6160,7 @@ IDM_DATABASE_PATH: defaultValue: /var/lib/ocis/idm/ocis.boltdb type: string description: Full path to the IDM backend database. If not defined, the root directory - derives from $OCIS_BASE_DATA_PATH/idm. + derives from $OC_BASE_DATA_PATH/idm. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -6227,7 +6227,7 @@ IDM_LDAPS_CERT: defaultValue: /var/lib/ocis/idm/ldap.crt type: string description: File name of the TLS server certificate for the LDAPS listener. If - not defined, the root directory derives from $OCIS_BASE_DATA_PATH/idm. + not defined, the root directory derives from $OC_BASE_DATA_PATH/idm. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -6237,13 +6237,13 @@ IDM_LDAPS_KEY: defaultValue: /var/lib/ocis/idm/ldap.key type: string description: File name for the TLS certificate key for the server certificate. If - not defined, the root directory derives from $OCIS_BASE_DATA_PATH/idm. + not defined, the root directory derives from $OC_BASE_DATA_PATH/idm. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDM_LOG_COLOR: - name: OCIS_LOG_COLOR;IDM_LOG_COLOR + name: OC_LOG_COLOR;IDM_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -6252,7 +6252,7 @@ IDM_LOG_COLOR: removalVersion: "" deprecationInfo: "" IDM_LOG_FILE: - name: OCIS_LOG_FILE;IDM_LOG_FILE + name: OC_LOG_FILE;IDM_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -6261,7 +6261,7 @@ IDM_LOG_FILE: removalVersion: "" deprecationInfo: "" IDM_LOG_LEVEL: - name: OCIS_LOG_LEVEL;IDM_LOG_LEVEL + name: OC_LOG_LEVEL;IDM_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -6271,7 +6271,7 @@ IDM_LOG_LEVEL: removalVersion: "" deprecationInfo: "" IDM_LOG_PRETTY: - name: OCIS_LOG_PRETTY;IDM_LOG_PRETTY + name: OC_LOG_PRETTY;IDM_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -6300,7 +6300,7 @@ IDM_SVC_PASSWORD: removalVersion: "" deprecationInfo: "" IDM_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;IDM_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;IDM_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -6310,7 +6310,7 @@ IDM_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" IDM_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;IDM_TRACING_ENABLED + name: OC_TRACING_ENABLED;IDM_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -6319,7 +6319,7 @@ IDM_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" IDM_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;IDM_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;IDM_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -6328,7 +6328,7 @@ IDM_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" IDM_TRACING_TYPE: - name: OCIS_TRACING_TYPE;IDM_TRACING_TYPE + name: OC_TRACING_TYPE;IDM_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -6428,7 +6428,7 @@ IDP_ENCRYPTION_SECRET_FILE: type: string description: Path to the encryption secret file, if unset, a new certificate will be autogenerated upon each restart, thus invalidating all existing sessions. If - not defined, the root directory derives from $OCIS_BASE_DATA_PATH/idp. + not defined, the root directory derives from $OC_BASE_DATA_PATH/idp. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -6480,7 +6480,7 @@ IDP_IDENTITY_MANAGER: removalVersion: "" deprecationInfo: "" IDP_INSECURE: - name: OCIS_LDAP_INSECURE;IDP_INSECURE + name: OC_LDAP_INSECURE;IDP_INSECURE defaultValue: "false" type: bool description: Disable TLS certificate validation for the LDAP connections. Do not @@ -6490,7 +6490,7 @@ IDP_INSECURE: removalVersion: "" deprecationInfo: "" IDP_ISS: - name: OCIS_URL;OCIS_OIDC_ISSUER;IDP_ISS + name: OC_URL;OC_OIDC_ISSUER;IDP_ISS defaultValue: https://localhost:9200 type: string description: The OIDC issuer URL to use. @@ -6499,7 +6499,7 @@ IDP_ISS: removalVersion: "" deprecationInfo: "" IDP_LDAP_BASE_DN: - name: OCIS_LDAP_USER_BASE_DN;IDP_LDAP_BASE_DN + name: OC_LDAP_USER_BASE_DN;IDP_LDAP_BASE_DN defaultValue: ou=users,o=libregraph-idm type: string description: Search base DN for looking up LDAP users. @@ -6508,7 +6508,7 @@ IDP_LDAP_BASE_DN: removalVersion: "" deprecationInfo: "" IDP_LDAP_BIND_DN: - name: OCIS_LDAP_BIND_DN;IDP_LDAP_BIND_DN + name: OC_LDAP_BIND_DN;IDP_LDAP_BIND_DN defaultValue: uid=idp,ou=sysusers,o=libregraph-idm type: string description: LDAP DN to use for simple bind authentication with the target LDAP @@ -6518,7 +6518,7 @@ IDP_LDAP_BIND_DN: removalVersion: "" deprecationInfo: "" IDP_LDAP_BIND_PASSWORD: - name: OCIS_LDAP_BIND_PASSWORD;IDP_LDAP_BIND_PASSWORD + name: OC_LDAP_BIND_PASSWORD;IDP_LDAP_BIND_PASSWORD defaultValue: "" type: string description: Password to use for authenticating the 'bind_dn'. @@ -6527,7 +6527,7 @@ IDP_LDAP_BIND_PASSWORD: removalVersion: "" deprecationInfo: "" IDP_LDAP_EMAIL_ATTRIBUTE: - name: OCIS_LDAP_USER_SCHEMA_MAIL;IDP_LDAP_EMAIL_ATTRIBUTE + name: OC_LDAP_USER_SCHEMA_MAIL;IDP_LDAP_EMAIL_ATTRIBUTE defaultValue: mail type: string description: LDAP User email attribute like 'mail'. @@ -6536,7 +6536,7 @@ IDP_LDAP_EMAIL_ATTRIBUTE: removalVersion: "" deprecationInfo: "" IDP_LDAP_FILTER: - name: OCIS_LDAP_USER_FILTER;IDP_LDAP_FILTER + name: OC_LDAP_USER_FILTER;IDP_LDAP_FILTER defaultValue: "" type: string description: LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'. @@ -6554,7 +6554,7 @@ IDP_LDAP_LOGIN_ATTRIBUTE: removalVersion: "" deprecationInfo: "" IDP_LDAP_NAME_ATTRIBUTE: - name: OCIS_LDAP_USER_SCHEMA_USERNAME;IDP_LDAP_NAME_ATTRIBUTE + name: OC_LDAP_USER_SCHEMA_USERNAME;IDP_LDAP_NAME_ATTRIBUTE defaultValue: displayName type: string description: LDAP User name attribute like 'displayName'. @@ -6563,7 +6563,7 @@ IDP_LDAP_NAME_ATTRIBUTE: removalVersion: "" deprecationInfo: "" IDP_LDAP_OBJECTCLASS: - name: OCIS_LDAP_USER_OBJECTCLASS;IDP_LDAP_OBJECTCLASS + name: OC_LDAP_USER_OBJECTCLASS;IDP_LDAP_OBJECTCLASS defaultValue: inetOrgPerson type: string description: LDAP User ObjectClass like 'inetOrgPerson'. @@ -6572,7 +6572,7 @@ IDP_LDAP_OBJECTCLASS: removalVersion: "" deprecationInfo: "" IDP_LDAP_SCOPE: - name: OCIS_LDAP_USER_SCOPE;IDP_LDAP_SCOPE + name: OC_LDAP_USER_SCOPE;IDP_LDAP_SCOPE defaultValue: sub type: string description: LDAP search scope to use when looking up users. Supported scopes are @@ -6582,18 +6582,18 @@ IDP_LDAP_SCOPE: removalVersion: "" deprecationInfo: "" IDP_LDAP_TLS_CACERT: - name: OCIS_LDAP_CACERT;IDP_LDAP_TLS_CACERT + name: OC_LDAP_CACERT;IDP_LDAP_TLS_CACERT defaultValue: /var/lib/ocis/idm/ldap.crt type: string description: Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root - directory derives from $OCIS_BASE_DATA_PATH/idp. + directory derives from $OC_BASE_DATA_PATH/idp. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_LDAP_URI: - name: OCIS_LDAP_URI;IDP_LDAP_URI + name: OC_LDAP_URI;IDP_LDAP_URI defaultValue: ldaps://localhost:9235 type: string description: Url of the LDAP service to use as IDP. @@ -6602,7 +6602,7 @@ IDP_LDAP_URI: removalVersion: "" deprecationInfo: "" IDP_LDAP_UUID_ATTRIBUTE: - name: OCIS_LDAP_USER_SCHEMA_ID;IDP_LDAP_UUID_ATTRIBUTE + name: OC_LDAP_USER_SCHEMA_ID;IDP_LDAP_UUID_ATTRIBUTE defaultValue: ownCloudUUID type: string description: LDAP User UUID attribute like 'uid'. @@ -6620,7 +6620,7 @@ IDP_LDAP_UUID_ATTRIBUTE_TYPE: removalVersion: "" deprecationInfo: "" IDP_LOG_COLOR: - name: OCIS_LOG_COLOR;IDP_LOG_COLOR + name: OC_LOG_COLOR;IDP_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -6629,7 +6629,7 @@ IDP_LOG_COLOR: removalVersion: "" deprecationInfo: "" IDP_LOG_FILE: - name: OCIS_LOG_FILE;IDP_LOG_FILE + name: OC_LOG_FILE;IDP_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -6638,7 +6638,7 @@ IDP_LOG_FILE: removalVersion: "" deprecationInfo: "" IDP_LOG_LEVEL: - name: OCIS_LOG_LEVEL;IDP_LOG_LEVEL + name: OC_LOG_LEVEL;IDP_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -6648,7 +6648,7 @@ IDP_LOG_LEVEL: removalVersion: "" deprecationInfo: "" IDP_LOG_PRETTY: - name: OCIS_LOG_PRETTY;IDP_LOG_PRETTY + name: OC_LOG_PRETTY;IDP_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -6667,7 +6667,7 @@ IDP_LOGIN_BACKGROUND_URL: removalVersion: "" deprecationInfo: "" IDP_MACHINE_AUTH_API_KEY: - name: OCIS_MACHINE_AUTH_API_KEY;IDP_MACHINE_AUTH_API_KEY + name: OC_MACHINE_AUTH_API_KEY;IDP_MACHINE_AUTH_API_KEY defaultValue: "" type: string description: Machine auth API key used to validate internal requests necessary for @@ -6737,7 +6737,7 @@ IDP_SIGNING_PRIVATE_KEY_FILES: defaultValue: '[/var/lib/ocis/idp/private-key.pem]' type: '[]string' description: A list of private key files for signing IDP requests. If not defined, - the root directory derives from $OCIS_BASE_DATA_PATH/idp. See the Environment + the root directory derives from $OC_BASE_DATA_PATH/idp. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" @@ -6755,7 +6755,7 @@ IDP_TLS: removalVersion: "" deprecationInfo: "" IDP_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;IDP_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;IDP_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -6765,7 +6765,7 @@ IDP_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" IDP_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;IDP_TRACING_ENABLED + name: OC_TRACING_ENABLED;IDP_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -6774,7 +6774,7 @@ IDP_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" IDP_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;IDP_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;IDP_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -6783,7 +6783,7 @@ IDP_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" IDP_TRACING_TYPE: - name: OCIS_TRACING_TYPE;IDP_TRACING_TYPE + name: OC_TRACING_TYPE;IDP_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -6797,7 +6797,7 @@ IDP_TRANSPORT_TLS_CERT: defaultValue: /var/lib/ocis/idp/server.crt type: string description: Path/File name of the TLS server certificate (in PEM format) for the - IDP service. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/idp. + IDP service. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idp. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -6808,7 +6808,7 @@ IDP_TRANSPORT_TLS_KEY: type: string description: Path/File name for the TLS certificate key (in PEM format) for the server certificate to use for the IDP service. If not defined, the root directory - derives from $OCIS_BASE_DATA_PATH/idp. + derives from $OC_BASE_DATA_PATH/idp. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -6823,7 +6823,7 @@ IDP_URI_BASE_PATH: removalVersion: "" deprecationInfo: "" IDP_USER_ENABLED_ATTRIBUTE: - name: OCIS_LDAP_USER_ENABLED_ATTRIBUTE;IDP_USER_ENABLED_ATTRIBUTE + name: OC_LDAP_USER_ENABLED_ATTRIBUTE;IDP_USER_ENABLED_ATTRIBUTE defaultValue: ownCloudUserEnabled type: string description: LDAP Attribute to use as a flag telling if the user is enabled or disabled. @@ -6841,7 +6841,7 @@ IDP_VALIDATION_KEYS_PATH: removalVersion: "" deprecationInfo: "" INVITATIONS_CORS_ALLOW_CREDENTIALS: - name: OCIS_CORS_ALLOW_CREDENTIALS;INVITATIONS_CORS_ALLOW_CREDENTIALS + name: OC_CORS_ALLOW_CREDENTIALS;INVITATIONS_CORS_ALLOW_CREDENTIALS defaultValue: "false" type: bool description: 'Allow credentials for CORS.See following chapter for more details: @@ -6851,7 +6851,7 @@ INVITATIONS_CORS_ALLOW_CREDENTIALS: removalVersion: "" deprecationInfo: "" INVITATIONS_CORS_ALLOW_HEADERS: - name: OCIS_CORS_ALLOW_HEADERS;INVITATIONS_CORS_ALLOW_HEADERS + name: OC_CORS_ALLOW_HEADERS;INVITATIONS_CORS_ALLOW_HEADERS defaultValue: '[]' type: '[]string' description: 'A list of allowed CORS headers. See following chapter for more details: @@ -6862,7 +6862,7 @@ INVITATIONS_CORS_ALLOW_HEADERS: removalVersion: "" deprecationInfo: "" INVITATIONS_CORS_ALLOW_METHODS: - name: OCIS_CORS_ALLOW_METHODS;INVITATIONS_CORS_ALLOW_METHODS + name: OC_CORS_ALLOW_METHODS;INVITATIONS_CORS_ALLOW_METHODS defaultValue: '[]' type: '[]string' description: 'A list of allowed CORS methods. See following chapter for more details: @@ -6873,7 +6873,7 @@ INVITATIONS_CORS_ALLOW_METHODS: removalVersion: "" deprecationInfo: "" INVITATIONS_CORS_ALLOW_ORIGINS: - name: OCIS_CORS_ALLOW_ORIGINS;INVITATIONS_CORS_ALLOW_ORIGINS + name: OC_CORS_ALLOW_ORIGINS;INVITATIONS_CORS_ALLOW_ORIGINS defaultValue: '[https://localhost:9200]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: @@ -6940,7 +6940,7 @@ INVITATIONS_HTTP_ROOT: removalVersion: "" deprecationInfo: "" INVITATIONS_JWT_SECRET: - name: OCIS_JWT_SECRET;INVITATIONS_JWT_SECRET + name: OC_JWT_SECRET;INVITATIONS_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. @@ -6949,7 +6949,7 @@ INVITATIONS_JWT_SECRET: removalVersion: "" deprecationInfo: "" INVITATIONS_KEYCLOAK_BASE_PATH: - name: OCIS_KEYCLOAK_BASE_PATH;INVITATIONS_KEYCLOAK_BASE_PATH + name: OC_KEYCLOAK_BASE_PATH;INVITATIONS_KEYCLOAK_BASE_PATH defaultValue: "" type: string description: The URL to access keycloak. @@ -6958,7 +6958,7 @@ INVITATIONS_KEYCLOAK_BASE_PATH: removalVersion: "" deprecationInfo: "" INVITATIONS_KEYCLOAK_CLIENT_ID: - name: OCIS_KEYCLOAK_CLIENT_ID;INVITATIONS_KEYCLOAK_CLIENT_ID + name: OC_KEYCLOAK_CLIENT_ID;INVITATIONS_KEYCLOAK_CLIENT_ID defaultValue: "" type: string description: The client ID to authenticate with keycloak. @@ -6967,7 +6967,7 @@ INVITATIONS_KEYCLOAK_CLIENT_ID: removalVersion: "" deprecationInfo: "" INVITATIONS_KEYCLOAK_CLIENT_REALM: - name: OCIS_KEYCLOAK_CLIENT_REALM;INVITATIONS_KEYCLOAK_CLIENT_REALM + name: OC_KEYCLOAK_CLIENT_REALM;INVITATIONS_KEYCLOAK_CLIENT_REALM defaultValue: "" type: string description: The realm the client is defined in. @@ -6976,7 +6976,7 @@ INVITATIONS_KEYCLOAK_CLIENT_REALM: removalVersion: "" deprecationInfo: "" INVITATIONS_KEYCLOAK_CLIENT_SECRET: - name: OCIS_KEYCLOAK_CLIENT_SECRET;INVITATIONS_KEYCLOAK_CLIENT_SECRET + name: OC_KEYCLOAK_CLIENT_SECRET;INVITATIONS_KEYCLOAK_CLIENT_SECRET defaultValue: "" type: string description: The client secret to use in authentication. @@ -6985,7 +6985,7 @@ INVITATIONS_KEYCLOAK_CLIENT_SECRET: removalVersion: "" deprecationInfo: "" INVITATIONS_KEYCLOAK_INSECURE_SKIP_VERIFY: - name: OCIS_KEYCLOAK_INSECURE_SKIP_VERIFY;INVITATIONS_KEYCLOAK_INSECURE_SKIP_VERIFY + name: OC_KEYCLOAK_INSECURE_SKIP_VERIFY;INVITATIONS_KEYCLOAK_INSECURE_SKIP_VERIFY defaultValue: "false" type: bool description: Disable TLS certificate validation for Keycloak connections. Do not @@ -6995,7 +6995,7 @@ INVITATIONS_KEYCLOAK_INSECURE_SKIP_VERIFY: removalVersion: "" deprecationInfo: "" INVITATIONS_KEYCLOAK_USER_REALM: - name: OCIS_KEYCLOAK_USER_REALM;INVITATIONS_KEYCLOAK_USER_REALM + name: OC_KEYCLOAK_USER_REALM;INVITATIONS_KEYCLOAK_USER_REALM defaultValue: "" type: string description: The realm users are defined. @@ -7004,7 +7004,7 @@ INVITATIONS_KEYCLOAK_USER_REALM: removalVersion: "" deprecationInfo: "" INVITATIONS_LOG_COLOR: - name: OCIS_LOG_COLOR;INVITATIONS_LOG_COLOR + name: OC_LOG_COLOR;INVITATIONS_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -7013,7 +7013,7 @@ INVITATIONS_LOG_COLOR: removalVersion: "" deprecationInfo: "" INVITATIONS_LOG_FILE: - name: OCIS_LOG_FILE;INVITATIONS_LOG_FILE + name: OC_LOG_FILE;INVITATIONS_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -7022,7 +7022,7 @@ INVITATIONS_LOG_FILE: removalVersion: "" deprecationInfo: "" INVITATIONS_LOG_LEVEL: - name: OCIS_LOG_LEVEL;INVITATIONS_LOG_LEVEL + name: OC_LOG_LEVEL;INVITATIONS_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -7032,7 +7032,7 @@ INVITATIONS_LOG_LEVEL: removalVersion: "" deprecationInfo: "" INVITATIONS_LOG_PRETTY: - name: OCIS_LOG_PRETTY;INVITATIONS_LOG_PRETTY + name: OC_LOG_PRETTY;INVITATIONS_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -7041,7 +7041,7 @@ INVITATIONS_LOG_PRETTY: removalVersion: "" deprecationInfo: "" INVITATIONS_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;INVITATIONS_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;INVITATIONS_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -7051,7 +7051,7 @@ INVITATIONS_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" INVITATIONS_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;INVITATIONS_TRACING_ENABLED + name: OC_TRACING_ENABLED;INVITATIONS_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -7060,7 +7060,7 @@ INVITATIONS_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" INVITATIONS_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;INVITATIONS_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;INVITATIONS_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -7069,7 +7069,7 @@ INVITATIONS_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" INVITATIONS_TRACING_TYPE: - name: OCIS_TRACING_TYPE;INVITATIONS_TRACING_TYPE + name: OC_TRACING_TYPE;INVITATIONS_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -7101,7 +7101,7 @@ LDAP_LOGIN_ATTRIBUTES: removalVersion: "" deprecationInfo: "" LDAP_USER_SCHEMA_DISPLAY_NAME: - name: OCIS_LDAP_USER_SCHEMA_DISPLAYNAME;LDAP_USER_SCHEMA_DISPLAY_NAME;GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE + name: OC_LDAP_USER_SCHEMA_DISPLAYNAME;LDAP_USER_SCHEMA_DISPLAY_NAME;GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE defaultValue: displayName type: string description: LDAP Attribute to use for the display name of users. @@ -7161,7 +7161,7 @@ NATS_DEBUG_ZPAGES: removalVersion: "" deprecationInfo: "" NATS_EVENTS_ENABLE_TLS: - name: OCIS_EVENTS_ENABLE_TLS;NATS_EVENTS_ENABLE_TLS + name: OC_EVENTS_ENABLE_TLS;NATS_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker @@ -7171,7 +7171,7 @@ NATS_EVENTS_ENABLE_TLS: removalVersion: "" deprecationInfo: "" NATS_LOG_COLOR: - name: OCIS_LOG_COLOR;NATS_LOG_COLOR + name: OC_LOG_COLOR;NATS_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -7180,7 +7180,7 @@ NATS_LOG_COLOR: removalVersion: "" deprecationInfo: "" NATS_LOG_FILE: - name: OCIS_LOG_FILE;NATS_LOG_FILE + name: OC_LOG_FILE;NATS_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -7189,7 +7189,7 @@ NATS_LOG_FILE: removalVersion: "" deprecationInfo: "" NATS_LOG_LEVEL: - name: OCIS_LOG_LEVEL;NATS_LOG_LEVEL + name: OC_LOG_LEVEL;NATS_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -7199,7 +7199,7 @@ NATS_LOG_LEVEL: removalVersion: "" deprecationInfo: "" NATS_LOG_PRETTY: - name: OCIS_LOG_PRETTY;NATS_LOG_PRETTY + name: OC_LOG_PRETTY;NATS_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -7239,7 +7239,7 @@ NATS_NATS_STORE_DIR: defaultValue: /var/lib/ocis/nats type: string description: The directory where the filesystem storage will store NATS JetStream - data. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/nats. + data. If not defined, the root directory derives from $OC_BASE_DATA_PATH/nats. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -7249,7 +7249,7 @@ NATS_TLS_CERT: defaultValue: /var/lib/ocis/nats/tls.crt type: string description: Path/File name of the TLS server certificate (in PEM format) for the - NATS listener. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/nats. + NATS listener. If not defined, the root directory derives from $OC_BASE_DATA_PATH/nats. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -7259,13 +7259,13 @@ NATS_TLS_KEY: defaultValue: /var/lib/ocis/nats/tls.key type: string description: Path/File name for the TLS certificate key (in PEM format) for the - NATS listener. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/nats. + NATS listener. If not defined, the root directory derives from $OC_BASE_DATA_PATH/nats. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NATS_TLS_SKIP_VERIFY_CLIENT_CERT: - name: OCIS_INSECURE;NATS_TLS_SKIP_VERIFY_CLIENT_CERT + name: OC_INSECURE;NATS_TLS_SKIP_VERIFY_CLIENT_CERT defaultValue: "false" type: bool description: Whether the NATS server should skip the client certificate verification @@ -7275,7 +7275,7 @@ NATS_TLS_SKIP_VERIFY_CLIENT_CERT: removalVersion: "" deprecationInfo: "" NATS_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;NATS_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;NATS_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -7285,7 +7285,7 @@ NATS_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" NATS_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;NATS_TRACING_ENABLED + name: OC_TRACING_ENABLED;NATS_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -7294,7 +7294,7 @@ NATS_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" NATS_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;NATS_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;NATS_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -7303,7 +7303,7 @@ NATS_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" NATS_TRACING_TYPE: - name: OCIS_TRACING_TYPE;NATS_TRACING_TYPE + name: OC_TRACING_TYPE;NATS_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -7351,7 +7351,7 @@ NOTIFICATIONS_DEBUG_ZPAGES: removalVersion: "" deprecationInfo: "" NOTIFICATIONS_EMAIL_TEMPLATE_PATH: - name: OCIS_EMAIL_TEMPLATE_PATH;NOTIFICATIONS_EMAIL_TEMPLATE_PATH + name: OC_EMAIL_TEMPLATE_PATH;NOTIFICATIONS_EMAIL_TEMPLATE_PATH defaultValue: "" type: string description: Path to Email notification templates overriding embedded ones. @@ -7360,7 +7360,7 @@ NOTIFICATIONS_EMAIL_TEMPLATE_PATH: removalVersion: "" deprecationInfo: "" NOTIFICATIONS_EVENTS_AUTH_PASSWORD: - name: OCIS_EVENTS_AUTH_PASSWORD;NOTIFICATIONS_EVENTS_AUTH_PASSWORD + name: OC_EVENTS_AUTH_PASSWORD;NOTIFICATIONS_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the events broker. The events broker @@ -7370,7 +7370,7 @@ NOTIFICATIONS_EVENTS_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" NOTIFICATIONS_EVENTS_AUTH_USERNAME: - name: OCIS_EVENTS_AUTH_USERNAME;NOTIFICATIONS_EVENTS_AUTH_USERNAME + name: OC_EVENTS_AUTH_USERNAME;NOTIFICATIONS_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the events broker. The events broker @@ -7380,7 +7380,7 @@ NOTIFICATIONS_EVENTS_AUTH_USERNAME: removalVersion: "" deprecationInfo: "" NOTIFICATIONS_EVENTS_CLUSTER: - name: OCIS_EVENTS_CLUSTER;NOTIFICATIONS_EVENTS_CLUSTER + name: OC_EVENTS_CLUSTER;NOTIFICATIONS_EVENTS_CLUSTER defaultValue: ocis-cluster type: string description: The clusterID of the event system. The event system is the message @@ -7391,7 +7391,7 @@ NOTIFICATIONS_EVENTS_CLUSTER: removalVersion: "" deprecationInfo: "" NOTIFICATIONS_EVENTS_ENABLE_TLS: - name: OCIS_EVENTS_ENABLE_TLS;NOTIFICATIONS_EVENTS_ENABLE_TLS + name: OC_EVENTS_ENABLE_TLS;NOTIFICATIONS_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker @@ -7401,7 +7401,7 @@ NOTIFICATIONS_EVENTS_ENABLE_TLS: removalVersion: "" deprecationInfo: "" NOTIFICATIONS_EVENTS_ENDPOINT: - name: OCIS_EVENTS_ENDPOINT;NOTIFICATIONS_EVENTS_ENDPOINT + name: OC_EVENTS_ENDPOINT;NOTIFICATIONS_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing @@ -7411,7 +7411,7 @@ NOTIFICATIONS_EVENTS_ENDPOINT: removalVersion: "" deprecationInfo: "" NOTIFICATIONS_EVENTS_TLS_INSECURE: - name: OCIS_INSECURE;NOTIFICATIONS_EVENTS_TLS_INSECURE + name: OC_INSECURE;NOTIFICATIONS_EVENTS_TLS_INSECURE defaultValue: "false" type: bool description: Whether to verify the server TLS certificates. @@ -7420,7 +7420,7 @@ NOTIFICATIONS_EVENTS_TLS_INSECURE: removalVersion: "" deprecationInfo: "" NOTIFICATIONS_EVENTS_TLS_ROOT_CA_CERTIFICATE: - name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;NOTIFICATIONS_EVENTS_TLS_ROOT_CA_CERTIFICATE + name: OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;NOTIFICATIONS_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. @@ -7430,7 +7430,7 @@ NOTIFICATIONS_EVENTS_TLS_ROOT_CA_CERTIFICATE: removalVersion: "" deprecationInfo: "" NOTIFICATIONS_LOG_COLOR: - name: OCIS_LOG_COLOR;NOTIFICATIONS_LOG_COLOR + name: OC_LOG_COLOR;NOTIFICATIONS_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -7439,7 +7439,7 @@ NOTIFICATIONS_LOG_COLOR: removalVersion: "" deprecationInfo: "" NOTIFICATIONS_LOG_FILE: - name: OCIS_LOG_FILE;NOTIFICATIONS_LOG_FILE + name: OC_LOG_FILE;NOTIFICATIONS_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -7448,7 +7448,7 @@ NOTIFICATIONS_LOG_FILE: removalVersion: "" deprecationInfo: "" NOTIFICATIONS_LOG_LEVEL: - name: OCIS_LOG_LEVEL;NOTIFICATIONS_LOG_LEVEL + name: OC_LOG_LEVEL;NOTIFICATIONS_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -7458,7 +7458,7 @@ NOTIFICATIONS_LOG_LEVEL: removalVersion: "" deprecationInfo: "" NOTIFICATIONS_LOG_PRETTY: - name: OCIS_LOG_PRETTY;NOTIFICATIONS_LOG_PRETTY + name: OC_LOG_PRETTY;NOTIFICATIONS_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -7467,7 +7467,7 @@ NOTIFICATIONS_LOG_PRETTY: removalVersion: "" deprecationInfo: "" NOTIFICATIONS_SERVICE_ACCOUNT_ID: - name: OCIS_SERVICE_ACCOUNT_ID;NOTIFICATIONS_SERVICE_ACCOUNT_ID + name: OC_SERVICE_ACCOUNT_ID;NOTIFICATIONS_SERVICE_ACCOUNT_ID defaultValue: "" type: string description: The ID of the service account the service should use. See the 'auth-service' @@ -7477,7 +7477,7 @@ NOTIFICATIONS_SERVICE_ACCOUNT_ID: removalVersion: "" deprecationInfo: "" NOTIFICATIONS_SERVICE_ACCOUNT_SECRET: - name: OCIS_SERVICE_ACCOUNT_SECRET;NOTIFICATIONS_SERVICE_ACCOUNT_SECRET + name: OC_SERVICE_ACCOUNT_SECRET;NOTIFICATIONS_SERVICE_ACCOUNT_SECRET defaultValue: "" type: string description: The service account secret. @@ -7561,7 +7561,7 @@ NOTIFICATIONS_SMTP_USERNAME: removalVersion: "" deprecationInfo: "" NOTIFICATIONS_STORE: - name: OCIS_PERSISTENT_STORE;NOTIFICATIONS_STORE + name: OC_PERSISTENT_STORE;NOTIFICATIONS_STORE defaultValue: nats-js-kv type: string description: 'The type of the store. Supported values are: ''memory'', ''nats-js-kv'', @@ -7571,7 +7571,7 @@ NOTIFICATIONS_STORE: removalVersion: "" deprecationInfo: "" NOTIFICATIONS_STORE_AUTH_PASSWORD: - name: OCIS_PERSISTENT_STORE_AUTH_PASSWORD;NOTIFICATIONS_STORE_AUTH_PASSWORD + name: OC_PERSISTENT_STORE_AUTH_PASSWORD;NOTIFICATIONS_STORE_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the store. Only applies when store @@ -7581,7 +7581,7 @@ NOTIFICATIONS_STORE_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" NOTIFICATIONS_STORE_AUTH_USERNAME: - name: OCIS_PERSISTENT_STORE_AUTH_USERNAME;NOTIFICATIONS_STORE_AUTH_USERNAME + name: OC_PERSISTENT_STORE_AUTH_USERNAME;NOTIFICATIONS_STORE_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the store. Only applies when store @@ -7600,7 +7600,7 @@ NOTIFICATIONS_STORE_DATABASE: removalVersion: "" deprecationInfo: "" NOTIFICATIONS_STORE_NODES: - name: OCIS_PERSISTENT_STORE_NODES;NOTIFICATIONS_STORE_NODES + name: OC_PERSISTENT_STORE_NODES;NOTIFICATIONS_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. This has no effect @@ -7621,7 +7621,7 @@ NOTIFICATIONS_STORE_TABLE: removalVersion: "" deprecationInfo: "" NOTIFICATIONS_STORE_TTL: - name: OCIS_PERSISTENT_STORE_TTL;NOTIFICATIONS_STORE_TTL + name: OC_PERSISTENT_STORE_TTL;NOTIFICATIONS_STORE_TTL defaultValue: 336h0m0s type: Duration description: Time to live for notifications in the store. Defaults to '336h' (2 @@ -7631,7 +7631,7 @@ NOTIFICATIONS_STORE_TTL: removalVersion: "" deprecationInfo: "" NOTIFICATIONS_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;NOTIFICATIONS_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;NOTIFICATIONS_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -7641,7 +7641,7 @@ NOTIFICATIONS_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" NOTIFICATIONS_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;NOTIFICATIONS_TRACING_ENABLED + name: OC_TRACING_ENABLED;NOTIFICATIONS_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -7650,7 +7650,7 @@ NOTIFICATIONS_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" NOTIFICATIONS_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;NOTIFICATIONS_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;NOTIFICATIONS_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -7659,7 +7659,7 @@ NOTIFICATIONS_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" NOTIFICATIONS_TRACING_TYPE: - name: OCIS_TRACING_TYPE;NOTIFICATIONS_TRACING_TYPE + name: OC_TRACING_TYPE;NOTIFICATIONS_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -7669,7 +7669,7 @@ NOTIFICATIONS_TRACING_TYPE: removalVersion: "" deprecationInfo: "" NOTIFICATIONS_TRANSLATION_PATH: - name: OCIS_TRANSLATION_PATH;NOTIFICATIONS_TRANSLATION_PATH + name: OC_TRANSLATION_PATH;NOTIFICATIONS_TRANSLATION_PATH defaultValue: "" type: string description: (optional) Set this to a path with custom translations to overwrite @@ -7680,7 +7680,7 @@ NOTIFICATIONS_TRANSLATION_PATH: removalVersion: "" deprecationInfo: "" NOTIFICATIONS_WEB_UI_URL: - name: OCIS_URL;NOTIFICATIONS_WEB_UI_URL + name: OC_URL;NOTIFICATIONS_WEB_UI_URL defaultValue: https://localhost:9200 type: string description: The public facing URL of the oCIS Web UI, used e.g. when sending notification @@ -7701,7 +7701,7 @@ OCDAV_ALLOW_PROPFIND_DEPTH_INFINITY: removalVersion: "" deprecationInfo: "" OCDAV_CORS_ALLOW_CREDENTIALS: - name: OCIS_CORS_ALLOW_CREDENTIALS;OCDAV_CORS_ALLOW_CREDENTIALS + name: OC_CORS_ALLOW_CREDENTIALS;OCDAV_CORS_ALLOW_CREDENTIALS defaultValue: "false" type: bool description: 'Allow credentials for CORS.See following chapter for more details: @@ -7711,7 +7711,7 @@ OCDAV_CORS_ALLOW_CREDENTIALS: removalVersion: "" deprecationInfo: "" OCDAV_CORS_ALLOW_HEADERS: - name: OCIS_CORS_ALLOW_HEADERS;OCDAV_CORS_ALLOW_HEADERS + name: OC_CORS_ALLOW_HEADERS;OCDAV_CORS_ALLOW_HEADERS defaultValue: '[Origin Accept Content-Type Depth Authorization Ocs-Apirequest If-None-Match If-Match Destination Overwrite X-Request-Id X-Requested-With Tus-Resumable Tus-Checksum-Algorithm Upload-Concat Upload-Length Upload-Metadata Upload-Defer-Length Upload-Expires @@ -7725,7 +7725,7 @@ OCDAV_CORS_ALLOW_HEADERS: removalVersion: "" deprecationInfo: "" OCDAV_CORS_ALLOW_METHODS: - name: OCIS_CORS_ALLOW_METHODS;OCDAV_CORS_ALLOW_METHODS + name: OC_CORS_ALLOW_METHODS;OCDAV_CORS_ALLOW_METHODS defaultValue: '[OPTIONS HEAD GET PUT POST DELETE MKCOL PROPFIND PROPPATCH MOVE COPY REPORT SEARCH]' type: '[]string' @@ -7737,7 +7737,7 @@ OCDAV_CORS_ALLOW_METHODS: removalVersion: "" deprecationInfo: "" OCDAV_CORS_ALLOW_ORIGINS: - name: OCIS_CORS_ALLOW_ORIGINS;OCDAV_CORS_ALLOW_ORIGINS + name: OC_CORS_ALLOW_ORIGINS;OCDAV_CORS_ALLOW_ORIGINS defaultValue: '[https://localhost:9200]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: @@ -7786,7 +7786,7 @@ OCDAV_DEBUG_ZPAGES: removalVersion: "" deprecationInfo: "" OCDAV_EDITION: - name: OCIS_EDITION;OCDAV_EDITION + name: OC_EDITION;OCDAV_EDITION defaultValue: Community type: string description: Edition of oCIS. Used for branding purposes. @@ -7842,7 +7842,7 @@ OCDAV_HTTP_PROTOCOL: removalVersion: "" deprecationInfo: "" OCDAV_INSECURE: - name: OCIS_INSECURE;OCDAV_INSECURE + name: OC_INSECURE;OCDAV_INSECURE defaultValue: "false" type: bool description: Allow insecure connections to the GATEWAY service. @@ -7851,7 +7851,7 @@ OCDAV_INSECURE: removalVersion: "" deprecationInfo: "" OCDAV_JWT_SECRET: - name: OCIS_JWT_SECRET;OCDAV_JWT_SECRET + name: OC_JWT_SECRET;OCDAV_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. @@ -7860,7 +7860,7 @@ OCDAV_JWT_SECRET: removalVersion: "" deprecationInfo: "" OCDAV_LOG_COLOR: - name: OCIS_LOG_COLOR;OCDAV_LOG_COLOR + name: OC_LOG_COLOR;OCDAV_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -7869,7 +7869,7 @@ OCDAV_LOG_COLOR: removalVersion: "" deprecationInfo: "" OCDAV_LOG_FILE: - name: OCIS_LOG_FILE;OCDAV_LOG_FILE + name: OC_LOG_FILE;OCDAV_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -7878,7 +7878,7 @@ OCDAV_LOG_FILE: removalVersion: "" deprecationInfo: "" OCDAV_LOG_LEVEL: - name: OCIS_LOG_LEVEL;OCDAV_LOG_LEVEL + name: OC_LOG_LEVEL;OCDAV_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -7888,7 +7888,7 @@ OCDAV_LOG_LEVEL: removalVersion: "" deprecationInfo: "" OCDAV_LOG_PRETTY: - name: OCIS_LOG_PRETTY;OCDAV_LOG_PRETTY + name: OC_LOG_PRETTY;OCDAV_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -7897,7 +7897,7 @@ OCDAV_LOG_PRETTY: removalVersion: "" deprecationInfo: "" OCDAV_MACHINE_AUTH_API_KEY: - name: OCIS_MACHINE_AUTH_API_KEY;OCDAV_MACHINE_AUTH_API_KEY + name: OC_MACHINE_AUTH_API_KEY;OCDAV_MACHINE_AUTH_API_KEY defaultValue: "" type: string description: Machine auth API key used to validate internal requests necessary for @@ -7916,7 +7916,7 @@ OCDAV_OCM_NAMESPACE: removalVersion: "" deprecationInfo: "" OCDAV_PUBLIC_URL: - name: OCIS_URL;OCDAV_PUBLIC_URL + name: OC_URL;OCDAV_PUBLIC_URL defaultValue: https://localhost:9200 type: string description: URL where oCIS is reachable for users. @@ -7945,7 +7945,7 @@ OCDAV_SKIP_USER_GROUPS_IN_TOKEN: removalVersion: "" deprecationInfo: "" OCDAV_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;OCDAV_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;OCDAV_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -7955,7 +7955,7 @@ OCDAV_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" OCDAV_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;OCDAV_TRACING_ENABLED + name: OC_TRACING_ENABLED;OCDAV_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -7964,7 +7964,7 @@ OCDAV_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" OCDAV_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;OCDAV_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;OCDAV_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -7973,7 +7973,7 @@ OCDAV_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" OCDAV_TRACING_TYPE: - name: OCIS_TRACING_TYPE;OCDAV_TRACING_TYPE + name: OC_TRACING_TYPE;OCDAV_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -7992,8 +7992,8 @@ OCDAV_WEBDAV_NAMESPACE: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_ADMIN_USER_ID: - name: OCIS_ADMIN_USER_ID;IDM_ADMIN_USER_ID +OC_ADMIN_USER_ID: + name: OC_ADMIN_USER_ID;IDM_ADMIN_USER_ID defaultValue: "" type: string description: ID of the user that should receive admin privileges. Consider that @@ -8003,18 +8003,18 @@ OCIS_ADMIN_USER_ID: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_ASSET_THEMES_PATH: - name: OCIS_ASSET_THEMES_PATH;WEB_ASSET_THEMES_PATH +OC_ASSET_THEMES_PATH: + name: OC_ASSET_THEMES_PATH;WEB_ASSET_THEMES_PATH defaultValue: /var/lib/ocis/web/assets/themes type: string description: Serve ownCloud themes from a path on the filesystem instead of the - builtin assets. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/web/assets/themes + builtin assets. If not defined, the root directory derives from $OC_BASE_DATA_PATH/web/assets/themes introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_ASYNC_UPLOADS: - name: OCIS_ASYNC_UPLOADS;SEARCH_EVENTS_ASYNC_UPLOADS +OC_ASYNC_UPLOADS: + name: OC_ASYNC_UPLOADS;SEARCH_EVENTS_ASYNC_UPLOADS defaultValue: "true" type: bool description: Enable asynchronous file uploads. @@ -8022,8 +8022,8 @@ OCIS_ASYNC_UPLOADS: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_CACHE_AUTH_PASSWORD: - name: OCIS_CACHE_AUTH_PASSWORD;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_PASSWORD +OC_CACHE_AUTH_PASSWORD: + name: OC_CACHE_AUTH_PASSWORD;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the store. Only applies when store @@ -8032,8 +8032,8 @@ OCIS_CACHE_AUTH_PASSWORD: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_CACHE_AUTH_USERNAME: - name: OCIS_CACHE_AUTH_USERNAME;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_USERNAME +OC_CACHE_AUTH_USERNAME: + name: OC_CACHE_AUTH_USERNAME;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the store. Only applies when store @@ -8042,8 +8042,8 @@ OCIS_CACHE_AUTH_USERNAME: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_CACHE_DATABASE: - name: OCIS_CACHE_DATABASE +OC_CACHE_DATABASE: + name: OC_CACHE_DATABASE defaultValue: cache-userinfo type: string description: The database name the configured store should use. @@ -8051,8 +8051,8 @@ OCIS_CACHE_DATABASE: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_CACHE_DISABLE_PERSISTENCE: - name: OCIS_CACHE_DISABLE_PERSISTENCE;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_DISABLE_PERSISTENCE +OC_CACHE_DISABLE_PERSISTENCE: + name: OC_CACHE_DISABLE_PERSISTENCE;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_DISABLE_PERSISTENCE defaultValue: "true" type: bool description: Disables persistence of the store. Only applies when store type 'nats-js-kv' @@ -8061,8 +8061,8 @@ OCIS_CACHE_DISABLE_PERSISTENCE: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_CACHE_STORE: - name: OCIS_CACHE_STORE;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE +OC_CACHE_STORE: + name: OC_CACHE_STORE;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE defaultValue: nats-js-kv type: string description: 'The type of the signing key store. Supported values are: ''redis-sentinel'', @@ -8072,8 +8072,8 @@ OCIS_CACHE_STORE: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_CACHE_STORE_NODES: - name: OCIS_CACHE_STORE_NODES;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES +OC_CACHE_STORE_NODES: + name: OC_CACHE_STORE_NODES;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. Note that the behaviour @@ -8083,8 +8083,8 @@ OCIS_CACHE_STORE_NODES: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_CACHE_TTL: - name: OCIS_CACHE_TTL;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_TTL +OC_CACHE_TTL: + name: OC_CACHE_TTL;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_TTL defaultValue: 12h0m0s type: Duration description: Default time to live for signing keys. See the Environment Variable @@ -8093,8 +8093,8 @@ OCIS_CACHE_TTL: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_CORS_ALLOW_CREDENTIALS: - name: OCIS_CORS_ALLOW_CREDENTIALS;WEBFINGER_CORS_ALLOW_CREDENTIALS +OC_CORS_ALLOW_CREDENTIALS: + name: OC_CORS_ALLOW_CREDENTIALS;WEBFINGER_CORS_ALLOW_CREDENTIALS defaultValue: "false" type: bool description: 'Allow credentials for CORS.See following chapter for more details: @@ -8103,8 +8103,8 @@ OCIS_CORS_ALLOW_CREDENTIALS: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_CORS_ALLOW_HEADERS: - name: OCIS_CORS_ALLOW_HEADERS;WEBFINGER_CORS_ALLOW_HEADERS +OC_CORS_ALLOW_HEADERS: + name: OC_CORS_ALLOW_HEADERS;WEBFINGER_CORS_ALLOW_HEADERS defaultValue: '[]' type: '[]string' description: 'A list of allowed CORS headers. See following chapter for more details: @@ -8114,8 +8114,8 @@ OCIS_CORS_ALLOW_HEADERS: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_CORS_ALLOW_METHODS: - name: OCIS_CORS_ALLOW_METHODS;WEBFINGER_CORS_ALLOW_METHODS +OC_CORS_ALLOW_METHODS: + name: OC_CORS_ALLOW_METHODS;WEBFINGER_CORS_ALLOW_METHODS defaultValue: '[]' type: '[]string' description: 'A list of allowed CORS methods. See following chapter for more details: @@ -8125,8 +8125,8 @@ OCIS_CORS_ALLOW_METHODS: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_CORS_ALLOW_ORIGINS: - name: OCIS_CORS_ALLOW_ORIGINS;WEBFINGER_CORS_ALLOW_ORIGINS +OC_CORS_ALLOW_ORIGINS: + name: OC_CORS_ALLOW_ORIGINS;WEBFINGER_CORS_ALLOW_ORIGINS defaultValue: '[https://localhost:9200]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: @@ -8136,8 +8136,8 @@ OCIS_CORS_ALLOW_ORIGINS: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_CORS_EXPOSE_HEADERS: - name: OCIS_CORS_EXPOSE_HEADERS;STORAGE_USERS_CORS_EXPOSE_HEADERS +OC_CORS_EXPOSE_HEADERS: + name: OC_CORS_EXPOSE_HEADERS;STORAGE_USERS_CORS_EXPOSE_HEADERS defaultValue: '[Upload-Offset Location Upload-Length Tus-Version Tus-Resumable Tus-Max-Size Tus-Extension Upload-Metadata Upload-Defer-Length Upload-Concat Upload-Incomplete Upload-Draft-Interop-Version]' @@ -8149,8 +8149,8 @@ OCIS_CORS_EXPOSE_HEADERS: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_CORS_MAX_AGE: - name: OCIS_CORS_MAX_AGE;STORAGE_USERS_CORS_MAX_AGE +OC_CORS_MAX_AGE: + name: OC_CORS_MAX_AGE;STORAGE_USERS_CORS_MAX_AGE defaultValue: "86400" type: uint description: 'The max cache duration of preflight headers. See following chapter @@ -8160,8 +8160,8 @@ OCIS_CORS_MAX_AGE: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_DECOMPOSEDFS_PROPAGATOR: - name: OCIS_DECOMPOSEDFS_PROPAGATOR;STORAGE_USERS_S3NG_PROPAGATOR +OC_DECOMPOSEDFS_PROPAGATOR: + name: OC_DECOMPOSEDFS_PROPAGATOR;STORAGE_USERS_S3NG_PROPAGATOR defaultValue: sync type: string description: The propagator used for decomposedfs. At the moment, only 'sync' is @@ -8170,8 +8170,8 @@ OCIS_DECOMPOSEDFS_PROPAGATOR: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_DEFAULT_LANGUAGE: - name: OCIS_DEFAULT_LANGUAGE +OC_DEFAULT_LANGUAGE: + name: OC_DEFAULT_LANGUAGE defaultValue: "" type: string description: The default language used by services and the WebUI. If not defined, @@ -8180,8 +8180,8 @@ OCIS_DEFAULT_LANGUAGE: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_DISABLE_PREVIEWS: - name: OCIS_DISABLE_PREVIEWS;WEBDAV_DISABLE_PREVIEWS +OC_DISABLE_PREVIEWS: + name: OC_DISABLE_PREVIEWS;WEBDAV_DISABLE_PREVIEWS defaultValue: "false" type: bool description: Set this option to 'true' to disable rendering of thumbnails triggered @@ -8191,8 +8191,8 @@ OCIS_DISABLE_PREVIEWS: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_DISABLE_SSE: - name: OCIS_DISABLE_SSE;FRONTEND_DISABLE_SSE +OC_DISABLE_SSE: + name: OC_DISABLE_SSE;FRONTEND_DISABLE_SSE defaultValue: "false" type: bool description: When set to true, clients are informed that the Server-Sent Events @@ -8201,8 +8201,8 @@ OCIS_DISABLE_SSE: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_DISABLE_SSE,USERLOG_DISABLE_SSE: - name: OCIS_DISABLE_SSE,USERLOG_DISABLE_SSE +OC_DISABLE_SSE,USERLOG_DISABLE_SSE: + name: OC_DISABLE_SSE,USERLOG_DISABLE_SSE defaultValue: "false" type: bool description: Disables server-sent events (sse). When disabled, clients will no longer @@ -8211,8 +8211,8 @@ OCIS_DISABLE_SSE,USERLOG_DISABLE_SSE: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_DISABLE_VERSIONING: - name: OCIS_DISABLE_VERSIONING +OC_DISABLE_VERSIONING: + name: OC_DISABLE_VERSIONING defaultValue: "false" type: bool description: Disables versioning of files. When set to true, new uploads with the @@ -8221,8 +8221,8 @@ OCIS_DISABLE_VERSIONING: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_EDITION: - name: OCIS_EDITION;FRONTEND_EDITION +OC_EDITION: + name: OC_EDITION;FRONTEND_EDITION defaultValue: Community type: string description: Edition of oCIS. Used for branding purposes. @@ -8230,8 +8230,8 @@ OCIS_EDITION: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_EMAIL_TEMPLATE_PATH: - name: OCIS_EMAIL_TEMPLATE_PATH;NOTIFICATIONS_EMAIL_TEMPLATE_PATH +OC_EMAIL_TEMPLATE_PATH: + name: OC_EMAIL_TEMPLATE_PATH;NOTIFICATIONS_EMAIL_TEMPLATE_PATH defaultValue: "" type: string description: Path to Email notification templates overriding embedded ones. @@ -8239,8 +8239,8 @@ OCIS_EMAIL_TEMPLATE_PATH: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_ENABLE_OCM: - name: OCIS_ENABLE_OCM;FRONTEND_OCS_INCLUDE_OCM_SHAREES +OC_ENABLE_OCM: + name: OC_ENABLE_OCM;FRONTEND_OCS_INCLUDE_OCM_SHAREES defaultValue: "false" type: bool description: Include OCM sharees when listing sharees. @@ -8248,8 +8248,8 @@ OCIS_ENABLE_OCM: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_EVENTS_AUTH_PASSWORD: - name: OCIS_EVENTS_AUTH_PASSWORD;AUDIT_EVENTS_AUTH_PASSWORD +OC_EVENTS_AUTH_PASSWORD: + name: OC_EVENTS_AUTH_PASSWORD;AUDIT_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the events broker. The events broker @@ -8258,8 +8258,8 @@ OCIS_EVENTS_AUTH_PASSWORD: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_EVENTS_AUTH_USERNAME: - name: OCIS_EVENTS_AUTH_USERNAME;AUDIT_EVENTS_AUTH_USERNAME +OC_EVENTS_AUTH_USERNAME: + name: OC_EVENTS_AUTH_USERNAME;AUDIT_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the events broker. The events broker @@ -8268,8 +8268,8 @@ OCIS_EVENTS_AUTH_USERNAME: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_EVENTS_CLUSTER: - name: OCIS_EVENTS_CLUSTER;AUDIT_EVENTS_CLUSTER +OC_EVENTS_CLUSTER: + name: OC_EVENTS_CLUSTER;AUDIT_EVENTS_CLUSTER defaultValue: ocis-cluster type: string description: The clusterID of the event system. The event system is the message @@ -8279,8 +8279,8 @@ OCIS_EVENTS_CLUSTER: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_EVENTS_ENABLE_TLS: - name: OCIS_EVENTS_ENABLE_TLS;AUDIT_EVENTS_ENABLE_TLS +OC_EVENTS_ENABLE_TLS: + name: OC_EVENTS_ENABLE_TLS;AUDIT_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker @@ -8289,8 +8289,8 @@ OCIS_EVENTS_ENABLE_TLS: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_EVENTS_ENDPOINT: - name: OCIS_EVENTS_ENDPOINT;AUDIT_EVENTS_ENDPOINT +OC_EVENTS_ENDPOINT: + name: OC_EVENTS_ENDPOINT;AUDIT_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing @@ -8299,8 +8299,8 @@ OCIS_EVENTS_ENDPOINT: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE: - name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;AUDIT_EVENTS_TLS_ROOT_CA_CERTIFICATE +OC_EVENTS_TLS_ROOT_CA_CERTIFICATE: + name: OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;AUDIT_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. @@ -8309,8 +8309,8 @@ OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_GATEWAY_GRPC_ADDR: - name: OCIS_GATEWAY_GRPC_ADDR;GATEWAY_GRPC_ADDR +OC_GATEWAY_GRPC_ADDR: + name: OC_GATEWAY_GRPC_ADDR;GATEWAY_GRPC_ADDR defaultValue: 127.0.0.1:9142 type: string description: The bind address of the GRPC service. @@ -8318,8 +8318,8 @@ OCIS_GATEWAY_GRPC_ADDR: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_GRPC_CLIENT_TLS_CACERT: - name: OCIS_GRPC_CLIENT_TLS_CACERT +OC_GRPC_CLIENT_TLS_CACERT: + name: OC_GRPC_CLIENT_TLS_CACERT defaultValue: "" type: string description: Path/File name for the root CA certificate (in PEM format) used to @@ -8328,8 +8328,8 @@ OCIS_GRPC_CLIENT_TLS_CACERT: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_GRPC_CLIENT_TLS_MODE: - name: OCIS_GRPC_CLIENT_TLS_MODE +OC_GRPC_CLIENT_TLS_MODE: + name: OC_GRPC_CLIENT_TLS_MODE defaultValue: "" type: string description: 'TLS mode for grpc connection to the go-micro based grpc services. @@ -8341,8 +8341,8 @@ OCIS_GRPC_CLIENT_TLS_MODE: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_GRPC_PROTOCOL: - name: OCIS_GRPC_PROTOCOL;COLLABORATION_GRPC_PROTOCOL +OC_GRPC_PROTOCOL: + name: OC_GRPC_PROTOCOL;COLLABORATION_GRPC_PROTOCOL defaultValue: "" type: string description: The transport protocol of the GRPC service. @@ -8350,8 +8350,8 @@ OCIS_GRPC_PROTOCOL: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_HTTP_TLS_CERTIFICATE: - name: OCIS_HTTP_TLS_CERTIFICATE +OC_HTTP_TLS_CERTIFICATE: + name: OC_HTTP_TLS_CERTIFICATE defaultValue: "" type: string description: Path/File name of the TLS server certificate (in PEM format) for the @@ -8360,19 +8360,19 @@ OCIS_HTTP_TLS_CERTIFICATE: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_HTTP_TLS_ENABLED: - name: OCIS_HTTP_TLS_ENABLED +OC_HTTP_TLS_ENABLED: + name: OC_HTTP_TLS_ENABLED defaultValue: "false" type: bool description: Activates TLS for the http based services using the server certifcate - and key configured via OCIS_HTTP_TLS_CERTIFICATE and OCIS_HTTP_TLS_KEY. If OCIS_HTTP_TLS_CERTIFICATE + and key configured via OC_HTTP_TLS_CERTIFICATE and OC_HTTP_TLS_KEY. If OC_HTTP_TLS_CERTIFICATE is not set a temporary server certificate is generated - to be used with PROXY_INSECURE_BACKEND=true. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_HTTP_TLS_KEY: - name: OCIS_HTTP_TLS_KEY +OC_HTTP_TLS_KEY: + name: OC_HTTP_TLS_KEY defaultValue: "" type: string description: Path/File name for the TLS certificate key (in PEM format) for the @@ -8381,8 +8381,8 @@ OCIS_HTTP_TLS_KEY: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_INSECURE: - name: OCIS_INSECURE;AUDIT_EVENTS_TLS_INSECURE +OC_INSECURE: + name: OC_INSECURE;AUDIT_EVENTS_TLS_INSECURE defaultValue: "false" type: bool description: Whether to verify the server TLS certificates. @@ -8390,8 +8390,8 @@ OCIS_INSECURE: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_JWT_SECRET: - name: OCIS_JWT_SECRET;COLLABORATION_JWT_SECRET +OC_JWT_SECRET: + name: OC_JWT_SECRET;COLLABORATION_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. @@ -8399,8 +8399,8 @@ OCIS_JWT_SECRET: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_KEYCLOAK_BASE_PATH: - name: OCIS_KEYCLOAK_BASE_PATH;INVITATIONS_KEYCLOAK_BASE_PATH +OC_KEYCLOAK_BASE_PATH: + name: OC_KEYCLOAK_BASE_PATH;INVITATIONS_KEYCLOAK_BASE_PATH defaultValue: "" type: string description: The URL to access keycloak. @@ -8408,8 +8408,8 @@ OCIS_KEYCLOAK_BASE_PATH: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_KEYCLOAK_CLIENT_ID: - name: OCIS_KEYCLOAK_CLIENT_ID;INVITATIONS_KEYCLOAK_CLIENT_ID +OC_KEYCLOAK_CLIENT_ID: + name: OC_KEYCLOAK_CLIENT_ID;INVITATIONS_KEYCLOAK_CLIENT_ID defaultValue: "" type: string description: The client ID to authenticate with keycloak. @@ -8417,8 +8417,8 @@ OCIS_KEYCLOAK_CLIENT_ID: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_KEYCLOAK_CLIENT_REALM: - name: OCIS_KEYCLOAK_CLIENT_REALM;INVITATIONS_KEYCLOAK_CLIENT_REALM +OC_KEYCLOAK_CLIENT_REALM: + name: OC_KEYCLOAK_CLIENT_REALM;INVITATIONS_KEYCLOAK_CLIENT_REALM defaultValue: "" type: string description: The realm the client is defined in. @@ -8426,8 +8426,8 @@ OCIS_KEYCLOAK_CLIENT_REALM: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_KEYCLOAK_CLIENT_SECRET: - name: OCIS_KEYCLOAK_CLIENT_SECRET;INVITATIONS_KEYCLOAK_CLIENT_SECRET +OC_KEYCLOAK_CLIENT_SECRET: + name: OC_KEYCLOAK_CLIENT_SECRET;INVITATIONS_KEYCLOAK_CLIENT_SECRET defaultValue: "" type: string description: The client secret to use in authentication. @@ -8435,8 +8435,8 @@ OCIS_KEYCLOAK_CLIENT_SECRET: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_KEYCLOAK_INSECURE_SKIP_VERIFY: - name: OCIS_KEYCLOAK_INSECURE_SKIP_VERIFY;INVITATIONS_KEYCLOAK_INSECURE_SKIP_VERIFY +OC_KEYCLOAK_INSECURE_SKIP_VERIFY: + name: OC_KEYCLOAK_INSECURE_SKIP_VERIFY;INVITATIONS_KEYCLOAK_INSECURE_SKIP_VERIFY defaultValue: "false" type: bool description: Disable TLS certificate validation for Keycloak connections. Do not @@ -8445,8 +8445,8 @@ OCIS_KEYCLOAK_INSECURE_SKIP_VERIFY: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_KEYCLOAK_USER_REALM: - name: OCIS_KEYCLOAK_USER_REALM;INVITATIONS_KEYCLOAK_USER_REALM +OC_KEYCLOAK_USER_REALM: + name: OC_KEYCLOAK_USER_REALM;INVITATIONS_KEYCLOAK_USER_REALM defaultValue: "" type: string description: The realm users are defined. @@ -8454,8 +8454,8 @@ OCIS_KEYCLOAK_USER_REALM: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_LDAP_BIND_DN: - name: OCIS_LDAP_BIND_DN;IDP_LDAP_BIND_DN +OC_LDAP_BIND_DN: + name: OC_LDAP_BIND_DN;IDP_LDAP_BIND_DN defaultValue: uid=idp,ou=sysusers,o=libregraph-idm type: string description: LDAP DN to use for simple bind authentication with the target LDAP @@ -8464,8 +8464,8 @@ OCIS_LDAP_BIND_DN: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_LDAP_BIND_PASSWORD: - name: OCIS_LDAP_BIND_PASSWORD;IDP_LDAP_BIND_PASSWORD +OC_LDAP_BIND_PASSWORD: + name: OC_LDAP_BIND_PASSWORD;IDP_LDAP_BIND_PASSWORD defaultValue: "" type: string description: Password to use for authenticating the 'bind_dn'. @@ -8473,19 +8473,19 @@ OCIS_LDAP_BIND_PASSWORD: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_LDAP_CACERT: - name: OCIS_LDAP_CACERT;IDP_LDAP_TLS_CACERT +OC_LDAP_CACERT: + name: OC_LDAP_CACERT;IDP_LDAP_TLS_CACERT defaultValue: /var/lib/ocis/idm/ldap.crt type: string description: Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root - directory derives from $OCIS_BASE_DATA_PATH/idp. + directory derives from $OC_BASE_DATA_PATH/idp. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_LDAP_DISABLE_USER_MECHANISM: - name: OCIS_LDAP_DISABLE_USER_MECHANISM;GRAPH_DISABLE_USER_MECHANISM +OC_LDAP_DISABLE_USER_MECHANISM: + name: OC_LDAP_DISABLE_USER_MECHANISM;GRAPH_DISABLE_USER_MECHANISM defaultValue: attribute type: string description: An option to control the behavior for disabling users. Supported options @@ -8497,8 +8497,8 @@ OCIS_LDAP_DISABLE_USER_MECHANISM: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_LDAP_DISABLED_USERS_GROUP_DN: - name: OCIS_LDAP_DISABLED_USERS_GROUP_DN;GRAPH_DISABLED_USERS_GROUP_DN +OC_LDAP_DISABLED_USERS_GROUP_DN: + name: OC_LDAP_DISABLED_USERS_GROUP_DN;GRAPH_DISABLED_USERS_GROUP_DN defaultValue: cn=DisabledUsersGroup,ou=groups,o=libregraph-idm type: string description: The distinguished name of the group to which added users will be classified @@ -8507,8 +8507,8 @@ OCIS_LDAP_DISABLED_USERS_GROUP_DN: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_LDAP_GROUP_BASE_DN: - name: OCIS_LDAP_GROUP_BASE_DN;GRAPH_LDAP_GROUP_BASE_DN +OC_LDAP_GROUP_BASE_DN: + name: OC_LDAP_GROUP_BASE_DN;GRAPH_LDAP_GROUP_BASE_DN defaultValue: ou=groups,o=libregraph-idm type: string description: Search base DN for looking up LDAP groups. @@ -8516,8 +8516,8 @@ OCIS_LDAP_GROUP_BASE_DN: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_LDAP_GROUP_FILTER: - name: OCIS_LDAP_GROUP_FILTER;GRAPH_LDAP_GROUP_FILTER +OC_LDAP_GROUP_FILTER: + name: OC_LDAP_GROUP_FILTER;GRAPH_LDAP_GROUP_FILTER defaultValue: "" type: string description: LDAP filter to add to the default filters for group searches. @@ -8525,8 +8525,8 @@ OCIS_LDAP_GROUP_FILTER: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_LDAP_GROUP_OBJECTCLASS: - name: OCIS_LDAP_GROUP_OBJECTCLASS;GRAPH_LDAP_GROUP_OBJECTCLASS +OC_LDAP_GROUP_OBJECTCLASS: + name: OC_LDAP_GROUP_OBJECTCLASS;GRAPH_LDAP_GROUP_OBJECTCLASS defaultValue: groupOfNames type: string description: The object class to use for groups in the default group search filter @@ -8535,8 +8535,8 @@ OCIS_LDAP_GROUP_OBJECTCLASS: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME: - name: OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME;AUTH_BASIC_LDAP_GROUP_SCHEMA_DISPLAYNAME +OC_LDAP_GROUP_SCHEMA_DISPLAYNAME: + name: OC_LDAP_GROUP_SCHEMA_DISPLAYNAME;AUTH_BASIC_LDAP_GROUP_SCHEMA_DISPLAYNAME defaultValue: cn type: string description: LDAP Attribute to use for the displayname of groups (often the same @@ -8545,8 +8545,8 @@ OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_LDAP_GROUP_SCHEMA_GROUPNAME: - name: OCIS_LDAP_GROUP_SCHEMA_GROUPNAME;GRAPH_LDAP_GROUP_NAME_ATTRIBUTE +OC_LDAP_GROUP_SCHEMA_GROUPNAME: + name: OC_LDAP_GROUP_SCHEMA_GROUPNAME;GRAPH_LDAP_GROUP_NAME_ATTRIBUTE defaultValue: cn type: string description: LDAP Attribute to use for the name of groups. @@ -8554,8 +8554,8 @@ OCIS_LDAP_GROUP_SCHEMA_GROUPNAME: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_LDAP_GROUP_SCHEMA_ID: - name: OCIS_LDAP_GROUP_SCHEMA_ID;GRAPH_LDAP_GROUP_ID_ATTRIBUTE +OC_LDAP_GROUP_SCHEMA_ID: + name: OC_LDAP_GROUP_SCHEMA_ID;GRAPH_LDAP_GROUP_ID_ATTRIBUTE defaultValue: owncloudUUID type: string description: LDAP Attribute to use as the unique id for groups. This should be a @@ -8564,8 +8564,8 @@ OCIS_LDAP_GROUP_SCHEMA_ID: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING: - name: OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;GRAPH_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING +OC_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING: + name: OC_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;GRAPH_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING defaultValue: "false" type: bool description: Set this to true if the defined 'ID' attribute for groups is of the @@ -8575,8 +8575,8 @@ OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_LDAP_GROUP_SCHEMA_MAIL: - name: OCIS_LDAP_GROUP_SCHEMA_MAIL;AUTH_BASIC_LDAP_GROUP_SCHEMA_MAIL +OC_LDAP_GROUP_SCHEMA_MAIL: + name: OC_LDAP_GROUP_SCHEMA_MAIL;AUTH_BASIC_LDAP_GROUP_SCHEMA_MAIL defaultValue: mail type: string description: LDAP Attribute to use for the email address of groups (can be empty). @@ -8584,8 +8584,8 @@ OCIS_LDAP_GROUP_SCHEMA_MAIL: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_LDAP_GROUP_SCHEMA_MEMBER: - name: OCIS_LDAP_GROUP_SCHEMA_MEMBER;GRAPH_LDAP_GROUP_MEMBER_ATTRIBUTE +OC_LDAP_GROUP_SCHEMA_MEMBER: + name: OC_LDAP_GROUP_SCHEMA_MEMBER;GRAPH_LDAP_GROUP_MEMBER_ATTRIBUTE defaultValue: member type: string description: LDAP Attribute that is used for group members. @@ -8593,8 +8593,8 @@ OCIS_LDAP_GROUP_SCHEMA_MEMBER: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_LDAP_GROUP_SCOPE: - name: OCIS_LDAP_GROUP_SCOPE;GRAPH_LDAP_GROUP_SEARCH_SCOPE +OC_LDAP_GROUP_SCOPE: + name: OC_LDAP_GROUP_SCOPE;GRAPH_LDAP_GROUP_SEARCH_SCOPE defaultValue: sub type: string description: LDAP search scope to use when looking up groups. Supported scopes are @@ -8603,8 +8603,8 @@ OCIS_LDAP_GROUP_SCOPE: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_LDAP_INSECURE: - name: OCIS_LDAP_INSECURE;IDP_INSECURE +OC_LDAP_INSECURE: + name: OC_LDAP_INSECURE;IDP_INSECURE defaultValue: "false" type: bool description: Disable TLS certificate validation for the LDAP connections. Do not @@ -8613,20 +8613,20 @@ OCIS_LDAP_INSECURE: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_LDAP_SERVER_WRITE_ENABLED: - name: OCIS_LDAP_SERVER_WRITE_ENABLED;FRONTEND_LDAP_SERVER_WRITE_ENABLED +OC_LDAP_SERVER_WRITE_ENABLED: + name: OC_LDAP_SERVER_WRITE_ENABLED;FRONTEND_LDAP_SERVER_WRITE_ENABLED defaultValue: "true" type: bool description: Allow creating, modifying and deleting LDAP users via the GRAPH API. This can only be set to 'true' when keeping default settings for the LDAP user - and group attribute types (the 'OCIS_LDAP_USER_SCHEMA_* and 'OCIS_LDAP_GROUP_SCHEMA_* + and group attribute types (the 'OC_LDAP_USER_SCHEMA_* and 'OC_LDAP_GROUP_SCHEMA_* variables). introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_LDAP_URI: - name: OCIS_LDAP_URI;IDP_LDAP_URI +OC_LDAP_URI: + name: OC_LDAP_URI;IDP_LDAP_URI defaultValue: ldaps://localhost:9235 type: string description: Url of the LDAP service to use as IDP. @@ -8634,8 +8634,8 @@ OCIS_LDAP_URI: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_LDAP_USER_BASE_DN: - name: OCIS_LDAP_USER_BASE_DN;IDP_LDAP_BASE_DN +OC_LDAP_USER_BASE_DN: + name: OC_LDAP_USER_BASE_DN;IDP_LDAP_BASE_DN defaultValue: ou=users,o=libregraph-idm type: string description: Search base DN for looking up LDAP users. @@ -8643,8 +8643,8 @@ OCIS_LDAP_USER_BASE_DN: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_LDAP_USER_ENABLED_ATTRIBUTE: - name: OCIS_LDAP_USER_ENABLED_ATTRIBUTE;IDP_USER_ENABLED_ATTRIBUTE +OC_LDAP_USER_ENABLED_ATTRIBUTE: + name: OC_LDAP_USER_ENABLED_ATTRIBUTE;IDP_USER_ENABLED_ATTRIBUTE defaultValue: ownCloudUserEnabled type: string description: LDAP Attribute to use as a flag telling if the user is enabled or disabled. @@ -8652,8 +8652,8 @@ OCIS_LDAP_USER_ENABLED_ATTRIBUTE: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_LDAP_USER_FILTER: - name: OCIS_LDAP_USER_FILTER;IDP_LDAP_FILTER +OC_LDAP_USER_FILTER: + name: OC_LDAP_USER_FILTER;IDP_LDAP_FILTER defaultValue: "" type: string description: LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'. @@ -8661,8 +8661,8 @@ OCIS_LDAP_USER_FILTER: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_LDAP_USER_OBJECTCLASS: - name: OCIS_LDAP_USER_OBJECTCLASS;IDP_LDAP_OBJECTCLASS +OC_LDAP_USER_OBJECTCLASS: + name: OC_LDAP_USER_OBJECTCLASS;IDP_LDAP_OBJECTCLASS defaultValue: inetOrgPerson type: string description: LDAP User ObjectClass like 'inetOrgPerson'. @@ -8670,8 +8670,8 @@ OCIS_LDAP_USER_OBJECTCLASS: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_LDAP_USER_SCHEMA_DISPLAYNAME: - name: OCIS_LDAP_USER_SCHEMA_DISPLAYNAME;LDAP_USER_SCHEMA_DISPLAY_NAME;GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE +OC_LDAP_USER_SCHEMA_DISPLAYNAME: + name: OC_LDAP_USER_SCHEMA_DISPLAYNAME;LDAP_USER_SCHEMA_DISPLAY_NAME;GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE defaultValue: displayName type: string description: LDAP Attribute to use for the display name of users. @@ -8681,8 +8681,8 @@ OCIS_LDAP_USER_SCHEMA_DISPLAYNAME: deprecationInfo: LDAP_USER_SCHEMA_DISPLAY_NAME changing name for consistency | | | | | | | LDAP_USER_SCHEMA_DISPLAY_NAME changing name for consistency | | | | LDAP_USER_SCHEMA_DISPLAY_NAME changing name for consistency -OCIS_LDAP_USER_SCHEMA_ID: - name: OCIS_LDAP_USER_SCHEMA_ID;IDP_LDAP_UUID_ATTRIBUTE +OC_LDAP_USER_SCHEMA_ID: + name: OC_LDAP_USER_SCHEMA_ID;IDP_LDAP_UUID_ATTRIBUTE defaultValue: ownCloudUUID type: string description: LDAP User UUID attribute like 'uid'. @@ -8690,8 +8690,8 @@ OCIS_LDAP_USER_SCHEMA_ID: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING: - name: OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;GRAPH_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING +OC_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING: + name: OC_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;GRAPH_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING defaultValue: "false" type: bool description: Set this to true if the defined 'ID' attribute for users is of the @@ -8701,8 +8701,8 @@ OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_LDAP_USER_SCHEMA_MAIL: - name: OCIS_LDAP_USER_SCHEMA_MAIL;IDP_LDAP_EMAIL_ATTRIBUTE +OC_LDAP_USER_SCHEMA_MAIL: + name: OC_LDAP_USER_SCHEMA_MAIL;IDP_LDAP_EMAIL_ATTRIBUTE defaultValue: mail type: string description: LDAP User email attribute like 'mail'. @@ -8710,8 +8710,8 @@ OCIS_LDAP_USER_SCHEMA_MAIL: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_LDAP_USER_SCHEMA_USER_TYPE: - name: OCIS_LDAP_USER_SCHEMA_USER_TYPE;GRAPH_LDAP_USER_TYPE_ATTRIBUTE +OC_LDAP_USER_SCHEMA_USER_TYPE: + name: OC_LDAP_USER_SCHEMA_USER_TYPE;GRAPH_LDAP_USER_TYPE_ATTRIBUTE defaultValue: ownCloudUserType type: string description: LDAP Attribute to distinguish between 'Member' and 'Guest' users. Default @@ -8720,8 +8720,8 @@ OCIS_LDAP_USER_SCHEMA_USER_TYPE: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_LDAP_USER_SCHEMA_USERNAME: - name: OCIS_LDAP_USER_SCHEMA_USERNAME;IDP_LDAP_NAME_ATTRIBUTE +OC_LDAP_USER_SCHEMA_USERNAME: + name: OC_LDAP_USER_SCHEMA_USERNAME;IDP_LDAP_NAME_ATTRIBUTE defaultValue: displayName type: string description: LDAP User name attribute like 'displayName'. @@ -8729,8 +8729,8 @@ OCIS_LDAP_USER_SCHEMA_USERNAME: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_LDAP_USER_SCOPE: - name: OCIS_LDAP_USER_SCOPE;IDP_LDAP_SCOPE +OC_LDAP_USER_SCOPE: + name: OC_LDAP_USER_SCOPE;IDP_LDAP_SCOPE defaultValue: sub type: string description: LDAP search scope to use when looking up users. Supported scopes are @@ -8739,8 +8739,8 @@ OCIS_LDAP_USER_SCOPE: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_LOG_COLOR: - name: OCIS_LOG_COLOR;IDM_LOG_COLOR +OC_LOG_COLOR: + name: OC_LOG_COLOR;IDM_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -8748,8 +8748,8 @@ OCIS_LOG_COLOR: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_LOG_FILE: - name: OCIS_LOG_FILE;IDM_LOG_FILE +OC_LOG_FILE: + name: OC_LOG_FILE;IDM_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -8757,8 +8757,8 @@ OCIS_LOG_FILE: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_LOG_LEVEL: - name: OCIS_LOG_LEVEL;IDM_LOG_LEVEL +OC_LOG_LEVEL: + name: OC_LOG_LEVEL;IDM_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -8767,8 +8767,8 @@ OCIS_LOG_LEVEL: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_LOG_PRETTY: - name: OCIS_LOG_PRETTY;IDM_LOG_PRETTY +OC_LOG_PRETTY: + name: OC_LOG_PRETTY;IDM_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -8776,8 +8776,8 @@ OCIS_LOG_PRETTY: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_MACHINE_AUTH_API_KEY: - name: OCIS_MACHINE_AUTH_API_KEY;PROXY_MACHINE_AUTH_API_KEY +OC_MACHINE_AUTH_API_KEY: + name: OC_MACHINE_AUTH_API_KEY;PROXY_MACHINE_AUTH_API_KEY defaultValue: "" type: string description: Machine auth API key used to validate internal requests necessary to @@ -8786,8 +8786,8 @@ OCIS_MACHINE_AUTH_API_KEY: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_MAX_CONCURRENCY: - name: OCIS_MAX_CONCURRENCY;USERLOG_MAX_CONCURRENCY +OC_MAX_CONCURRENCY: + name: OC_MAX_CONCURRENCY;USERLOG_MAX_CONCURRENCY defaultValue: "1" type: int description: Maximum number of concurrent go-routines. Higher values can potentially @@ -8797,8 +8797,8 @@ OCIS_MAX_CONCURRENCY: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_OIDC_CLIENT_ID: - name: OCIS_OIDC_CLIENT_ID;WEB_OIDC_CLIENT_ID +OC_OIDC_CLIENT_ID: + name: OC_OIDC_CLIENT_ID;WEB_OIDC_CLIENT_ID defaultValue: web type: string description: The OIDC client ID which ownCloud Web uses. This client needs to be @@ -8808,8 +8808,8 @@ OCIS_OIDC_CLIENT_ID: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_OIDC_ISSUER: - name: OCIS_URL;OCIS_OIDC_ISSUER +OC_OIDC_ISSUER: + name: OC_URL;OC_OIDC_ISSUER defaultValue: https://localhost:9200 type: string description: The OIDC issuer URL to assign to the demo users. @@ -8817,8 +8817,8 @@ OCIS_OIDC_ISSUER: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST: - name: OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST;FRONTEND_PASSWORD_POLICY_BANNED_PASSWORDS_LIST +OC_PASSWORD_POLICY_BANNED_PASSWORDS_LIST: + name: OC_PASSWORD_POLICY_BANNED_PASSWORDS_LIST;FRONTEND_PASSWORD_POLICY_BANNED_PASSWORDS_LIST defaultValue: "" type: string description: Path to the 'banned passwords list' file. This only impacts public @@ -8827,8 +8827,8 @@ OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_PASSWORD_POLICY_DISABLED: - name: OCIS_PASSWORD_POLICY_DISABLED;FRONTEND_PASSWORD_POLICY_DISABLED +OC_PASSWORD_POLICY_DISABLED: + name: OC_PASSWORD_POLICY_DISABLED;FRONTEND_PASSWORD_POLICY_DISABLED defaultValue: "false" type: bool description: Disable the password policy. Defaults to false if not set. @@ -8836,8 +8836,8 @@ OCIS_PASSWORD_POLICY_DISABLED: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_PASSWORD_POLICY_MIN_CHARACTERS: - name: OCIS_PASSWORD_POLICY_MIN_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_CHARACTERS +OC_PASSWORD_POLICY_MIN_CHARACTERS: + name: OC_PASSWORD_POLICY_MIN_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_CHARACTERS defaultValue: "8" type: int description: Define the minimum password length. Defaults to 8 if not set. @@ -8845,8 +8845,8 @@ OCIS_PASSWORD_POLICY_MIN_CHARACTERS: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_PASSWORD_POLICY_MIN_DIGITS: - name: OCIS_PASSWORD_POLICY_MIN_DIGITS;FRONTEND_PASSWORD_POLICY_MIN_DIGITS +OC_PASSWORD_POLICY_MIN_DIGITS: + name: OC_PASSWORD_POLICY_MIN_DIGITS;FRONTEND_PASSWORD_POLICY_MIN_DIGITS defaultValue: "1" type: int description: Define the minimum number of digits. Defaults to 1 if not set. @@ -8854,8 +8854,8 @@ OCIS_PASSWORD_POLICY_MIN_DIGITS: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS: - name: OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS +OC_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS: + name: OC_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS defaultValue: "1" type: int description: Define the minimum number of uppercase letters. Defaults to 1 if not @@ -8864,8 +8864,8 @@ OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS: - name: OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS +OC_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS: + name: OC_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS defaultValue: "1" type: int description: Define the minimum number of characters from the special characters @@ -8874,8 +8874,8 @@ OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS: - name: OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS +OC_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS: + name: OC_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS defaultValue: "1" type: int description: Define the minimum number of lowercase letters. Defaults to 1 if not @@ -8884,8 +8884,8 @@ OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_PERSISTENT_STORE: - name: OCIS_PERSISTENT_STORE;COLLABORATION_STORE +OC_PERSISTENT_STORE: + name: OC_PERSISTENT_STORE;COLLABORATION_STORE defaultValue: nats-js-kv type: string description: 'The type of the store. Supported values are: ''memory'', ''nats-js-kv'', @@ -8894,8 +8894,8 @@ OCIS_PERSISTENT_STORE: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_PERSISTENT_STORE_AUTH_PASSWORD: - name: OCIS_PERSISTENT_STORE_AUTH_PASSWORD;COLLABORATION_STORE_AUTH_PASSWORD +OC_PERSISTENT_STORE_AUTH_PASSWORD: + name: OC_PERSISTENT_STORE_AUTH_PASSWORD;COLLABORATION_STORE_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the store. Only applies when store @@ -8904,8 +8904,8 @@ OCIS_PERSISTENT_STORE_AUTH_PASSWORD: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_PERSISTENT_STORE_AUTH_USERNAME: - name: OCIS_PERSISTENT_STORE_AUTH_USERNAME;COLLABORATION_STORE_AUTH_USERNAME +OC_PERSISTENT_STORE_AUTH_USERNAME: + name: OC_PERSISTENT_STORE_AUTH_USERNAME;COLLABORATION_STORE_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the store. Only applies when store @@ -8914,8 +8914,8 @@ OCIS_PERSISTENT_STORE_AUTH_USERNAME: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_PERSISTENT_STORE_NODES: - name: OCIS_PERSISTENT_STORE_NODES;COLLABORATION_STORE_NODES +OC_PERSISTENT_STORE_NODES: + name: OC_PERSISTENT_STORE_NODES;COLLABORATION_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. This has no effect @@ -8926,8 +8926,8 @@ OCIS_PERSISTENT_STORE_NODES: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_PERSISTENT_STORE_TTL: - name: OCIS_PERSISTENT_STORE_TTL;COLLABORATION_STORE_TTL +OC_PERSISTENT_STORE_TTL: + name: OC_PERSISTENT_STORE_TTL;COLLABORATION_STORE_TTL defaultValue: 30m0s type: Duration description: Time to live for events in the store. Defaults to '30m' (30 minutes). @@ -8936,8 +8936,8 @@ OCIS_PERSISTENT_STORE_TTL: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_PUBLIC_URL: - name: OCIS_URL;OCIS_PUBLIC_URL +OC_PUBLIC_URL: + name: OC_URL;OC_PUBLIC_URL defaultValue: https://127.0.0.1:9200 type: string description: URL, where oCIS is reachable for users. @@ -8945,8 +8945,8 @@ OCIS_PUBLIC_URL: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_REVA_GATEWAY: - name: OCIS_REVA_GATEWAY +OC_REVA_GATEWAY: + name: OC_REVA_GATEWAY defaultValue: com.owncloud.api.gateway type: string description: CS3 gateway used to look up user metadata. @@ -8954,8 +8954,8 @@ OCIS_REVA_GATEWAY: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_REVA_GATEWAY_TLS_CACERT: - name: OCIS_REVA_GATEWAY_TLS_CACERT +OC_REVA_GATEWAY_TLS_CACERT: + name: OC_REVA_GATEWAY_TLS_CACERT defaultValue: "" type: string description: The root CA certificate used to validate the gateway's TLS certificate. @@ -8963,8 +8963,8 @@ OCIS_REVA_GATEWAY_TLS_CACERT: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_REVA_GATEWAY_TLS_MODE: - name: OCIS_REVA_GATEWAY_TLS_MODE +OC_REVA_GATEWAY_TLS_MODE: + name: OC_REVA_GATEWAY_TLS_MODE defaultValue: "" type: string description: 'TLS mode for grpc connection to the CS3 gateway endpoint. Possible @@ -8976,8 +8976,8 @@ OCIS_REVA_GATEWAY_TLS_MODE: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_SERVICE_ACCOUNT_ID: - name: OCIS_SERVICE_ACCOUNT_ID;USERLOG_SERVICE_ACCOUNT_ID +OC_SERVICE_ACCOUNT_ID: + name: OC_SERVICE_ACCOUNT_ID;USERLOG_SERVICE_ACCOUNT_ID defaultValue: "" type: string description: The ID of the service account the service should use. See the 'auth-service' @@ -8986,8 +8986,8 @@ OCIS_SERVICE_ACCOUNT_ID: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_SERVICE_ACCOUNT_SECRET: - name: OCIS_SERVICE_ACCOUNT_SECRET;USERLOG_SERVICE_ACCOUNT_SECRET +OC_SERVICE_ACCOUNT_SECRET: + name: OC_SERVICE_ACCOUNT_SECRET;USERLOG_SERVICE_ACCOUNT_SECRET defaultValue: "" type: string description: The service account secret. @@ -8995,8 +8995,8 @@ OCIS_SERVICE_ACCOUNT_SECRET: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD: - name: OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD +OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD: + name: OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD defaultValue: "true" type: bool description: Set this to true if you want to enforce passwords on all public shares. @@ -9006,8 +9006,8 @@ OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD: deprecationInfo: FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated | | FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated | | | FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated -OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD: - name: OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD +OC_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD: + name: OC_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD defaultValue: "false" type: bool description: Set this to true if you want to enforce passwords for writable shares. @@ -9019,8 +9019,8 @@ OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD: API is deprecated | | FRONTEND_OCS_PUBLIC_WRITABLE_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated | | | FRONTEND_OCS_PUBLIC_WRITABLE_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated -OCIS_SHOW_USER_EMAIL_IN_RESULTS: - name: OCIS_SHOW_USER_EMAIL_IN_RESULTS +OC_SHOW_USER_EMAIL_IN_RESULTS: + name: OC_SHOW_USER_EMAIL_IN_RESULTS defaultValue: "false" type: bool description: Include user email addresses in responses. If absent or set to false @@ -9030,8 +9030,8 @@ OCIS_SHOW_USER_EMAIL_IN_RESULTS: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_SPACES_MAX_QUOTA: - name: OCIS_SPACES_MAX_QUOTA;FRONTEND_MAX_QUOTA +OC_SPACES_MAX_QUOTA: + name: OC_SPACES_MAX_QUOTA;FRONTEND_MAX_QUOTA defaultValue: "0" type: uint64 description: Set the global max quota value in bytes. A value of 0 equals unlimited. @@ -9040,8 +9040,8 @@ OCIS_SPACES_MAX_QUOTA: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_SYSTEM_USER_API_KEY: - name: OCIS_SYSTEM_USER_API_KEY +OC_SYSTEM_USER_API_KEY: + name: OC_SYSTEM_USER_API_KEY defaultValue: "" type: string description: API key for the STORAGE-SYSTEM system user. @@ -9049,8 +9049,8 @@ OCIS_SYSTEM_USER_API_KEY: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_SYSTEM_USER_ID: - name: OCIS_SYSTEM_USER_ID;SETTINGS_SYSTEM_USER_ID +OC_SYSTEM_USER_ID: + name: OC_SYSTEM_USER_ID;SETTINGS_SYSTEM_USER_ID defaultValue: "" type: string description: ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID @@ -9061,8 +9061,8 @@ OCIS_SYSTEM_USER_ID: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_SYSTEM_USER_IDP: - name: OCIS_SYSTEM_USER_IDP;SETTINGS_SYSTEM_USER_IDP +OC_SYSTEM_USER_IDP: + name: OC_SYSTEM_USER_IDP;SETTINGS_SYSTEM_USER_IDP defaultValue: internal type: string description: IDP of the oCIS STORAGE-SYSTEM system user. @@ -9070,8 +9070,8 @@ OCIS_SYSTEM_USER_IDP: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;IDM_TRACING_COLLECTOR +OC_TRACING_COLLECTOR: + name: OC_TRACING_COLLECTOR;IDM_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -9080,8 +9080,8 @@ OCIS_TRACING_COLLECTOR: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;IDM_TRACING_ENABLED +OC_TRACING_ENABLED: + name: OC_TRACING_ENABLED;IDM_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -9089,8 +9089,8 @@ OCIS_TRACING_ENABLED: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;IDM_TRACING_ENDPOINT +OC_TRACING_ENDPOINT: + name: OC_TRACING_ENDPOINT;IDM_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -9098,8 +9098,8 @@ OCIS_TRACING_ENDPOINT: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_TRACING_TYPE: - name: OCIS_TRACING_TYPE;IDM_TRACING_TYPE +OC_TRACING_TYPE: + name: OC_TRACING_TYPE;IDM_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -9108,8 +9108,8 @@ OCIS_TRACING_TYPE: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_TRANSFER_SECRET: - name: OCIS_TRANSFER_SECRET +OC_TRANSFER_SECRET: + name: OC_TRANSFER_SECRET defaultValue: "" type: string description: Transfer secret for signing file up- and download requests. @@ -9117,8 +9117,8 @@ OCIS_TRANSFER_SECRET: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_TRANSLATION_PATH: - name: OCIS_TRANSLATION_PATH;USERLOG_TRANSLATION_PATH +OC_TRANSLATION_PATH: + name: OC_TRANSLATION_PATH;USERLOG_TRANSLATION_PATH defaultValue: "" type: string description: (optional) Set this to a path with custom translations to overwrite @@ -9128,8 +9128,8 @@ OCIS_TRANSLATION_PATH: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_URL: - name: OCIS_URL;OCIS_OIDC_ISSUER +OC_URL: + name: OC_URL;OC_OIDC_ISSUER defaultValue: https://localhost:9200 type: string description: The OIDC issuer URL to assign to the demo users. @@ -9137,8 +9137,8 @@ OCIS_URL: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -OCIS_WOPI_DISABLE_CHAT: - name: COLLABORATION_WOPI_DISABLE_CHAT;OCIS_WOPI_DISABLE_CHAT +OC_WOPI_DISABLE_CHAT: + name: COLLABORATION_WOPI_DISABLE_CHAT;OC_WOPI_DISABLE_CHAT defaultValue: "false" type: bool description: Disable chat in the office web frontend. This feature applies to OnlyOffice @@ -9148,7 +9148,7 @@ OCIS_WOPI_DISABLE_CHAT: removalVersion: "" deprecationInfo: "" OCM_CORS_ALLOW_CREDENTIALS: - name: OCIS_CORS_ALLOW_CREDENTIALS;OCM_CORS_ALLOW_CREDENTIALS + name: OC_CORS_ALLOW_CREDENTIALS;OCM_CORS_ALLOW_CREDENTIALS defaultValue: "false" type: bool description: 'Allow credentials for CORS.See following chapter for more details: @@ -9158,7 +9158,7 @@ OCM_CORS_ALLOW_CREDENTIALS: removalVersion: "" deprecationInfo: "" OCM_CORS_ALLOW_HEADERS: - name: OCIS_CORS_ALLOW_HEADERS;OCM_CORS_ALLOW_HEADERS + name: OC_CORS_ALLOW_HEADERS;OCM_CORS_ALLOW_HEADERS defaultValue: '[Origin Accept Content-Type Depth Authorization Ocs-Apirequest If-None-Match If-Match Destination Overwrite X-Request-Id X-Requested-With Tus-Resumable Tus-Checksum-Algorithm Upload-Concat Upload-Length Upload-Metadata Upload-Defer-Length Upload-Expires @@ -9172,7 +9172,7 @@ OCM_CORS_ALLOW_HEADERS: removalVersion: "" deprecationInfo: "" OCM_CORS_ALLOW_METHODS: - name: OCIS_CORS_ALLOW_METHODS;OCM_CORS_ALLOW_METHODS + name: OC_CORS_ALLOW_METHODS;OCM_CORS_ALLOW_METHODS defaultValue: '[OPTIONS HEAD GET PUT POST DELETE MKCOL PROPFIND PROPPATCH MOVE COPY REPORT SEARCH]' type: '[]string' @@ -9184,7 +9184,7 @@ OCM_CORS_ALLOW_METHODS: removalVersion: "" deprecationInfo: "" OCM_CORS_ALLOW_ORIGINS: - name: OCIS_CORS_ALLOW_ORIGINS;OCM_CORS_ALLOW_ORIGINS + name: OC_CORS_ALLOW_ORIGINS;OCM_CORS_ALLOW_ORIGINS defaultValue: '[https://localhost:9200]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: @@ -9233,7 +9233,7 @@ OCM_DEBUG_ZPAGES: removalVersion: "" deprecationInfo: "" OCM_EVENTS_AUTH_PASSWORD: - name: OCIS_EVENTS_AUTH_PASSWORD;OCM_EVENTS_AUTH_PASSWORD + name: OC_EVENTS_AUTH_PASSWORD;OCM_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the events broker. The events broker @@ -9243,7 +9243,7 @@ OCM_EVENTS_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" OCM_EVENTS_AUTH_USERNAME: - name: OCIS_EVENTS_AUTH_USERNAME;OCM_EVENTS_AUTH_USERNAME + name: OC_EVENTS_AUTH_USERNAME;OCM_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the events broker. The events broker @@ -9253,7 +9253,7 @@ OCM_EVENTS_AUTH_USERNAME: removalVersion: "" deprecationInfo: "" OCM_EVENTS_CLUSTER: - name: OCIS_EVENTS_CLUSTER;OCM_EVENTS_CLUSTER + name: OC_EVENTS_CLUSTER;OCM_EVENTS_CLUSTER defaultValue: ocis-cluster type: string description: The clusterID of the event system. The event system is the message @@ -9264,7 +9264,7 @@ OCM_EVENTS_CLUSTER: removalVersion: "" deprecationInfo: "" OCM_EVENTS_ENABLE_TLS: - name: OCIS_EVENTS_ENABLE_TLS;OCM_EVENTS_ENABLE_TLS + name: OC_EVENTS_ENABLE_TLS;OCM_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker @@ -9274,7 +9274,7 @@ OCM_EVENTS_ENABLE_TLS: removalVersion: "" deprecationInfo: "" OCM_EVENTS_ENDPOINT: - name: OCIS_EVENTS_ENDPOINT;OCM_EVENTS_ENDPOINT + name: OC_EVENTS_ENDPOINT;OCM_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing @@ -9284,7 +9284,7 @@ OCM_EVENTS_ENDPOINT: removalVersion: "" deprecationInfo: "" OCM_EVENTS_TLS_INSECURE: - name: OCIS_INSECURE;OCM_EVENTS_TLS_INSECURE + name: OC_INSECURE;OCM_EVENTS_TLS_INSECURE defaultValue: "false" type: bool description: Whether to verify the server TLS certificates. @@ -9293,7 +9293,7 @@ OCM_EVENTS_TLS_INSECURE: removalVersion: "" deprecationInfo: "" OCM_EVENTS_TLS_ROOT_CA_CERTIFICATE: - name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;OCM_EVENTS_TLS_ROOT_CA_CERTIFICATE + name: OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;OCM_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. @@ -9312,7 +9312,7 @@ OCM_GRPC_ADDR: removalVersion: "" deprecationInfo: "" OCM_GRPC_PROTOCOL: - name: OCIS_GRPC_PROTOCOL;OCM_GRPC_PROTOCOL + name: OC_GRPC_PROTOCOL;OCM_GRPC_PROTOCOL defaultValue: "" type: string description: The transport protocol of the GRPC service. @@ -9348,7 +9348,7 @@ OCM_HTTP_PROTOCOL: removalVersion: "" deprecationInfo: "" OCM_JWT_SECRET: - name: OCIS_JWT_SECRET;OCM_JWT_SECRET + name: OC_JWT_SECRET;OCM_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. @@ -9357,7 +9357,7 @@ OCM_JWT_SECRET: removalVersion: "" deprecationInfo: "" OCM_LOG_COLOR: - name: OCIS_LOG_COLOR;OCM_LOG_COLOR + name: OC_LOG_COLOR;OCM_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -9366,7 +9366,7 @@ OCM_LOG_COLOR: removalVersion: "" deprecationInfo: "" OCM_LOG_FILE: - name: OCIS_LOG_FILE;OCM_LOG_FILE + name: OC_LOG_FILE;OCM_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -9375,7 +9375,7 @@ OCM_LOG_FILE: removalVersion: "" deprecationInfo: "" OCM_LOG_LEVEL: - name: OCIS_LOG_LEVEL;OCM_LOG_LEVEL + name: OC_LOG_LEVEL;OCM_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -9385,7 +9385,7 @@ OCM_LOG_LEVEL: removalVersion: "" deprecationInfo: "" OCM_LOG_PRETTY: - name: OCIS_LOG_PRETTY;OCM_LOG_PRETTY + name: OC_LOG_PRETTY;OCM_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -9416,7 +9416,7 @@ OCM_OCM_CORE_JSON_FILE: defaultValue: /var/lib/ocis/storage/ocm/ocmshares.json type: string description: Path to the JSON file where OCM share data will be stored. If not defined, - the root directory derives from $OCIS_BASE_DATA_PATH/storage. + the root directory derives from $OC_BASE_DATA_PATH/storage. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" @@ -9446,7 +9446,7 @@ OCM_OCM_INVITE_MANAGER_JSON_FILE: type: string description: Path to the JSON file where OCM invite data will be stored. This file is maintained by the instance and must not be changed manually. If not defined, - the root directory derives from $OCIS_BASE_DATA_PATH/storage/ocm. + the root directory derives from $OC_BASE_DATA_PATH/storage/ocm. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" @@ -9474,7 +9474,7 @@ OCM_OCM_PROVIDER_AUTHORIZER_PROVIDERS_FILE: defaultValue: /etc/ocis/ocmproviders.json type: string description: Path to the JSON file where ocm invite data will be stored. Defaults - to $OCIS_CONFIG_DIR/ocmproviders.json. + to $OC_CONFIG_DIR/ocmproviders.json. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" @@ -9504,7 +9504,7 @@ OCM_OCM_SHAREPROVIDER_JSON_FILE: defaultValue: /var/lib/ocis/storage/ocm/ocmshares.json type: string description: Path to the JSON file where OCM share data will be stored. If not defined, - the root directory derives from $OCIS_BASE_DATA_PATH/storage. + the root directory derives from $OC_BASE_DATA_PATH/storage. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" @@ -9569,7 +9569,7 @@ OCM_SCIENCEMESH_PREFIX: removalVersion: "" deprecationInfo: "" OCM_SERVICE_ACCOUNT_ID: - name: OCIS_SERVICE_ACCOUNT_ID;OCM_SERVICE_ACCOUNT_ID + name: OC_SERVICE_ACCOUNT_ID;OCM_SERVICE_ACCOUNT_ID defaultValue: "" type: string description: The ID of the service account the service should use. See the 'auth-service' @@ -9579,7 +9579,7 @@ OCM_SERVICE_ACCOUNT_ID: removalVersion: "" deprecationInfo: "" OCM_SERVICE_ACCOUNT_SECRET: - name: OCIS_SERVICE_ACCOUNT_SECRET;OCM_SERVICE_ACCOUNT_SECRET + name: OC_SERVICE_ACCOUNT_SECRET;OCM_SERVICE_ACCOUNT_SECRET defaultValue: "" type: string description: The service account secret. @@ -9588,7 +9588,7 @@ OCM_SERVICE_ACCOUNT_SECRET: removalVersion: "" deprecationInfo: "" OCM_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;OCM_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;OCM_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -9598,7 +9598,7 @@ OCM_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" OCM_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;OCM_TRACING_ENABLED + name: OC_TRACING_ENABLED;OCM_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -9607,7 +9607,7 @@ OCM_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" OCM_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;OCM_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;OCM_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -9616,7 +9616,7 @@ OCM_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" OCM_TRACING_TYPE: - name: OCIS_TRACING_TYPE;OCM_TRACING_TYPE + name: OC_TRACING_TYPE;OCM_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -9635,7 +9635,7 @@ OCM_WEBAPP_TEMPLATE: removalVersion: "" deprecationInfo: "" OCS_CORS_ALLOW_CREDENTIALS: - name: OCIS_CORS_ALLOW_CREDENTIALS;OCS_CORS_ALLOW_CREDENTIALS + name: OC_CORS_ALLOW_CREDENTIALS;OCS_CORS_ALLOW_CREDENTIALS defaultValue: "true" type: bool description: 'Allow credentials for CORS.See following chapter for more details: @@ -9645,7 +9645,7 @@ OCS_CORS_ALLOW_CREDENTIALS: removalVersion: "" deprecationInfo: "" OCS_CORS_ALLOW_HEADERS: - name: OCIS_CORS_ALLOW_HEADERS;OCS_CORS_ALLOW_HEADERS + name: OC_CORS_ALLOW_HEADERS;OCS_CORS_ALLOW_HEADERS defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id Cache-Control]' type: '[]string' @@ -9657,7 +9657,7 @@ OCS_CORS_ALLOW_HEADERS: removalVersion: "" deprecationInfo: "" OCS_CORS_ALLOW_METHODS: - name: OCIS_CORS_ALLOW_METHODS;OCS_CORS_ALLOW_METHODS + name: OC_CORS_ALLOW_METHODS;OCS_CORS_ALLOW_METHODS defaultValue: '[GET POST PUT PATCH DELETE OPTIONS]' type: '[]string' description: 'A list of allowed CORS methods. See following chapter for more details: @@ -9668,7 +9668,7 @@ OCS_CORS_ALLOW_METHODS: removalVersion: "" deprecationInfo: "" OCS_CORS_ALLOW_ORIGINS: - name: OCIS_CORS_ALLOW_ORIGINS;OCS_CORS_ALLOW_ORIGINS + name: OC_CORS_ALLOW_ORIGINS;OCS_CORS_ALLOW_ORIGINS defaultValue: '[*]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: @@ -9745,7 +9745,7 @@ OCS_HTTP_ROOT: removalVersion: "" deprecationInfo: "" OCS_JWT_SECRET: - name: OCIS_JWT_SECRET;OCS_JWT_SECRET + name: OC_JWT_SECRET;OCS_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. @@ -9754,7 +9754,7 @@ OCS_JWT_SECRET: removalVersion: "" deprecationInfo: "" OCS_LOG_COLOR: - name: OCIS_LOG_COLOR;OCS_LOG_COLOR + name: OC_LOG_COLOR;OCS_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -9763,7 +9763,7 @@ OCS_LOG_COLOR: removalVersion: "" deprecationInfo: "" OCS_LOG_FILE: - name: OCIS_LOG_FILE;OCS_LOG_FILE + name: OC_LOG_FILE;OCS_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -9772,7 +9772,7 @@ OCS_LOG_FILE: removalVersion: "" deprecationInfo: "" OCS_LOG_LEVEL: - name: OCIS_LOG_LEVEL;OCS_LOG_LEVEL + name: OC_LOG_LEVEL;OCS_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -9782,7 +9782,7 @@ OCS_LOG_LEVEL: removalVersion: "" deprecationInfo: "" OCS_LOG_PRETTY: - name: OCIS_LOG_PRETTY;OCS_LOG_PRETTY + name: OC_LOG_PRETTY;OCS_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -9791,7 +9791,7 @@ OCS_LOG_PRETTY: removalVersion: "" deprecationInfo: "" OCS_PRESIGNEDURL_SIGNING_KEYS_STORE: - name: OCIS_CACHE_STORE;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE + name: OC_CACHE_STORE;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE defaultValue: nats-js-kv type: string description: 'The type of the signing key store. Supported values are: ''redis-sentinel'' @@ -9801,7 +9801,7 @@ OCS_PRESIGNEDURL_SIGNING_KEYS_STORE: removalVersion: "" deprecationInfo: "" OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_PASSWORD: - name: OCIS_CACHE_AUTH_PASSWORD;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_PASSWORD + name: OC_CACHE_AUTH_PASSWORD;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the store. Only applies when store @@ -9811,7 +9811,7 @@ OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_USERNAME: - name: OCIS_CACHE_AUTH_USERNAME;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_USERNAME + name: OC_CACHE_AUTH_USERNAME;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the store. Only applies when store @@ -9821,7 +9821,7 @@ OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_USERNAME: removalVersion: "" deprecationInfo: "" OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES: - name: OCIS_CACHE_STORE_NODES;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES + name: OC_CACHE_STORE_NODES;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. Note that the behaviour @@ -9832,7 +9832,7 @@ OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES: removalVersion: "" deprecationInfo: "" OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_TTL: - name: OCIS_CACHE_TTL;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_TTL + name: OC_CACHE_TTL;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_TTL defaultValue: 12h0m0s type: Duration description: Default time to live for signing keys. See the Environment Variable @@ -9842,7 +9842,7 @@ OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_TTL: removalVersion: "" deprecationInfo: "" OCS_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;OCS_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;OCS_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -9852,7 +9852,7 @@ OCS_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" OCS_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;OCS_TRACING_ENABLED + name: OC_TRACING_ENABLED;OCS_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -9861,7 +9861,7 @@ OCS_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" OCS_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;OCS_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;OCS_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -9870,7 +9870,7 @@ OCS_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" OCS_TRACING_TYPE: - name: OCIS_TRACING_TYPE;OCS_TRACING_TYPE + name: OC_TRACING_TYPE;OCS_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -9939,7 +9939,7 @@ POLICIES_ENGINE_TIMEOUT: removalVersion: "" deprecationInfo: "" POLICIES_EVENTS_AUTH_PASSWORD: - name: OCIS_EVENTS_AUTH_PASSWORD;POLICIES_EVENTS_AUTH_PASSWORD + name: OC_EVENTS_AUTH_PASSWORD;POLICIES_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the events broker. The events broker @@ -9949,7 +9949,7 @@ POLICIES_EVENTS_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" POLICIES_EVENTS_AUTH_USERNAME: - name: OCIS_EVENTS_AUTH_USERNAME;POLICIES_EVENTS_AUTH_USERNAME + name: OC_EVENTS_AUTH_USERNAME;POLICIES_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the events broker. The events broker @@ -9959,7 +9959,7 @@ POLICIES_EVENTS_AUTH_USERNAME: removalVersion: "" deprecationInfo: "" POLICIES_EVENTS_CLUSTER: - name: OCIS_EVENTS_CLUSTER;POLICIES_EVENTS_CLUSTER + name: OC_EVENTS_CLUSTER;POLICIES_EVENTS_CLUSTER defaultValue: ocis-cluster type: string description: The clusterID of the event system. The event system is the message @@ -9970,7 +9970,7 @@ POLICIES_EVENTS_CLUSTER: removalVersion: "" deprecationInfo: "" POLICIES_EVENTS_ENABLE_TLS: - name: OCIS_EVENTS_ENABLE_TLS;POLICIES_EVENTS_ENABLE_TLS + name: OC_EVENTS_ENABLE_TLS;POLICIES_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker @@ -9980,7 +9980,7 @@ POLICIES_EVENTS_ENABLE_TLS: removalVersion: "" deprecationInfo: "" POLICIES_EVENTS_ENDPOINT: - name: OCIS_EVENTS_ENDPOINT;POLICIES_EVENTS_ENDPOINT + name: OC_EVENTS_ENDPOINT;POLICIES_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing @@ -9990,7 +9990,7 @@ POLICIES_EVENTS_ENDPOINT: removalVersion: "" deprecationInfo: "" POLICIES_EVENTS_TLS_INSECURE: - name: OCIS_INSECURE;POLICIES_EVENTS_TLS_INSECURE + name: OC_INSECURE;POLICIES_EVENTS_TLS_INSECURE defaultValue: "false" type: bool description: Whether the server should skip the client certificate verification @@ -10000,7 +10000,7 @@ POLICIES_EVENTS_TLS_INSECURE: removalVersion: "" deprecationInfo: "" POLICIES_EVENTS_TLS_ROOT_CA_CERTIFICATE: - name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;POLICIES_EVENTS_TLS_ROOT_CA_CERTIFICATE + name: OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;POLICIES_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. @@ -10019,7 +10019,7 @@ POLICIES_GRPC_ADDR: removalVersion: "" deprecationInfo: "" POLICIES_LOG_COLOR: - name: OCIS_LOG_COLOR;POLICIES_LOG_COLOR + name: OC_LOG_COLOR;POLICIES_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -10028,7 +10028,7 @@ POLICIES_LOG_COLOR: removalVersion: "" deprecationInfo: "" POLICIES_LOG_FILE: - name: OCIS_LOG_FILE;POLICIES_LOG_FILE + name: OC_LOG_FILE;POLICIES_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -10037,7 +10037,7 @@ POLICIES_LOG_FILE: removalVersion: "" deprecationInfo: "" POLICIES_LOG_LEVEL: - name: OCIS_LOG_LEVEL;POLICIES_LOG_LEVEL + name: OC_LOG_LEVEL;POLICIES_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -10047,7 +10047,7 @@ POLICIES_LOG_LEVEL: removalVersion: "" deprecationInfo: "" POLICIES_LOG_PRETTY: - name: OCIS_LOG_PRETTY;POLICIES_LOG_PRETTY + name: OC_LOG_PRETTY;POLICIES_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -10066,7 +10066,7 @@ POLICIES_POSTPROCESSING_QUERY: removalVersion: "" deprecationInfo: "" POLICIES_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;POLICIES_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;POLICIES_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -10076,7 +10076,7 @@ POLICIES_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" POLICIES_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;POLICIES_TRACING_ENABLED + name: OC_TRACING_ENABLED;POLICIES_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -10085,7 +10085,7 @@ POLICIES_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" POLICIES_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;POLICIES_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;POLICIES_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -10094,7 +10094,7 @@ POLICIES_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" POLICIES_TRACING_TYPE: - name: OCIS_TRACING_TYPE;POLICIES_TRACING_TYPE + name: OC_TRACING_TYPE;POLICIES_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -10156,7 +10156,7 @@ POSTPROCESSING_DELAY: removalVersion: "" deprecationInfo: "" POSTPROCESSING_EVENTS_AUTH_PASSWORD: - name: OCIS_EVENTS_AUTH_PASSWORD;POSTPROCESSING_EVENTS_AUTH_PASSWORD + name: OC_EVENTS_AUTH_PASSWORD;POSTPROCESSING_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the events broker. The events broker @@ -10166,7 +10166,7 @@ POSTPROCESSING_EVENTS_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" POSTPROCESSING_EVENTS_AUTH_USERNAME: - name: OCIS_EVENTS_AUTH_USERNAME;POSTPROCESSING_EVENTS_AUTH_USERNAME + name: OC_EVENTS_AUTH_USERNAME;POSTPROCESSING_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the events broker. The events broker @@ -10176,7 +10176,7 @@ POSTPROCESSING_EVENTS_AUTH_USERNAME: removalVersion: "" deprecationInfo: "" POSTPROCESSING_EVENTS_CLUSTER: - name: OCIS_EVENTS_CLUSTER;POSTPROCESSING_EVENTS_CLUSTER + name: OC_EVENTS_CLUSTER;POSTPROCESSING_EVENTS_CLUSTER defaultValue: ocis-cluster type: string description: The clusterID of the event system. The event system is the message @@ -10187,7 +10187,7 @@ POSTPROCESSING_EVENTS_CLUSTER: removalVersion: "" deprecationInfo: "" POSTPROCESSING_EVENTS_ENABLE_TLS: - name: OCIS_EVENTS_ENABLE_TLS;POSTPROCESSING_EVENTS_ENABLE_TLS + name: OC_EVENTS_ENABLE_TLS;POSTPROCESSING_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker @@ -10197,7 +10197,7 @@ POSTPROCESSING_EVENTS_ENABLE_TLS: removalVersion: "" deprecationInfo: "" POSTPROCESSING_EVENTS_ENDPOINT: - name: OCIS_EVENTS_ENDPOINT;POSTPROCESSING_EVENTS_ENDPOINT + name: OC_EVENTS_ENDPOINT;POSTPROCESSING_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing @@ -10207,7 +10207,7 @@ POSTPROCESSING_EVENTS_ENDPOINT: removalVersion: "" deprecationInfo: "" POSTPROCESSING_EVENTS_TLS_INSECURE: - name: OCIS_INSECURE;POSTPROCESSING_EVENTS_TLS_INSECURE + name: OC_INSECURE;POSTPROCESSING_EVENTS_TLS_INSECURE defaultValue: "false" type: bool description: Whether the ocis server should skip the client certificate verification @@ -10217,7 +10217,7 @@ POSTPROCESSING_EVENTS_TLS_INSECURE: removalVersion: "" deprecationInfo: "" POSTPROCESSING_EVENTS_TLS_ROOT_CA_CERTIFICATE: - name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;POSTPROCESSING_EVENTS_TLS_ROOT_CA_CERTIFICATE + name: OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;POSTPROCESSING_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. @@ -10227,7 +10227,7 @@ POSTPROCESSING_EVENTS_TLS_ROOT_CA_CERTIFICATE: removalVersion: "" deprecationInfo: "" POSTPROCESSING_LOG_COLOR: - name: OCIS_LOG_COLOR;POSTPROCESSING_LOG_COLOR + name: OC_LOG_COLOR;POSTPROCESSING_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -10236,7 +10236,7 @@ POSTPROCESSING_LOG_COLOR: removalVersion: "" deprecationInfo: "" POSTPROCESSING_LOG_FILE: - name: OCIS_LOG_FILE;POSTPROCESSING_LOG_FILE + name: OC_LOG_FILE;POSTPROCESSING_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -10245,7 +10245,7 @@ POSTPROCESSING_LOG_FILE: removalVersion: "" deprecationInfo: "" POSTPROCESSING_LOG_LEVEL: - name: OCIS_LOG_LEVEL;POSTPROCESSING_LOG_LEVEL + name: OC_LOG_LEVEL;POSTPROCESSING_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -10255,7 +10255,7 @@ POSTPROCESSING_LOG_LEVEL: removalVersion: "" deprecationInfo: "" POSTPROCESSING_LOG_PRETTY: - name: OCIS_LOG_PRETTY;POSTPROCESSING_LOG_PRETTY + name: OC_LOG_PRETTY;POSTPROCESSING_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -10295,7 +10295,7 @@ POSTPROCESSING_STEPS: removalVersion: "" deprecationInfo: "" POSTPROCESSING_STORE: - name: OCIS_PERSISTENT_STORE;POSTPROCESSING_STORE + name: OC_PERSISTENT_STORE;POSTPROCESSING_STORE defaultValue: nats-js-kv type: string description: 'The type of the store. Supported values are: ''memory'', ''redis-sentinel'', @@ -10305,7 +10305,7 @@ POSTPROCESSING_STORE: removalVersion: "" deprecationInfo: "" POSTPROCESSING_STORE_AUTH_PASSWORD: - name: OCIS_PERSISTENT_STORE_AUTH_PASSWORD;POSTPROCESSING_STORE_AUTH_PASSWORD + name: OC_PERSISTENT_STORE_AUTH_PASSWORD;POSTPROCESSING_STORE_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the store. Only applies when store @@ -10315,7 +10315,7 @@ POSTPROCESSING_STORE_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" POSTPROCESSING_STORE_AUTH_USERNAME: - name: OCIS_PERSISTENT_STORE_AUTH_USERNAME;POSTPROCESSING_STORE_AUTH_USERNAME + name: OC_PERSISTENT_STORE_AUTH_USERNAME;POSTPROCESSING_STORE_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the store. Only applies when store @@ -10334,7 +10334,7 @@ POSTPROCESSING_STORE_DATABASE: removalVersion: "" deprecationInfo: "" POSTPROCESSING_STORE_NODES: - name: OCIS_PERSISTENT_STORE_NODES;POSTPROCESSING_STORE_NODES + name: OC_PERSISTENT_STORE_NODES;POSTPROCESSING_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. This has no effect @@ -10355,7 +10355,7 @@ POSTPROCESSING_STORE_TABLE: removalVersion: "" deprecationInfo: "" POSTPROCESSING_STORE_TTL: - name: OCIS_PERSISTENT_STORE_TTL;POSTPROCESSING_STORE_TTL + name: OC_PERSISTENT_STORE_TTL;POSTPROCESSING_STORE_TTL defaultValue: 0s type: Duration description: Time to live for events in the store. See the Environment Variable @@ -10365,7 +10365,7 @@ POSTPROCESSING_STORE_TTL: removalVersion: "" deprecationInfo: "" POSTPROCESSING_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;POSTPROCESSING_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;POSTPROCESSING_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -10375,7 +10375,7 @@ POSTPROCESSING_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" POSTPROCESSING_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;POSTPROCESSING_TRACING_ENABLED + name: OC_TRACING_ENABLED;POSTPROCESSING_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -10384,7 +10384,7 @@ POSTPROCESSING_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" POSTPROCESSING_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;POSTPROCESSING_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;POSTPROCESSING_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -10393,7 +10393,7 @@ POSTPROCESSING_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" POSTPROCESSING_TRACING_TYPE: - name: OCIS_TRACING_TYPE;POSTPROCESSING_TRACING_TYPE + name: OC_TRACING_TYPE;POSTPROCESSING_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -10545,7 +10545,7 @@ PROXY_ENABLE_PRESIGNEDURLS: removalVersion: "" deprecationInfo: "" PROXY_EVENTS_AUTH_PASSWORD: - name: OCIS_EVENTS_AUTH_PASSWORD;PROXY_EVENTS_AUTH_PASSWORD + name: OC_EVENTS_AUTH_PASSWORD;PROXY_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the events broker. The events broker @@ -10555,7 +10555,7 @@ PROXY_EVENTS_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" PROXY_EVENTS_AUTH_USERNAME: - name: OCIS_EVENTS_AUTH_USERNAME;PROXY_EVENTS_AUTH_USERNAME + name: OC_EVENTS_AUTH_USERNAME;PROXY_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the events broker. The events broker @@ -10565,7 +10565,7 @@ PROXY_EVENTS_AUTH_USERNAME: removalVersion: "" deprecationInfo: "" PROXY_EVENTS_CLUSTER: - name: OCIS_EVENTS_CLUSTER;PROXY_EVENTS_CLUSTER + name: OC_EVENTS_CLUSTER;PROXY_EVENTS_CLUSTER defaultValue: ocis-cluster type: string description: The clusterID of the event system. The event system is the message @@ -10575,7 +10575,7 @@ PROXY_EVENTS_CLUSTER: removalVersion: "" deprecationInfo: "" PROXY_EVENTS_ENABLE_TLS: - name: OCIS_EVENTS_ENABLE_TLS;PROXY_EVENTS_ENABLE_TLS + name: OC_EVENTS_ENABLE_TLS;PROXY_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker @@ -10585,7 +10585,7 @@ PROXY_EVENTS_ENABLE_TLS: removalVersion: "" deprecationInfo: "" PROXY_EVENTS_ENDPOINT: - name: OCIS_EVENTS_ENDPOINT;PROXY_EVENTS_ENDPOINT + name: OC_EVENTS_ENDPOINT;PROXY_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing @@ -10596,7 +10596,7 @@ PROXY_EVENTS_ENDPOINT: removalVersion: "" deprecationInfo: "" PROXY_EVENTS_TLS_INSECURE: - name: OCIS_INSECURE;PROXY_EVENTS_TLS_INSECURE + name: OC_INSECURE;PROXY_EVENTS_TLS_INSECURE defaultValue: "false" type: bool description: Whether to verify the server TLS certificates. @@ -10605,7 +10605,7 @@ PROXY_EVENTS_TLS_INSECURE: removalVersion: "" deprecationInfo: "" PROXY_EVENTS_TLS_ROOT_CA_CERTIFICATE: - name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;PROXY_EVENTS_TLS_ROOT_CA_CERTIFICATE + name: OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;PROXY_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. @@ -10652,7 +10652,7 @@ PROXY_INSECURE_BACKENDS: removalVersion: "" deprecationInfo: "" PROXY_LOG_COLOR: - name: OCIS_LOG_COLOR;PROXY_LOG_COLOR + name: OC_LOG_COLOR;PROXY_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -10661,7 +10661,7 @@ PROXY_LOG_COLOR: removalVersion: "" deprecationInfo: "" PROXY_LOG_FILE: - name: OCIS_LOG_FILE;PROXY_LOG_FILE + name: OC_LOG_FILE;PROXY_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -10670,7 +10670,7 @@ PROXY_LOG_FILE: removalVersion: "" deprecationInfo: "" PROXY_LOG_LEVEL: - name: OCIS_LOG_LEVEL;PROXY_LOG_LEVEL + name: OC_LOG_LEVEL;PROXY_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -10680,7 +10680,7 @@ PROXY_LOG_LEVEL: removalVersion: "" deprecationInfo: "" PROXY_LOG_PRETTY: - name: OCIS_LOG_PRETTY;PROXY_LOG_PRETTY + name: OC_LOG_PRETTY;PROXY_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -10689,7 +10689,7 @@ PROXY_LOG_PRETTY: removalVersion: "" deprecationInfo: "" PROXY_MACHINE_AUTH_API_KEY: - name: OCIS_MACHINE_AUTH_API_KEY;PROXY_MACHINE_AUTH_API_KEY + name: OC_MACHINE_AUTH_API_KEY;PROXY_MACHINE_AUTH_API_KEY defaultValue: "" type: string description: Machine auth API key used to validate internal requests necessary to @@ -10712,7 +10712,7 @@ PROXY_OIDC_ACCESS_TOKEN_VERIFY_METHOD: removalVersion: "" deprecationInfo: "" PROXY_OIDC_INSECURE: - name: OCIS_INSECURE;PROXY_OIDC_INSECURE + name: OC_INSECURE;PROXY_OIDC_INSECURE defaultValue: "false" type: bool description: Disable TLS certificate validation for connections to the IDP. Note @@ -10722,7 +10722,7 @@ PROXY_OIDC_INSECURE: removalVersion: "" deprecationInfo: "" PROXY_OIDC_ISSUER: - name: OCIS_URL;OCIS_OIDC_ISSUER;PROXY_OIDC_ISSUER + name: OC_URL;OC_OIDC_ISSUER;PROXY_OIDC_ISSUER defaultValue: https://localhost:9200 type: string description: URL of the OIDC issuer. It defaults to URL of the builtin IDP. @@ -10792,7 +10792,7 @@ PROXY_OIDC_SKIP_USER_INFO: removalVersion: "" deprecationInfo: "" PROXY_OIDC_USERINFO_CACHE_AUTH_PASSWORD: - name: OCIS_CACHE_AUTH_PASSWORD;PROXY_OIDC_USERINFO_CACHE_AUTH_PASSWORD + name: OC_CACHE_AUTH_PASSWORD;PROXY_OIDC_USERINFO_CACHE_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the cache. Only applies when store @@ -10802,7 +10802,7 @@ PROXY_OIDC_USERINFO_CACHE_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" PROXY_OIDC_USERINFO_CACHE_AUTH_USERNAME: - name: OCIS_CACHE_AUTH_USERNAME;PROXY_OIDC_USERINFO_CACHE_AUTH_USERNAME + name: OC_CACHE_AUTH_USERNAME;PROXY_OIDC_USERINFO_CACHE_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the cache. Only applies when store @@ -10812,7 +10812,7 @@ PROXY_OIDC_USERINFO_CACHE_AUTH_USERNAME: removalVersion: "" deprecationInfo: "" PROXY_OIDC_USERINFO_CACHE_DISABLE_PERSISTENCE: - name: OCIS_CACHE_DISABLE_PERSISTENCE;PROXY_OIDC_USERINFO_CACHE_DISABLE_PERSISTENCE + name: OC_CACHE_DISABLE_PERSISTENCE;PROXY_OIDC_USERINFO_CACHE_DISABLE_PERSISTENCE defaultValue: "false" type: bool description: Disables persistence of the cache. Only applies when store type 'nats-js-kv' @@ -10822,7 +10822,7 @@ PROXY_OIDC_USERINFO_CACHE_DISABLE_PERSISTENCE: removalVersion: "" deprecationInfo: "" PROXY_OIDC_USERINFO_CACHE_STORE: - name: OCIS_CACHE_STORE;PROXY_OIDC_USERINFO_CACHE_STORE + name: OC_CACHE_STORE;PROXY_OIDC_USERINFO_CACHE_STORE defaultValue: memory type: string description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'', @@ -10832,7 +10832,7 @@ PROXY_OIDC_USERINFO_CACHE_STORE: removalVersion: "" deprecationInfo: "" PROXY_OIDC_USERINFO_CACHE_STORE_NODES: - name: OCIS_CACHE_STORE_NODES;PROXY_OIDC_USERINFO_CACHE_STORE_NODES + name: OC_CACHE_STORE_NODES;PROXY_OIDC_USERINFO_CACHE_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. This has no effect @@ -10853,7 +10853,7 @@ PROXY_OIDC_USERINFO_CACHE_TABLE: removalVersion: "" deprecationInfo: "" PROXY_OIDC_USERINFO_CACHE_TTL: - name: OCIS_CACHE_TTL;PROXY_OIDC_USERINFO_CACHE_TTL + name: OC_CACHE_TTL;PROXY_OIDC_USERINFO_CACHE_TTL defaultValue: 10s type: Duration description: Default time to live for user info in the user info cache. Only applied @@ -10875,7 +10875,7 @@ PROXY_POLICIES_QUERY: removalVersion: "" deprecationInfo: "" PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE: - name: OCIS_CACHE_STORE;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE + name: OC_CACHE_STORE;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE defaultValue: nats-js-kv type: string description: 'The type of the signing key store. Supported values are: ''redis-sentinel'', @@ -10886,7 +10886,7 @@ PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE: removalVersion: "" deprecationInfo: "" PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_PASSWORD: - name: OCIS_CACHE_AUTH_PASSWORD;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_PASSWORD + name: OC_CACHE_AUTH_PASSWORD;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the store. Only applies when store @@ -10896,7 +10896,7 @@ PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_USERNAME: - name: OCIS_CACHE_AUTH_USERNAME;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_USERNAME + name: OC_CACHE_AUTH_USERNAME;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the store. Only applies when store @@ -10906,7 +10906,7 @@ PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_USERNAME: removalVersion: "" deprecationInfo: "" PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_DISABLE_PERSISTENCE: - name: OCIS_CACHE_DISABLE_PERSISTENCE;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_DISABLE_PERSISTENCE + name: OC_CACHE_DISABLE_PERSISTENCE;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_DISABLE_PERSISTENCE defaultValue: "true" type: bool description: Disables persistence of the store. Only applies when store type 'nats-js-kv' @@ -10916,7 +10916,7 @@ PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_DISABLE_PERSISTENCE: removalVersion: "" deprecationInfo: "" PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES: - name: OCIS_CACHE_STORE_NODES;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES + name: OC_CACHE_STORE_NODES;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. Note that the behaviour @@ -10927,7 +10927,7 @@ PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES: removalVersion: "" deprecationInfo: "" PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_TTL: - name: OCIS_CACHE_TTL;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_TTL + name: OC_CACHE_TTL;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_TTL defaultValue: 12h0m0s type: Duration description: Default time to live for signing keys. See the Environment Variable @@ -10959,7 +10959,7 @@ PROXY_ROLE_ASSIGNMENT_OIDC_CLAIM: removalVersion: "" deprecationInfo: "" PROXY_SERVICE_ACCOUNT_ID: - name: OCIS_SERVICE_ACCOUNT_ID;PROXY_SERVICE_ACCOUNT_ID + name: OC_SERVICE_ACCOUNT_ID;PROXY_SERVICE_ACCOUNT_ID defaultValue: "" type: string description: The ID of the service account the service should use. See the 'auth-service' @@ -10969,7 +10969,7 @@ PROXY_SERVICE_ACCOUNT_ID: removalVersion: "" deprecationInfo: "" PROXY_SERVICE_ACCOUNT_SECRET: - name: OCIS_SERVICE_ACCOUNT_SECRET;PROXY_SERVICE_ACCOUNT_SECRET + name: OC_SERVICE_ACCOUNT_SECRET;PROXY_SERVICE_ACCOUNT_SECRET defaultValue: "" type: string description: The service account secret. @@ -10989,7 +10989,7 @@ PROXY_TLS: removalVersion: "" deprecationInfo: "" PROXY_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;PROXY_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;PROXY_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -10999,7 +10999,7 @@ PROXY_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" PROXY_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;PROXY_TRACING_ENABLED + name: OC_TRACING_ENABLED;PROXY_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -11008,7 +11008,7 @@ PROXY_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" PROXY_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;PROXY_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;PROXY_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -11017,7 +11017,7 @@ PROXY_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" PROXY_TRACING_TYPE: - name: OCIS_TRACING_TYPE;PROXY_TRACING_TYPE + name: OC_TRACING_TYPE;PROXY_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -11031,7 +11031,7 @@ PROXY_TRANSPORT_TLS_CERT: defaultValue: /var/lib/ocis/proxy/server.crt type: string description: Path/File name of the TLS server certificate (in PEM format) for the - external http services. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/proxy. + external http services. If not defined, the root directory derives from $OC_BASE_DATA_PATH/proxy. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -11042,7 +11042,7 @@ PROXY_TRANSPORT_TLS_KEY: type: string description: Path/File name for the TLS certificate key (in PEM format) for the server certificate to use for the external http services. If not defined, the - root directory derives from $OCIS_BASE_DATA_PATH/proxy. + root directory derives from $OC_BASE_DATA_PATH/proxy. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -11122,7 +11122,7 @@ SEARCH_ENGINE_BLEVE_DATA_PATH: defaultValue: /var/lib/ocis/search type: string description: The directory where the filesystem will store search data. If not defined, - the root directory derives from $OCIS_BASE_DATA_PATH/search. + the root directory derives from $OC_BASE_DATA_PATH/search. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -11138,7 +11138,7 @@ SEARCH_ENGINE_TYPE: removalVersion: "" deprecationInfo: "" SEARCH_EVENTS_ASYNC_UPLOADS: - name: OCIS_ASYNC_UPLOADS;SEARCH_EVENTS_ASYNC_UPLOADS + name: OC_ASYNC_UPLOADS;SEARCH_EVENTS_ASYNC_UPLOADS defaultValue: "true" type: bool description: Enable asynchronous file uploads. @@ -11147,7 +11147,7 @@ SEARCH_EVENTS_ASYNC_UPLOADS: removalVersion: "" deprecationInfo: "" SEARCH_EVENTS_AUTH_PASSWORD: - name: OCIS_EVENTS_AUTH_PASSWORD;SEARCH_EVENTS_AUTH_PASSWORD + name: OC_EVENTS_AUTH_PASSWORD;SEARCH_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the events broker. The events broker @@ -11157,7 +11157,7 @@ SEARCH_EVENTS_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" SEARCH_EVENTS_AUTH_USERNAME: - name: OCIS_EVENTS_AUTH_USERNAME;SEARCH_EVENTS_AUTH_USERNAME + name: OC_EVENTS_AUTH_USERNAME;SEARCH_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the events broker. The events broker @@ -11167,7 +11167,7 @@ SEARCH_EVENTS_AUTH_USERNAME: removalVersion: "" deprecationInfo: "" SEARCH_EVENTS_CLUSTER: - name: OCIS_EVENTS_CLUSTER;SEARCH_EVENTS_CLUSTER + name: OC_EVENTS_CLUSTER;SEARCH_EVENTS_CLUSTER defaultValue: ocis-cluster type: string description: The clusterID of the event system. The event system is the message @@ -11178,7 +11178,7 @@ SEARCH_EVENTS_CLUSTER: removalVersion: "" deprecationInfo: "" SEARCH_EVENTS_ENABLE_TLS: - name: OCIS_EVENTS_ENABLE_TLS;SEARCH_EVENTS_ENABLE_TLS + name: OC_EVENTS_ENABLE_TLS;SEARCH_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker @@ -11188,7 +11188,7 @@ SEARCH_EVENTS_ENABLE_TLS: removalVersion: "" deprecationInfo: "" SEARCH_EVENTS_ENDPOINT: - name: OCIS_EVENTS_ENDPOINT;SEARCH_EVENTS_ENDPOINT + name: OC_EVENTS_ENDPOINT;SEARCH_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing @@ -11219,7 +11219,7 @@ SEARCH_EVENTS_REINDEX_DEBOUNCE_DURATION: removalVersion: "" deprecationInfo: "" SEARCH_EVENTS_TLS_INSECURE: - name: OCIS_INSECURE;SEARCH_EVENTS_TLS_INSECURE + name: OC_INSECURE;SEARCH_EVENTS_TLS_INSECURE defaultValue: "false" type: bool description: Whether to verify the server TLS certificates. @@ -11228,7 +11228,7 @@ SEARCH_EVENTS_TLS_INSECURE: removalVersion: "" deprecationInfo: "" SEARCH_EVENTS_TLS_ROOT_CA_CERTIFICATE: - name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;SEARCH_EVENTS_TLS_ROOT_CA_CERTIFICATE + name: OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;SEARCH_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. @@ -11238,7 +11238,7 @@ SEARCH_EVENTS_TLS_ROOT_CA_CERTIFICATE: removalVersion: "" deprecationInfo: "" SEARCH_EXTRACTOR_CS3SOURCE_INSECURE: - name: OCIS_INSECURE;SEARCH_EXTRACTOR_CS3SOURCE_INSECURE + name: OC_INSECURE;SEARCH_EXTRACTOR_CS3SOURCE_INSECURE defaultValue: "false" type: bool description: Ignore untrusted SSL certificates when connecting to the CS3 source. @@ -11285,7 +11285,7 @@ SEARCH_GRPC_ADDR: removalVersion: "" deprecationInfo: "" SEARCH_JWT_SECRET: - name: OCIS_JWT_SECRET;SEARCH_JWT_SECRET + name: OC_JWT_SECRET;SEARCH_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. @@ -11294,7 +11294,7 @@ SEARCH_JWT_SECRET: removalVersion: "" deprecationInfo: "" SEARCH_LOG_COLOR: - name: OCIS_LOG_COLOR;SEARCH_LOG_COLOR + name: OC_LOG_COLOR;SEARCH_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -11303,7 +11303,7 @@ SEARCH_LOG_COLOR: removalVersion: "" deprecationInfo: "" SEARCH_LOG_FILE: - name: OCIS_LOG_FILE;SEARCH_LOG_FILE + name: OC_LOG_FILE;SEARCH_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -11312,7 +11312,7 @@ SEARCH_LOG_FILE: removalVersion: "" deprecationInfo: "" SEARCH_LOG_LEVEL: - name: OCIS_LOG_LEVEL;SEARCH_LOG_LEVEL + name: OC_LOG_LEVEL;SEARCH_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -11322,7 +11322,7 @@ SEARCH_LOG_LEVEL: removalVersion: "" deprecationInfo: "" SEARCH_LOG_PRETTY: - name: OCIS_LOG_PRETTY;SEARCH_LOG_PRETTY + name: OC_LOG_PRETTY;SEARCH_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -11331,7 +11331,7 @@ SEARCH_LOG_PRETTY: removalVersion: "" deprecationInfo: "" SEARCH_SERVICE_ACCOUNT_ID: - name: OCIS_SERVICE_ACCOUNT_ID;SEARCH_SERVICE_ACCOUNT_ID + name: OC_SERVICE_ACCOUNT_ID;SEARCH_SERVICE_ACCOUNT_ID defaultValue: "" type: string description: The ID of the service account the service should use. See the 'auth-service' @@ -11341,7 +11341,7 @@ SEARCH_SERVICE_ACCOUNT_ID: removalVersion: "" deprecationInfo: "" SEARCH_SERVICE_ACCOUNT_SECRET: - name: OCIS_SERVICE_ACCOUNT_SECRET;SEARCH_SERVICE_ACCOUNT_SECRET + name: OC_SERVICE_ACCOUNT_SECRET;SEARCH_SERVICE_ACCOUNT_SECRET defaultValue: "" type: string description: The service account secret. @@ -11350,7 +11350,7 @@ SEARCH_SERVICE_ACCOUNT_SECRET: removalVersion: "" deprecationInfo: "" SEARCH_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;SEARCH_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;SEARCH_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -11360,7 +11360,7 @@ SEARCH_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" SEARCH_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;SEARCH_TRACING_ENABLED + name: OC_TRACING_ENABLED;SEARCH_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -11369,7 +11369,7 @@ SEARCH_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" SEARCH_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;SEARCH_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;SEARCH_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -11378,7 +11378,7 @@ SEARCH_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" SEARCH_TRACING_TYPE: - name: OCIS_TRACING_TYPE;SEARCH_TRACING_TYPE + name: OC_TRACING_TYPE;SEARCH_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -11388,7 +11388,7 @@ SEARCH_TRACING_TYPE: removalVersion: "" deprecationInfo: "" SETTINGS_ADMIN_USER_ID: - name: OCIS_ADMIN_USER_ID;SETTINGS_ADMIN_USER_ID + name: OC_ADMIN_USER_ID;SETTINGS_ADMIN_USER_ID defaultValue: "" type: string description: ID of the user that should receive admin privileges. Consider that @@ -11409,7 +11409,7 @@ SETTINGS_BUNDLES_PATH: removalVersion: "" deprecationInfo: "" SETTINGS_CACHE_AUTH_PASSWORD: - name: OCIS_CACHE_AUTH_PASSWORD;SETTINGS_CACHE_AUTH_PASSWORD + name: OC_CACHE_AUTH_PASSWORD;SETTINGS_CACHE_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the cache. Only applies when store @@ -11419,7 +11419,7 @@ SETTINGS_CACHE_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" SETTINGS_CACHE_AUTH_USERNAME: - name: OCIS_CACHE_AUTH_USERNAME;SETTINGS_CACHE_AUTH_USERNAME + name: OC_CACHE_AUTH_USERNAME;SETTINGS_CACHE_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the cache. Only applies when store @@ -11429,7 +11429,7 @@ SETTINGS_CACHE_AUTH_USERNAME: removalVersion: "" deprecationInfo: "" SETTINGS_CACHE_DISABLE_PERSISTENCE: - name: OCIS_CACHE_DISABLE_PERSISTENCE;SETTINGS_CACHE_DISABLE_PERSISTENCE + name: OC_CACHE_DISABLE_PERSISTENCE;SETTINGS_CACHE_DISABLE_PERSISTENCE defaultValue: "false" type: bool description: Disables persistence of the cache. Only applies when store type 'nats-js-kv' @@ -11439,7 +11439,7 @@ SETTINGS_CACHE_DISABLE_PERSISTENCE: removalVersion: "" deprecationInfo: "" SETTINGS_CACHE_STORE: - name: OCIS_CACHE_STORE;SETTINGS_CACHE_STORE + name: OC_CACHE_STORE;SETTINGS_CACHE_STORE defaultValue: memory type: string description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'', @@ -11449,7 +11449,7 @@ SETTINGS_CACHE_STORE: removalVersion: "" deprecationInfo: "" SETTINGS_CACHE_STORE_NODES: - name: OCIS_CACHE_STORE_NODES;SETTINGS_CACHE_STORE_NODES + name: OC_CACHE_STORE_NODES;SETTINGS_CACHE_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. This has no effect @@ -11461,7 +11461,7 @@ SETTINGS_CACHE_STORE_NODES: removalVersion: "" deprecationInfo: "" SETTINGS_CACHE_TTL: - name: OCIS_CACHE_TTL;SETTINGS_CACHE_TTL + name: OC_CACHE_TTL;SETTINGS_CACHE_TTL defaultValue: 10m0s type: Duration description: Default time to live for entries in the cache. Only applied when access @@ -11472,7 +11472,7 @@ SETTINGS_CACHE_TTL: removalVersion: "" deprecationInfo: "" SETTINGS_CORS_ALLOW_CREDENTIALS: - name: OCIS_CORS_ALLOW_CREDENTIALS;SETTINGS_CORS_ALLOW_CREDENTIALS + name: OC_CORS_ALLOW_CREDENTIALS;SETTINGS_CORS_ALLOW_CREDENTIALS defaultValue: "true" type: bool description: 'Allow credentials for CORS.See following chapter for more details: @@ -11482,7 +11482,7 @@ SETTINGS_CORS_ALLOW_CREDENTIALS: removalVersion: "" deprecationInfo: "" SETTINGS_CORS_ALLOW_HEADERS: - name: OCIS_CORS_ALLOW_HEADERS;SETTINGS_CORS_ALLOW_HEADERS + name: OC_CORS_ALLOW_HEADERS;SETTINGS_CORS_ALLOW_HEADERS defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id]' type: '[]string' description: 'A list of allowed CORS headers. See following chapter for more details: @@ -11493,7 +11493,7 @@ SETTINGS_CORS_ALLOW_HEADERS: removalVersion: "" deprecationInfo: "" SETTINGS_CORS_ALLOW_METHODS: - name: OCIS_CORS_ALLOW_METHODS;SETTINGS_CORS_ALLOW_METHODS + name: OC_CORS_ALLOW_METHODS;SETTINGS_CORS_ALLOW_METHODS defaultValue: '[GET POST PUT PATCH DELETE OPTIONS]' type: '[]string' description: 'A list of allowed CORS methods. See following chapter for more details: @@ -11504,7 +11504,7 @@ SETTINGS_CORS_ALLOW_METHODS: removalVersion: "" deprecationInfo: "" SETTINGS_CORS_ALLOW_ORIGINS: - name: OCIS_CORS_ALLOW_ORIGINS;SETTINGS_CORS_ALLOW_ORIGINS + name: OC_CORS_ALLOW_ORIGINS;SETTINGS_CORS_ALLOW_ORIGINS defaultValue: '[*]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: @@ -11598,7 +11598,7 @@ SETTINGS_HTTP_ROOT: removalVersion: "" deprecationInfo: "" SETTINGS_JWT_SECRET: - name: OCIS_JWT_SECRET;SETTINGS_JWT_SECRET + name: OC_JWT_SECRET;SETTINGS_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. @@ -11607,7 +11607,7 @@ SETTINGS_JWT_SECRET: removalVersion: "" deprecationInfo: "" SETTINGS_LOG_COLOR: - name: OCIS_LOG_COLOR;SETTINGS_LOG_COLOR + name: OC_LOG_COLOR;SETTINGS_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -11616,7 +11616,7 @@ SETTINGS_LOG_COLOR: removalVersion: "" deprecationInfo: "" SETTINGS_LOG_FILE: - name: OCIS_LOG_FILE;SETTINGS_LOG_FILE + name: OC_LOG_FILE;SETTINGS_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -11625,7 +11625,7 @@ SETTINGS_LOG_FILE: removalVersion: "" deprecationInfo: "" SETTINGS_LOG_LEVEL: - name: OCIS_LOG_LEVEL;SETTINGS_LOG_LEVEL + name: OC_LOG_LEVEL;SETTINGS_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -11635,7 +11635,7 @@ SETTINGS_LOG_LEVEL: removalVersion: "" deprecationInfo: "" SETTINGS_LOG_PRETTY: - name: OCIS_LOG_PRETTY;SETTINGS_LOG_PRETTY + name: OC_LOG_PRETTY;SETTINGS_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -11644,11 +11644,11 @@ SETTINGS_LOG_PRETTY: removalVersion: "" deprecationInfo: "" SETTINGS_SERVICE_ACCOUNT_IDS: - name: SETTINGS_SERVICE_ACCOUNT_IDS;OCIS_SERVICE_ACCOUNT_ID + name: SETTINGS_SERVICE_ACCOUNT_IDS;OC_SERVICE_ACCOUNT_ID defaultValue: '[service-user-id]' type: '[]string' description: 'The list of all service account IDs. These will be assigned the hidden - ''service-account'' role. Note: When using ''OCIS_SERVICE_ACCOUNT_ID'' this will + ''service-account'' role. Note: When using ''OC_SERVICE_ACCOUNT_ID'' this will contain only one value while ''SETTINGS_SERVICE_ACCOUNT_IDS'' can have multiple. See the ''auth-service'' service description for more details about service accounts.' introductionVersion: "5.0" @@ -11683,7 +11683,7 @@ SETTINGS_STORAGE_GRPC_ADDR: removalVersion: "" deprecationInfo: "" SETTINGS_SYSTEM_USER_ID: - name: OCIS_SYSTEM_USER_ID;SETTINGS_SYSTEM_USER_ID + name: OC_SYSTEM_USER_ID;SETTINGS_SYSTEM_USER_ID defaultValue: "" type: string description: ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID @@ -11695,7 +11695,7 @@ SETTINGS_SYSTEM_USER_ID: removalVersion: "" deprecationInfo: "" SETTINGS_SYSTEM_USER_IDP: - name: OCIS_SYSTEM_USER_IDP;SETTINGS_SYSTEM_USER_IDP + name: OC_SYSTEM_USER_IDP;SETTINGS_SYSTEM_USER_IDP defaultValue: internal type: string description: IDP of the oCIS STORAGE-SYSTEM system user. @@ -11704,7 +11704,7 @@ SETTINGS_SYSTEM_USER_IDP: removalVersion: "" deprecationInfo: "" SETTINGS_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;SETTINGS_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;SETTINGS_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -11714,7 +11714,7 @@ SETTINGS_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" SETTINGS_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;SETTINGS_TRACING_ENABLED + name: OC_TRACING_ENABLED;SETTINGS_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -11723,7 +11723,7 @@ SETTINGS_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" SETTINGS_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;SETTINGS_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;SETTINGS_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -11732,7 +11732,7 @@ SETTINGS_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" SETTINGS_TRACING_TYPE: - name: OCIS_TRACING_TYPE;SETTINGS_TRACING_TYPE + name: OC_TRACING_TYPE;SETTINGS_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -11742,7 +11742,7 @@ SETTINGS_TRACING_TYPE: removalVersion: "" deprecationInfo: "" SETTINGS_TRANSLATION_PATH: - name: OCIS_TRANSLATION_PATH;SETTINGS_TRANSLATION_PATH + name: OC_TRANSLATION_PATH;SETTINGS_TRANSLATION_PATH defaultValue: "" type: string description: (optional) Set this to a path with custom translations to overwrite @@ -11791,7 +11791,7 @@ SHARING_DEBUG_ZPAGES: removalVersion: "" deprecationInfo: "" SHARING_EVENTS_AUTH_PASSWORD: - name: OCIS_EVENTS_AUTH_PASSWORD;SHARING_EVENTS_AUTH_PASSWORD + name: OC_EVENTS_AUTH_PASSWORD;SHARING_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: Password for the events broker. @@ -11800,7 +11800,7 @@ SHARING_EVENTS_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" SHARING_EVENTS_AUTH_USERNAME: - name: OCIS_EVENTS_AUTH_USERNAME;SHARING_EVENTS_AUTH_USERNAME + name: OC_EVENTS_AUTH_USERNAME;SHARING_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: Username for the events broker. @@ -11809,7 +11809,7 @@ SHARING_EVENTS_AUTH_USERNAME: removalVersion: "" deprecationInfo: "" SHARING_EVENTS_CLUSTER: - name: OCIS_EVENTS_CLUSTER;SHARING_EVENTS_CLUSTER + name: OC_EVENTS_CLUSTER;SHARING_EVENTS_CLUSTER defaultValue: ocis-cluster type: string description: The clusterID of the event system. The event system is the message @@ -11820,7 +11820,7 @@ SHARING_EVENTS_CLUSTER: removalVersion: "" deprecationInfo: "" SHARING_EVENTS_ENABLE_TLS: - name: OCIS_EVENTS_ENABLE_TLS;SHARING_EVENTS_ENABLE_TLS + name: OC_EVENTS_ENABLE_TLS;SHARING_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker @@ -11830,7 +11830,7 @@ SHARING_EVENTS_ENABLE_TLS: removalVersion: "" deprecationInfo: "" SHARING_EVENTS_ENDPOINT: - name: OCIS_EVENTS_ENDPOINT;SHARING_EVENTS_ENDPOINT + name: OC_EVENTS_ENDPOINT;SHARING_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing @@ -11840,7 +11840,7 @@ SHARING_EVENTS_ENDPOINT: removalVersion: "" deprecationInfo: "" SHARING_EVENTS_TLS_INSECURE: - name: OCIS_INSECURE;SHARING_EVENTS_TLS_INSECURE + name: OC_INSECURE;SHARING_EVENTS_TLS_INSECURE defaultValue: "false" type: bool description: Whether to verify the server TLS certificates. @@ -11849,7 +11849,7 @@ SHARING_EVENTS_TLS_INSECURE: removalVersion: "" deprecationInfo: "" SHARING_EVENTS_TLS_ROOT_CA_CERTIFICATE: - name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;SHARING_EVENTS_TLS_ROOT_CA_CERTIFICATE + name: OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;SHARING_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. @@ -11868,7 +11868,7 @@ SHARING_GRPC_ADDR: removalVersion: "" deprecationInfo: "" SHARING_GRPC_PROTOCOL: - name: OCIS_GRPC_PROTOCOL;SHARING_GRPC_PROTOCOL + name: OC_GRPC_PROTOCOL;SHARING_GRPC_PROTOCOL defaultValue: tcp type: string description: The transport protocol of the GRPC service. @@ -11877,7 +11877,7 @@ SHARING_GRPC_PROTOCOL: removalVersion: "" deprecationInfo: "" SHARING_JWT_SECRET: - name: OCIS_JWT_SECRET;SHARING_JWT_SECRET + name: OC_JWT_SECRET;SHARING_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. @@ -11886,7 +11886,7 @@ SHARING_JWT_SECRET: removalVersion: "" deprecationInfo: "" SHARING_LOG_COLOR: - name: OCIS_LOG_COLOR;SHARING_LOG_COLOR + name: OC_LOG_COLOR;SHARING_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -11895,7 +11895,7 @@ SHARING_LOG_COLOR: removalVersion: "" deprecationInfo: "" SHARING_LOG_FILE: - name: OCIS_LOG_FILE;SHARING_LOG_FILE + name: OC_LOG_FILE;SHARING_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -11904,7 +11904,7 @@ SHARING_LOG_FILE: removalVersion: "" deprecationInfo: "" SHARING_LOG_LEVEL: - name: OCIS_LOG_LEVEL;SHARING_LOG_LEVEL + name: OC_LOG_LEVEL;SHARING_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -11914,7 +11914,7 @@ SHARING_LOG_LEVEL: removalVersion: "" deprecationInfo: "" SHARING_LOG_PRETTY: - name: OCIS_LOG_PRETTY;SHARING_LOG_PRETTY + name: OC_LOG_PRETTY;SHARING_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -11932,7 +11932,7 @@ SHARING_OCM_PROVIDER_AUTHORIZER_DRIVER: removalVersion: "" deprecationInfo: "" SHARING_PASSWORD_POLICY_BANNED_PASSWORDS_LIST: - name: OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST;SHARING_PASSWORD_POLICY_BANNED_PASSWORDS_LIST + name: OC_PASSWORD_POLICY_BANNED_PASSWORDS_LIST;SHARING_PASSWORD_POLICY_BANNED_PASSWORDS_LIST defaultValue: "" type: string description: Path to the 'banned passwords list' file. This only impacts public @@ -11942,7 +11942,7 @@ SHARING_PASSWORD_POLICY_BANNED_PASSWORDS_LIST: removalVersion: "" deprecationInfo: "" SHARING_PASSWORD_POLICY_DISABLED: - name: OCIS_PASSWORD_POLICY_DISABLED;SHARING_PASSWORD_POLICY_DISABLED + name: OC_PASSWORD_POLICY_DISABLED;SHARING_PASSWORD_POLICY_DISABLED defaultValue: "false" type: bool description: Disable the password policy. Defaults to false if not set. @@ -11951,7 +11951,7 @@ SHARING_PASSWORD_POLICY_DISABLED: removalVersion: "" deprecationInfo: "" SHARING_PASSWORD_POLICY_MIN_CHARACTERS: - name: OCIS_PASSWORD_POLICY_MIN_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_CHARACTERS + name: OC_PASSWORD_POLICY_MIN_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_CHARACTERS defaultValue: "8" type: int description: Define the minimum password length. Defaults to 8 if not set. @@ -11960,7 +11960,7 @@ SHARING_PASSWORD_POLICY_MIN_CHARACTERS: removalVersion: "" deprecationInfo: "" SHARING_PASSWORD_POLICY_MIN_DIGITS: - name: OCIS_PASSWORD_POLICY_MIN_DIGITS;SHARING_PASSWORD_POLICY_MIN_DIGITS + name: OC_PASSWORD_POLICY_MIN_DIGITS;SHARING_PASSWORD_POLICY_MIN_DIGITS defaultValue: "1" type: int description: Define the minimum number of digits. Defaults to 1 if not set. @@ -11969,7 +11969,7 @@ SHARING_PASSWORD_POLICY_MIN_DIGITS: removalVersion: "" deprecationInfo: "" SHARING_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS: - name: OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS + name: OC_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS defaultValue: "1" type: int description: Define the minimum number of uppercase letters. Defaults to 1 if not @@ -11979,7 +11979,7 @@ SHARING_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS: removalVersion: "" deprecationInfo: "" SHARING_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS: - name: OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS + name: OC_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS defaultValue: "1" type: int description: Define the minimum number of characters from the special characters @@ -11989,7 +11989,7 @@ SHARING_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS: removalVersion: "" deprecationInfo: "" SHARING_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS: - name: OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS + name: OC_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS defaultValue: "1" type: int description: Define the minimum number of lowercase letters. Defaults to 1 if not @@ -12008,7 +12008,7 @@ SHARING_PUBLIC_CS3_PROVIDER_ADDR: removalVersion: "" deprecationInfo: "" SHARING_PUBLIC_CS3_SYSTEM_USER_API_KEY: - name: OCIS_SYSTEM_USER_API_KEY;SHARING_PUBLIC_CS3_SYSTEM_USER_API_KEY + name: OC_SYSTEM_USER_API_KEY;SHARING_PUBLIC_CS3_SYSTEM_USER_API_KEY defaultValue: "" type: string description: API key for the STORAGE-SYSTEM system user. @@ -12017,7 +12017,7 @@ SHARING_PUBLIC_CS3_SYSTEM_USER_API_KEY: removalVersion: "" deprecationInfo: "" SHARING_PUBLIC_CS3_SYSTEM_USER_ID: - name: OCIS_SYSTEM_USER_ID;SHARING_PUBLIC_CS3_SYSTEM_USER_ID + name: OC_SYSTEM_USER_ID;SHARING_PUBLIC_CS3_SYSTEM_USER_ID defaultValue: "" type: string description: ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID @@ -12029,7 +12029,7 @@ SHARING_PUBLIC_CS3_SYSTEM_USER_ID: removalVersion: "" deprecationInfo: "" SHARING_PUBLIC_CS3_SYSTEM_USER_IDP: - name: OCIS_SYSTEM_USER_IDP;SHARING_PUBLIC_CS3_SYSTEM_USER_IDP + name: OC_SYSTEM_USER_IDP;SHARING_PUBLIC_CS3_SYSTEM_USER_IDP defaultValue: internal type: string description: IDP of the oCIS STORAGE-SYSTEM system user. @@ -12053,7 +12053,7 @@ SHARING_PUBLIC_JSON_FILE: type: string description: Path to the JSON file where public share meta-data will be stored. This JSON file contains the information about public shares that have been created. - If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/storage. + If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -12068,7 +12068,7 @@ SHARING_PUBLIC_JSONCS3_PROVIDER_ADDR: removalVersion: "" deprecationInfo: "" SHARING_PUBLIC_JSONCS3_SYSTEM_USER_API_KEY: - name: OCIS_SYSTEM_USER_API_KEY;SHARING_PUBLIC_JSONCS3_SYSTEM_USER_API_KEY + name: OC_SYSTEM_USER_API_KEY;SHARING_PUBLIC_JSONCS3_SYSTEM_USER_API_KEY defaultValue: "" type: string description: API key for the STORAGE-SYSTEM system user. @@ -12077,7 +12077,7 @@ SHARING_PUBLIC_JSONCS3_SYSTEM_USER_API_KEY: removalVersion: "" deprecationInfo: "" SHARING_PUBLIC_JSONCS3_SYSTEM_USER_ID: - name: OCIS_SYSTEM_USER_ID;SHARING_PUBLIC_JSONCS3_SYSTEM_USER_ID + name: OC_SYSTEM_USER_ID;SHARING_PUBLIC_JSONCS3_SYSTEM_USER_ID defaultValue: "" type: string description: ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID @@ -12089,7 +12089,7 @@ SHARING_PUBLIC_JSONCS3_SYSTEM_USER_ID: removalVersion: "" deprecationInfo: "" SHARING_PUBLIC_JSONCS3_SYSTEM_USER_IDP: - name: OCIS_SYSTEM_USER_IDP;SHARING_PUBLIC_JSONCS3_SYSTEM_USER_IDP + name: OC_SYSTEM_USER_IDP;SHARING_PUBLIC_JSONCS3_SYSTEM_USER_IDP defaultValue: internal type: string description: IDP of the oCIS STORAGE-SYSTEM system user. @@ -12098,7 +12098,7 @@ SHARING_PUBLIC_JSONCS3_SYSTEM_USER_IDP: removalVersion: "" deprecationInfo: "" SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD: - name: OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD;SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD + name: OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD;SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD defaultValue: "true" type: bool description: Set this to true if you want to enforce passwords on all public shares. @@ -12107,11 +12107,11 @@ SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD: removalVersion: "" deprecationInfo: "" SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD: - name: OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD;SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD + name: OC_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD;SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD defaultValue: "false" type: bool description: Set this to true if you want to enforce passwords on Uploader, Editor - or Contributor shares. If not using the global OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD, + or Contributor shares. If not using the global OC_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD, you must define the FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD (deprecated) in the frontend service. introductionVersion: "5.0" @@ -12129,7 +12129,7 @@ SHARING_SKIP_USER_GROUPS_IN_TOKEN: removalVersion: "" deprecationInfo: "" SHARING_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;SHARING_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;SHARING_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -12139,7 +12139,7 @@ SHARING_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" SHARING_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;SHARING_TRACING_ENABLED + name: OC_TRACING_ENABLED;SHARING_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -12148,7 +12148,7 @@ SHARING_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" SHARING_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;SHARING_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;SHARING_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -12157,7 +12157,7 @@ SHARING_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" SHARING_TRACING_TYPE: - name: OCIS_TRACING_TYPE;SHARING_TRACING_TYPE + name: OC_TRACING_TYPE;SHARING_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -12176,7 +12176,7 @@ SHARING_USER_CS3_PROVIDER_ADDR: removalVersion: "" deprecationInfo: "" SHARING_USER_CS3_SYSTEM_USER_API_KEY: - name: OCIS_SYSTEM_USER_API_KEY;SHARING_USER_CS3_SYSTEM_USER_API_KEY + name: OC_SYSTEM_USER_API_KEY;SHARING_USER_CS3_SYSTEM_USER_API_KEY defaultValue: "" type: string description: API key for the STORAGE-SYSTEM system user. @@ -12185,7 +12185,7 @@ SHARING_USER_CS3_SYSTEM_USER_API_KEY: removalVersion: "" deprecationInfo: "" SHARING_USER_CS3_SYSTEM_USER_ID: - name: OCIS_SYSTEM_USER_ID;SHARING_USER_CS3_SYSTEM_USER_ID + name: OC_SYSTEM_USER_ID;SHARING_USER_CS3_SYSTEM_USER_ID defaultValue: "" type: string description: ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID @@ -12197,7 +12197,7 @@ SHARING_USER_CS3_SYSTEM_USER_ID: removalVersion: "" deprecationInfo: "" SHARING_USER_CS3_SYSTEM_USER_IDP: - name: OCIS_SYSTEM_USER_IDP;SHARING_USER_CS3_SYSTEM_USER_IDP + name: OC_SYSTEM_USER_IDP;SHARING_USER_CS3_SYSTEM_USER_IDP defaultValue: internal type: string description: IDP of the oCIS STORAGE-SYSTEM system user. @@ -12220,7 +12220,7 @@ SHARING_USER_JSON_FILE: defaultValue: /var/lib/ocis/storage/shares.json type: string description: Path to the JSON file where shares will be persisted. If not defined, - the root directory derives from $OCIS_BASE_DATA_PATH/storage. + the root directory derives from $OC_BASE_DATA_PATH/storage. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -12235,7 +12235,7 @@ SHARING_USER_JSONCS3_CACHE_TTL: removalVersion: "" deprecationInfo: "" SHARING_USER_JSONCS3_MAX_CONCURRENCY: - name: OCIS_MAX_CONCURRENCY;SHARING_USER_JSONCS3_MAX_CONCURRENCY + name: OC_MAX_CONCURRENCY;SHARING_USER_JSONCS3_MAX_CONCURRENCY defaultValue: "1" type: int description: Maximum number of concurrent go-routines. Higher values can potentially @@ -12255,7 +12255,7 @@ SHARING_USER_JSONCS3_PROVIDER_ADDR: removalVersion: "" deprecationInfo: "" SHARING_USER_JSONCS3_SYSTEM_USER_API_KEY: - name: OCIS_SYSTEM_USER_API_KEY;SHARING_USER_JSONCS3_SYSTEM_USER_API_KEY + name: OC_SYSTEM_USER_API_KEY;SHARING_USER_JSONCS3_SYSTEM_USER_API_KEY defaultValue: "" type: string description: API key for the STORAGE-SYSTEM system user. @@ -12264,7 +12264,7 @@ SHARING_USER_JSONCS3_SYSTEM_USER_API_KEY: removalVersion: "" deprecationInfo: "" SHARING_USER_JSONCS3_SYSTEM_USER_ID: - name: OCIS_SYSTEM_USER_ID;SHARING_USER_JSONCS3_SYSTEM_USER_ID + name: OC_SYSTEM_USER_ID;SHARING_USER_JSONCS3_SYSTEM_USER_ID defaultValue: "" type: string description: ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID @@ -12276,7 +12276,7 @@ SHARING_USER_JSONCS3_SYSTEM_USER_ID: removalVersion: "" deprecationInfo: "" SHARING_USER_JSONCS3_SYSTEM_USER_IDP: - name: OCIS_SYSTEM_USER_IDP;SHARING_USER_JSONCS3_SYSTEM_USER_IDP + name: OC_SYSTEM_USER_IDP;SHARING_USER_JSONCS3_SYSTEM_USER_IDP defaultValue: internal type: string description: IDP of the oCIS STORAGE-SYSTEM system user. @@ -12339,7 +12339,7 @@ SHARING_USER_OWNCLOUDSQL_USER_STORAGE_MOUNT_ID: removalVersion: "" deprecationInfo: "" SSE_CORS_ALLOW_CREDENTIALS: - name: OCIS_CORS_ALLOW_CREDENTIALS;SSE_CORS_ALLOW_CREDENTIALS + name: OC_CORS_ALLOW_CREDENTIALS;SSE_CORS_ALLOW_CREDENTIALS defaultValue: "true" type: bool description: 'Allow credentials for CORS.See following chapter for more details: @@ -12349,7 +12349,7 @@ SSE_CORS_ALLOW_CREDENTIALS: removalVersion: "" deprecationInfo: "" SSE_CORS_ALLOW_HEADERS: - name: OCIS_CORS_ALLOW_HEADERS;SSE_CORS_ALLOW_HEADERS + name: OC_CORS_ALLOW_HEADERS;SSE_CORS_ALLOW_HEADERS defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id Ocs-Apirequest]' type: '[]string' @@ -12361,7 +12361,7 @@ SSE_CORS_ALLOW_HEADERS: removalVersion: "" deprecationInfo: "" SSE_CORS_ALLOW_METHODS: - name: OCIS_CORS_ALLOW_METHODS;SSE_CORS_ALLOW_METHODS + name: OC_CORS_ALLOW_METHODS;SSE_CORS_ALLOW_METHODS defaultValue: '[GET]' type: '[]string' description: 'A list of allowed CORS methods. See following chapter for more details: @@ -12372,7 +12372,7 @@ SSE_CORS_ALLOW_METHODS: removalVersion: "" deprecationInfo: "" SSE_CORS_ALLOW_ORIGINS: - name: OCIS_CORS_ALLOW_ORIGINS;SSE_CORS_ALLOW_ORIGINS + name: OC_CORS_ALLOW_ORIGINS;SSE_CORS_ALLOW_ORIGINS defaultValue: '[*]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: @@ -12421,7 +12421,7 @@ SSE_DEBUG_ZPAGES: removalVersion: "" deprecationInfo: "" SSE_EVENTS_AUTH_PASSWORD: - name: OCIS_EVENTS_AUTH_PASSWORD;SSE_EVENTS_AUTH_PASSWORD + name: OC_EVENTS_AUTH_PASSWORD;SSE_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the events broker. The events broker @@ -12431,7 +12431,7 @@ SSE_EVENTS_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" SSE_EVENTS_AUTH_USERNAME: - name: OCIS_EVENTS_AUTH_USERNAME;SSE_EVENTS_AUTH_USERNAME + name: OC_EVENTS_AUTH_USERNAME;SSE_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the events broker. The events broker @@ -12441,7 +12441,7 @@ SSE_EVENTS_AUTH_USERNAME: removalVersion: "" deprecationInfo: "" SSE_EVENTS_CLUSTER: - name: OCIS_EVENTS_CLUSTER;SSE_EVENTS_CLUSTER + name: OC_EVENTS_CLUSTER;SSE_EVENTS_CLUSTER defaultValue: ocis-cluster type: string description: The clusterID of the event system. The event system is the message @@ -12452,7 +12452,7 @@ SSE_EVENTS_CLUSTER: removalVersion: "" deprecationInfo: "" SSE_EVENTS_ENABLE_TLS: - name: OCIS_EVENTS_ENABLE_TLS;SSE_EVENTS_ENABLE_TLS + name: OC_EVENTS_ENABLE_TLS;SSE_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker @@ -12462,7 +12462,7 @@ SSE_EVENTS_ENABLE_TLS: removalVersion: "" deprecationInfo: "" SSE_EVENTS_ENDPOINT: - name: OCIS_EVENTS_ENDPOINT;SSE_EVENTS_ENDPOINT + name: OC_EVENTS_ENDPOINT;SSE_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing @@ -12472,7 +12472,7 @@ SSE_EVENTS_ENDPOINT: removalVersion: "" deprecationInfo: "" SSE_EVENTS_TLS_INSECURE: - name: OCIS_INSECURE;SSE_EVENTS_TLS_INSECURE + name: OC_INSECURE;SSE_EVENTS_TLS_INSECURE defaultValue: "false" type: bool description: Whether to verify the server TLS certificates. @@ -12481,7 +12481,7 @@ SSE_EVENTS_TLS_INSECURE: removalVersion: "" deprecationInfo: "" SSE_EVENTS_TLS_ROOT_CA_CERTIFICATE: - name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;SSE_EVENTS_TLS_ROOT_CA_CERTIFICATE + name: OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;SSE_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. @@ -12509,7 +12509,7 @@ SSE_HTTP_ROOT: removalVersion: "" deprecationInfo: "" SSE_JWT_SECRET: - name: OCIS_JWT_SECRET;SSE_JWT_SECRET + name: OC_JWT_SECRET;SSE_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. @@ -12528,7 +12528,7 @@ SSE_KEEPALIVE_INTERVAL: removalVersion: "" deprecationInfo: "" SSE_LOG_COLOR: - name: OCIS_LOG_COLOR;SSE_LOG_COLOR + name: OC_LOG_COLOR;SSE_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -12537,7 +12537,7 @@ SSE_LOG_COLOR: removalVersion: "" deprecationInfo: "" SSE_LOG_FILE: - name: OCIS_LOG_FILE;SSE_LOG_FILE + name: OC_LOG_FILE;SSE_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -12546,7 +12546,7 @@ SSE_LOG_FILE: removalVersion: "" deprecationInfo: "" SSE_LOG_LEVEL: - name: OCIS_LOG_LEVEL;SSE_LOG_LEVEL + name: OC_LOG_LEVEL;SSE_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -12556,7 +12556,7 @@ SSE_LOG_LEVEL: removalVersion: "" deprecationInfo: "" SSE_LOG_PRETTY: - name: OCIS_LOG_PRETTY;SSE_LOG_PRETTY + name: OC_LOG_PRETTY;SSE_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -12565,7 +12565,7 @@ SSE_LOG_PRETTY: removalVersion: "" deprecationInfo: "" SSE_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;SSE_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;SSE_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -12575,7 +12575,7 @@ SSE_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" SSE_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;SSE_TRACING_ENABLED + name: OC_TRACING_ENABLED;SSE_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -12584,7 +12584,7 @@ SSE_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" SSE_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;SSE_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;SSE_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -12593,7 +12593,7 @@ SSE_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" SSE_TRACING_TYPE: - name: OCIS_TRACING_TYPE;SSE_TRACING_TYPE + name: OC_TRACING_TYPE;SSE_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -12668,7 +12668,7 @@ STORAGE_PUBLICLINK_GRPC_ADDR: removalVersion: "" deprecationInfo: "" STORAGE_PUBLICLINK_GRPC_PROTOCOL: - name: OCIS_GRPC_PROTOCOL;STORAGE_PUBLICLINK_GRPC_PROTOCOL + name: OC_GRPC_PROTOCOL;STORAGE_PUBLICLINK_GRPC_PROTOCOL defaultValue: tcp type: string description: The transport protocol of the GRPC service. @@ -12677,7 +12677,7 @@ STORAGE_PUBLICLINK_GRPC_PROTOCOL: removalVersion: "" deprecationInfo: "" STORAGE_PUBLICLINK_JWT_SECRET: - name: OCIS_JWT_SECRET;STORAGE_PUBLICLINK_JWT_SECRET + name: OC_JWT_SECRET;STORAGE_PUBLICLINK_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. @@ -12686,7 +12686,7 @@ STORAGE_PUBLICLINK_JWT_SECRET: removalVersion: "" deprecationInfo: "" STORAGE_PUBLICLINK_LOG_COLOR: - name: OCIS_LOG_COLOR;STORAGE_PUBLICLINK_LOG_COLOR + name: OC_LOG_COLOR;STORAGE_PUBLICLINK_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -12695,7 +12695,7 @@ STORAGE_PUBLICLINK_LOG_COLOR: removalVersion: "" deprecationInfo: "" STORAGE_PUBLICLINK_LOG_FILE: - name: OCIS_LOG_FILE;STORAGE_PUBLICLINK_LOG_FILE + name: OC_LOG_FILE;STORAGE_PUBLICLINK_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -12704,7 +12704,7 @@ STORAGE_PUBLICLINK_LOG_FILE: removalVersion: "" deprecationInfo: "" STORAGE_PUBLICLINK_LOG_LEVEL: - name: OCIS_LOG_LEVEL;STORAGE_PUBLICLINK_LOG_LEVEL + name: OC_LOG_LEVEL;STORAGE_PUBLICLINK_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -12714,7 +12714,7 @@ STORAGE_PUBLICLINK_LOG_LEVEL: removalVersion: "" deprecationInfo: "" STORAGE_PUBLICLINK_LOG_PRETTY: - name: OCIS_LOG_PRETTY;STORAGE_PUBLICLINK_LOG_PRETTY + name: OC_LOG_PRETTY;STORAGE_PUBLICLINK_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -12744,7 +12744,7 @@ STORAGE_PUBLICLINK_STORAGE_PROVIDER_MOUNT_ID: removalVersion: "" deprecationInfo: "" STORAGE_PUBLICLINK_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;STORAGE_PUBLICLINK_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;STORAGE_PUBLICLINK_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -12754,7 +12754,7 @@ STORAGE_PUBLICLINK_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" STORAGE_PUBLICLINK_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;STORAGE_PUBLICLINK_TRACING_ENABLED + name: OC_TRACING_ENABLED;STORAGE_PUBLICLINK_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -12763,7 +12763,7 @@ STORAGE_PUBLICLINK_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" STORAGE_PUBLICLINK_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;STORAGE_PUBLICLINK_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;STORAGE_PUBLICLINK_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -12772,7 +12772,7 @@ STORAGE_PUBLICLINK_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" STORAGE_PUBLICLINK_TRACING_TYPE: - name: OCIS_TRACING_TYPE;STORAGE_PUBLICLINK_TRACING_TYPE + name: OC_TRACING_TYPE;STORAGE_PUBLICLINK_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -12829,7 +12829,7 @@ STORAGE_SHARES_GRPC_ADDR: removalVersion: "" deprecationInfo: "" STORAGE_SHARES_GRPC_PROTOCOL: - name: OCIS_GRPC_PROTOCOL;STORAGE_SHARES_GRPC_PROTOCOL + name: OC_GRPC_PROTOCOL;STORAGE_SHARES_GRPC_PROTOCOL defaultValue: tcp type: string description: The transport protocol of the GRPC service. @@ -12838,7 +12838,7 @@ STORAGE_SHARES_GRPC_PROTOCOL: removalVersion: "" deprecationInfo: "" STORAGE_SHARES_JWT_SECRET: - name: OCIS_JWT_SECRET;STORAGE_SHARES_JWT_SECRET + name: OC_JWT_SECRET;STORAGE_SHARES_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. @@ -12847,7 +12847,7 @@ STORAGE_SHARES_JWT_SECRET: removalVersion: "" deprecationInfo: "" STORAGE_SHARES_LOG_COLOR: - name: OCIS_LOG_COLOR;STORAGE_SHARES_LOG_COLOR + name: OC_LOG_COLOR;STORAGE_SHARES_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -12856,7 +12856,7 @@ STORAGE_SHARES_LOG_COLOR: removalVersion: "" deprecationInfo: "" STORAGE_SHARES_LOG_FILE: - name: OCIS_LOG_FILE;STORAGE_SHARES_LOG_FILE + name: OC_LOG_FILE;STORAGE_SHARES_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -12865,7 +12865,7 @@ STORAGE_SHARES_LOG_FILE: removalVersion: "" deprecationInfo: "" STORAGE_SHARES_LOG_LEVEL: - name: OCIS_LOG_LEVEL;STORAGE_SHARES_LOG_LEVEL + name: OC_LOG_LEVEL;STORAGE_SHARES_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -12875,7 +12875,7 @@ STORAGE_SHARES_LOG_LEVEL: removalVersion: "" deprecationInfo: "" STORAGE_SHARES_LOG_PRETTY: - name: OCIS_LOG_PRETTY;STORAGE_SHARES_LOG_PRETTY + name: OC_LOG_PRETTY;STORAGE_SHARES_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -12914,7 +12914,7 @@ STORAGE_SHARES_SKIP_USER_GROUPS_IN_TOKEN: removalVersion: "" deprecationInfo: "" STORAGE_SHARES_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;STORAGE_SHARES_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;STORAGE_SHARES_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -12924,7 +12924,7 @@ STORAGE_SHARES_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" STORAGE_SHARES_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;STORAGE_SHARES_TRACING_ENABLED + name: OC_TRACING_ENABLED;STORAGE_SHARES_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -12933,7 +12933,7 @@ STORAGE_SHARES_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" STORAGE_SHARES_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;STORAGE_SHARES_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;STORAGE_SHARES_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -12942,7 +12942,7 @@ STORAGE_SHARES_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" STORAGE_SHARES_TRACING_TYPE: - name: OCIS_TRACING_TYPE;STORAGE_SHARES_TRACING_TYPE + name: OC_TRACING_TYPE;STORAGE_SHARES_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -12961,7 +12961,7 @@ STORAGE_SHARES_USER_SHARE_PROVIDER_ENDPOINT: removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_CACHE_AUTH_PASSWORD: - name: OCIS_CACHE_AUTH_PASSWORD;STORAGE_SYSTEM_CACHE_AUTH_PASSWORD + name: OC_CACHE_AUTH_PASSWORD;STORAGE_SYSTEM_CACHE_AUTH_PASSWORD defaultValue: "" type: string description: Password for the configured store. Only applies when store type 'nats-js-kv' @@ -12971,7 +12971,7 @@ STORAGE_SYSTEM_CACHE_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_CACHE_AUTH_USERNAME: - name: OCIS_CACHE_AUTH_USERNAME;STORAGE_SYSTEM_CACHE_AUTH_USERNAME + name: OC_CACHE_AUTH_USERNAME;STORAGE_SYSTEM_CACHE_AUTH_USERNAME defaultValue: "" type: string description: Username for the configured store. Only applies when store type 'nats-js-kv' @@ -12981,7 +12981,7 @@ STORAGE_SYSTEM_CACHE_AUTH_USERNAME: removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_CACHE_DISABLE_PERSISTENCE: - name: OCIS_CACHE_DISABLE_PERSISTENCE;STORAGE_SYSTEM_CACHE_DISABLE_PERSISTENCE + name: OC_CACHE_DISABLE_PERSISTENCE;STORAGE_SYSTEM_CACHE_DISABLE_PERSISTENCE defaultValue: "false" type: bool description: Disables persistence of the cache. Only applies when store type 'nats-js-kv' @@ -12991,7 +12991,7 @@ STORAGE_SYSTEM_CACHE_DISABLE_PERSISTENCE: removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_CACHE_STORE: - name: OCIS_CACHE_STORE;STORAGE_SYSTEM_CACHE_STORE + name: OC_CACHE_STORE;STORAGE_SYSTEM_CACHE_STORE defaultValue: memory type: string description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'', @@ -13001,7 +13001,7 @@ STORAGE_SYSTEM_CACHE_STORE: removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_CACHE_STORE_NODES: - name: OCIS_CACHE_STORE_NODES;STORAGE_SYSTEM_CACHE_STORE_NODES + name: OC_CACHE_STORE_NODES;STORAGE_SYSTEM_CACHE_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. This has no effect @@ -13013,7 +13013,7 @@ STORAGE_SYSTEM_CACHE_STORE_NODES: removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_CACHE_TTL: - name: OCIS_CACHE_TTL;STORAGE_SYSTEM_CACHE_TTL + name: OC_CACHE_TTL;STORAGE_SYSTEM_CACHE_TTL defaultValue: 24m0s type: Duration description: Default time to live for user info in the user info cache. Only applied @@ -13090,7 +13090,7 @@ STORAGE_SYSTEM_GRPC_ADDR: removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_GRPC_PROTOCOL: - name: OCIS_GRPC_PROTOCOL;STORAGE_SYSTEM_GRPC_PROTOCOL + name: OC_GRPC_PROTOCOL;STORAGE_SYSTEM_GRPC_PROTOCOL defaultValue: tcp type: string description: The transport protocol of the GPRC service. @@ -13117,7 +13117,7 @@ STORAGE_SYSTEM_HTTP_PROTOCOL: removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_JWT_SECRET: - name: OCIS_JWT_SECRET;STORAGE_SYSTEM_JWT_SECRET + name: OC_JWT_SECRET;STORAGE_SYSTEM_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. @@ -13126,7 +13126,7 @@ STORAGE_SYSTEM_JWT_SECRET: removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_LOG_COLOR: - name: OCIS_LOG_COLOR;STORAGE_SYSTEM_LOG_COLOR + name: OC_LOG_COLOR;STORAGE_SYSTEM_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -13135,7 +13135,7 @@ STORAGE_SYSTEM_LOG_COLOR: removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_LOG_FILE: - name: OCIS_LOG_FILE;STORAGE_SYSTEM_LOG_FILE + name: OC_LOG_FILE;STORAGE_SYSTEM_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -13144,7 +13144,7 @@ STORAGE_SYSTEM_LOG_FILE: removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_LOG_LEVEL: - name: OCIS_LOG_LEVEL;STORAGE_SYSTEM_LOG_LEVEL + name: OC_LOG_LEVEL;STORAGE_SYSTEM_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -13154,7 +13154,7 @@ STORAGE_SYSTEM_LOG_LEVEL: removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_LOG_PRETTY: - name: OCIS_LOG_PRETTY;STORAGE_SYSTEM_LOG_PRETTY + name: OC_LOG_PRETTY;STORAGE_SYSTEM_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -13162,8 +13162,8 @@ STORAGE_SYSTEM_LOG_PRETTY: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -STORAGE_SYSTEM_OCIS_LOCK_CYCLE_DURATION_FACTOR: - name: STORAGE_SYSTEM_OCIS_LOCK_CYCLE_DURATION_FACTOR +STORAGE_SYSTEM_OC_LOCK_CYCLE_DURATION_FACTOR: + name: STORAGE_SYSTEM_OC_LOCK_CYCLE_DURATION_FACTOR defaultValue: "30" type: int description: When trying to lock files, ocis will multiply the cycle with this factor @@ -13173,8 +13173,8 @@ STORAGE_SYSTEM_OCIS_LOCK_CYCLE_DURATION_FACTOR: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -STORAGE_SYSTEM_OCIS_MAX_ACQUIRE_LOCK_CYCLES: - name: STORAGE_SYSTEM_OCIS_MAX_ACQUIRE_LOCK_CYCLES +STORAGE_SYSTEM_OC_MAX_ACQUIRE_LOCK_CYCLES: + name: STORAGE_SYSTEM_OC_MAX_ACQUIRE_LOCK_CYCLES defaultValue: "20" type: int description: When trying to lock files, ocis will try this amount of times to acquire @@ -13185,12 +13185,12 @@ STORAGE_SYSTEM_OCIS_MAX_ACQUIRE_LOCK_CYCLES: deprecationVersion: "" removalVersion: "" deprecationInfo: "" -STORAGE_SYSTEM_OCIS_ROOT: - name: STORAGE_SYSTEM_OCIS_ROOT +STORAGE_SYSTEM_OC_ROOT: + name: STORAGE_SYSTEM_OC_ROOT defaultValue: /var/lib/ocis/storage/metadata type: string description: Path for the directory where the STORAGE-SYSTEM service stores it's - persistent data. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/storage. + persistent data. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -13206,7 +13206,7 @@ STORAGE_SYSTEM_SKIP_USER_GROUPS_IN_TOKEN: removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;STORAGE_SYSTEM_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;STORAGE_SYSTEM_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -13216,7 +13216,7 @@ STORAGE_SYSTEM_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;STORAGE_SYSTEM_TRACING_ENABLED + name: OC_TRACING_ENABLED;STORAGE_SYSTEM_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -13225,7 +13225,7 @@ STORAGE_SYSTEM_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;STORAGE_SYSTEM_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;STORAGE_SYSTEM_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -13234,7 +13234,7 @@ STORAGE_SYSTEM_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_TRACING_TYPE: - name: OCIS_TRACING_TYPE;STORAGE_SYSTEM_TRACING_TYPE + name: OC_TRACING_TYPE;STORAGE_SYSTEM_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -13265,7 +13265,7 @@ STORAGE_USERS_CLI_MAX_ATTEMPTS_RENAME_FILE: removalVersion: "" deprecationInfo: "" STORAGE_USERS_CORS_ALLOW_CREDENTIALS: - name: OCIS_CORS_ALLOW_CREDENTIALS;STORAGE_USERS_CORS_ALLOW_CREDENTIALS + name: OC_CORS_ALLOW_CREDENTIALS;STORAGE_USERS_CORS_ALLOW_CREDENTIALS defaultValue: "false" type: bool description: 'Allow credentials for CORS.See following chapter for more details: @@ -13275,7 +13275,7 @@ STORAGE_USERS_CORS_ALLOW_CREDENTIALS: removalVersion: "" deprecationInfo: "" STORAGE_USERS_CORS_ALLOW_HEADERS: - name: OCIS_CORS_ALLOW_HEADERS;STORAGE_USERS_CORS_ALLOW_HEADERS + name: OC_CORS_ALLOW_HEADERS;STORAGE_USERS_CORS_ALLOW_HEADERS defaultValue: '[Authorization Origin X-Requested-With X-Request-Id X-HTTP-Method-Override Content-Type Upload-Length Upload-Offset Tus-Resumable Upload-Metadata Upload-Defer-Length Upload-Concat Upload-Incomplete Upload-Draft-Interop-Version]' @@ -13288,7 +13288,7 @@ STORAGE_USERS_CORS_ALLOW_HEADERS: removalVersion: "" deprecationInfo: "" STORAGE_USERS_CORS_ALLOW_METHODS: - name: OCIS_CORS_ALLOW_METHODS;STORAGE_USERS_CORS_ALLOW_METHODS + name: OC_CORS_ALLOW_METHODS;STORAGE_USERS_CORS_ALLOW_METHODS defaultValue: '[POST HEAD PATCH OPTIONS GET DELETE]' type: '[]string' description: 'A list of allowed CORS methods. See following chapter for more details: @@ -13299,7 +13299,7 @@ STORAGE_USERS_CORS_ALLOW_METHODS: removalVersion: "" deprecationInfo: "" STORAGE_USERS_CORS_ALLOW_ORIGINS: - name: OCIS_CORS_ALLOW_ORIGINS;STORAGE_USERS_CORS_ALLOW_ORIGINS + name: OC_CORS_ALLOW_ORIGINS;STORAGE_USERS_CORS_ALLOW_ORIGINS defaultValue: '[https://localhost:9200]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: @@ -13310,7 +13310,7 @@ STORAGE_USERS_CORS_ALLOW_ORIGINS: removalVersion: "" deprecationInfo: "" STORAGE_USERS_CORS_EXPOSE_HEADERS: - name: OCIS_CORS_EXPOSE_HEADERS;STORAGE_USERS_CORS_EXPOSE_HEADERS + name: OC_CORS_EXPOSE_HEADERS;STORAGE_USERS_CORS_EXPOSE_HEADERS defaultValue: '[Upload-Offset Location Upload-Length Tus-Version Tus-Resumable Tus-Max-Size Tus-Extension Upload-Metadata Upload-Defer-Length Upload-Concat Upload-Incomplete Upload-Draft-Interop-Version]' @@ -13323,7 +13323,7 @@ STORAGE_USERS_CORS_EXPOSE_HEADERS: removalVersion: "" deprecationInfo: "" STORAGE_USERS_CORS_MAX_AGE: - name: OCIS_CORS_MAX_AGE;STORAGE_USERS_CORS_MAX_AGE + name: OC_CORS_MAX_AGE;STORAGE_USERS_CORS_MAX_AGE defaultValue: "86400" type: uint description: 'The max cache duration of preflight headers. See following chapter @@ -13404,7 +13404,7 @@ STORAGE_USERS_DRIVER: removalVersion: "" deprecationInfo: "" STORAGE_USERS_EVENTS_AUTH_PASSWORD: - name: OCIS_EVENTS_AUTH_PASSWORD;STORAGE_USERS_EVENTS_AUTH_PASSWORD + name: OC_EVENTS_AUTH_PASSWORD;STORAGE_USERS_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the events broker. The events broker @@ -13414,7 +13414,7 @@ STORAGE_USERS_EVENTS_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" STORAGE_USERS_EVENTS_AUTH_USERNAME: - name: OCIS_EVENTS_AUTH_USERNAME;STORAGE_USERS_EVENTS_AUTH_USERNAME + name: OC_EVENTS_AUTH_USERNAME;STORAGE_USERS_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the events broker. The events broker @@ -13424,7 +13424,7 @@ STORAGE_USERS_EVENTS_AUTH_USERNAME: removalVersion: "" deprecationInfo: "" STORAGE_USERS_EVENTS_CLUSTER: - name: OCIS_EVENTS_CLUSTER;STORAGE_USERS_EVENTS_CLUSTER + name: OC_EVENTS_CLUSTER;STORAGE_USERS_EVENTS_CLUSTER defaultValue: ocis-cluster type: string description: The clusterID of the event system. The event system is the message @@ -13435,7 +13435,7 @@ STORAGE_USERS_EVENTS_CLUSTER: removalVersion: "" deprecationInfo: "" STORAGE_USERS_EVENTS_ENABLE_TLS: - name: OCIS_EVENTS_ENABLE_TLS;STORAGE_USERS_EVENTS_ENABLE_TLS + name: OC_EVENTS_ENABLE_TLS;STORAGE_USERS_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker @@ -13445,7 +13445,7 @@ STORAGE_USERS_EVENTS_ENABLE_TLS: removalVersion: "" deprecationInfo: "" STORAGE_USERS_EVENTS_ENDPOINT: - name: OCIS_EVENTS_ENDPOINT;STORAGE_USERS_EVENTS_ENDPOINT + name: OC_EVENTS_ENDPOINT;STORAGE_USERS_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing @@ -13461,13 +13461,13 @@ STORAGE_USERS_EVENTS_NUM_CONSUMERS: description: The amount of concurrent event consumers to start. Event consumers are used for post-processing files. Multiple consumers increase parallelisation, but will also increase CPU and memory demands. The setting has no effect when - the OCIS_ASYNC_UPLOADS is set to false. The default and minimum value is 1. + the OC_ASYNC_UPLOADS is set to false. The default and minimum value is 1. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_EVENTS_TLS_INSECURE: - name: OCIS_INSECURE;STORAGE_USERS_EVENTS_TLS_INSECURE + name: OC_INSECURE;STORAGE_USERS_EVENTS_TLS_INSECURE defaultValue: "false" type: bool description: Whether to verify the server TLS certificates. @@ -13476,7 +13476,7 @@ STORAGE_USERS_EVENTS_TLS_INSECURE: removalVersion: "" deprecationInfo: "" STORAGE_USERS_EVENTS_TLS_ROOT_CA_CERTIFICATE: - name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;STORAGE_USERS_EVENTS_TLS_ROOT_CA_CERTIFICATE + name: OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;STORAGE_USERS_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. @@ -13496,7 +13496,7 @@ STORAGE_USERS_EXPOSE_DATA_SERVER: removalVersion: "" deprecationInfo: "" STORAGE_USERS_FILEMETADATA_CACHE_AUTH_PASSWORD: - name: OCIS_CACHE_AUTH_PASSWORD;STORAGE_USERS_FILEMETADATA_CACHE_AUTH_PASSWORD + name: OC_CACHE_AUTH_PASSWORD;STORAGE_USERS_FILEMETADATA_CACHE_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the cache store. Only applies when @@ -13506,7 +13506,7 @@ STORAGE_USERS_FILEMETADATA_CACHE_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" STORAGE_USERS_FILEMETADATA_CACHE_AUTH_USERNAME: - name: OCIS_CACHE_AUTH_USERNAME;STORAGE_USERS_FILEMETADATA_CACHE_AUTH_USERNAME + name: OC_CACHE_AUTH_USERNAME;STORAGE_USERS_FILEMETADATA_CACHE_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the cache store. Only applies when @@ -13516,7 +13516,7 @@ STORAGE_USERS_FILEMETADATA_CACHE_AUTH_USERNAME: removalVersion: "" deprecationInfo: "" STORAGE_USERS_FILEMETADATA_CACHE_DISABLE_PERSISTENCE: - name: OCIS_CACHE_DISABLE_PERSISTENCE;STORAGE_USERS_FILEMETADATA_CACHE_DISABLE_PERSISTENCE + name: OC_CACHE_DISABLE_PERSISTENCE;STORAGE_USERS_FILEMETADATA_CACHE_DISABLE_PERSISTENCE defaultValue: "false" type: bool description: Disables persistence of the cache. Only applies when store type 'nats-js-kv' @@ -13526,7 +13526,7 @@ STORAGE_USERS_FILEMETADATA_CACHE_DISABLE_PERSISTENCE: removalVersion: "" deprecationInfo: "" STORAGE_USERS_FILEMETADATA_CACHE_STORE: - name: OCIS_CACHE_STORE;STORAGE_USERS_FILEMETADATA_CACHE_STORE + name: OC_CACHE_STORE;STORAGE_USERS_FILEMETADATA_CACHE_STORE defaultValue: memory type: string description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'', @@ -13536,7 +13536,7 @@ STORAGE_USERS_FILEMETADATA_CACHE_STORE: removalVersion: "" deprecationInfo: "" STORAGE_USERS_FILEMETADATA_CACHE_STORE_NODES: - name: OCIS_CACHE_STORE_NODES;STORAGE_USERS_FILEMETADATA_CACHE_STORE_NODES + name: OC_CACHE_STORE_NODES;STORAGE_USERS_FILEMETADATA_CACHE_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. This has no effect @@ -13548,7 +13548,7 @@ STORAGE_USERS_FILEMETADATA_CACHE_STORE_NODES: removalVersion: "" deprecationInfo: "" STORAGE_USERS_FILEMETADATA_CACHE_TTL: - name: OCIS_CACHE_TTL;STORAGE_USERS_FILEMETADATA_CACHE_TTL + name: OC_CACHE_TTL;STORAGE_USERS_FILEMETADATA_CACHE_TTL defaultValue: 24m0s type: Duration description: Default time to live for user info in the user info cache. Only applied @@ -13559,7 +13559,7 @@ STORAGE_USERS_FILEMETADATA_CACHE_TTL: removalVersion: "" deprecationInfo: "" STORAGE_USERS_GATEWAY_GRPC_ADDR: - name: OCIS_GATEWAY_GRPC_ADDR;STORAGE_USERS_GATEWAY_GRPC_ADDR + name: OC_GATEWAY_GRPC_ADDR;STORAGE_USERS_GATEWAY_GRPC_ADDR defaultValue: 127.0.0.1:9142 type: string description: The bind address of the gateway GRPC address. @@ -13589,7 +13589,7 @@ STORAGE_USERS_GRPC_ADDR: removalVersion: "" deprecationInfo: "" STORAGE_USERS_GRPC_PROTOCOL: - name: OCIS_GRPC_PROTOCOL;STORAGE_USERS_GRPC_PROTOCOL + name: OC_GRPC_PROTOCOL;STORAGE_USERS_GRPC_PROTOCOL defaultValue: "" type: string description: The transport protocol of the GPRC service. @@ -13616,7 +13616,7 @@ STORAGE_USERS_HTTP_PROTOCOL: removalVersion: "" deprecationInfo: "" STORAGE_USERS_ID_CACHE_AUTH_PASSWORD: - name: OCIS_CACHE_AUTH_PASSWORD;STORAGE_USERS_ID_CACHE_AUTH_PASSWORD + name: OC_CACHE_AUTH_PASSWORD;STORAGE_USERS_ID_CACHE_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the cache store. Only applies when @@ -13626,7 +13626,7 @@ STORAGE_USERS_ID_CACHE_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" STORAGE_USERS_ID_CACHE_AUTH_USERNAME: - name: OCIS_CACHE_AUTH_USERNAME;STORAGE_USERS_ID_CACHE_AUTH_USERNAME + name: OC_CACHE_AUTH_USERNAME;STORAGE_USERS_ID_CACHE_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the cache store. Only applies when @@ -13636,7 +13636,7 @@ STORAGE_USERS_ID_CACHE_AUTH_USERNAME: removalVersion: "" deprecationInfo: "" STORAGE_USERS_ID_CACHE_DISABLE_PERSISTENCE: - name: OCIS_CACHE_DISABLE_PERSISTENCE;STORAGE_USERS_ID_CACHE_DISABLE_PERSISTENCE + name: OC_CACHE_DISABLE_PERSISTENCE;STORAGE_USERS_ID_CACHE_DISABLE_PERSISTENCE defaultValue: "false" type: bool description: Disables persistence of the cache. Only applies when store type 'nats-js-kv' @@ -13646,7 +13646,7 @@ STORAGE_USERS_ID_CACHE_DISABLE_PERSISTENCE: removalVersion: "" deprecationInfo: "" STORAGE_USERS_ID_CACHE_STORE: - name: OCIS_CACHE_STORE;STORAGE_USERS_ID_CACHE_STORE + name: OC_CACHE_STORE;STORAGE_USERS_ID_CACHE_STORE defaultValue: memory type: string description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'', @@ -13656,7 +13656,7 @@ STORAGE_USERS_ID_CACHE_STORE: removalVersion: "" deprecationInfo: "" STORAGE_USERS_ID_CACHE_STORE_NODES: - name: OCIS_CACHE_STORE_NODES;STORAGE_USERS_ID_CACHE_STORE_NODES + name: OC_CACHE_STORE_NODES;STORAGE_USERS_ID_CACHE_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. This has no effect @@ -13668,7 +13668,7 @@ STORAGE_USERS_ID_CACHE_STORE_NODES: removalVersion: "" deprecationInfo: "" STORAGE_USERS_ID_CACHE_TTL: - name: OCIS_CACHE_TTL;STORAGE_USERS_ID_CACHE_TTL + name: OC_CACHE_TTL;STORAGE_USERS_ID_CACHE_TTL defaultValue: 24m0s type: Duration description: Default time to live for user info in the user info cache. Only applied @@ -13680,7 +13680,7 @@ STORAGE_USERS_ID_CACHE_TTL: removalVersion: "" deprecationInfo: "" STORAGE_USERS_JWT_SECRET: - name: OCIS_JWT_SECRET;STORAGE_USERS_JWT_SECRET + name: OC_JWT_SECRET;STORAGE_USERS_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. @@ -13689,7 +13689,7 @@ STORAGE_USERS_JWT_SECRET: removalVersion: "" deprecationInfo: "" STORAGE_USERS_LOG_COLOR: - name: OCIS_LOG_COLOR;STORAGE_USERS_LOG_COLOR + name: OC_LOG_COLOR;STORAGE_USERS_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -13698,7 +13698,7 @@ STORAGE_USERS_LOG_COLOR: removalVersion: "" deprecationInfo: "" STORAGE_USERS_LOG_FILE: - name: OCIS_LOG_FILE;STORAGE_USERS_LOG_FILE + name: OC_LOG_FILE;STORAGE_USERS_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -13707,7 +13707,7 @@ STORAGE_USERS_LOG_FILE: removalVersion: "" deprecationInfo: "" STORAGE_USERS_LOG_LEVEL: - name: OCIS_LOG_LEVEL;STORAGE_USERS_LOG_LEVEL + name: OC_LOG_LEVEL;STORAGE_USERS_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -13717,7 +13717,7 @@ STORAGE_USERS_LOG_LEVEL: removalVersion: "" deprecationInfo: "" STORAGE_USERS_LOG_PRETTY: - name: OCIS_LOG_PRETTY;STORAGE_USERS_LOG_PRETTY + name: OC_LOG_PRETTY;STORAGE_USERS_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -13726,7 +13726,7 @@ STORAGE_USERS_LOG_PRETTY: removalVersion: "" deprecationInfo: "" STORAGE_USERS_MACHINE_AUTH_API_KEY: - name: OCIS_MACHINE_AUTH_API_KEY;STORAGE_USERS_MACHINE_AUTH_API_KEY + name: OC_MACHINE_AUTH_API_KEY;STORAGE_USERS_MACHINE_AUTH_API_KEY defaultValue: "" type: string description: Machine auth API key used to validate internal requests necessary for @@ -13786,7 +13786,7 @@ STORAGE_USERS_OCIS_MAX_ACQUIRE_LOCK_CYCLES: removalVersion: "" deprecationInfo: "" STORAGE_USERS_OCIS_MAX_CONCURRENCY: - name: OCIS_MAX_CONCURRENCY;STORAGE_USERS_OCIS_MAX_CONCURRENCY + name: OC_MAX_CONCURRENCY;STORAGE_USERS_OCIS_MAX_CONCURRENCY defaultValue: "5" type: int description: Maximum number of concurrent go-routines. Higher values can potentially @@ -13797,11 +13797,11 @@ STORAGE_USERS_OCIS_MAX_CONCURRENCY: removalVersion: "" deprecationInfo: "" STORAGE_USERS_OCIS_MAX_QUOTA: - name: OCIS_SPACES_MAX_QUOTA;STORAGE_USERS_OCIS_MAX_QUOTA + name: OC_SPACES_MAX_QUOTA;STORAGE_USERS_OCIS_MAX_QUOTA defaultValue: "0" type: uint64 description: Set a global max quota for spaces in bytes. A value of 0 equals unlimited. - If not using the global OCIS_SPACES_MAX_QUOTA, you must define the FRONTEND_MAX_QUOTA + If not using the global OC_SPACES_MAX_QUOTA, you must define the FRONTEND_MAX_QUOTA in the frontend service. introductionVersion: pre5.0 deprecationVersion: "" @@ -13836,7 +13836,7 @@ STORAGE_USERS_OCIS_PERSONAL_SPACE_PATH_TEMPLATE: removalVersion: "" deprecationInfo: "" STORAGE_USERS_OCIS_PROPAGATOR: - name: OCIS_DECOMPOSEDFS_PROPAGATOR;STORAGE_USERS_OCIS_PROPAGATOR + name: OC_DECOMPOSEDFS_PROPAGATOR;STORAGE_USERS_OCIS_PROPAGATOR defaultValue: sync type: string description: The propagator used for decomposedfs. At the moment, only 'sync' is @@ -13850,7 +13850,7 @@ STORAGE_USERS_OCIS_ROOT: defaultValue: /var/lib/ocis/storage/users type: string description: The directory where the filesystem storage will store blobs and metadata. - If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/storage/users. + If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage/users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -13878,7 +13878,7 @@ STORAGE_USERS_OWNCLOUDSQL_DATADIR: defaultValue: /var/lib/ocis/storage/owncloud type: string description: The directory where the filesystem storage will store SQL migration - data. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/storage/owncloud. + data. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage/owncloud. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -13952,7 +13952,7 @@ STORAGE_USERS_OWNCLOUDSQL_UPLOADINFO_DIR: defaultValue: /var/lib/ocis/storage/uploadinfo type: string description: The directory where the filesystem will store uploads temporarily. - If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/storage/uploadinfo. + If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage/uploadinfo. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -14009,7 +14009,7 @@ STORAGE_USERS_POSIX_ROOT: defaultValue: /var/lib/ocis/storage/users type: string description: The directory where the filesystem storage will store its data. If - not defined, the root directory derives from $OCIS_BASE_DATA_PATH/storage/users. + not defined, the root directory derives from $OC_BASE_DATA_PATH/storage/users. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" @@ -14088,7 +14088,7 @@ STORAGE_USERS_PURGE_TRASH_BIN_PROJECT_DELETE_BEFORE: removalVersion: "" deprecationInfo: "" STORAGE_USERS_PURGE_TRASH_BIN_USER_ID: - name: OCIS_ADMIN_USER_ID;STORAGE_USERS_PURGE_TRASH_BIN_USER_ID + name: OC_ADMIN_USER_ID;STORAGE_USERS_PURGE_TRASH_BIN_USER_ID defaultValue: "" type: string description: ID of the user who collects all necessary information for deletion. @@ -14177,7 +14177,7 @@ STORAGE_USERS_S3NG_MAX_ACQUIRE_LOCK_CYCLES: removalVersion: "" deprecationInfo: "" STORAGE_USERS_S3NG_MAX_CONCURRENCY: - name: OCIS_MAX_CONCURRENCY;STORAGE_USERS_S3NG_MAX_CONCURRENCY + name: OC_MAX_CONCURRENCY;STORAGE_USERS_S3NG_MAX_CONCURRENCY defaultValue: "5" type: int description: Maximum number of concurrent go-routines. Higher values can potentially @@ -14216,7 +14216,7 @@ STORAGE_USERS_S3NG_PERSONAL_SPACE_PATH_TEMPLATE: removalVersion: "" deprecationInfo: "" STORAGE_USERS_S3NG_PROPAGATOR: - name: OCIS_DECOMPOSEDFS_PROPAGATOR;STORAGE_USERS_S3NG_PROPAGATOR + name: OC_DECOMPOSEDFS_PROPAGATOR;STORAGE_USERS_S3NG_PROPAGATOR defaultValue: sync type: string description: The propagator used for decomposedfs. At the moment, only 'sync' is @@ -14294,7 +14294,7 @@ STORAGE_USERS_S3NG_ROOT: defaultValue: /var/lib/ocis/storage/users type: string description: The directory where the filesystem storage will store metadata for - blobs. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/storage/users. + blobs. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage/users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -14327,7 +14327,7 @@ STORAGE_USERS_S3NG_USER_LAYOUT: removalVersion: "" deprecationInfo: "" STORAGE_USERS_SERVICE_ACCOUNT_ID: - name: OCIS_SERVICE_ACCOUNT_ID;STORAGE_USERS_SERVICE_ACCOUNT_ID + name: OC_SERVICE_ACCOUNT_ID;STORAGE_USERS_SERVICE_ACCOUNT_ID defaultValue: "" type: string description: The ID of the service account the service should use. See the 'auth-service' @@ -14337,7 +14337,7 @@ STORAGE_USERS_SERVICE_ACCOUNT_ID: removalVersion: "" deprecationInfo: "" STORAGE_USERS_SERVICE_ACCOUNT_SECRET: - name: OCIS_SERVICE_ACCOUNT_SECRET;STORAGE_USERS_SERVICE_ACCOUNT_SECRET + name: OC_SERVICE_ACCOUNT_SECRET;STORAGE_USERS_SERVICE_ACCOUNT_SECRET defaultValue: "" type: string description: The service account secret. @@ -14367,7 +14367,7 @@ STORAGE_USERS_SKIP_USER_GROUPS_IN_TOKEN: removalVersion: "" deprecationInfo: "" STORAGE_USERS_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;STORAGE_USERS_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;STORAGE_USERS_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -14377,7 +14377,7 @@ STORAGE_USERS_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" STORAGE_USERS_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;STORAGE_USERS_TRACING_ENABLED + name: OC_TRACING_ENABLED;STORAGE_USERS_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -14386,7 +14386,7 @@ STORAGE_USERS_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" STORAGE_USERS_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;STORAGE_USERS_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;STORAGE_USERS_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -14395,7 +14395,7 @@ STORAGE_USERS_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" STORAGE_USERS_TRACING_TYPE: - name: OCIS_TRACING_TYPE;STORAGE_USERS_TRACING_TYPE + name: OC_TRACING_TYPE;STORAGE_USERS_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -14425,7 +14425,7 @@ STORAGE_USERS_UPLOAD_EXPIRATION: removalVersion: "" deprecationInfo: "" THUMBNAILS_CORS_ALLOW_CREDENTIALS: - name: OCIS_CORS_ALLOW_CREDENTIALS;THUMBNAILS_CORS_ALLOW_CREDENTIALS + name: OC_CORS_ALLOW_CREDENTIALS;THUMBNAILS_CORS_ALLOW_CREDENTIALS defaultValue: "true" type: bool description: 'Allow credentials for CORS.See following chapter for more details: @@ -14435,7 +14435,7 @@ THUMBNAILS_CORS_ALLOW_CREDENTIALS: removalVersion: "" deprecationInfo: "" THUMBNAILS_CORS_ALLOW_HEADERS: - name: OCIS_CORS_ALLOW_HEADERS;THUMBNAILS_CORS_ALLOW_HEADERS + name: OC_CORS_ALLOW_HEADERS;THUMBNAILS_CORS_ALLOW_HEADERS defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id Cache-Control]' type: '[]string' @@ -14447,7 +14447,7 @@ THUMBNAILS_CORS_ALLOW_HEADERS: removalVersion: "" deprecationInfo: "" THUMBNAILS_CORS_ALLOW_METHODS: - name: OCIS_CORS_ALLOW_METHODS;THUMBNAILS_CORS_ALLOW_METHODS + name: OC_CORS_ALLOW_METHODS;THUMBNAILS_CORS_ALLOW_METHODS defaultValue: '[GET POST PUT PATCH DELETE OPTIONS]' type: '[]string' description: 'A list of allowed CORS methods. See following chapter for more details: @@ -14458,7 +14458,7 @@ THUMBNAILS_CORS_ALLOW_METHODS: removalVersion: "" deprecationInfo: "" THUMBNAILS_CORS_ALLOW_ORIGINS: - name: OCIS_CORS_ALLOW_ORIGINS;THUMBNAILS_CORS_ALLOW_ORIGINS + name: OC_CORS_ALLOW_ORIGINS;THUMBNAILS_CORS_ALLOW_ORIGINS defaultValue: '[*]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: @@ -14469,7 +14469,7 @@ THUMBNAILS_CORS_ALLOW_ORIGINS: removalVersion: "" deprecationInfo: "" THUMBNAILS_CS3SOURCE_INSECURE: - name: OCIS_INSECURE;THUMBNAILS_CS3SOURCE_INSECURE + name: OC_INSECURE;THUMBNAILS_CS3SOURCE_INSECURE defaultValue: "false" type: bool description: Ignore untrusted SSL certificates when connecting to the CS3 source. @@ -14529,7 +14529,7 @@ THUMBNAILS_FILESYSTEMSTORAGE_ROOT: defaultValue: /var/lib/ocis/thumbnails type: string description: The directory where the filesystem storage will store the thumbnails. - If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/thumbnails. + If not defined, the root directory derives from $OC_BASE_DATA_PATH/thumbnails. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -14562,7 +14562,7 @@ THUMBNAILS_HTTP_ROOT: removalVersion: "" deprecationInfo: "" THUMBNAILS_LOG_COLOR: - name: OCIS_LOG_COLOR;THUMBNAILS_LOG_COLOR + name: OC_LOG_COLOR;THUMBNAILS_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -14571,7 +14571,7 @@ THUMBNAILS_LOG_COLOR: removalVersion: "" deprecationInfo: "" THUMBNAILS_LOG_FILE: - name: OCIS_LOG_FILE;THUMBNAILS_LOG_FILE + name: OC_LOG_FILE;THUMBNAILS_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -14580,7 +14580,7 @@ THUMBNAILS_LOG_FILE: removalVersion: "" deprecationInfo: "" THUMBNAILS_LOG_LEVEL: - name: OCIS_LOG_LEVEL;THUMBNAILS_LOG_LEVEL + name: OC_LOG_LEVEL;THUMBNAILS_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -14590,7 +14590,7 @@ THUMBNAILS_LOG_LEVEL: removalVersion: "" deprecationInfo: "" THUMBNAILS_LOG_PRETTY: - name: OCIS_LOG_PRETTY;THUMBNAILS_LOG_PRETTY + name: OC_LOG_PRETTY;THUMBNAILS_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -14650,7 +14650,7 @@ THUMBNAILS_RESOLUTIONS: removalVersion: "" deprecationInfo: "" THUMBNAILS_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;THUMBNAILS_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;THUMBNAILS_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -14660,7 +14660,7 @@ THUMBNAILS_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" THUMBNAILS_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;THUMBNAILS_TRACING_ENABLED + name: OC_TRACING_ENABLED;THUMBNAILS_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -14669,7 +14669,7 @@ THUMBNAILS_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" THUMBNAILS_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;THUMBNAILS_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;THUMBNAILS_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -14678,7 +14678,7 @@ THUMBNAILS_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" THUMBNAILS_TRACING_TYPE: - name: OCIS_TRACING_TYPE;THUMBNAILS_TRACING_TYPE + name: OC_TRACING_TYPE;THUMBNAILS_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -14706,7 +14706,7 @@ THUMBNAILS_TXT_FONTMAP_FILE: removalVersion: "" deprecationInfo: "" THUMBNAILS_WEBDAVSOURCE_INSECURE: - name: OCIS_INSECURE;THUMBNAILS_WEBDAVSOURCE_INSECURE + name: OC_INSECURE;THUMBNAILS_WEBDAVSOURCE_INSECURE defaultValue: "false" type: bool description: Ignore untrusted SSL certificates when connecting to the webdav source. @@ -14715,7 +14715,7 @@ THUMBNAILS_WEBDAVSOURCE_INSECURE: removalVersion: "" deprecationInfo: "" USERLOG_CORS_ALLOW_CREDENTIALS: - name: OCIS_CORS_ALLOW_CREDENTIALS;USERLOG_CORS_ALLOW_CREDENTIALS + name: OC_CORS_ALLOW_CREDENTIALS;USERLOG_CORS_ALLOW_CREDENTIALS defaultValue: "true" type: bool description: 'Allow credentials for CORS.See following chapter for more details: @@ -14725,7 +14725,7 @@ USERLOG_CORS_ALLOW_CREDENTIALS: removalVersion: "" deprecationInfo: "" USERLOG_CORS_ALLOW_HEADERS: - name: OCIS_CORS_ALLOW_HEADERS;USERLOG_CORS_ALLOW_HEADERS + name: OC_CORS_ALLOW_HEADERS;USERLOG_CORS_ALLOW_HEADERS defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id Ocs-Apirequest]' type: '[]string' @@ -14737,7 +14737,7 @@ USERLOG_CORS_ALLOW_HEADERS: removalVersion: "" deprecationInfo: "" USERLOG_CORS_ALLOW_METHODS: - name: OCIS_CORS_ALLOW_METHODS;USERLOG_CORS_ALLOW_METHODS + name: OC_CORS_ALLOW_METHODS;USERLOG_CORS_ALLOW_METHODS defaultValue: '[GET]' type: '[]string' description: 'A list of allowed CORS methods. See following chapter for more details: @@ -14748,7 +14748,7 @@ USERLOG_CORS_ALLOW_METHODS: removalVersion: "" deprecationInfo: "" USERLOG_CORS_ALLOW_ORIGINS: - name: OCIS_CORS_ALLOW_ORIGINS;USERLOG_CORS_ALLOW_ORIGINS + name: OC_CORS_ALLOW_ORIGINS;USERLOG_CORS_ALLOW_ORIGINS defaultValue: '[*]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: @@ -14797,7 +14797,7 @@ USERLOG_DEBUG_ZPAGES: removalVersion: "" deprecationInfo: "" USERLOG_EVENTS_AUTH_PASSWORD: - name: OCIS_EVENTS_AUTH_PASSWORD;USERLOG_EVENTS_AUTH_PASSWORD + name: OC_EVENTS_AUTH_PASSWORD;USERLOG_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the events broker. The events broker @@ -14807,7 +14807,7 @@ USERLOG_EVENTS_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" USERLOG_EVENTS_AUTH_USERNAME: - name: OCIS_EVENTS_AUTH_USERNAME;USERLOG_EVENTS_AUTH_USERNAME + name: OC_EVENTS_AUTH_USERNAME;USERLOG_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the events broker. The events broker @@ -14817,7 +14817,7 @@ USERLOG_EVENTS_AUTH_USERNAME: removalVersion: "" deprecationInfo: "" USERLOG_EVENTS_CLUSTER: - name: OCIS_EVENTS_CLUSTER;USERLOG_EVENTS_CLUSTER + name: OC_EVENTS_CLUSTER;USERLOG_EVENTS_CLUSTER defaultValue: ocis-cluster type: string description: The clusterID of the event system. The event system is the message @@ -14828,7 +14828,7 @@ USERLOG_EVENTS_CLUSTER: removalVersion: "" deprecationInfo: "" USERLOG_EVENTS_ENABLE_TLS: - name: OCIS_EVENTS_ENABLE_TLS;USERLOG_EVENTS_ENABLE_TLS + name: OC_EVENTS_ENABLE_TLS;USERLOG_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker @@ -14838,7 +14838,7 @@ USERLOG_EVENTS_ENABLE_TLS: removalVersion: "" deprecationInfo: "" USERLOG_EVENTS_ENDPOINT: - name: OCIS_EVENTS_ENDPOINT;USERLOG_EVENTS_ENDPOINT + name: OC_EVENTS_ENDPOINT;USERLOG_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing @@ -14848,7 +14848,7 @@ USERLOG_EVENTS_ENDPOINT: removalVersion: "" deprecationInfo: "" USERLOG_EVENTS_TLS_INSECURE: - name: OCIS_INSECURE;USERLOG_EVENTS_TLS_INSECURE + name: OC_INSECURE;USERLOG_EVENTS_TLS_INSECURE defaultValue: "false" type: bool description: Whether to verify the server TLS certificates. @@ -14857,7 +14857,7 @@ USERLOG_EVENTS_TLS_INSECURE: removalVersion: "" deprecationInfo: "" USERLOG_EVENTS_TLS_ROOT_CA_CERTIFICATE: - name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;USERLOG_EVENTS_TLS_ROOT_CA_CERTIFICATE + name: OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;USERLOG_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. @@ -14896,7 +14896,7 @@ USERLOG_HTTP_ROOT: removalVersion: "" deprecationInfo: "" USERLOG_JWT_SECRET: - name: OCIS_JWT_SECRET;USERLOG_JWT_SECRET + name: OC_JWT_SECRET;USERLOG_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. @@ -14905,7 +14905,7 @@ USERLOG_JWT_SECRET: removalVersion: "" deprecationInfo: "" USERLOG_LOG_COLOR: - name: OCIS_LOG_COLOR;USERLOG_LOG_COLOR + name: OC_LOG_COLOR;USERLOG_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -14914,7 +14914,7 @@ USERLOG_LOG_COLOR: removalVersion: "" deprecationInfo: "" USERLOG_LOG_FILE: - name: OCIS_LOG_FILE;USERLOG_LOG_FILE + name: OC_LOG_FILE;USERLOG_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -14923,7 +14923,7 @@ USERLOG_LOG_FILE: removalVersion: "" deprecationInfo: "" USERLOG_LOG_LEVEL: - name: OCIS_LOG_LEVEL;USERLOG_LOG_LEVEL + name: OC_LOG_LEVEL;USERLOG_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -14933,7 +14933,7 @@ USERLOG_LOG_LEVEL: removalVersion: "" deprecationInfo: "" USERLOG_LOG_PRETTY: - name: OCIS_LOG_PRETTY;USERLOG_LOG_PRETTY + name: OC_LOG_PRETTY;USERLOG_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -14942,7 +14942,7 @@ USERLOG_LOG_PRETTY: removalVersion: "" deprecationInfo: "" USERLOG_MAX_CONCURRENCY: - name: OCIS_MAX_CONCURRENCY;USERLOG_MAX_CONCURRENCY + name: OC_MAX_CONCURRENCY;USERLOG_MAX_CONCURRENCY defaultValue: "1" type: int description: Maximum number of concurrent go-routines. Higher values can potentially @@ -14953,7 +14953,7 @@ USERLOG_MAX_CONCURRENCY: removalVersion: "" deprecationInfo: "" USERLOG_SERVICE_ACCOUNT_ID: - name: OCIS_SERVICE_ACCOUNT_ID;USERLOG_SERVICE_ACCOUNT_ID + name: OC_SERVICE_ACCOUNT_ID;USERLOG_SERVICE_ACCOUNT_ID defaultValue: "" type: string description: The ID of the service account the service should use. See the 'auth-service' @@ -14963,7 +14963,7 @@ USERLOG_SERVICE_ACCOUNT_ID: removalVersion: "" deprecationInfo: "" USERLOG_SERVICE_ACCOUNT_SECRET: - name: OCIS_SERVICE_ACCOUNT_SECRET;USERLOG_SERVICE_ACCOUNT_SECRET + name: OC_SERVICE_ACCOUNT_SECRET;USERLOG_SERVICE_ACCOUNT_SECRET defaultValue: "" type: string description: The service account secret. @@ -14972,7 +14972,7 @@ USERLOG_SERVICE_ACCOUNT_SECRET: removalVersion: "" deprecationInfo: "" USERLOG_STORE: - name: OCIS_PERSISTENT_STORE;USERLOG_STORE + name: OC_PERSISTENT_STORE;USERLOG_STORE defaultValue: memory type: string description: 'The type of the store. Supported values are: ''memory'', ''nats-js-kv'', @@ -14982,7 +14982,7 @@ USERLOG_STORE: removalVersion: "" deprecationInfo: "" USERLOG_STORE_AUTH_PASSWORD: - name: OCIS_PERSISTENT_STORE_AUTH_PASSWORD;USERLOG_STORE_AUTH_PASSWORD + name: OC_PERSISTENT_STORE_AUTH_PASSWORD;USERLOG_STORE_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the store. Only applies when store @@ -14992,7 +14992,7 @@ USERLOG_STORE_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" USERLOG_STORE_AUTH_USERNAME: - name: OCIS_PERSISTENT_STORE_AUTH_USERNAME;USERLOG_STORE_AUTH_USERNAME + name: OC_PERSISTENT_STORE_AUTH_USERNAME;USERLOG_STORE_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the store. Only applies when store @@ -15011,7 +15011,7 @@ USERLOG_STORE_DATABASE: removalVersion: "" deprecationInfo: "" USERLOG_STORE_NODES: - name: OCIS_PERSISTENT_STORE_NODES;USERLOG_STORE_NODES + name: OC_PERSISTENT_STORE_NODES;USERLOG_STORE_NODES defaultValue: '[]' type: '[]string' description: A list of nodes to access the configured store. This has no effect @@ -15032,7 +15032,7 @@ USERLOG_STORE_TABLE: removalVersion: "" deprecationInfo: "" USERLOG_STORE_TTL: - name: OCIS_PERSISTENT_STORE_TTL;USERLOG_STORE_TTL + name: OC_PERSISTENT_STORE_TTL;USERLOG_STORE_TTL defaultValue: 336h0m0s type: Duration description: Time to live for events in the store. Defaults to '336h' (2 weeks). @@ -15042,7 +15042,7 @@ USERLOG_STORE_TTL: removalVersion: "" deprecationInfo: "" USERLOG_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;USERLOG_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;USERLOG_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -15052,7 +15052,7 @@ USERLOG_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" USERLOG_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;USERLOG_TRACING_ENABLED + name: OC_TRACING_ENABLED;USERLOG_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -15061,7 +15061,7 @@ USERLOG_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" USERLOG_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;USERLOG_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;USERLOG_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -15070,7 +15070,7 @@ USERLOG_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" USERLOG_TRACING_TYPE: - name: OCIS_TRACING_TYPE;USERLOG_TRACING_TYPE + name: OC_TRACING_TYPE;USERLOG_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -15080,7 +15080,7 @@ USERLOG_TRACING_TYPE: removalVersion: "" deprecationInfo: "" USERLOG_TRANSLATION_PATH: - name: OCIS_TRANSLATION_PATH;USERLOG_TRANSLATION_PATH + name: OC_TRANSLATION_PATH;USERLOG_TRANSLATION_PATH defaultValue: "" type: string description: (optional) Set this to a path with custom translations to overwrite @@ -15148,7 +15148,7 @@ USERS_GRPC_ADDR: removalVersion: "" deprecationInfo: "" USERS_GRPC_PROTOCOL: - name: OCIS_GRPC_PROTOCOL;USERS_GRPC_PROTOCOL + name: OC_GRPC_PROTOCOL;USERS_GRPC_PROTOCOL defaultValue: tcp type: string description: The transport protocol of the GPRC service. @@ -15157,7 +15157,7 @@ USERS_GRPC_PROTOCOL: removalVersion: "" deprecationInfo: "" USERS_IDP_URL: - name: OCIS_URL;OCIS_OIDC_ISSUER;USERS_IDP_URL + name: OC_URL;OC_OIDC_ISSUER;USERS_IDP_URL defaultValue: https://localhost:9200 type: string description: The identity provider value to set in the userids of the CS3 user objects @@ -15167,7 +15167,7 @@ USERS_IDP_URL: removalVersion: "" deprecationInfo: "" USERS_JWT_SECRET: - name: OCIS_JWT_SECRET;USERS_JWT_SECRET + name: OC_JWT_SECRET;USERS_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. @@ -15176,7 +15176,7 @@ USERS_JWT_SECRET: removalVersion: "" deprecationInfo: "" USERS_LDAP_BIND_DN: - name: OCIS_LDAP_BIND_DN;USERS_LDAP_BIND_DN + name: OC_LDAP_BIND_DN;USERS_LDAP_BIND_DN defaultValue: uid=reva,ou=sysusers,o=libregraph-idm type: string description: LDAP DN to use for simple bind authentication with the target LDAP @@ -15186,7 +15186,7 @@ USERS_LDAP_BIND_DN: removalVersion: "" deprecationInfo: "" USERS_LDAP_BIND_PASSWORD: - name: OCIS_LDAP_BIND_PASSWORD;USERS_LDAP_BIND_PASSWORD + name: OC_LDAP_BIND_PASSWORD;USERS_LDAP_BIND_PASSWORD defaultValue: "" type: string description: Password to use for authenticating the 'bind_dn'. @@ -15195,18 +15195,18 @@ USERS_LDAP_BIND_PASSWORD: removalVersion: "" deprecationInfo: "" USERS_LDAP_CACERT: - name: OCIS_LDAP_CACERT;USERS_LDAP_CACERT + name: OC_LDAP_CACERT;USERS_LDAP_CACERT defaultValue: /var/lib/ocis/idm/ldap.crt type: string description: Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root - directory derives from $OCIS_BASE_DATA_PATH/idm. + directory derives from $OC_BASE_DATA_PATH/idm. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_LDAP_DISABLE_USER_MECHANISM: - name: OCIS_LDAP_DISABLE_USER_MECHANISM;USERS_LDAP_DISABLE_USER_MECHANISM + name: OC_LDAP_DISABLE_USER_MECHANISM;USERS_LDAP_DISABLE_USER_MECHANISM defaultValue: attribute type: string description: An option to control the behavior for disabling users. Valid options @@ -15219,7 +15219,7 @@ USERS_LDAP_DISABLE_USER_MECHANISM: removalVersion: "" deprecationInfo: "" USERS_LDAP_DISABLED_USERS_GROUP_DN: - name: OCIS_LDAP_DISABLED_USERS_GROUP_DN;USERS_LDAP_DISABLED_USERS_GROUP_DN + name: OC_LDAP_DISABLED_USERS_GROUP_DN;USERS_LDAP_DISABLED_USERS_GROUP_DN defaultValue: cn=DisabledUsersGroup,ou=groups,o=libregraph-idm type: string description: The distinguished name of the group to which added users will be classified @@ -15229,7 +15229,7 @@ USERS_LDAP_DISABLED_USERS_GROUP_DN: removalVersion: "" deprecationInfo: "" USERS_LDAP_GROUP_BASE_DN: - name: OCIS_LDAP_GROUP_BASE_DN;USERS_LDAP_GROUP_BASE_DN + name: OC_LDAP_GROUP_BASE_DN;USERS_LDAP_GROUP_BASE_DN defaultValue: ou=groups,o=libregraph-idm type: string description: Search base DN for looking up LDAP groups. @@ -15238,7 +15238,7 @@ USERS_LDAP_GROUP_BASE_DN: removalVersion: "" deprecationInfo: "" USERS_LDAP_GROUP_FILTER: - name: OCIS_LDAP_GROUP_FILTER;USERS_LDAP_GROUP_FILTER + name: OC_LDAP_GROUP_FILTER;USERS_LDAP_GROUP_FILTER defaultValue: "" type: string description: LDAP filter to add to the default filters for group searches. @@ -15247,7 +15247,7 @@ USERS_LDAP_GROUP_FILTER: removalVersion: "" deprecationInfo: "" USERS_LDAP_GROUP_OBJECTCLASS: - name: OCIS_LDAP_GROUP_OBJECTCLASS;USERS_LDAP_GROUP_OBJECTCLASS + name: OC_LDAP_GROUP_OBJECTCLASS;USERS_LDAP_GROUP_OBJECTCLASS defaultValue: groupOfNames type: string description: The object class to use for groups in the default group search filter @@ -15257,7 +15257,7 @@ USERS_LDAP_GROUP_OBJECTCLASS: removalVersion: "" deprecationInfo: "" USERS_LDAP_GROUP_SCHEMA_DISPLAYNAME: - name: OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME;USERS_LDAP_GROUP_SCHEMA_DISPLAYNAME + name: OC_LDAP_GROUP_SCHEMA_DISPLAYNAME;USERS_LDAP_GROUP_SCHEMA_DISPLAYNAME defaultValue: cn type: string description: LDAP Attribute to use for the displayname of groups (often the same @@ -15267,7 +15267,7 @@ USERS_LDAP_GROUP_SCHEMA_DISPLAYNAME: removalVersion: "" deprecationInfo: "" USERS_LDAP_GROUP_SCHEMA_GROUPNAME: - name: OCIS_LDAP_GROUP_SCHEMA_GROUPNAME;USERS_LDAP_GROUP_SCHEMA_GROUPNAME + name: OC_LDAP_GROUP_SCHEMA_GROUPNAME;USERS_LDAP_GROUP_SCHEMA_GROUPNAME defaultValue: cn type: string description: LDAP Attribute to use for the name of groups. @@ -15276,7 +15276,7 @@ USERS_LDAP_GROUP_SCHEMA_GROUPNAME: removalVersion: "" deprecationInfo: "" USERS_LDAP_GROUP_SCHEMA_ID: - name: OCIS_LDAP_GROUP_SCHEMA_ID;USERS_LDAP_GROUP_SCHEMA_ID + name: OC_LDAP_GROUP_SCHEMA_ID;USERS_LDAP_GROUP_SCHEMA_ID defaultValue: ownclouduuid type: string description: LDAP Attribute to use as the unique ID for groups. This should be a @@ -15286,7 +15286,7 @@ USERS_LDAP_GROUP_SCHEMA_ID: removalVersion: "" deprecationInfo: "" USERS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING: - name: OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;USERS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING + name: OC_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;USERS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING defaultValue: "false" type: bool description: Set this to true if the defined 'id' attribute for groups is of the @@ -15297,7 +15297,7 @@ USERS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING: removalVersion: "" deprecationInfo: "" USERS_LDAP_GROUP_SCHEMA_MAIL: - name: OCIS_LDAP_GROUP_SCHEMA_MAIL;USERS_LDAP_GROUP_SCHEMA_MAIL + name: OC_LDAP_GROUP_SCHEMA_MAIL;USERS_LDAP_GROUP_SCHEMA_MAIL defaultValue: mail type: string description: LDAP Attribute to use for the email address of groups (can be empty). @@ -15306,7 +15306,7 @@ USERS_LDAP_GROUP_SCHEMA_MAIL: removalVersion: "" deprecationInfo: "" USERS_LDAP_GROUP_SCHEMA_MEMBER: - name: OCIS_LDAP_GROUP_SCHEMA_MEMBER;USERS_LDAP_GROUP_SCHEMA_MEMBER + name: OC_LDAP_GROUP_SCHEMA_MEMBER;USERS_LDAP_GROUP_SCHEMA_MEMBER defaultValue: member type: string description: LDAP Attribute that is used for group members. @@ -15315,7 +15315,7 @@ USERS_LDAP_GROUP_SCHEMA_MEMBER: removalVersion: "" deprecationInfo: "" USERS_LDAP_GROUP_SCOPE: - name: OCIS_LDAP_GROUP_SCOPE;USERS_LDAP_GROUP_SCOPE + name: OC_LDAP_GROUP_SCOPE;USERS_LDAP_GROUP_SCOPE defaultValue: sub type: string description: LDAP search scope to use when looking up groups. Supported values are @@ -15325,7 +15325,7 @@ USERS_LDAP_GROUP_SCOPE: removalVersion: "" deprecationInfo: "" USERS_LDAP_INSECURE: - name: OCIS_LDAP_INSECURE;USERS_LDAP_INSECURE + name: OC_LDAP_INSECURE;USERS_LDAP_INSECURE defaultValue: "false" type: bool description: Disable TLS certificate validation for the LDAP connections. Do not @@ -15335,7 +15335,7 @@ USERS_LDAP_INSECURE: removalVersion: "" deprecationInfo: "" USERS_LDAP_URI: - name: OCIS_LDAP_URI;USERS_LDAP_URI + name: OC_LDAP_URI;USERS_LDAP_URI defaultValue: ldaps://localhost:9235 type: string description: URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' @@ -15345,7 +15345,7 @@ USERS_LDAP_URI: removalVersion: "" deprecationInfo: "" USERS_LDAP_USER_BASE_DN: - name: OCIS_LDAP_USER_BASE_DN;USERS_LDAP_USER_BASE_DN + name: OC_LDAP_USER_BASE_DN;USERS_LDAP_USER_BASE_DN defaultValue: ou=users,o=libregraph-idm type: string description: Search base DN for looking up LDAP users. @@ -15354,7 +15354,7 @@ USERS_LDAP_USER_BASE_DN: removalVersion: "" deprecationInfo: "" USERS_LDAP_USER_ENABLED_ATTRIBUTE: - name: OCIS_LDAP_USER_ENABLED_ATTRIBUTE;USERS_LDAP_USER_ENABLED_ATTRIBUTE + name: OC_LDAP_USER_ENABLED_ATTRIBUTE;USERS_LDAP_USER_ENABLED_ATTRIBUTE defaultValue: ownCloudUserEnabled type: string description: LDAP attribute to use as a flag telling if the user is enabled or disabled. @@ -15363,7 +15363,7 @@ USERS_LDAP_USER_ENABLED_ATTRIBUTE: removalVersion: "" deprecationInfo: "" USERS_LDAP_USER_FILTER: - name: OCIS_LDAP_USER_FILTER;USERS_LDAP_USER_FILTER + name: OC_LDAP_USER_FILTER;USERS_LDAP_USER_FILTER defaultValue: "" type: string description: LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'. @@ -15372,7 +15372,7 @@ USERS_LDAP_USER_FILTER: removalVersion: "" deprecationInfo: "" USERS_LDAP_USER_OBJECTCLASS: - name: OCIS_LDAP_USER_OBJECTCLASS;USERS_LDAP_USER_OBJECTCLASS + name: OC_LDAP_USER_OBJECTCLASS;USERS_LDAP_USER_OBJECTCLASS defaultValue: inetOrgPerson type: string description: The object class to use for users in the default user search filter @@ -15382,7 +15382,7 @@ USERS_LDAP_USER_OBJECTCLASS: removalVersion: "" deprecationInfo: "" USERS_LDAP_USER_SCHEMA_DISPLAYNAME: - name: OCIS_LDAP_USER_SCHEMA_DISPLAYNAME;USERS_LDAP_USER_SCHEMA_DISPLAYNAME + name: OC_LDAP_USER_SCHEMA_DISPLAYNAME;USERS_LDAP_USER_SCHEMA_DISPLAYNAME defaultValue: displayname type: string description: LDAP Attribute to use for the displayname of users. @@ -15391,7 +15391,7 @@ USERS_LDAP_USER_SCHEMA_DISPLAYNAME: removalVersion: "" deprecationInfo: "" USERS_LDAP_USER_SCHEMA_ID: - name: OCIS_LDAP_USER_SCHEMA_ID;USERS_LDAP_USER_SCHEMA_ID + name: OC_LDAP_USER_SCHEMA_ID;USERS_LDAP_USER_SCHEMA_ID defaultValue: ownclouduuid type: string description: LDAP Attribute to use as the unique ID for users. This should be a @@ -15401,7 +15401,7 @@ USERS_LDAP_USER_SCHEMA_ID: removalVersion: "" deprecationInfo: "" USERS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING: - name: OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;USERS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING + name: OC_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;USERS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING defaultValue: "false" type: bool description: Set this to true if the defined 'ID' attribute for users is of the @@ -15412,7 +15412,7 @@ USERS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING: removalVersion: "" deprecationInfo: "" USERS_LDAP_USER_SCHEMA_MAIL: - name: OCIS_LDAP_USER_SCHEMA_MAIL;USERS_LDAP_USER_SCHEMA_MAIL + name: OC_LDAP_USER_SCHEMA_MAIL;USERS_LDAP_USER_SCHEMA_MAIL defaultValue: mail type: string description: LDAP Attribute to use for the email address of users. @@ -15421,7 +15421,7 @@ USERS_LDAP_USER_SCHEMA_MAIL: removalVersion: "" deprecationInfo: "" USERS_LDAP_USER_SCHEMA_USERNAME: - name: OCIS_LDAP_USER_SCHEMA_USERNAME;USERS_LDAP_USER_SCHEMA_USERNAME + name: OC_LDAP_USER_SCHEMA_USERNAME;USERS_LDAP_USER_SCHEMA_USERNAME defaultValue: uid type: string description: LDAP Attribute to use for username of users. @@ -15430,7 +15430,7 @@ USERS_LDAP_USER_SCHEMA_USERNAME: removalVersion: "" deprecationInfo: "" USERS_LDAP_USER_SCOPE: - name: OCIS_LDAP_USER_SCOPE;USERS_LDAP_USER_SCOPE + name: OC_LDAP_USER_SCOPE;USERS_LDAP_USER_SCOPE defaultValue: sub type: string description: LDAP search scope to use when looking up users. Supported values are @@ -15451,7 +15451,7 @@ USERS_LDAP_USER_SUBSTRING_FILTER_TYPE: removalVersion: "" deprecationInfo: "" USERS_LDAP_USER_TYPE_ATTRIBUTE: - name: OCIS_LDAP_USER_SCHEMA_USER_TYPE;USERS_LDAP_USER_TYPE_ATTRIBUTE + name: OC_LDAP_USER_SCHEMA_USER_TYPE;USERS_LDAP_USER_TYPE_ATTRIBUTE defaultValue: ownCloudUserType type: string description: LDAP Attribute to distinguish between 'Member' and 'Guest' users. Default @@ -15461,7 +15461,7 @@ USERS_LDAP_USER_TYPE_ATTRIBUTE: removalVersion: "" deprecationInfo: "" USERS_LOG_COLOR: - name: OCIS_LOG_COLOR;USERS_LOG_COLOR + name: OC_LOG_COLOR;USERS_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -15470,7 +15470,7 @@ USERS_LOG_COLOR: removalVersion: "" deprecationInfo: "" USERS_LOG_FILE: - name: OCIS_LOG_FILE;USERS_LOG_FILE + name: OC_LOG_FILE;USERS_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -15479,7 +15479,7 @@ USERS_LOG_FILE: removalVersion: "" deprecationInfo: "" USERS_LOG_LEVEL: - name: OCIS_LOG_LEVEL;USERS_LOG_LEVEL + name: OC_LOG_LEVEL;USERS_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -15489,7 +15489,7 @@ USERS_LOG_LEVEL: removalVersion: "" deprecationInfo: "" USERS_LOG_PRETTY: - name: OCIS_LOG_PRETTY;USERS_LOG_PRETTY + name: OC_LOG_PRETTY;USERS_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -15600,7 +15600,7 @@ USERS_SKIP_USER_GROUPS_IN_TOKEN: removalVersion: "" deprecationInfo: "" USERS_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;USERS_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;USERS_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -15610,7 +15610,7 @@ USERS_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" USERS_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;USERS_TRACING_ENABLED + name: OC_TRACING_ENABLED;USERS_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -15619,7 +15619,7 @@ USERS_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" USERS_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;USERS_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;USERS_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -15628,7 +15628,7 @@ USERS_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" USERS_TRACING_TYPE: - name: OCIS_TRACING_TYPE;USERS_TRACING_TYPE + name: OC_TRACING_TYPE;USERS_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -15642,7 +15642,7 @@ WEB_ASSET_APPS_PATH: defaultValue: /var/lib/ocis/web/assets/apps type: string description: Serve ownCloud Web apps assets from a path on the filesystem instead - of the builtin assets. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/web/assets/apps + of the builtin assets. If not defined, the root directory derives from $OC_BASE_DATA_PATH/web/assets/apps introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" @@ -15652,17 +15652,17 @@ WEB_ASSET_CORE_PATH: defaultValue: /var/lib/ocis/web/assets/core type: string description: Serve ownCloud Web assets from a path on the filesystem instead of - the builtin assets. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/web/assets/core + the builtin assets. If not defined, the root directory derives from $OC_BASE_DATA_PATH/web/assets/core introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_ASSET_THEMES_PATH: - name: OCIS_ASSET_THEMES_PATH;WEB_ASSET_THEMES_PATH + name: OC_ASSET_THEMES_PATH;WEB_ASSET_THEMES_PATH defaultValue: /var/lib/ocis/web/assets/themes type: string description: Serve ownCloud themes from a path on the filesystem instead of the - builtin assets. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/web/assets/themes + builtin assets. If not defined, the root directory derives from $OC_BASE_DATA_PATH/web/assets/themes introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" @@ -15677,7 +15677,7 @@ WEB_CACHE_TTL: removalVersion: "" deprecationInfo: "" WEB_CORS_ALLOW_CREDENTIALS: - name: OCIS_CORS_ALLOW_CREDENTIALS;WEB_CORS_ALLOW_CREDENTIALS + name: OC_CORS_ALLOW_CREDENTIALS;WEB_CORS_ALLOW_CREDENTIALS defaultValue: "false" type: bool description: 'Allow credentials for CORS. See following chapter for more details: @@ -15687,7 +15687,7 @@ WEB_CORS_ALLOW_CREDENTIALS: removalVersion: "" deprecationInfo: "" WEB_CORS_ALLOW_HEADERS: - name: OCIS_CORS_ALLOW_HEADERS;WEB_CORS_ALLOW_HEADERS + name: OC_CORS_ALLOW_HEADERS;WEB_CORS_ALLOW_HEADERS defaultValue: '[Origin Accept Content-Type Depth Authorization Ocs-Apirequest If-None-Match If-Match Destination Overwrite X-Request-Id X-Requested-With Tus-Resumable Tus-Checksum-Algorithm Upload-Concat Upload-Length Upload-Metadata Upload-Defer-Length Upload-Expires @@ -15701,7 +15701,7 @@ WEB_CORS_ALLOW_HEADERS: removalVersion: "" deprecationInfo: "" WEB_CORS_ALLOW_METHODS: - name: OCIS_CORS_ALLOW_METHODS;WEB_CORS_ALLOW_METHODS + name: OC_CORS_ALLOW_METHODS;WEB_CORS_ALLOW_METHODS defaultValue: '[OPTIONS HEAD GET PUT PATCH POST DELETE MKCOL PROPFIND PROPPATCH MOVE COPY REPORT SEARCH]' type: '[]string' @@ -15713,7 +15713,7 @@ WEB_CORS_ALLOW_METHODS: removalVersion: "" deprecationInfo: "" WEB_CORS_ALLOW_ORIGINS: - name: OCIS_CORS_ALLOW_ORIGINS;WEB_CORS_ALLOW_ORIGINS + name: OC_CORS_ALLOW_ORIGINS;WEB_CORS_ALLOW_ORIGINS defaultValue: '[https://localhost:9200]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: @@ -15789,7 +15789,7 @@ WEB_HTTP_ROOT: removalVersion: "" deprecationInfo: "" WEB_JWT_SECRET: - name: OCIS_JWT_SECRET;WEB_JWT_SECRET + name: OC_JWT_SECRET;WEB_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. @@ -15798,7 +15798,7 @@ WEB_JWT_SECRET: removalVersion: "" deprecationInfo: "" WEB_LOG_COLOR: - name: OCIS_LOG_COLOR;WEB_LOG_COLOR + name: OC_LOG_COLOR;WEB_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -15807,7 +15807,7 @@ WEB_LOG_COLOR: removalVersion: "" deprecationInfo: "" WEB_LOG_FILE: - name: OCIS_LOG_FILE;WEB_LOG_FILE + name: OC_LOG_FILE;WEB_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -15816,7 +15816,7 @@ WEB_LOG_FILE: removalVersion: "" deprecationInfo: "" WEB_LOG_LEVEL: - name: OCIS_LOG_LEVEL;WEB_LOG_LEVEL + name: OC_LOG_LEVEL;WEB_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -15826,7 +15826,7 @@ WEB_LOG_LEVEL: removalVersion: "" deprecationInfo: "" WEB_LOG_PRETTY: - name: OCIS_LOG_PRETTY;WEB_LOG_PRETTY + name: OC_LOG_PRETTY;WEB_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -15835,7 +15835,7 @@ WEB_LOG_PRETTY: removalVersion: "" deprecationInfo: "" WEB_OIDC_AUTHORITY: - name: OCIS_URL;OCIS_OIDC_ISSUER;WEB_OIDC_AUTHORITY + name: OC_URL;OC_OIDC_ISSUER;WEB_OIDC_AUTHORITY defaultValue: https://localhost:9200 type: string description: URL of the OIDC issuer. It defaults to URL of the builtin IDP. @@ -15844,7 +15844,7 @@ WEB_OIDC_AUTHORITY: removalVersion: "" deprecationInfo: "" WEB_OIDC_CLIENT_ID: - name: OCIS_OIDC_CLIENT_ID;WEB_OIDC_CLIENT_ID + name: OC_OIDC_CLIENT_ID;WEB_OIDC_CLIENT_ID defaultValue: web type: string description: The OIDC client ID which ownCloud Web uses. This client needs to be @@ -16096,7 +16096,7 @@ WEB_OPTION_USER_LIST_REQUIRES_FILTER: removalVersion: "" deprecationInfo: "" WEB_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;WEB_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;WEB_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -16106,7 +16106,7 @@ WEB_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" WEB_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;WEB_TRACING_ENABLED + name: OC_TRACING_ENABLED;WEB_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -16115,7 +16115,7 @@ WEB_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" WEB_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;WEB_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;WEB_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -16124,7 +16124,7 @@ WEB_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" WEB_TRACING_TYPE: - name: OCIS_TRACING_TYPE;WEB_TRACING_TYPE + name: OC_TRACING_TYPE;WEB_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -16145,7 +16145,7 @@ WEB_UI_CONFIG_FILE: removalVersion: "" deprecationInfo: "" WEB_UI_CONFIG_SERVER: - name: OCIS_URL;WEB_UI_CONFIG_SERVER + name: OC_URL;WEB_UI_CONFIG_SERVER defaultValue: https://localhost:9200 type: string description: URL, where the oCIS APIs are reachable for ownCloud Web. @@ -16164,7 +16164,7 @@ WEB_UI_THEME_PATH: removalVersion: "" deprecationInfo: "" WEB_UI_THEME_SERVER: - name: OCIS_URL;WEB_UI_THEME_SERVER + name: OC_URL;WEB_UI_THEME_SERVER defaultValue: https://localhost:9200 type: string description: Base URL to load themes from. Will be prepended to the theme path. @@ -16173,7 +16173,7 @@ WEB_UI_THEME_SERVER: removalVersion: "" deprecationInfo: "" WEBDAV_CORS_ALLOW_CREDENTIALS: - name: OCIS_CORS_ALLOW_CREDENTIALS;WEBDAV_CORS_ALLOW_CREDENTIALS + name: OC_CORS_ALLOW_CREDENTIALS;WEBDAV_CORS_ALLOW_CREDENTIALS defaultValue: "true" type: bool description: 'Allow credentials for CORS.See following chapter for more details: @@ -16183,7 +16183,7 @@ WEBDAV_CORS_ALLOW_CREDENTIALS: removalVersion: "" deprecationInfo: "" WEBDAV_CORS_ALLOW_HEADERS: - name: OCIS_CORS_ALLOW_HEADERS;WEBDAV_CORS_ALLOW_HEADERS + name: OC_CORS_ALLOW_HEADERS;WEBDAV_CORS_ALLOW_HEADERS defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id Cache-Control]' type: '[]string' @@ -16195,7 +16195,7 @@ WEBDAV_CORS_ALLOW_HEADERS: removalVersion: "" deprecationInfo: "" WEBDAV_CORS_ALLOW_METHODS: - name: OCIS_CORS_ALLOW_METHODS;WEBDAV_CORS_ALLOW_METHODS + name: OC_CORS_ALLOW_METHODS;WEBDAV_CORS_ALLOW_METHODS defaultValue: '[GET POST PUT PATCH DELETE OPTIONS]' type: '[]string' description: 'A list of allowed CORS methods. See following chapter for more details: @@ -16206,7 +16206,7 @@ WEBDAV_CORS_ALLOW_METHODS: removalVersion: "" deprecationInfo: "" WEBDAV_CORS_ALLOW_ORIGINS: - name: OCIS_CORS_ALLOW_ORIGINS;WEBDAV_CORS_ALLOW_ORIGINS + name: OC_CORS_ALLOW_ORIGINS;WEBDAV_CORS_ALLOW_ORIGINS defaultValue: '[*]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: @@ -16255,7 +16255,7 @@ WEBDAV_DEBUG_ZPAGES: removalVersion: "" deprecationInfo: "" WEBDAV_DISABLE_PREVIEWS: - name: OCIS_DISABLE_PREVIEWS;WEBDAV_DISABLE_PREVIEWS + name: OC_DISABLE_PREVIEWS;WEBDAV_DISABLE_PREVIEWS defaultValue: "false" type: bool description: Set this option to 'true' to disable rendering of thumbnails triggered @@ -16284,7 +16284,7 @@ WEBDAV_HTTP_ROOT: removalVersion: "" deprecationInfo: "" WEBDAV_LOG_COLOR: - name: OCIS_LOG_COLOR;WEBDAV_LOG_COLOR + name: OC_LOG_COLOR;WEBDAV_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -16293,7 +16293,7 @@ WEBDAV_LOG_COLOR: removalVersion: "" deprecationInfo: "" WEBDAV_LOG_FILE: - name: OCIS_LOG_FILE;WEBDAV_LOG_FILE + name: OC_LOG_FILE;WEBDAV_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -16302,7 +16302,7 @@ WEBDAV_LOG_FILE: removalVersion: "" deprecationInfo: "" WEBDAV_LOG_LEVEL: - name: OCIS_LOG_LEVEL;WEBDAV_LOG_LEVEL + name: OC_LOG_LEVEL;WEBDAV_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -16312,7 +16312,7 @@ WEBDAV_LOG_LEVEL: removalVersion: "" deprecationInfo: "" WEBDAV_LOG_PRETTY: - name: OCIS_LOG_PRETTY;WEBDAV_LOG_PRETTY + name: OC_LOG_PRETTY;WEBDAV_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -16321,7 +16321,7 @@ WEBDAV_LOG_PRETTY: removalVersion: "" deprecationInfo: "" WEBDAV_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;WEBDAV_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;WEBDAV_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -16331,7 +16331,7 @@ WEBDAV_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" WEBDAV_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;WEBDAV_TRACING_ENABLED + name: OC_TRACING_ENABLED;WEBDAV_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -16340,7 +16340,7 @@ WEBDAV_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" WEBDAV_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;WEBDAV_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;WEBDAV_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -16349,7 +16349,7 @@ WEBDAV_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" WEBDAV_TRACING_TYPE: - name: OCIS_TRACING_TYPE;WEBDAV_TRACING_TYPE + name: OC_TRACING_TYPE;WEBDAV_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -16368,7 +16368,7 @@ WEBDAV_WEBDAV_NAMESPACE: removalVersion: "" deprecationInfo: "" WEBFINGER_CORS_ALLOW_CREDENTIALS: - name: OCIS_CORS_ALLOW_CREDENTIALS;WEBFINGER_CORS_ALLOW_CREDENTIALS + name: OC_CORS_ALLOW_CREDENTIALS;WEBFINGER_CORS_ALLOW_CREDENTIALS defaultValue: "false" type: bool description: 'Allow credentials for CORS.See following chapter for more details: @@ -16378,7 +16378,7 @@ WEBFINGER_CORS_ALLOW_CREDENTIALS: removalVersion: "" deprecationInfo: "" WEBFINGER_CORS_ALLOW_HEADERS: - name: OCIS_CORS_ALLOW_HEADERS;WEBFINGER_CORS_ALLOW_HEADERS + name: OC_CORS_ALLOW_HEADERS;WEBFINGER_CORS_ALLOW_HEADERS defaultValue: '[]' type: '[]string' description: 'A list of allowed CORS headers. See following chapter for more details: @@ -16389,7 +16389,7 @@ WEBFINGER_CORS_ALLOW_HEADERS: removalVersion: "" deprecationInfo: "" WEBFINGER_CORS_ALLOW_METHODS: - name: OCIS_CORS_ALLOW_METHODS;WEBFINGER_CORS_ALLOW_METHODS + name: OC_CORS_ALLOW_METHODS;WEBFINGER_CORS_ALLOW_METHODS defaultValue: '[]' type: '[]string' description: 'A list of allowed CORS methods. See following chapter for more details: @@ -16400,7 +16400,7 @@ WEBFINGER_CORS_ALLOW_METHODS: removalVersion: "" deprecationInfo: "" WEBFINGER_CORS_ALLOW_ORIGINS: - name: OCIS_CORS_ALLOW_ORIGINS;WEBFINGER_CORS_ALLOW_ORIGINS + name: OC_CORS_ALLOW_ORIGINS;WEBFINGER_CORS_ALLOW_ORIGINS defaultValue: '[https://localhost:9200]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: @@ -16467,7 +16467,7 @@ WEBFINGER_HTTP_ROOT: removalVersion: "" deprecationInfo: "" WEBFINGER_INSECURE: - name: OCIS_INSECURE;WEBFINGER_INSECURE + name: OC_INSECURE;WEBFINGER_INSECURE defaultValue: "false" type: bool description: Allow insecure connections to the WEBFINGER service. @@ -16476,7 +16476,7 @@ WEBFINGER_INSECURE: removalVersion: "" deprecationInfo: "" WEBFINGER_LOG_COLOR: - name: OCIS_LOG_COLOR;WEBFINGER_LOG_COLOR + name: OC_LOG_COLOR;WEBFINGER_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -16485,7 +16485,7 @@ WEBFINGER_LOG_COLOR: removalVersion: "" deprecationInfo: "" WEBFINGER_LOG_FILE: - name: OCIS_LOG_FILE;WEBFINGER_LOG_FILE + name: OC_LOG_FILE;WEBFINGER_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -16494,7 +16494,7 @@ WEBFINGER_LOG_FILE: removalVersion: "" deprecationInfo: "" WEBFINGER_LOG_LEVEL: - name: OCIS_LOG_LEVEL;WEBFINGER_LOG_LEVEL + name: OC_LOG_LEVEL;WEBFINGER_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -16504,7 +16504,7 @@ WEBFINGER_LOG_LEVEL: removalVersion: "" deprecationInfo: "" WEBFINGER_LOG_PRETTY: - name: OCIS_LOG_PRETTY;WEBFINGER_LOG_PRETTY + name: OC_LOG_PRETTY;WEBFINGER_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -16513,7 +16513,7 @@ WEBFINGER_LOG_PRETTY: removalVersion: "" deprecationInfo: "" WEBFINGER_OIDC_ISSUER: - name: OCIS_URL;OCIS_OIDC_ISSUER;WEBFINGER_OIDC_ISSUER + name: OC_URL;OC_OIDC_ISSUER;WEBFINGER_OIDC_ISSUER defaultValue: https://localhost:9200 type: string description: The identity provider href for the openid-discovery relation. @@ -16522,11 +16522,11 @@ WEBFINGER_OIDC_ISSUER: removalVersion: "" deprecationInfo: "" WEBFINGER_OWNCLOUD_SERVER_INSTANCE_URL: - name: OCIS_URL;WEBFINGER_OWNCLOUD_SERVER_INSTANCE_URL + name: OC_URL;WEBFINGER_OWNCLOUD_SERVER_INSTANCE_URL defaultValue: https://localhost:9200 type: string description: The URL for the legacy ownCloud server instance relation (not to be - confused with the product ownCloud Server). It defaults to the OCIS_URL but can + confused with the product ownCloud Server). It defaults to the OC_URL but can be overridden to support some reverse proxy corner cases. To shard the deployment, multiple instances can be configured in the configuration file. introductionVersion: pre5.0 @@ -16544,7 +16544,7 @@ WEBFINGER_RELATIONS: removalVersion: "" deprecationInfo: "" WEBFINGER_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;WEBFINGER_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;WEBFINGER_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -16554,7 +16554,7 @@ WEBFINGER_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" WEBFINGER_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;WEBFINGER_TRACING_ENABLED + name: OC_TRACING_ENABLED;WEBFINGER_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -16563,7 +16563,7 @@ WEBFINGER_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" WEBFINGER_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;WEBFINGER_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;WEBFINGER_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -16572,7 +16572,7 @@ WEBFINGER_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" WEBFINGER_TRACING_TYPE: - name: OCIS_TRACING_TYPE;WEBFINGER_TRACING_TYPE + name: OC_TRACING_TYPE;WEBFINGER_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. diff --git a/docs/helpers/extended_vars.yaml b/docs/helpers/extended_vars.yaml index 4a496a60c..36639e8a5 100644 --- a/docs/helpers/extended_vars.yaml +++ b/docs/helpers/extended_vars.yaml @@ -124,10 +124,10 @@ variables: default_value: "" description: "" do_ignore: true -- rawname: OCIS_BASE_DATA_PATH +- rawname: OC_BASE_DATA_PATH path: ocis-pkg/config/defaults/paths.go:23 foundincode: true - name: OCIS_BASE_DATA_PATH + name: OC_BASE_DATA_PATH type: string default_value: "" description: The base directory location used by several services and for user data. @@ -135,10 +135,10 @@ variables: Services can have, if available, an individual setting with an own environment variable. do_ignore: false -- rawname: OCIS_CONFIG_DIR +- rawname: OC_CONFIG_DIR path: ocis-pkg/config/defaults/paths.go:56 foundincode: true - name: OCIS_CONFIG_DIR + name: OC_CONFIG_DIR type: string default_value: "" description: The default directory location for config files. See the General Info diff --git a/docs/ocis/adr/0008-configuration.md b/docs/ocis/adr/0008-configuration.md index c3dbdb17c..7a9eb9173 100644 --- a/docs/ocis/adr/0008-configuration.md +++ b/docs/ocis/adr/0008-configuration.md @@ -169,24 +169,24 @@ This is a desired use case that is yet not supported due to lacking of flags for - Variadic runtime extensions to run (development mostly) - Arg forwarding to command (when running in supervised mode, forward any --config-file flag to supervised subcommands) -- Ability to set `OCIS_URL` from a config file (this would require to extend the ocis-pkg/config/config.go file). +- Ability to set `OC_URL` from a config file (this would require to extend the ocis-pkg/config/config.go file). -#### The case for `OCIS_URL` +#### The case for `OC_URL` -`OCIS_URL` is a jack-of-all trades configuration. It is meant to ease up providing defaults and ensuring dependant services are well configured. It is an override to the following env vars: +`OC_URL` is a jack-of-all trades configuration. It is meant to ease up providing defaults and ensuring dependant services are well configured. It is an override to the following env vars: ``` -OCIS_IDM_ADDRESS +OC_IDM_ADDRESS PROXY_OIDC_ISSUER STORAGE_OIDC_ISSUER STORAGE_FRONTEND_PUBLIC_URL STORAGE_LDAP_IDP WEB_UI_CONFIG_SERVER WEB_OIDC_AUTHORITY -OCIS_PUBLIC_URL +OC_PUBLIC_URL ``` -Because this functionality is only available as an env var, there is no current way to "normalize" its usage with a config file. That is, there is no way to individually set `OCIS_URL` via config file. This is clear technical debt, and should be added functionality. +Because this functionality is only available as an env var, there is no current way to "normalize" its usage with a config file. That is, there is no way to individually set `OC_URL` via config file. This is clear technical debt, and should be added functionality. #### State of the Art - [Kubernetes proposal on this very same topic](https://docs.google.com/document/d/1Dvct469xfjkgy3tjWMAKvRAJo4CmGH4cgSVGTDpay6A) diff --git a/docs/ocis/backup.md b/docs/ocis/backup.md index 07965a82c..64aaf89c7 100644 --- a/docs/ocis/backup.md +++ b/docs/ocis/backup.md @@ -13,9 +13,9 @@ Note, as a prerequisite backing up Infinite Scale, the instance has to be fully ## Ocis Data Structure -Ocis stores its data in a folder that can be configured via the environment variable `OCIS_BASE_DATA_PATH`. Without further configuration, services derive from that path when they store data, though individual settings for certain data types can be configured. +Ocis stores its data in a folder that can be configured via the environment variable `OC_BASE_DATA_PATH`. Without further configuration, services derive from that path when they store data, though individual settings for certain data types can be configured. -The default value for the `OCIS_BASE_DATA_PATH` variable is `$HOME/.ocis` (or `/var/lib/ocis` when using the docker container. Note: Configuration data is by default stored in `/etc/ocis/` in the container.). +The default value for the `OC_BASE_DATA_PATH` variable is `$HOME/.ocis` (or `/var/lib/ocis` when using the docker container. Note: Configuration data is by default stored in `/etc/ocis/` in the container.). Inside this folder, Infinite Scale will store all its data in separate subdirectories. That includes metadata, configurations, queues and stores etc. The actual bytes of files (blobs) are handled by a so called blobstore, which also stores here by default. Depending on the used blobstore, the blobs need to be backed up separately, for example if S3 is used. Note: See special case for the `config` folder in a docker container. @@ -42,7 +42,7 @@ The following sections describe the content and background of the subdirectories ### `config` -Contains basic Infinite Scale configuration created by `ocis init`(Note: The location of the configuration folder can be specified with the `OCIS_CONFIG_DIR` environment variable, but for this document we will assume this variable is not set and the default is used.) +Contains basic Infinite Scale configuration created by `ocis init`(Note: The location of the configuration folder can be specified with the `OC_CONFIG_DIR` environment variable, but for this document we will assume this variable is not set and the default is used.) ```bash ~/.ocis/config/:tree @@ -57,9 +57,9 @@ BACKUP RECOMMENDED. Holds Infinite Scale configuration data. The contents can va | Field Name | Envvar Name | Description | If not backed up | | --- | --- | --- | --- | -| `idp.ldap.bind_password` | `OCIS_LDAP_BIND_PASSWORD` | Password for the idp | no logins possible | +| `idp.ldap.bind_password` | `OC_LDAP_BIND_PASSWORD` | Password for the idp | no logins possible | | `idm.service_user_passwords.idp_password`| `IDM_IDPSVC_PASSWORD` | Same as above | no logins possible | -| `system_user_id` | `OCIS_SYSTEM_USER_ID` | The id of storage-system user | no logins possible | +| `system_user_id` | `OC_SYSTEM_USER_ID` | The id of storage-system user | no logins possible | | `idm.service_user_passwords.reva_password`| `IDM_REVASVC_PASSWORD` | The reva password | no logins possible | | `auth_basic.auth_providers.ldap.bind_password` | `AUTH_BASIC_LDAP_BIND_PASSWORD` | Same as above | no logins possible | | `users.drivers.ldap.bind_password` | `USERS_LDAP_BIND_PASSWORD` | Same as above | no logins possible | @@ -179,7 +179,7 @@ Contains Infinite Scale meta (and blob) data, depending on the blobstore. See th ``` * `metadata`:\ -BACKUP REQUIRED. Contains system data. Path can be specified via `STORAGE_SYSTEM_OCIS_ROOT`. Not backing it up will remove shares from the system and will also remove custom settings. +BACKUP REQUIRED. Contains system data. Path can be specified via `STORAGE_SYSTEM_OC_ROOT`. Not backing it up will remove shares from the system and will also remove custom settings. * `ocm`:\ BACKUP REQUIRED/OMITABLE. Contains ocm share data. When not using ocm sharing, this folder does not need to be backed up. * `users`:\ diff --git a/docs/ocis/config.md b/docs/ocis/config.md index 9d8916667..05ad081bb 100644 --- a/docs/ocis/config.md +++ b/docs/ocis/config.md @@ -46,7 +46,7 @@ Let's explore with examples this approach. followed by the `.yaml`, e.g. `proxy.yaml` for the extension configuration. You also can put an `ocis.yaml` config file to the expected loading location to use a single config file. -You can set another directory as config path in the environment variable `OCIS_CONFIG_DIR`. It will then pick the same file names, but from the folder you configured. +You can set another directory as config path in the environment variable `OC_CONFIG_DIR`. It will then pick the same file names, but from the folder you configured. #### Only config files diff --git a/docs/ocis/deployment/basic-remote-setup.md b/docs/ocis/deployment/basic-remote-setup.md index e9927600e..310c7619b 100644 --- a/docs/ocis/deployment/basic-remote-setup.md +++ b/docs/ocis/deployment/basic-remote-setup.md @@ -23,12 +23,12 @@ For the following examples you need to have the oCIS binary in your current work ### Using automatically generated certificates -In order to run oCIS with automatically generated and self-signed certificates please execute following command. You need to replace `your-host` with an IP or hostname. Since you have only self-signed certificates you need to have `OCIS_INSECURE` set to `true`. +In order to run oCIS with automatically generated and self-signed certificates please execute following command. You need to replace `your-host` with an IP or hostname. Since you have only self-signed certificates you need to have `OC_INSECURE` set to `true`. ```bash -OCIS_INSECURE=true \ +OC_INSECURE=true \ PROXY_HTTP_ADDR=0.0.0.0:9200 \ -OCIS_URL=https://your-host:9200 \ +OC_URL=https://your-host:9200 \ ./ocis server ``` @@ -37,15 +37,15 @@ OCIS_URL=https://your-host:9200 \ If you have your own certificates already in place, you may want to make oCIS use them: ```bash -OCIS_INSECURE=false \ +OC_INSECURE=false \ PROXY_HTTP_ADDR=0.0.0.0:9200 \ -OCIS_URL=https://your-host:9200 \ +OC_URL=https://your-host:9200 \ PROXY_TRANSPORT_TLS_KEY=./certs/your-host.key \ PROXY_TRANSPORT_TLS_CERT=./certs/your-host.crt \ ./ocis server ``` -If you generated these certificates on your own, you might need to set `OCIS_INSECURE` to `true`. +If you generated these certificates on your own, you might need to set `OC_INSECURE` to `true`. For more configuration options check the configuration section in [oCIS]({{< ref "../config" >}}) and the oCIS services. diff --git a/docs/ocis/deployment/bridge.md b/docs/ocis/deployment/bridge.md index 1188d9454..9835a936a 100644 --- a/docs/ocis/deployment/bridge.md +++ b/docs/ocis/deployment/bridge.md @@ -93,7 +93,7 @@ basedn = "dc=ocis,dc=test" # base dn to construct {{< hint >}} There is a bug in the config merging for environment variables, cli flags and config files causing log settings not to be picked up from the config file when specifying `--extensions`. That is why I will * configure most of the config in a file, -* adjust logging using `OCIS_LOG_*` environment variables and +* adjust logging using `OC_LOG_*` environment variables and * specify which extension to run using `ocis/bin/ocis server --extensions "comma, separated, list, of, extensions"`. {{< /hint >}} @@ -101,7 +101,7 @@ There is a bug in the config merging for environment variables, cli flags and co For now, we only start the glauth extension: ```console -$ OCIS_LOG_PRETTY=true OCIS_LOG_COLOR=true ocis/bin/ocis server --extensions "glauth" +$ OC_LOG_PRETTY=true OC_LOG_COLOR=true ocis/bin/ocis server --extensions "glauth" ``` #### Check it is up and running @@ -138,7 +138,7 @@ userschema = { uid = "uid", displayname = "givenname" } # TODO make glauth retur Now we can start all necessary services. ```console -$ OCIS_LOG_PRETTY=true OCIS_LOG_COLOR=true ocis/bin/ocis server --extensions "glauth, storage-gateway, storage-authbasic, storage-userprovider" +$ OC_LOG_PRETTY=true OC_LOG_COLOR=true ocis/bin/ocis server --extensions "glauth, storage-gateway, storage-authbasic, storage-userprovider" ``` @@ -148,7 +148,7 @@ Here I ran out of time. I tried to verify this step with the reva cli: `login basic` but it tries to create the user home, which cannot be disabled in a config file: https://github.com/owncloud/ocis/issues/2416#issuecomment-901197053 -starting `STORAGE_GATEWAY_DISABLE_HOME_CREATION_ON_LOGIN=true OCIS_LOG_LEVEL=debug OCIS_LOG_PRETTY=true OCIS_LOG_COLOR=true ocis/bin/ocis server --extensions "storage-gateway, storage-authbasic, storage-userprovider"` let me login: +starting `STORAGE_GATEWAY_DISABLE_HOME_CREATION_ON_LOGIN=true OC_LOG_LEVEL=debug OC_LOG_PRETTY=true OC_LOG_COLOR=true ocis/bin/ocis server --extensions "storage-gateway, storage-authbasic, storage-userprovider"` let me login: ```console ✗ cmd/reva/reva -insecure -host localhost:9142 @@ -193,7 +193,7 @@ ERROR: The built-in [libregraph/lico](https://github.com/libregraph/lico) needs environment variables to configure the LDAP server: ```console -export OCIS_URL=https://ocis.ocis.test +export OC_URL=https://ocis.ocis.test export IDP_LDAP_URI=ldap://127.0.0.1:9125 export IDP_LDAP_BASE_DN="dc=ocis,dc=test" export IDP_LDAP_BIND_DN="cn=admin,dc=ocis,dc=test" diff --git a/docs/ocis/deployment/oc10_ocis_parallel.md b/docs/ocis/deployment/oc10_ocis_parallel.md index 7067cf389..af5e3f2fc 100644 --- a/docs/ocis/deployment/oc10_ocis_parallel.md +++ b/docs/ocis/deployment/oc10_ocis_parallel.md @@ -75,13 +75,13 @@ See also [example server setup]({{< ref "preparing_server" >}}) ### oCIS settings ### # oCIS version. Defaults to "latest" - OCIS_DOCKER_TAG= + OC_DOCKER_TAG= # JWT secret which is used for the storage provider. Must be changed in order to have a secure oCIS. Defaults to "Pive-Fumkiu4" - OCIS_JWT_SECRET= + OC_JWT_SECRET= # JWT secret which is used for uploads to create transfer tokens. Must be changed in order to have a secure oCIS. Defaults to "replace-me-with-a-transfer-secret" STORAGE_TRANSFER_SECRET= # Machine auth api key secret. Must be changed in order to have a secure oCIS. Defaults to "change-me-please" - OCIS_MACHINE_AUTH_API_KEY= + OC_MACHINE_AUTH_API_KEY= ### oCIS settings ### # oC10 version. Defaults to "latest" @@ -118,7 +118,7 @@ See also [example server setup]({{< ref "preparing_server" >}}) Traefik will issue certificates with LetsEncrypt and therefore you must set an email address in `TRAEFIK_ACME_MAIL=`. - By default oCIS will be started in the `latest` version. If you want to start a specific version of oCIS set the version to `OCIS_DOCKER_TAG=`. Available versions can be found on [Docker Hub](https://hub.docker.com/r/owncloud/ocis/tags?page=1&ordering=last_updated). + By default oCIS will be started in the `latest` version. If you want to start a specific version of oCIS set the version to `OC_DOCKER_TAG=`. Available versions can be found on [Docker Hub](https://hub.docker.com/r/owncloud/ocis/tags?page=1&ordering=last_updated). Set your domain for the oC10 and oCIS frontend in `CLOUD_DOMAIN=`, e.g. `CLOUD_DOMAIN=cloud.owncloud.test`. diff --git a/docs/ocis/deployment/ocis_and_wopi_drawio.svg b/docs/ocis/deployment/ocis_and_wopi_drawio.svg index 2ceaeddfd..1e1ac8008 100644 --- a/docs/ocis/deployment/ocis_and_wopi_drawio.svg +++ b/docs/ocis/deployment/ocis_and_wopi_drawio.svg @@ -1,4 +1,4 @@ -
cs3api
cs3api
app registry
app registry
/app/list
/app/open
/app/list...
cs3api
/listapps
/openapp
cs3api...
frontend
frontend
cs3api
/registerapp
cs3api...
GET /hosting/discovery 
GET /hosting/discovery 
/iop/open...
/iop/open...
app provider
(per web office)
app provider...
graph
webdav
ocs
graph...
/space1/foo.docx
/space1/foo.docx
User
User
/space2/bar.docx
/space2/bar.docx
fileid c
fileid c
Web Office
Web Office
Web Office
Web Office
Web Office
Web Office
cs3org/wopiserver
cs3org/wopiserver
cs3org/wopiserver
cs3org/wopiserver
wopi
wopi
fileid a
fileid a
fileid b
fileid b
User
User
Collabora:
for collaborative edit sessions
a sticky route by fileid
(from wopiSrc) is needed

OnlyOffice:
automatic handling
Collabora:...
inter services communication
inter services communication
all outside communication via the proxy service (api gateway)
all outside communication via the proxy service (api gat...
1
1
2
2
8
8
9
9
6
6
4
4
3
3
7
7
19
19
20
20
13
13
11
11
10
10
12
12
17
17
15
15
18
18
14
14
16
16
21
21
5
5
office application
office application
https://office-application.owncloud.test
https://office-application.owncloud....
https://ocis.owncloud.test
https://ocis.owncloud.test
wopi server
wopi server
ocis
ocis
reverse proxy
reverse proxy
User
User
wopi -> general.wopiurl
address an office application can reach the wopi server
wopi -> general.wopiurl...
reverse proxy
reverse proxy
https://wopiserver.owncloud.test
https://wopiserver.owncloud.test
APP_PROVIDER_DRIVER: wopi
  # for display purposes only
  APP_PROVIDER_WOPI_APP_NAME: Office-Application
  # address of the office application server
  APP_PROVIDER_WOPI_APP_URL: https://office-application.owncloud.test
  # where can the app provider reach the wopiserver
  APP_PROVIDER_WOPI_WOPI_SERVER_EXTERNAL_URL: https://wopiserver.owncloud.test
  #  the base URL to access ocis (global OCIS_URL, or overwritten by the below)
  APP_PROVIDER_WOPI_FOLDER_URL_BASE_URL: https://ocis.owncloud.test
APP_PROVIDER_DRIVER: wopi...
wopi -> ocis_wopi/config/wopiserver/wopiserver.conf.dist
wopi -> ocis_wopi/config/wopiserver/wopiserver.conf.dist
a. Open oC web
b. List space
c. Select file
d. Open selected file via office app
e. oC Web opens office url with token in an iframe
a. Open oC web...
a. load:    /app/list => display available office apps
a+b+c                   => obtain file id
e. call:     /app/open
    return: office url to open:
a. load:    /app/list => display available of...
https://office-application.owncloud.test/xyz?
wopiSrc=https://wopiserver.owncloud.test/wopi/xxx/file-id-123

Token management is for security reasons not part of the URL
https://office-application.owncloud.test/xyz?wopiSrc=https:...
reverse proxy
reverse proxy
wopi -> cs3.revagateway
(cs3 api gateway)
wopi -> cs3.revagateway...Text is not SVG - cannot display \ No newline at end of file +
cs3api
cs3api
app registry
app registry
/app/list
/app/open
/app/list...
cs3api
/listapps
/openapp
cs3api...
frontend
frontend
cs3api
/registerapp
cs3api...
GET /hosting/discovery 
GET /hosting/discovery 
/iop/open...
/iop/open...
app provider
(per web office)
app provider...
graph
webdav
ocs
graph...
/space1/foo.docx
/space1/foo.docx
User
User
/space2/bar.docx
/space2/bar.docx
fileid c
fileid c
Web Office
Web Office
Web Office
Web Office
Web Office
Web Office
cs3org/wopiserver
cs3org/wopiserver
cs3org/wopiserver
cs3org/wopiserver
wopi
wopi
fileid a
fileid a
fileid b
fileid b
User
User
Collabora:
for collaborative edit sessions
a sticky route by fileid
(from wopiSrc) is needed

OnlyOffice:
automatic handling
Collabora:...
inter services communication
inter services communication
all outside communication via the proxy service (api gateway)
all outside communication via the proxy service (api gat...
1
1
2
2
8
8
9
9
6
6
4
4
3
3
7
7
19
19
20
20
13
13
11
11
10
10
12
12
17
17
15
15
18
18
14
14
16
16
21
21
5
5
office application
office application
https://office-application.owncloud.test
https://office-application.owncloud....
https://ocis.owncloud.test
https://ocis.owncloud.test
wopi server
wopi server
ocis
ocis
reverse proxy
reverse proxy
User
User
wopi -> general.wopiurl
address an office application can reach the wopi server
wopi -> general.wopiurl...
reverse proxy
reverse proxy
https://wopiserver.owncloud.test
https://wopiserver.owncloud.test
APP_PROVIDER_DRIVER: wopi
  # for display purposes only
  APP_PROVIDER_WOPI_APP_NAME: Office-Application
  # address of the office application server
  APP_PROVIDER_WOPI_APP_URL: https://office-application.owncloud.test
  # where can the app provider reach the wopiserver
  APP_PROVIDER_WOPI_WOPI_SERVER_EXTERNAL_URL: https://wopiserver.owncloud.test
  #  the base URL to access ocis (global OC_URL, or overwritten by the below)
  APP_PROVIDER_WOPI_FOLDER_URL_BASE_URL: https://ocis.owncloud.test
APP_PROVIDER_DRIVER: wopi...
wopi -> ocis_wopi/config/wopiserver/wopiserver.conf.dist
wopi -> ocis_wopi/config/wopiserver/wopiserver.conf.dist
a. Open oC web
b. List space
c. Select file
d. Open selected file via office app
e. oC Web opens office url with token in an iframe
a. Open oC web...
a. load:    /app/list => display available office apps
a+b+c                   => obtain file id
e. call:     /app/open
    return: office url to open:
a. load:    /app/list => display available of...
https://office-application.owncloud.test/xyz?
wopiSrc=https://wopiserver.owncloud.test/wopi/xxx/file-id-123

Token management is for security reasons not part of the URL
https://office-application.owncloud.test/xyz?wopiSrc=https:...
reverse proxy
reverse proxy
wopi -> cs3.revagateway
(cs3 api gateway)
wopi -> cs3.revagateway...Text is not SVG - cannot display \ No newline at end of file diff --git a/docs/ocis/deployment/ocis_full.md b/docs/ocis/deployment/ocis_full.md index 5ad2ed528..15a5daa04 100644 --- a/docs/ocis/deployment/ocis_full.md +++ b/docs/ocis/deployment/ocis_full.md @@ -120,13 +120,13 @@ See also [example server setup]({{< ref "preparing_server" >}}) # For production releases: "owncloud/ocis" # For rolling releases: "owncloud/ocis-rolling" # Defaults to production if not set otherwise - OCIS_DOCKER_IMAGE=owncloud/ocis-rolling + OC_DOCKER_IMAGE=owncloud/ocis-rolling # The oCIS container version. # Defaults to "latest" and points to the latest stable tag. - OCIS_DOCKER_TAG= + OC_DOCKER_TAG= # Domain of oCIS, where you can find the frontend. # Defaults to "ocis.owncloud.test" - OCIS_DOMAIN= + OC_DOMAIN= # oCIS admin user password. Defaults to "admin". ADMIN_PASSWORD= # Demo users should not be created on a production instance, @@ -147,8 +147,8 @@ See also [example server setup]({{< ref "preparing_server" >}}) # Leaving it default stores data in docker internal volumes. # For more details see: # https://doc.owncloud.com/ocis/next/deployment/general/general-info.html#default-paths - # OCIS_CONFIG_DIR=/your/local/ocis/config - # OCIS_DATA_DIR=/your/local/ocis/data + # OC_CONFIG_DIR=/your/local/ocis/config + # OC_DATA_DIR=/your/local/ocis/data # S3 Storage configuration - optional # Infinite Scale supports S3 storage as primary storage. @@ -247,13 +247,13 @@ See also [example server setup]({{< ref "preparing_server" >}}) By default oCIS will be started in the `latest` rolling version. Please note that this deployment does currently not work with the 5.x productions releases. The oCIS "collaboration" service, which is required by this deployment, is not part of the 5.x releases. - If you want to use a specific version of oCIS, set the version to a dedicated tag like `OCIS_DOCKER_TAG=6.3.0`. The minimal required oCIS Version to run this deployment is 6.3.0. Available production versions can be found on [Docker Hub Production](https://hub.docker.com/r/owncloud/ocis/tags?page=1&ordering=last_updated) and available rolling releases can be found on [Docker Hub Rolling](https://hub.docker.com/r/owncloud/ocis-rolling/tags?page=1&ordering=last_updated) + If you want to use a specific version of oCIS, set the version to a dedicated tag like `OC_DOCKER_TAG=6.3.0`. The minimal required oCIS Version to run this deployment is 6.3.0. Available production versions can be found on [Docker Hub Production](https://hub.docker.com/r/owncloud/ocis/tags?page=1&ordering=last_updated) and available rolling releases can be found on [Docker Hub Rolling](https://hub.docker.com/r/owncloud/ocis-rolling/tags?page=1&ordering=last_updated) {{< hint type=info title="oCIS Releases" >}} You can read more about the different oCIS releases in the [oCIS Release Lifecycle](../release_roadmap.md). {{< /hint >}} - Set your domain for the oCIS frontend in `OCIS_DOMAIN=`, e.g. `OCIS_DOMAIN=ocis.owncloud.test`. + Set your domain for the oCIS frontend in `OC_DOMAIN=`, e.g. `OC_DOMAIN=ocis.owncloud.test`. Set the initial admin user password in `ADMIN_PASSWORD=`, it defaults to `admin`. diff --git a/docs/ocis/deployment/ocis_hello.md b/docs/ocis/deployment/ocis_hello.md index 84f0d8434..58797eae6 100644 --- a/docs/ocis/deployment/ocis_hello.md +++ b/docs/ocis/deployment/ocis_hello.md @@ -63,9 +63,9 @@ See also [example server setup]({{< ref "preparing_server" >}}) ### oCIS settings ### # oCIS version. Defaults to "latest" - OCIS_DOCKER_TAG= + OC_DOCKER_TAG= # Domain of oCIS, where you can find the frontend. Defaults to "ocis.owncloud.test" - OCIS_DOMAIN= + OC_DOMAIN= # oCIS admin user password. Defaults to "admin". ADMIN_PASSWORD= # The demo users should not be created on a production instance @@ -74,7 +74,7 @@ See also [example server setup]({{< ref "preparing_server" >}}) ### oCIS Hello settings ### # oCIS Hello version. Defaults to "latest" - OCIS_HELLO_DOCKER_TAG= + OC_HELLO_DOCKER_TAG= ``` You are installing oCIS on a server and Traefik will obtain valid certificates for you so please remove `INSECURE=true` or set it to `false`. @@ -85,13 +85,13 @@ See also [example server setup]({{< ref "preparing_server" >}}) Traefik will issue certificates with LetsEncrypt and therefore you must set an email address in `TRAEFIK_ACME_MAIL=`. - By default oCIS will be started in the `latest` version. If you want to start a specific version of oCIS set the version to `OCIS_DOCKER_TAG=`. Available versions can be found on [Docker Hub](https://hub.docker.com/r/owncloud/ocis/tags?page=1&ordering=last_updated). + By default oCIS will be started in the `latest` version. If you want to start a specific version of oCIS set the version to `OC_DOCKER_TAG=`. Available versions can be found on [Docker Hub](https://hub.docker.com/r/owncloud/ocis/tags?page=1&ordering=last_updated). - Set your domain for the oCIS frontend in `OCIS_DOMAIN=`, e.g. `OCIS_DOMAIN=ocis.owncloud.test`. + Set your domain for the oCIS frontend in `OC_DOMAIN=`, e.g. `OC_DOMAIN=ocis.owncloud.test`. Set the initial admin user password in `ADMIN_PASSWORD=`, it defaults to `admin`. - By default the oCIS Hello extension will be started in the `latest` version. If you want to start a specific version of oCIS Hello set the version to `OCIS_HELLO_DOCKER_TAG=`. Available versions can be found on [Docker Hub](https://hub.docker.com/r/owncloud/ocis-hello/tags?page=1&ordering=last_updated). + By default the oCIS Hello extension will be started in the `latest` version. If you want to start a specific version of oCIS Hello set the version to `OC_HELLO_DOCKER_TAG=`. Available versions can be found on [Docker Hub](https://hub.docker.com/r/owncloud/ocis-hello/tags?page=1&ordering=last_updated). Now you have configured everything and can save the file. diff --git a/docs/ocis/deployment/ocis_keycloak.md b/docs/ocis/deployment/ocis_keycloak.md index 8fcfc3d0c..10b0455fb 100644 --- a/docs/ocis/deployment/ocis_keycloak.md +++ b/docs/ocis/deployment/ocis_keycloak.md @@ -68,11 +68,11 @@ See also [example server setup]({{< ref "preparing_server" >}}) ### oCIS settings ### # oCIS version. Defaults to "latest" - OCIS_DOCKER_TAG= + OC_DOCKER_TAG= # Domain of oCIS, where you can find the frontend. Defaults to "ocis.owncloud.test" - OCIS_DOMAIN= + OC_DOMAIN= # ownCloud Web openid connect client id. Defaults to "ocis-web" - OCIS_OIDC_CLIENT_ID= + OC_OIDC_CLIENT_ID= ### Keycloak ### # Domain of Keycloak, where you can find the management and authentication frontend. Defaults to "keycloak.owncloud.test" @@ -94,11 +94,11 @@ See also [example server setup]({{< ref "preparing_server" >}}) Traefik will issue certificates with LetsEncrypt and therefore you must set an email address in `TRAEFIK_ACME_MAIL=`. - By default oCIS will be started in the `latest` version. If you want to start a specific version of oCIS set the version to `OCIS_DOCKER_TAG=`. Available versions can be found on [Docker Hub](https://hub.docker.com/r/owncloud/ocis/tags?page=1&ordering=last_updated). + By default oCIS will be started in the `latest` version. If you want to start a specific version of oCIS set the version to `OC_DOCKER_TAG=`. Available versions can be found on [Docker Hub](https://hub.docker.com/r/owncloud/ocis/tags?page=1&ordering=last_updated). - Set your domain for the oCIS frontend in `OCIS_DOMAIN=`, e.g. `OCIS_DOMAIN=ocis.owncloud.test`. + Set your domain for the oCIS frontend in `OC_DOMAIN=`, e.g. `OC_DOMAIN=ocis.owncloud.test`. - If you want to change the OIDC client id of th ownCloud Web frontend, you can do this by setting the name to `OCIS_OIDC_CLIENT_ID=`. + If you want to change the OIDC client id of th ownCloud Web frontend, you can do this by setting the name to `OC_OIDC_CLIENT_ID=`. Set your domain for the Keycloak administration panel and authentication endpoints to `KEYCLOAK_DOMAIN=` e.g. `KEYCLOAK_DOMAIN=keycloak.owncloud.test`. diff --git a/docs/ocis/deployment/ocis_ldap.md b/docs/ocis/deployment/ocis_ldap.md index 7134e514b..a0378f2e2 100644 --- a/docs/ocis/deployment/ocis_ldap.md +++ b/docs/ocis/deployment/ocis_ldap.md @@ -63,15 +63,15 @@ See also [example server setup]({{< ref "preparing_server" >}}) ### oCIS settings ### # oCIS version. Defaults to "latest" - OCIS_DOCKER_TAG= + OC_DOCKER_TAG= # Domain of oCIS, where you can find the frontend. Defaults to "ocis.owncloud.test" - OCIS_DOMAIN= + OC_DOMAIN= # JWT secret which is used for the storage provider. Must be changed in order to have a secure oCIS. Defaults to "Pive-Fumkiu4" - OCIS_JWT_SECRET= + OC_JWT_SECRET= # JWT secret which is used for uploads to create transfer tokens. Must be changed in order to have a secure oCIS. Defaults to "replace-me-with-a-transfer-secret" STORAGE_TRANSFER_SECRET= # Machine auth api key secret. Must be changed in order to have a secure oCIS. Defaults to "change-me-please" - OCIS_MACHINE_AUTH_API_KEY= + OC_MACHINE_AUTH_API_KEY= ### LDAP server settings ### # Password of LDAP user "cn=admin,dc=owncloud,dc=com". Defaults to "admin" @@ -90,15 +90,15 @@ See also [example server setup]({{< ref "preparing_server" >}}) Traefik will issue certificates with LetsEncrypt and therefore you must set an email address in `TRAEFIK_ACME_MAIL=`. - By default oCIS will be started in the `latest` version. If you want to start a specific version of oCIS set the version to `OCIS_DOCKER_TAG=`. Available versions can be found on [Docker Hub](https://hub.docker.com/r/owncloud/ocis/tags?page=1&ordering=last_updated). + By default oCIS will be started in the `latest` version. If you want to start a specific version of oCIS set the version to `OC_DOCKER_TAG=`. Available versions can be found on [Docker Hub](https://hub.docker.com/r/owncloud/ocis/tags?page=1&ordering=last_updated). - Set your domain for the oCIS frontend in `OCIS_DOMAIN=`, e.g. `OCIS_DOMAIN=cloud.owncloud.test`. + Set your domain for the oCIS frontend in `OC_DOMAIN=`, e.g. `OC_DOMAIN=cloud.owncloud.test`. The OpenLDAP server in this example deployment has an admin users, which is also used as bind user in order to keep these examples simple. You can change the default password "admin" to a different one by setting it to `LDAP_ADMIN_PASSWORD=...`. Set your domain for the LDAP manager UI in `LDAP_MANAGER_DOMAIN=`, e.g. `ldap.owncloud.test`. - Grant the oCIS Admin role to the admin user from your LDAP in `OCIS_ADMIN_USER_ID:`. You need to enter the uuid of LDAP user. + Grant the oCIS Admin role to the admin user from your LDAP in `OC_ADMIN_USER_ID:`. You need to enter the uuid of LDAP user. {{< hint type=tip title=Encoding >}} In the .ldif file in this example, the admin user id is base64 encoded. You need to decode it to make it work. diff --git a/docs/ocis/deployment/systemd.md b/docs/ocis/deployment/systemd.md index a7efc3682..50aef6129 100644 --- a/docs/ocis/deployment/systemd.md +++ b/docs/ocis/deployment/systemd.md @@ -45,21 +45,21 @@ In the service definition we referenced `/etc/ocis/ocis.env` as our file contain In order to create the file we need first to create the folder `/etc/ocis/` and then we can add the actual `/etc/ocis/ocis.env` with following content: ```bash -OCIS_URL=https://some-hostname-or-ip:9200 +OC_URL=https://some-hostname-or-ip:9200 PROXY_HTTP_ADDR=0.0.0.0:9200 -OCIS_INSECURE=false +OC_INSECURE=false -OCIS_LOG_LEVEL=error +OC_LOG_LEVEL=error -OCIS_CONFIG_DIR=/etc/ocis -OCIS_BASE_DATA_PATH=/var/lib/ocis +OC_CONFIG_DIR=/etc/ocis +OC_BASE_DATA_PATH=/var/lib/ocis ``` -Since we set `OCIS_CONFIG_DIR` to `/etc/ocis` you can also place configuration files in this directory. +Since we set `OC_CONFIG_DIR` to `/etc/ocis` you can also place configuration files in this directory. -Please change your `OCIS_URL` in order to reflect your actual deployment. If you are using self-signed certificates you need to set `OCIS_INSECURE=true` in `/etc/ocis/ocis.env`. +Please change your `OC_URL` in order to reflect your actual deployment. If you are using self-signed certificates you need to set `OC_INSECURE=true` in `/etc/ocis/ocis.env`. -oCIS will store all data in `/var/lib/ocis`, because we configured it so by setting `OCIS_BASE_DATA_PATH`. Therefore you need to create that directory and make it accessible to the user, you use to start oCIS. +oCIS will store all data in `/var/lib/ocis`, because we configured it so by setting `OC_BASE_DATA_PATH`. Therefore you need to create that directory and make it accessible to the user, you use to start oCIS. ## Starting the oCIS service diff --git a/docs/ocis/deployment/ubernauten.md b/docs/ocis/deployment/ubernauten.md index 19c0d2807..7fb8fd318 100644 --- a/docs/ocis/deployment/ubernauten.md +++ b/docs/ocis/deployment/ubernauten.md @@ -29,7 +29,7 @@ chmod +x ocis * Set some environment variables related to Uberspace (**Make sure you fill in YOUR domain!**) ``` uberspace web backend set / --http --port 9200 -export OCIS_URL=https://ocis.uber.space +export OC_URL=https://ocis.uber.space export PROXY_TLS=false export PROXY_HTTP_ADDR=0.0.0.0:9200 export PROXY_LOG_LEVEL=debug @@ -55,7 +55,7 @@ To make it easier (and faster), here's the commands in a script called `ocis.ins curl https://download.owncloud.com/ocis/ocis/stable/4.0.3/ocis-4.0.3-linux-amd64 --output ocis chmod +x ocis uberspace web backend set / --http --port 9200 -export OCIS_URL=https://ocis.uber.space +export OC_URL=https://ocis.uber.space export PROXY_TLS=false export PROXY_HTTP_ADDR=0.0.0.0:9200 export PROXY_LOG_LEVEL=debug @@ -82,7 +82,7 @@ startsecs=60 # This file is named ocis.start. # It sets environment variables needed for uber.space needed for Infinite Scale /usr/bin/uberspace web backend set / --http --port 9200 & -export OCIS_URL=https://ocis.uber.space +export OC_URL=https://ocis.uber.space export PROXY_TLS=false export PROXY_HTTP_ADDR=0.0.0.0:9200 export PROXY_LOG_LEVEL=debug @@ -122,7 +122,7 @@ rm -rf .ocis curl https://download.owncloud.com/ocis/ocis/stable/4.0.3/ocis-4.0.3-linux-amd64 --output ocis chmod +x ocis uberspace web backend set / --http --port 9200 -export OCIS_URL=https://ocis.uber.space +export OC_URL=https://ocis.uber.space export PROXY_TLS=false export PROXY_HTTP_ADDR=0.0.0.0:9200 export PROXY_LOG_LEVEL=debug diff --git a/docs/ocis/development/beta-testplan.md b/docs/ocis/development/beta-testplan.md index b66e90840..c9e61793c 100644 --- a/docs/ocis/development/beta-testplan.md +++ b/docs/ocis/development/beta-testplan.md @@ -32,7 +32,7 @@ to access oCIS remotely please refer to the [Basic Remote Setup]({{< ref "../dep ## additional tips - to allow basic auth (e.g. to easily access oCIS using curl commands) you have to set `PROXY_ENABLE_BASIC_AUTH=true` environment variable -- if you cannot use real SSL Certificates set `OCIS_INSECURE=true` as environment variable +- if you cannot use real SSL Certificates set `OC_INSECURE=true` as environment variable # Testplan diff --git a/docs/ocis/development/debugging.md b/docs/ocis/development/debugging.md index 5d0df756d..dd2ac7477 100644 --- a/docs/ocis/development/debugging.md +++ b/docs/ocis/development/debugging.md @@ -21,7 +21,7 @@ For debugging there are two workflows that work well, depending on your preferen #### Use the debug binary and attach to the process as needed -Run the debug binary with `OCIS_LOG_LEVEL=debug bin/ocis-debug server` and then find the service you want to debug using: +Run the debug binary with `OC_LOG_LEVEL=debug bin/ocis-debug server` and then find the service you want to debug using: ```console # ps ax | grep ocis @@ -145,7 +145,7 @@ make debug-docker ``` 2. Change the tag label: ```bash -export OCIS_DOCKER_TAG=debug +export OC_DOCKER_TAG=debug ``` 3. Run docker compose Building the docker compose command depends on what you want to debug, for example `ocis` and `collaboration` with the `collabora` supports. diff --git a/docs/ocis/development/testing.md b/docs/ocis/development/testing.md index 7f1f1539c..4ff45f3cb 100644 --- a/docs/ocis/development/testing.md +++ b/docs/ocis/development/testing.md @@ -96,8 +96,8 @@ To run the tests that require an antivirus service (tests tagged with `@antiviru ```bash START_ANTIVIRUS=true \ -OCIS_ASYNC_UPLOADS=true \ -OCIS_ADD_RUN_SERVICES=antivirus \ +OC_ASYNC_UPLOADS=true \ +OC_ADD_RUN_SERVICES=antivirus \ POSTPROCESSING_STEPS=virusscan \ BEHAT_FEATURE='tests/acceptance/features/apiAntivirus/antivirus.feature' \ make -C tests/acceptance/docker test-ocis-feature-ocis-storage @@ -167,10 +167,10 @@ The test suites transferred from ownCloud core have `coreApi` prefixed ### oCIS Image to Be Tested (Skip Local Image Build) -By default, the tests will be run against the docker image built from your current working state of the oCIS repository. For some purposes it might also be handy to use an oCIS image from Docker Hub. Therefore, you can provide the optional flag `OCIS_IMAGE_TAG=...` which must contain an available docker tag of the [owncloud/ocis registry on Docker Hub](https://hub.docker.com/r/owncloud/ocis) (e.g. 'latest'). +By default, the tests will be run against the docker image built from your current working state of the oCIS repository. For some purposes it might also be handy to use an oCIS image from Docker Hub. Therefore, you can provide the optional flag `OC_IMAGE_TAG=...` which must contain an available docker tag of the [owncloud/ocis registry on Docker Hub](https://hub.docker.com/r/owncloud/ocis) (e.g. 'latest'). ```bash -OCIS_IMAGE_TAG=latest \ +OC_IMAGE_TAG=latest \ make -C tests/acceptance/docker localApiTests-apiGraph-ocis ``` @@ -206,7 +206,7 @@ To start oCIS: IDM_ADMIN_PASSWORD=admin \ ocis/bin/ocis init --insecure true -OCIS_INSECURE=true PROXY_ENABLE_BASIC_AUTH=true \ +OC_INSECURE=true PROXY_ENABLE_BASIC_AUTH=true \ ocis/bin/ocis server ``` @@ -319,7 +319,7 @@ PROXY_ENABLE_BASIC_AUTH=true \ ### Run the Tests ```bash -OCIS_WRAPPER_URL=http://localhost:5200 \ +OC_WRAPPER_URL=http://localhost:5200 \ TEST_SERVER_URL="https://localhost:9200" \ BEHAT_FEATURE=tests/acceptance/features/apiAsyncUpload/delayPostprocessing.feature \ make test-acceptance-api @@ -356,7 +356,7 @@ ocis/bin/ocis init --insecure true # run oCIS PROXY_ENABLE_BASIC_AUTH=true \ -OCIS_ADD_RUN_SERVICES=notifications \ +OC_ADD_RUN_SERVICES=notifications \ NOTIFICATIONS_SMTP_HOST=localhost \ NOTIFICATIONS_SMTP_PORT=2500 \ NOTIFICATIONS_SMTP_INSECURE=true \ @@ -399,7 +399,7 @@ ocis/bin/ocis init --insecure true # run oCIS PROXY_ENABLE_BASIC_AUTH=true \ -OCIS_INSECURE=true \ +OC_INSECURE=true \ SEARCH_EXTRACTOR_TYPE=tika \ SEARCH_EXTRACTOR_TIKA_TIKA_URL=http://localhost:9998 \ SEARCH_EXTRACTOR_CS3SOURCE_INSECURE=true \ @@ -481,8 +481,8 @@ PROXY_ENABLE_BASIC_AUTH=true \ ANTIVIRUS_SCANNER_TYPE="clamav" \ ANTIVIRUS_CLAMAV_SOCKET="tcp://host.docker.internal:3310" \ POSTPROCESSING_STEPS="virusscan" \ -OCIS_ASYNC_UPLOADS=true \ -OCIS_ADD_RUN_SERVICES="antivirus" +OC_ASYNC_UPLOADS=true \ +OC_ADD_RUN_SERVICES="antivirus" ocis/bin/ocis server ``` @@ -516,11 +516,11 @@ IDM_ADMIN_PASSWORD=admin \ ocis/bin/ocis init --insecure true # run oCIS -OCIS_URL="https://localhost:9200" \ +OC_URL="https://localhost:9200" \ PROXY_ENABLE_BASIC_AUTH=true \ -OCIS_ENABLE_OCM=true \ +OC_ENABLE_OCM=true \ OCM_OCM_PROVIDER_AUTHORIZER_PROVIDERS_FILE="tests/config/local/providers.json" \ -OCIS_ADD_RUN_SERVICES="ocm" \ +OC_ADD_RUN_SERVICES="ocm" \ OCM_OCM_INVITE_MANAGER_INSECURE=true \ OCM_OCM_SHARE_PROVIDER_INSECURE=true \ OCM_OCM_STORAGE_PROVIDER_INSECURE=true \ @@ -552,8 +552,8 @@ The second oCIS instance should be available at: https://localhost:10200/ {{< hint info >}} To enable ocm in the web interface, you need to set the following envs: -`OCIS_ENABLE_OCM="true"` -`OCIS_ADD_RUN_SERVICES="ocm"` +`OC_ENABLE_OCM="true"` +`OC_ADD_RUN_SERVICES="ocm"` {{< /hint>}} #### Run the Acceptance Test diff --git a/docs/ocis/development/tracing.md b/docs/ocis/development/tracing.md index c07bb6d8e..82e13806a 100644 --- a/docs/ocis/development/tracing.md +++ b/docs/ocis/development/tracing.md @@ -37,13 +37,13 @@ to get started: ``` 2. Enabling and configuring tracing on oCIS itself will forward the configuration to all services: ```console - OCIS_TRACING_ENABLED=true \ - OCIS_TRACING_ENDPOINT=localhost:6831 \ - OCIS_TRACING_COLLECTOR=http://localhost:14268/api/traces \ + OC_TRACING_ENABLED=true \ + OC_TRACING_ENDPOINT=localhost:6831 \ + OC_TRACING_COLLECTOR=http://localhost:14268/api/traces \ ./bin/ocis server ``` If you want to set individual tracing configuration for each service, make sure to set - `OCIS_TRACING_ENABLED=false`. + `OC_TRACING_ENABLED=false`. 3. Make the actual request that you want to trace. 4. Open up the [Jaeger UI](http://localhost:16686) to analyze request traces. diff --git a/docs/ocis/getting-started/_index.md b/docs/ocis/getting-started/_index.md index 530f73fc5..4a86e675e 100644 --- a/docs/ocis/getting-started/_index.md +++ b/docs/ocis/getting-started/_index.md @@ -23,7 +23,7 @@ We are distributing oCIS as binaries and Docker images. {{< hint warning >}} The examples in this document assume that oCIS is accessed from the same host as it is running on (`localhost`). If you would like to access oCIS remotely please refer to the [Basic Remote Setup]({{< ref "../deployment/basic-remote-setup" >}}) section. Especially -to the notes about setting the `PROXY_HTTP_ADDR` and `OCIS_URL` environment variables. +to the notes about setting the `PROXY_HTTP_ADDR` and `OC_URL` environment variables. {{< /hint >}} You can find more deployment examples in the [deployment section]({{< ref "../deployment" >}}). @@ -53,7 +53,7 @@ IDM_CREATE_DEMO_USERS=true ./ocis server The default primary storage location is `~/.ocis` or `/var/lib/ocis` depending on the packaging format and your operating system user. You can change that value by configuration. {{< hint info >}} -When you're using oCIS with self-signed certificates, you need to answer the question for certificate checking with "yes" or set the environment variable `OCIS_INSECURE=true`, in order to make oCIS work. +When you're using oCIS with self-signed certificates, you need to answer the question for certificate checking with "yes" or set the environment variable `OC_INSECURE=true`, in order to make oCIS work. {{< /hint >}} {{< hint warning >}} @@ -80,7 +80,7 @@ docker run --rm -p 9200:9200 -v ocis-config:/etc/ocis -v ocis-data:/var/lib/ocis ``` {{< hint info >}} -When you're using oCIS with self-signed certificates, you need to set the environment variable `OCIS_INSECURE=true`, in order to make oCIS work. +When you're using oCIS with self-signed certificates, you need to set the environment variable `OC_INSECURE=true`, in order to make oCIS work. {{< /hint >}} {{< hint warming >}} diff --git a/docs/ocis/guides/ocis-local-docker.md b/docs/ocis/guides/ocis-local-docker.md index aa889fe4a..958087338 100644 --- a/docs/ocis/guides/ocis-local-docker.md +++ b/docs/ocis/guides/ocis-local-docker.md @@ -37,13 +37,13 @@ services: image: owncloud/ocis:latest environment: # INSECURE: needed if oCIS / Traefik is using self generated certificates - OCIS_INSECURE: "true" + OC_INSECURE: "true" - # OCIS_URL: the external domain / ip address of oCIS (with protocol, must always be https) - OCIS_URL: "https://localhost:9200" + # OC_URL: the external domain / ip address of oCIS (with protocol, must always be https) + OC_URL: "https://localhost:9200" - # OCIS_LOG_LEVEL: error / info / ... / debug - OCIS_LOG_LEVEL: info + # OC_LOG_LEVEL: error / info / ... / debug + OC_LOG_LEVEL: info ``` ### Initialize @@ -275,13 +275,13 @@ services: # see also https://docs.docker.com/engine/reference/commandline/images/#list-image-digests environment: # INSECURE: needed if oCIS / Traefik is using self generated certificates - OCIS_INSECURE: "true" + OC_INSECURE: "true" - # OCIS_URL: the external domain / ip address of oCIS (with protocol, must always be https) - OCIS_URL: "https://localhost:9200" + # OC_URL: the external domain / ip address of oCIS (with protocol, must always be https) + OC_URL: "https://localhost:9200" - # OCIS_LOG_LEVEL: error / info / ... / debug - OCIS_LOG_LEVEL: info + # OC_LOG_LEVEL: error / info / ... / debug + OC_LOG_LEVEL: info volumes: # mount the ocis config file inside the container - "./ocis.yaml:/etc/ocis/ocis.yaml" diff --git a/docs/ocis/identity-provider/ldap-active-directory.md b/docs/ocis/identity-provider/ldap-active-directory.md index f523a6373..8248aca5e 100644 --- a/docs/ocis/identity-provider/ldap-active-directory.md +++ b/docs/ocis/identity-provider/ldap-active-directory.md @@ -17,26 +17,26 @@ oCIS can be configured using Active Directory as identity provider. This configuration is an _example_ for using Samba4 AD as well as a Windows Server 2022 as the LDAP backend for oCIS. It is intended as guideline and first starting point. ```text -OCIS_LDAP_URI=ldaps://xxxxxxxxx -OCIS_LDAP_INSECURE="true" -OCIS_LDAP_BIND_DN="cn=administrator,cn=users,xxxxxxxxxx" -OCIS_LDAP_BIND_PASSWORD=xxxxxxx -OCIS_LDAP_DISABLE_USER_MECHANISM="none" -OCIS_LDAP_GROUP_BASE_DN="dc=owncloud,dc=test" -OCIS_LDAP_GROUP_OBJECTCLASS="group" -OCIS_LDAP_GROUP_SCHEMA_ID="objectGUID" -OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING="true" -OCIS_LDAP_GROUP_SCHEMA_GROUPNAME="cn" -OCIS_LDAP_USER_BASE_DN="dc=owncloud,dc=test" -OCIS_LDAP_USER_OBJECTCLASS="user" -OCIS_LDAP_USER_SCHEMA_ID="objectGUID" -OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING="true" -OCIS_LDAP_USER_SCHEMA_USERNAME="sAMAccountName" -OCIS_LDAP_LOGIN_ATTRIBUTES="sAMAccountName" +OC_LDAP_URI=ldaps://xxxxxxxxx +OC_LDAP_INSECURE="true" +OC_LDAP_BIND_DN="cn=administrator,cn=users,xxxxxxxxxx" +OC_LDAP_BIND_PASSWORD=xxxxxxx +OC_LDAP_DISABLE_USER_MECHANISM="none" +OC_LDAP_GROUP_BASE_DN="dc=owncloud,dc=test" +OC_LDAP_GROUP_OBJECTCLASS="group" +OC_LDAP_GROUP_SCHEMA_ID="objectGUID" +OC_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING="true" +OC_LDAP_GROUP_SCHEMA_GROUPNAME="cn" +OC_LDAP_USER_BASE_DN="dc=owncloud,dc=test" +OC_LDAP_USER_OBJECTCLASS="user" +OC_LDAP_USER_SCHEMA_ID="objectGUID" +OC_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING="true" +OC_LDAP_USER_SCHEMA_USERNAME="sAMAccountName" +OC_LDAP_LOGIN_ATTRIBUTES="sAMAccountName" IDP_LDAP_LOGIN_ATTRIBUTE="sAMAccountName" IDP_LDAP_UUID_ATTRIBUTE="objectGUID" IDP_LDAP_UUID_ATTRIBUTE_TYPE=binary GRAPH_LDAP_SERVER_WRITE_ENABLED="false" -OCIS_EXCLUDE_RUN_SERVICES=idm -OCIS_ADMIN_USER_ID="" +OC_EXCLUDE_RUN_SERVICES=idm +OC_ADMIN_USER_ID="" ``` diff --git a/docs/ocis/metrics.md b/docs/ocis/metrics.md index 34157df3d..8612bc9b7 100644 --- a/docs/ocis/metrics.md +++ b/docs/ocis/metrics.md @@ -10,7 +10,7 @@ geekdocFilePath: metrics.md ## Metrics -This service provides some [Prometheus](https://prometheus.io/) metrics through the debug endpoint, you can optionally secure the metrics endpoint by some random token, which has to be configured either through the flag `--debug-token` or the environment variable `OCIS_DEBUG_TOKEN` mentioned above. By default, the metrics endpoint is bound to `http://0.0.0.0:8001/metrics`. +This service provides some [Prometheus](https://prometheus.io/) metrics through the debug endpoint, you can optionally secure the metrics endpoint by some random token, which has to be configured either through the flag `--debug-token` or the environment variable `OC_DEBUG_TOKEN` mentioned above. By default, the metrics endpoint is bound to `http://0.0.0.0:8001/metrics`. go_gc_duration_seconds : A summary of the GC invocation durations diff --git a/docs/ocis/storage-backends/dcfsnfs.md b/docs/ocis/storage-backends/dcfsnfs.md index 4de0ee83a..0a0238f30 100644 --- a/docs/ocis/storage-backends/dcfsnfs.md +++ b/docs/ocis/storage-backends/dcfsnfs.md @@ -49,13 +49,13 @@ The NFS server setup can be optimized considering system administrative-, perfor ## oCIS Start using the NFS Share -The oCIS server can be instructed to set up the decomposed FS at a certain path by setting the environment variable `OCIS_BASE_DATA_PATH`. +The oCIS server can be instructed to set up the decomposed FS at a certain path by setting the environment variable `OC_BASE_DATA_PATH`. The test setup started an oCIS tech preview single binary release using this start command: ```bash ./ocis init -OCIS_BASE_DATA_PATH=/mnt/ocisdata/ OCIS_LOG_LEVEL=debug OCIS_INSECURE=true PROXY_HTTP_ADDR=0.0.0.0:9200 OCIS_URL=https://hostname:9200 ./ocis server +OC_BASE_DATA_PATH=/mnt/ocisdata/ OC_LOG_LEVEL=debug OC_INSECURE=true PROXY_HTTP_ADDR=0.0.0.0:9200 OC_URL=https://hostname:9200 ./ocis server ``` This starts oCIS and a decomposed FS skeleton file system structure is set up on the NFS share. diff --git a/docs/services/general-info/add-translations.md b/docs/services/general-info/add-translations.md index 7af8af2a2..4852aca26 100644 --- a/docs/services/general-info/add-translations.md +++ b/docs/services/general-info/add-translations.md @@ -32,7 +32,7 @@ Note that paths are examples and can be adapted based on requirements.\ Replace `` with the name of the respective service.\ Translations have a `context` and a `translatable string`. The context is shown on Transifex but not translated and helps translators to get a context for the string to be translated. -* Add the `OCIS_DEFAULT_LANGUAGE` envvar in `services//pkg/config/config.go`.\ +* Add the `OC_DEFAULT_LANGUAGE` envvar in `services//pkg/config/config.go`.\ For details see the userlog or notifications service code. * Add the `_TRANSLATION_PATH` envvar in `services//pkg/config/config.go`.\ diff --git a/docs/services/general-info/additional-information.md b/docs/services/general-info/additional-information.md index a019f2257..88c9ee131 100644 --- a/docs/services/general-info/additional-information.md +++ b/docs/services/general-info/additional-information.md @@ -12,8 +12,8 @@ This section contains information on general topics ## GRPC Maximum Message Size -ocis is using grpc for inter-service communication. When having a folder with a lot of files (25.000+, the size does not matter) and doing a `PROPFIND` on that folder, the server will run into errors. This is because the grpc message body becomes to big. With introduction of the envvar `OCIS_GRPC_MAX_RECEIVED_MESSAGE_SIZE`, the max size for the grpc body can be raised. +ocis is using grpc for inter-service communication. When having a folder with a lot of files (25.000+, the size does not matter) and doing a `PROPFIND` on that folder, the server will run into errors. This is because the grpc message body becomes to big. With introduction of the envvar `OC_GRPC_MAX_RECEIVED_MESSAGE_SIZE`, the max size for the grpc body can be raised. NOTE: With a certain amount of files even raising the grpc message size will not suffice as the requests will run into network timeouts. Also generally the more files are in a folder, the longer it will take time to load. -It is recommended to use `OCIS_GRPC_MAX_RECEIVED_MESSAGE_SIZE` only *temporary* to copy files out of the folder (like via the web ui) and use the default value in general. +It is recommended to use `OC_GRPC_MAX_RECEIVED_MESSAGE_SIZE` only *temporary* to copy files out of the folder (like via the web ui) and use the default value in general. diff --git a/docs/services/general-info/deprecating-variables.md b/docs/services/general-info/deprecating-variables.md index bc77eebe9..bd42e8caa 100644 --- a/docs/services/general-info/deprecating-variables.md +++ b/docs/services/general-info/deprecating-variables.md @@ -35,7 +35,7 @@ For the documentation to show the correct value for the `removalVersion`, our do ```golang // Notifications defines the config options for the notifications service. type Notifications struct { -RevaGateway string `yaml:"reva_gateway" env:"OCIS_REVA_GATEWAY;REVA_GATEWAY" desc:"CS3 gateway used to look up user metadata" deprecationVersion:"3.0" removalVersion:"%%NEXT_PRODUCTION_VERSION%%" deprecationInfo:"REVA_GATEWAY changing name for consistency" deprecationReplacement:"OCIS_REVA_GATEWAY"` +RevaGateway string `yaml:"reva_gateway" env:"OC_REVA_GATEWAY;REVA_GATEWAY" desc:"CS3 gateway used to look up user metadata" deprecationVersion:"3.0" removalVersion:"%%NEXT_PRODUCTION_VERSION%%" deprecationInfo:"REVA_GATEWAY changing name for consistency" deprecationReplacement:"OC_REVA_GATEWAY"` ... } ``` diff --git a/docs/services/general-info/env-var-deltas/4.0.0-5.0.0-added.adoc b/docs/services/general-info/env-var-deltas/4.0.0-5.0.0-added.adoc index dd7f27a29..301b7f140 100644 --- a/docs/services/general-info/env-var-deltas/4.0.0-5.0.0-added.adoc +++ b/docs/services/general-info/env-var-deltas/4.0.0-5.0.0-added.adoc @@ -9,7 +9,7 @@ | Service| Variable| Description| Default | xref:deployment/services/env-vars-special-scope.adoc[Special Scope Envvars] -| `OCIS_CACHE_DISABLE_PERSISTENCE` +| `OC_CACHE_DISABLE_PERSISTENCE` | Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured.| `false` | | `MICRO_REGISTRY` + @@ -23,52 +23,52 @@ | Optional when using nats to authenticate with the nats cluster.| | xref:{s-path}/antivirus.adoc[antivirus] -| `OCIS_EVENTS_AUTH_USERNAME` +| `OC_EVENTS_AUTH_USERNAME` | The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.| | -| `OCIS_EVENTS_AUTH_PASSWORD` +| `OC_EVENTS_AUTH_PASSWORD` | The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.| | | `ANTIVIRUS_ICAP_SCAN_TIMEOUT` | Scan timeout for the ICAP client. Defaults to '5m' (5 minutes). See the Environment Variable Types description for more details.| 5m0s | xref:{s-path}/audit.adoc[audit] -| `OCIS_EVENTS_AUTH_USERNAME` +| `OC_EVENTS_AUTH_USERNAME` | The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.| | -| `OCIS_EVENTS_AUTH_PASSWORD` +| `OC_EVENTS_AUTH_PASSWORD` | The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.| | xref:{s-path}/auth-service.adoc[auth-service] -| `OCIS_TRACING_ENABLED` + +| `OC_TRACING_ENABLED` + `AUTH_SERVICE_TRACING_ENABLED` | Activates tracing.| | -| `OCIS_TRACING_TYPE` + +| `OC_TRACING_TYPE` + `AUTH_SERVICE_TRACING_TYPE` | The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now."| | -| `OCIS_TRACING_ENDPOINT` + +| `OC_TRACING_ENDPOINT` + `AUTH_SERVICE_TRACING_ENDPOINT` | The endpoint of the tracing agent.| | -| `OCIS_TRACING_COLLECTOR` + +| `OC_TRACING_COLLECTOR` + `AUTH_SERVICE_TRACING_COLLECTOR` | The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset.| | -| `OCIS_LOG_LEVEL` + +| `OC_LOG_LEVEL` + `AUTH_SERVICE_LOG_LEVEL` | The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'."| | -| `OCIS_LOG_PRETTY` + +| `OC_LOG_PRETTY` + `AUTH_SERVICE_LOG_PRETTY` | Activates pretty log output.| | -| `OCIS_LOG_COLOR` + +| `OC_LOG_COLOR` + `AUTH_SERVICE_LOG_COLOR` | Activates colorized log output.| | -| `OCIS_LOG_FILE` + +| `OC_LOG_FILE` + `AUTH_SERVICE_LOG_FILE` | The path to the log file. Activates logging to this file if set.| | @@ -90,61 +90,61 @@ | `AUTH_SERVICE_GRPC_PROTOCOL` | The transport protocol of the GRPC service.| | -| `OCIS_SERVICE_ACCOUNT_ID` + +| `OC_SERVICE_ACCOUNT_ID` + `AUTH_SERVICE_SERVICE_ACCOUNT_ID` | The ID of the service account the service should use. See the 'auth-service' service description for more details.| | -| `OCIS_SERVICE_ACCOUNT_SECRET` + +| `OC_SERVICE_ACCOUNT_SECRET` + `AUTH_SERVICE_SERVICE_ACCOUNT_SECRET` | The service account secret.| | -| `OCIS_JWT_SECRET` + +| `OC_JWT_SECRET` + `AUTH_SERVICE_JWT_SECRET` | The secret to mint and validate jwt tokens.| | xref:{s-path}/clientlog.adoc[clientlog] -| `OCIS_REVA_GATEWAY` + +| `OC_REVA_GATEWAY` + `CLIENTLOG_REVA_GATEWAY` | CS3 gateway used to look up user metadata| | -| `OCIS_EVENTS_ENDPOINT` + +| `OC_EVENTS_ENDPOINT` + `CLIENTLOG_EVENTS_ENDPOINT` | The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture.| | -| `OCIS_EVENTS_CLUSTER` + +| `OC_EVENTS_CLUSTER` + `CLIENTLOG_EVENTS_CLUSTER` | The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system.| | -| `OCIS_INSECURE` + +| `OC_INSECURE` + `CLIENTLOG_EVENTS_TLS_INSECURE` | Whether to verify the server TLS certificates.| | -| `OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE` + +| `OC_EVENTS_TLS_ROOT_CA_CERTIFICATE` + `CLIENTLOG_EVENTS_TLS_ROOT_CA_CERTIFICATE` | The root CA certificate used to validate the server's TLS certificate. If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false.| | -| `OCIS_EVENTS_ENABLE_TLS` + +| `OC_EVENTS_ENABLE_TLS` + `CLIENTLOG_EVENTS_ENABLE_TLS` | Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services.| | -| `OCIS_EVENTS_AUTH_USERNAME` + +| `OC_EVENTS_AUTH_USERNAME` + `CLIENTLOG_EVENTS_AUTH_USERNAME` | The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.| | -| `OCIS_EVENTS_AUTH_PASSWORD` + +| `OC_EVENTS_AUTH_PASSWORD` + `CLIENTLOG_EVENTS_AUTH_PASSWORD` | The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.| | -| `OCIS_JWT_SECRET` + +| `OC_JWT_SECRET` + `CLIENTLOG_JWT_SECRET` | The secret to mint and validate jwt tokens.| | -| `OCIS_SERVICE_ACCOUNT_ID` + +| `OC_SERVICE_ACCOUNT_ID` + `CLIENTLOG_SERVICE_ACCOUNT_ID` | The ID of the service account the service should use. See the 'auth-service' service description for more details.| | -| `OCIS_SERVICE_ACCOUNT_SECRET` + +| `OC_SERVICE_ACCOUNT_SECRET` + `CLIENTLOG_SERVICE_ACCOUNT_SECRET` | The service account secret.| @@ -162,54 +162,54 @@ | Enables zpages, which can be used for collecting and viewing in-memory traces.| | -| `OCIS_LOG_LEVEL` + +| `OC_LOG_LEVEL` + `CLIENTLOG_USERLOG_LOG_LEVEL` | The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'."| | -| `OCIS_LOG_PRETTY` + +| `OC_LOG_PRETTY` + `CLIENTLOG_USERLOG_LOG_PRETTY` | Activates pretty log output.| | -| `OCIS_LOG_COLOR` + +| `OC_LOG_COLOR` + `CLIENTLOG_USERLOG_LOG_COLOR` | Activates colorized log output.| | -| `OCIS_LOG_FILE` + +| `OC_LOG_FILE` + `CLIENTLOG_USERLOG_LOG_FILE` | The path to the log file. Activates logging to this file if set.| | -| `OCIS_TRACING_ENABLED` + +| `OC_TRACING_ENABLED` + `CLIENTLOG_TRACING_ENABLED` | Activates tracing.| | -| `OCIS_TRACING_TYPE` + +| `OC_TRACING_TYPE` + `CLIENTLOG_TRACING_TYPE` | The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now."` | | -| `OCIS_TRACING_ENDPOINT` + +| `OC_TRACING_ENDPOINT` + `CLIENTLOG_TRACING_ENDPOINT` | The endpoint of the tracing agent.| | -| `OCIS_TRACING_COLLECTOR` + +| `OC_TRACING_COLLECTOR` + `CLIENTLOG_TRACING_COLLECTOR` | The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset.| | xref:{s-path}/eventhistory.adoc[eventhistory] -| `OCIS_PERSISTENT_STORE_AUTH_USERNAME` + +| `OC_PERSISTENT_STORE_AUTH_USERNAME` + `EVENTHISTORY_STORE_AUTH_USERNAME` | The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured.| | -| `OCIS_PERSISTENT_STORE_AUTH_PASSWORD` + +| `OC_PERSISTENT_STORE_AUTH_PASSWORD` + `EVENTHISTORY_STORE_AUTH_PASSWORD` | The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured.| | -| `OCIS_EVENTS_AUTH_USERNAME` + +| `OC_EVENTS_AUTH_USERNAME` + `EVENTHISTORY_EVENTS_AUTH_USERNAME` | The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.| | -| `OCIS_EVENTS_AUTH_PASSWORD` + +| `OC_EVENTS_AUTH_PASSWORD` + `EVENTHISTORY_EVENTS_AUTH_PASSWORD` | The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.| @@ -220,41 +220,41 @@ | `FRONTEND_AUTO_ACCEPT_SHARES` | Defines if shares should be auto accepted by default. Users can change this setting individually in their profile.| true | -| `OCIS_CACHE_DISABLE_PERSISTENCE` + +| `OC_CACHE_DISABLE_PERSISTENCE` + `FRONTEND_OCS_STAT_CACHE_DISABLE_PERSISTENCE` | Disable persistence of the cache. Only applies when using the 'nats-js-kv' store type. Defaults to false.| false | -| `OCIS_CACHE_AUTH_USERNAME` + +| `OC_CACHE_AUTH_USERNAME` + `FRONTEND_OCS_STAT_CACHE_AUTH_USERNAME` | The username to use for authentication. Only applies when using the 'nats-js-kv' store type.| | -| `OCIS_CACHE_AUTH_PASSWORD` + +| `OC_CACHE_AUTH_PASSWORD` + `FRONTEND_OCS_STAT_CACHE_AUTH_PASSWORD` | The password to use for authentication. Only applies when using the 'nats-js-kv' store type.| | | `FRONTEND_OCS_LIST_OCM_SHARES` | Include OCM shares when listing shares. See the OCM service documentation for more details.| | -| `OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD` + +| `OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD` + `FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD` | Set this to true if you want to enforce passwords on all public shares.| | -| `OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD` + +| `OC_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD` + `FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD` | Set this to true if you want to enforce passwords on Uploader, Editor or Contributor shares.| | | `FRONTEND_OCS_INCLUDE_OCM_SHAREES` | Include OCM sharees when listing sharees.| | -| `OCIS_EVENTS_ENDPOINT` + +| `OC_EVENTS_ENDPOINT` + `FRONTEND_EVENTS_ENDPOINT` | The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture.| | -| `OCIS_EVENTS_CLUSTER` + +| `OC_EVENTS_CLUSTER` + `FRONTEND_EVENTS_CLUSTER` | The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system.| | -| `OCIS_INSECURE` + +| `OC_INSECURE` + `FRONTEND_EVENTS_TLS_INSECURE` | Whether to verify the server TLS certificates.| | @@ -262,93 +262,93 @@ `OCS_EVENTS_TLS_ROOT_CA_CERTIFICATE` | The root CA certificate used to validate the server's TLS certificate. If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false.| | -| `OCIS_EVENTS_ENABLE_TLS` + +| `OC_EVENTS_ENABLE_TLS` + `FRONTEND_EVENTS_ENABLE_TLS` | Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services.| | -| `OCIS_EVENTS_AUTH_USERNAME` + +| `OC_EVENTS_AUTH_USERNAME` + `FRONTEND_EVENTS_AUTH_USERNAME` | The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.| | -| `OCIS_EVENTS_AUTH_PASSWORD` + +| `OC_EVENTS_AUTH_PASSWORD` + `FRONTEND_EVENTS_AUTH_PASSWORD` | The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.| | -| `OCIS_SERVICE_ACCOUNT_ID` + +| `OC_SERVICE_ACCOUNT_ID` + `FRONTEND_SERVICE_ACCOUNT_ID` | The ID of the service account the service should use. See the 'auth-service' service description for more details.| | -| `OCIS_SERVICE_ACCOUNT_SECRET` + +| `OC_SERVICE_ACCOUNT_SECRET` + `FRONTEND_SERVICE_ACCOUNT_SECRET` | The service account secret.| | -| `OCIS_PASSWORD_POLICY_DISABLED` + +| `OC_PASSWORD_POLICY_DISABLED` + `FRONTEND_PASSWORD_POLICY_DISABLED` | Define the minimum password length. Defaults to 0 if not set.| 0 | -| `OCIS_PASSWORD_POLICY_MIN_CHARACTERS` + +| `OC_PASSWORD_POLICY_MIN_CHARACTERS` + `FRONTEND_PASSWORD_POLICY_MIN_CHARACTERS` | Disable the password policy. Defaults to false if not set.| | -| `OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS` + +| `OC_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS` + `FRONTEND_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS` | Define the minimum number of lowercase characters. Defaults to 0 if not set.| 0 | -| `OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS` + +| `OC_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS` + `FRONTEND_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS` | Define the minimum number of uppercase characters. Defaults to 0 if not set.| 0 | -| `OCIS_PASSWORD_POLICY_MIN_DIGITS` + +| `OC_PASSWORD_POLICY_MIN_DIGITS` + `FRONTEND_PASSWORD_POLICY_MIN_DIGITS` | Define the minimum number of digits. Defaults to 0 if not set.| 0 | -| `OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS` + +| `OC_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS` + `FRONTEND_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS` | Define the minimum number of special characters. Defaults to 0 if not set.| 0 | -| `OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST` + +| `OC_PASSWORD_POLICY_BANNED_PASSWORDS_LIST` + `FRONTEND_PASSWORD_POLICY_BANNED_PASSWORDS_LIST` | Path to the 'banned passwords list' file. See the documentation for more details.| | xref:{s-path}/gateway.adoc[gateway] -| `OCIS_CACHE_DISABLE_PERSISTENCE` + +| `OC_CACHE_DISABLE_PERSISTENCE` + `GATEWAY_STAT_CACHE_DISABLE_PERSISTENCE` | Disables persistence of the stat cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false.| false | -| `OCIS_CACHE_DISABLE_PERSISTENCE` + +| `OC_CACHE_DISABLE_PERSISTENCE` + `GATEWAY_PROVIDER_CACHE_DISABLE_PERSISTENCE` | Disables persistence of the provider cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false.| false | -| `OCIS_CACHE_AUTH_USERNAME` + +| `OC_CACHE_AUTH_USERNAME` + `GATEWAY_PROVIDER_CACHE_AUTH_USERNAME` | The username to use for authentication. Only applies when store type 'nats-js-kv' is configured.| | -| `OCIS_CACHE_AUTH_PASSWORD` + +| `OC_CACHE_AUTH_PASSWORD` + `GATEWAY_PROVIDER_CACHE_AUTH_PASSWORD` | The password to use for authentication. Only applies when store type 'nats-js-kv' is configured.| | -| `OCIS_CACHE_DISABLE_PERSISTENCE` + +| `OC_CACHE_DISABLE_PERSISTENCE` + `GATEWAY_CREATE_HOME_CACHE_DISABLE_PERSISTENCE` | Disables persistence of the create home cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false.| false | -| `OCIS_CACHE_AUTH_USERNAME` + +| `OC_CACHE_AUTH_USERNAME` + `GATEWAY_CREATE_HOME_CACHE_AUTH_USERNAME` | The username to use for authentication. Only applies when store type 'nats-js-kv' is configured.| | -| `OCIS_CACHE_AUTH_PASSWORD` + +| `OC_CACHE_AUTH_PASSWORD` + `GATEWAY_CREATE_HOME_CACHE_AUTH_PASSWORDv` | The password to use for authentication. Only applies when store type 'nats-js-kv' is configured.| | xref:{s-path}/graph.adoc[graph] -| `OCIS_CACHE_DISABLE_PERSISTENCE` + +| `OC_CACHE_DISABLE_PERSISTENCE` + `GRAPH_CACHE_DISABLE_PERSISTENCE` | Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false.| false | -| `OCIS_CACHE_AUTH_USERNAME` + +| `OC_CACHE_AUTH_USERNAME` + `GRAPH_CACHE_AUTH_USERNAME` | The username to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured.| | -| `OCIS_CACHE_AUTH_PASSWORD` + +| `OC_CACHE_AUTH_PASSWORD` + `GRAPH_CACHE_AUTH_PASSWORD` | The password to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured.| @@ -356,23 +356,23 @@ | `GRAPH_IDENTITY_SEARCH_MIN_LENGTH` | The minimum length the search term needs to have for unprivileged users when searching for users or groups.| | -| `OCIS_EVENTS_AUTH_USERNAME` + +| `OC_EVENTS_AUTH_USERNAME` + `GRAPH_EVENTS_AUTH_USERNAME` | The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.| | -| `OCIS_EVENTS_AUTH_PASSWORD` + +| `OC_EVENTS_AUTH_PASSWORD` + `GRAPH_EVENTS_AUTH_PASSWORD` | The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.| | -| `OCIS_SERVICE_ACCOUNT_ID` + +| `OC_SERVICE_ACCOUNT_ID` + `GRAPH_SERVICE_ACCOUNT_ID` | The ID of the service account the service should use. See the 'auth-service' service description for more details.| | -| `OCIS_SERVICE_ACCOUNT_SECRET` + +| `OC_SERVICE_ACCOUNT_SECRET` + `GRAPH_SERVICE_ACCOUNT_SECRET` | The service account secret.| | -| `OCIS_ENABLE_RESHARING` + +| `OC_ENABLE_RESHARING` + `GRAPH_ENABLE_RESHARING` | Changing this value is NOT supported. Enables the support for resharing in the clients.| @@ -381,22 +381,22 @@ | Configure an alternative URL to the background image for the login page.| | xref:{s-path}/notifications.adoc[notifications] -| `OCIS_DEFAULT_LANGUAGE` +| `OC_DEFAULT_LANGUAGE` | The default language used by services and the WebUI. If not defined, English will be used as default. See the documentation for more details.| | -| `OCIS_EVENTS_AUTH_USERNAME` + +| `OC_EVENTS_AUTH_USERNAME` + `NOTIFICATIONS_EVENTS_AUTH_USERNAME` | The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.| | -| `OCIS_EVENTS_AUTH_PASSWORD` + +| `OC_EVENTS_AUTH_PASSWORD` + `NOTIFICATIONS_EVENTS_AUTH_PASSWORD` | The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.| | -| `OCIS_SERVICE_ACCOUNT_ID` + +| `OC_SERVICE_ACCOUNT_ID` + `NOTIFICATIONS_SERVICE_ACCOUNT_ID` | The ID of the service account the service should use. See the 'auth-service' service description for more details.| | -| `OCIS_SERVICE_ACCOUNT_SECRET` + +| `OC_SERVICE_ACCOUNT_SECRET` + `NOTIFICATIONS_SERVICE_ACCOUNT_SECRET` | The service account secret.| @@ -417,27 +417,27 @@ | `OCM_HTTP_PREFIX` | The path prefix where OCM can be accessed (defaults to /).| | -| `OCIS_SERVICE_ACCOUNT_ID` + +| `OC_SERVICE_ACCOUNT_ID` + `OCM_SERVICE_ACCOUNT_ID` | The ID of the service account the service should use. See the 'auth-service' service description for more details.| | -| `OCIS_SERVICE_ACCOUNT_SECRET` + +| `OC_SERVICE_ACCOUNT_SECRET` + `OCM_SERVICE_ACCOUNT_SECRET` | The service account secret.| | -| `OCIS_CORS_ALLOW_ORIGINS` + +| `OC_CORS_ALLOW_ORIGINS` + `OCM_CORS_ALLOW_ORIGINS` | A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details.| | -| `OCIS_CORS_ALLOW_METHODS` + +| `OC_CORS_ALLOW_METHODS` + `OCM_CORS_ALLOW_METHODS` | A list of allowed CORS methods. See following chapter for more details: *Access-Control-Allow-Methods* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods. See the Environment Variable Types description for more details.| | -| `OCIS_CORS_ALLOW_HEADERS` + +| `OC_CORS_ALLOW_HEADERS` + `OCM_CORS_ALLOW_HEADERS` | A list of allowed CORS headers. See following chapter for more details: *Access-Control-Allow-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers. See the Environment Variable Types description for more details.| | -| `OCIS_CORS_ALLOW_CREDENTIALS` + +| `OC_CORS_ALLOW_CREDENTIALS` + `OCM_CORS_ALLOW_CREDENTIALS` | Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.| | @@ -466,10 +466,10 @@ | Disable TLS certificate validation for the OCM connections. Do not set this in production environments.| | | `OCM_OCM_INVITE_MANAGER_JSON_FILE` -| Path to the JSON file where OCM invite data will be stored. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage.| +| Path to the JSON file where OCM invite data will be stored. If not defined, the root directory derives from $OC_BASE_DATA_PATH:/storage.| | | `OCM_OCM_PROVIDER_AUTHORIZER_PROVIDERS_FILE` -| Path to the JSON file where ocm invite data will be stored. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage.| +| Path to the JSON file where ocm invite data will be stored. If not defined, the root directory derives from $OC_BASE_DATA_PATH:/storage.| | | `OCM_OCM_PROVIDER_AUTHORIZER_VERIFY_REQUEST_HOSTNAME` | Verify the hostname of the request against the hostname of the OCM provider.| @@ -484,7 +484,7 @@ | Directory where the ocm storage provider persists its data like tus upload info files.| | | `OCM_OCM_CORE_JSON_FILE` -| Path to the JSON file where OCM share data will be stored. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage.| +| Path to the JSON file where OCM share data will be stored. If not defined, the root directory derives from $OC_BASE_DATA_PATH:/storage.| | | `OCM_OCM_SHARE_PROVIDER_DRIVER` | Driver to be used to persist ocm shares. Supported value is only 'json'.| `json` @@ -496,7 +496,7 @@ | Template for the webapp url.| | | `OCM_OCM_SHAREPROVIDER_JSON_FILE` -| Path to the JSON file where OCM share data will be stored. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage.| +| Path to the JSON file where OCM share data will be stored. If not defined, the root directory derives from $OC_BASE_DATA_PATH:/storage.| | | `OCM_DEBUG_ADDR` @@ -512,88 +512,88 @@ | Enables zpages, which can be used for collecting and viewing in-memory traces.| | -| `OCIS_LOG_LEVEL` + +| `OC_LOG_LEVEL` + `OCM_LOG_LEVEL` | The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'."| | -| `OCIS_LOG_PRETTY` + +| `OC_LOG_PRETTY` + `OCM_LOG_PRETTY` | Activates pretty log output.| | -| `OCIS_LOG_COLOR` + +| `OC_LOG_COLOR` + `OCM_LOG_COLOR` | Activates colorized log output.| | -| `OCIS_LOG_FILE` + +| `OC_LOG_FILE` + `OCM_LOG_FILE` | The path to the log file. Activates logging to this file if set.| | -| `OCIS_TRACING_ENABLED` + +| `OC_TRACING_ENABLED` + `OCM_TRACING_ENABLED` | Activates tracing.| | -| `OCIS_TRACING_TYPE` + +| `OC_TRACING_TYPE` + `OCM_TRACING_TYPE` | The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now."` | | -| `OCIS_TRACING_ENDPOINT` + +| `OC_TRACING_ENDPOINT` + `OCM_TRACING_ENDPOINT` | The endpoint of the tracing agent.| | -| `OCIS_TRACING_COLLECTOR` + +| `OC_TRACING_COLLECTOR` + `OCM_TRACING_COLLECTOR` | The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset.| | xref:{s-path}/ocs.adoc[ocs] -| `OCIS_CACHE_STORE` + +| `OC_CACHE_STORE` + `OCS_PRESIGNEDURL_SIGNING_KEYS_STORE` | The type of the signing key store. Supported values are: 'redis-sentinel' and 'nats-js-kv'. See the text description for details.| | -| `OCIS_CACHE_STORE_NODES` + +| `OC_CACHE_STORE_NODES` + `OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES` | A list of nodes to access the configured store. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details.| | -| `OCIS_CACHE_TTL` + +| `OC_CACHE_TTL` + `OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_TTL` | Default time to live for signing keys. See the Environment Variable Types description for more details.| | -| `OCIS_CACHE_AUTH_USERNAME` + +| `OC_CACHE_AUTH_USERNAME` + `OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_USERNAME` | The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured.| | -| `OCIS_CACHE_AUTH_PASSWORD` + +| `OC_CACHE_AUTH_PASSWORD` + `OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_PASSWORD` | The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured.| | xref:{s-path}/policies.adoc[policies] -| `OCIS_EVENTS_AUTH_USERNAME` + +| `OC_EVENTS_AUTH_USERNAME` + `POLICIES_EVENTS_AUTH_USERNAME` | The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.| | -| `OCIS_EVENTS_AUTH_PASSWORD` + +| `OC_EVENTS_AUTH_PASSWORD` + `POLICIES_EVENTS_AUTH_PASSWORD` | The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.| | -| `OCIS_TRACING_ENABLED` + +| `OC_TRACING_ENABLED` + `POLICIES_TRACING_ENABLED` | Activates tracing.| | -| `OCIS_TRACING_TYPE` + +| `OC_TRACING_TYPE` + `POLICIES_TRACING_TYPE` | The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now."` | | -| `OCIS_TRACING_ENDPOINT` + +| `OC_TRACING_ENDPOINT` + `POLICIES_TRACING_ENDPOINT` | The endpoint of the tracing agent.| | -| `OCIS_TRACING_COLLECTOR` + +| `OC_TRACING_COLLECTOR` + `POLICIES_TRACING_COLLECTOR` | The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset.| @@ -604,93 +604,93 @@ | `POSTPROCESSING_MAX_RETRIES` | The maximum number of retries for a failed postprocessing step.| | -| `OCIS_EVENTS_AUTH_USERNAME` + +| `OC_EVENTS_AUTH_USERNAME` + `POSTPROCESSING_EVENTS_AUTH_USERNAME` | The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.| | -| `OCIS_EVENTS_AUTH_PASSWORD` + +| `OC_EVENTS_AUTH_PASSWORD` + `POSTPROCESSING_EVENTS_AUTH_PASSWORD` | The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.| | -| `OCIS_PERSISTENT_STORE_AUTH_USERNAME` + +| `OC_PERSISTENT_STORE_AUTH_USERNAME` + `POSTPROCESSING_STORE_AUTH_USERNAME` | The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured.| | -| `OCIS_PERSISTENT_STORE_AUTH_PASSWORD` + +| `OC_PERSISTENT_STORE_AUTH_PASSWORD` + `POSTPROCESSING_STORE_AUTH_PASSWORD` | The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured.| | -| `OCIS_TRACING_ENABLED` + +| `OC_TRACING_ENABLED` + `POSTPROCESSING_TRACING_ENABLED` | Activates tracing.| | -| `OCIS_TRACING_TYPE` + +| `OC_TRACING_TYPE` + `POSTPROCESSING_TRACING_TYPE` | The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now."` | | -| `OCIS_TRACING_ENDPOINT` + +| `OC_TRACING_ENDPOINT` + `POSTPROCESSING_TRACING_ENDPOINT` | The endpoint of the tracing agent.| | -| `OCIS_TRACING_COLLECTOR` + +| `OC_TRACING_COLLECTOR` + `POSTPROCESSING_TRACING_COLLECTOR` | The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset.| | xref:{s-path}/proxy.adoc[proxy] -| `OCIS_CACHE_AUTH_USERNAME` + +| `OC_CACHE_AUTH_USERNAME` + `PROXY_OIDC_USERINFO_CACHE_AUTH_USERNAME` | The username to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured.| | -| `OCIS_CACHE_AUTH_PASSWORD` + +| `OC_CACHE_AUTH_PASSWORD` + `PROXY_OIDC_USERINFO_CACHE_AUTH_PASSWORD` | The password to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured.| | -| `OCIS_CACHE_STORE` + +| `OC_CACHE_STORE` + `PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE` | The type of the signing key store. Supported values are: 'redis-sentinel' and 'nats-js-kv'. See the text description for details.| | -| `OCIS_CACHE_STORE_NODES` + +| `OC_CACHE_STORE_NODES` + `PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES` | A list of nodes to access the configured store. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details.| | -| `OCIS_CACHE_TTL` + +| `OC_CACHE_TTL` + `PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_TTL` | Default time to live for signing keys. See the Environment Variable Types description for more details.| | -| `OCIS_CACHE_DISABLE_PERSISTENCE` + +| `OC_CACHE_DISABLE_PERSISTENCE` + `PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_DISABLE_PERSISTENCE` | Disables persistence of the store. Only applies when store type 'nats-js-kv' is configured. Defaults to true.| | -| `OCIS_CACHE_AUTH_USERNAME` + +| `OC_CACHE_AUTH_USERNAME` + `PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_USERNAME` | The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured.| | -| `OCIS_CACHE_AUTH_PASSWORD` + +| `OC_CACHE_AUTH_PASSWORD` + `PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_PASSWORD` | The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured.| | -| `OCIS_SERVICE_ACCOUNT_ID` + +| `OC_SERVICE_ACCOUNT_ID` + `PROXY_SERVICE_ACCOUNT_ID` | The ID of the service account the service should use. See the 'auth-service' service description for more details.| | -| `OCIS_SERVICE_ACCOUNT_SECRET` + +| `OC_SERVICE_ACCOUNT_SECRET` + `PROXY_SERVICE_ACCOUNT_SECRET` | The service account secret.| | xref:{s-path}/search.adoc[search] -| `OCIS_SERVICE_ACCOUNT_ID` + +| `OC_SERVICE_ACCOUNT_ID` + `SEARCH_SERVICE_ACCOUNT_ID` | The ID of the service account the service should use. See the 'auth-service' service description for more details.| | -| `OCIS_SERVICE_ACCOUNT_SECRET` + +| `OC_SERVICE_ACCOUNT_SECRET` + `SEARCH_SERVICE_ACCOUNT_SECRET` | The service account secret.| @@ -699,101 +699,101 @@ | Defines if stop words should be cleaned or not. See the documentation for more details.| | -| `OCIS_EVENTS_AUTH_USERNAME` + +| `OC_EVENTS_AUTH_USERNAME` + `SEARCH_EVENTS_AUTH_USERNAME` | The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.| | -| `OCIS_EVENTS_AUTH_PASSWORD` + +| `OC_EVENTS_AUTH_PASSWORD` + `SEARCH_EVENTS_AUTH_PASSWORD` | The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.| | xref:{s-path}/settings.adoc[settings] | `SETTINGS_SERVICE_ACCOUNT_IDS` + -`OCIS_SERVICE_ACCOUNT_ID` -| The list of all service account IDs. These will be assigned the hidden 'service-account' role. Note: When using 'OCIS_SERVICE_ACCOUNT_ID' this will contain only one value while 'SETTINGS_SERVICE_ACCOUNT_IDS' can have multiple. See the 'auth-service' service description for more details about service accounts.| +`OC_SERVICE_ACCOUNT_ID` +| The list of all service account IDs. These will be assigned the hidden 'service-account' role. Note: When using 'OC_SERVICE_ACCOUNT_ID' this will contain only one value while 'SETTINGS_SERVICE_ACCOUNT_IDS' can have multiple. See the 'auth-service' service description for more details about service accounts.| | -| `OCIS_DEFAULT_LANGUAGE` +| `OC_DEFAULT_LANGUAGE` | The default language used by services and the WebUI. If not defined, English will be used as default. See the documentation for more details.| | -| `OCIS_CACHE_DISABLE_PERSISTENCE` + +| `OC_CACHE_DISABLE_PERSISTENCE` + `SETTINGS_CACHE_DISABLE_PERSISTENCE` | Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false.| | -| `OCIS_CACHE_AUTH_USERNAME` + +| `OC_CACHE_AUTH_USERNAME` + `SETTINGS_CACHE_AUTH_USERNAME` | The username to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured.| | -| `OCIS_CACHE_AUTH_PASSWORD` + +| `OC_CACHE_AUTH_PASSWORD` + `SETTINGS_CACHE_AUTH_PASSWORD` | The password to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured.| | -| `OCIS_EVENTS_AUTH_USERNAME` + +| `OC_EVENTS_AUTH_USERNAME` + `SETTINGS_EVENTS_AUTH_USERNAME` | The username to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured.| | -| `OCIS_EVENTS_AUTH_PASSWORD` + +| `OC_EVENTS_AUTH_PASSWORD` + `SETTINGS_EVENTS_AUTH_PASSWORD` | The password to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured.| | xref:{s-path}/sharing.adoc[sharing] -| `OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD` + +| `OC_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD` + `SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD` -| Set this to true if you want to enforce passwords on Uploader, Editor or Contributor shares. If not using the global OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD, you must define the FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD in the frontend service.| +| Set this to true if you want to enforce passwords on Uploader, Editor or Contributor shares. If not using the global OC_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD, you must define the FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD in the frontend service.| | -| `OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD` + +| `OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD` + `SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD` | Set this to true if you want to enforce passwords on all public shares.| | -| `OCIS_EVENTS_AUTH_USERNAME` + +| `OC_EVENTS_AUTH_USERNAME` + `SHARING_EVENTS_AUTH_USERNAME` | Username for the events broker.| | -| `OCIS_EVENTS_AUTH_PASSWORD` + +| `OC_EVENTS_AUTH_PASSWORD` + `SHARING_EVENTS_AUTH_PASSWORD` | Password for the events broker.| | -| `OCIS_PASSWORD_POLICY_DISABLED` + +| `OC_PASSWORD_POLICY_DISABLED` + `SHARING_PASSWORD_POLICY_DISABLED` | Disable the password policy. Defaults to false if not set.| | -| `OCIS_PASSWORD_POLICY_MIN_CHARACTERS` + +| `OC_PASSWORD_POLICY_MIN_CHARACTERS` + `SHARING_PASSWORD_POLICY_MIN_CHARACTERS` | Define the minimum password length. Defaults to 0 if not set.| 0 | -| `OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS` + +| `OC_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS` + `SHARING_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS` | Define the minimum number of lowercase characters. Defaults to 0 if not set.| 0 | -| `OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS` + +| `OC_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS` + `SHARING_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS` | Define the minimum number of uppercase characters. Defaults to 0 if not set.| 0 | -| `OCIS_PASSWORD_POLICY_MIN_DIGITS` + +| `OC_PASSWORD_POLICY_MIN_DIGITS` + `SHARING_PASSWORD_POLICY_MIN_DIGITS` | Define the minimum number of digits. Defaults to 0 if not set.| 0 | -| `OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS` + +| `OC_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS` + `SHARING_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS` | Define the minimum number of special characters. Defaults to 0 if not set.| 0 | -| `OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST` + +| `OC_PASSWORD_POLICY_BANNED_PASSWORDS_LIST` + `SHARING_PASSWORD_POLICY_BANNED_PASSWORDS_LIST` | Path to the 'banned passwords list' file. See the documentation for more details.| | xref:{s-path}/sse.adoc[sse] -| `OCIS_LOG_LEVEL` + +| `OC_LOG_LEVEL` + `SSE_LOG_LEVEL` | The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'."| | -| `OCIS_LOG_PRETTY` + +| `OC_LOG_PRETTY` + `SSE_LOG_PRETTY` | Activates pretty log output.| | -| `OCIS_LOG_COLOR` + +| `OC_LOG_COLOR` + `SSE_LOG_COLOR` | Activates colorized log output.| | -| `OCIS_LOG_FILE` + +| `OC_LOG_FILE` + `SSE_LOG_FILE` | The path to the log file. Activates logging to this file if set.| | @@ -809,47 +809,47 @@ | `SSE_DEBUG_ZPAGES` | Enables zpages, which can be used for collecting and viewing in-memory traces.| | -| `OCIS_EVENTS_ENDPOINT` + +| `OC_EVENTS_ENDPOINT` + `SSE_EVENTS_ENDPOINT` | The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture.| | -| `OCIS_EVENTS_CLUSTER` + +| `OC_EVENTS_CLUSTER` + `SSE_EVENTS_CLUSTER` | The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system.| | -| `OCIS_INSECURE` + +| `OC_INSECURE` + `SSE_EVENTS_TLS_INSECURE` | Whether to verify the server TLS certificates.| | -| `OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE` + +| `OC_EVENTS_TLS_ROOT_CA_CERTIFICATE` + `SSE_EVENTS_TLS_ROOT_CA_CERTIFICATE` | The root CA certificate used to validate the server's TLS certificate. If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false.| | -| `OCIS_EVENTS_ENABLE_TLS` + +| `OC_EVENTS_ENABLE_TLS` + `SSE_EVENTS_ENABLE_TLS` | Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services.| | -| `OCIS_EVENTS_AUTH_USERNAME` + +| `OC_EVENTS_AUTH_USERNAME` + `SSE_EVENTS_AUTH_USERNAME` | The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.| | -| `OCIS_EVENTS_AUTH_PASSWORD` + +| `OC_EVENTS_AUTH_PASSWORD` + `SSE_EVENTS_AUTH_PASSWORD` | The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.| | -| `OCIS_CORS_ALLOW_ORIGINS` + +| `OC_CORS_ALLOW_ORIGINS` + `SSE_CORS_ALLOW_ORIGINS` | A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details.| | -| `OCIS_CORS_ALLOW_METHODS` + +| `OC_CORS_ALLOW_METHODS` + `SSE_CORS_ALLOW_METHODS` | A list of allowed CORS methods. See following chapter for more details: *Access-Control-Allow-Methods* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods. See the Environment Variable Types description for more details.| | -| `OCIS_CORS_ALLOW_HEADERS` + +| `OC_CORS_ALLOW_HEADERS` + `SSE_CORS_ALLOW_HEADERS` | A list of allowed CORS headers. See following chapter for more details: *Access-Control-Allow-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers. See the Environment Variable Types description for more details.| | -| `OCIS_CORS_ALLOW_CREDENTIALS` + +| `OC_CORS_ALLOW_CREDENTIALS` + `SSE_CORS_ALLOW_CREDENTIALS` | Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.| | @@ -859,126 +859,126 @@ | `SSE_HTTP_ROOT` | The root path of the HTTP service.| | -| `OCIS_JWT_SECRET` + +| `OC_JWT_SECRET` + `SSE_JWT_SECRET` | The secret to mint and validate jwt tokens.| | -| `OCIS_TRACING_ENABLED` + +| `OC_TRACING_ENABLED` + `SSE_TRACING_ENABLED` | Activates tracing.| | -| `OCIS_TRACING_TYPE` + +| `OC_TRACING_TYPE` + `SSE_TRACING_TYPE` | The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now."` | | -| `OCIS_TRACING_ENDPOINT` + +| `OC_TRACING_ENDPOINT` + `SSE_TRACING_ENDPOINT` | The endpoint of the tracing agent.| | -| `OCIS_TRACING_COLLECTOR` + +| `OC_TRACING_COLLECTOR` + `SSE_TRACING_COLLECTOR` | The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset.| | xref:{s-path}/storage-system.adoc[storage-system] -| `OCIS_CACHE_DISABLE_PERSISTENCE` + +| `OC_CACHE_DISABLE_PERSISTENCE` + `STORAGE_SYSTEM_CACHE_DISABLE_PERSISTENCE` | Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false.| false | -| `OCIS_CACHE_AUTH_USERNAME` + +| `OC_CACHE_AUTH_USERNAME` + `STORAGE_SYSTEM_CACHE_AUTH_USERNAME` | Username for the configured store. Only applies when store type 'nats-js-kv' is configured.| | -| `OCIS_CACHE_AUTH_PASSWORD` + +| `OC_CACHE_AUTH_PASSWORD` + `STORAGE_SYSTEM_CACHE_AUTH_PASSWORD` | Password for the configured store. Only applies when store type 'nats-js-kv' is configured.| | -| `OCIS_MACHINE_AUTH_API_KEY` + +| `OC_MACHINE_AUTH_API_KEY` + `STORAGE_USERS_MACHINE_AUTH_API_KEY` | Machine auth API key used to validate internal requests necessary for the access to resources from other services.| | xref:{s-path}/storage-users.adoc[storage-users] -| `OCIS_GATEWAY_GRPC_ADDR` + +| `OC_GATEWAY_GRPC_ADDR` + `STORAGE_USERS_GATEWAY_GRPC_ADDR` | The bind address of the gateway GRPC address.| | -| `OCIS_MACHINE_AUTH_API_KEY` + +| `OC_MACHINE_AUTH_API_KEY` + `STORAGE_USERS_MACHINE_AUTH_API_KEY` | Machine auth API key used to validate internal requests necessary for the access to resources from other services.| | | `STORAGE_USERS_CLI_MAX_ATTEMPTS_RENAME_FILE` | The maximum number of attempts to rename a file when a user restores a file to an existing destination with the same name. The minimum value is 100.| | -| `OCIS_EVENTS_AUTH_USERNAME` + +| `OC_EVENTS_AUTH_USERNAME` + `STORAGE_USERS_EVENTS_AUTH_USERNAME` | The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.| | -| `OCIS_EVENTS_AUTH_PASSWORD` + +| `OC_EVENTS_AUTH_PASSWORD` + `STORAGE_USERS_EVENTS_AUTH_PASSWORD` | The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.| | -| `OCIS_CACHE_DISABLE_PERSISTENCE` + +| `OC_CACHE_DISABLE_PERSISTENCE` + `STORAGE_USERS_STAT_CACHE_DISABLE_PERSISTENCE` | Disables persistence of the stat cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false.| false | -| `OCIS_CACHE_DISABLE_PERSISTENCE` + +| `OC_CACHE_DISABLE_PERSISTENCE` + `STORAGE_USERS_FILEMETADATA_CACHE_DISABLE_PERSISTENCE` | Disables persistence of the file metadata cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false.| false | -| `OCIS_CACHE_AUTH_USERNAME` + +| `OC_CACHE_AUTH_USERNAME` + `STORAGE_USERS_FILEMETADATA_CACHE_AUTH_USERNAME` | The username to authenticate with the cache store. Only applies when store type 'nats-js-kv' is configured.| | -| `OCIS_CACHE_AUTH_PASSWORD` + +| `OC_CACHE_AUTH_PASSWORD` + `STORAGE_USERS_FILEMETADATA_CACHE_AUTH_PASSWORD` | The password to authenticate with the cache store. Only applies when store type 'nats-js-kv' is configured.| | -| `OCIS_CACHE_DISABLE_PERSISTENCE` + +| `OC_CACHE_DISABLE_PERSISTENCE` + `STORAGE_USERS_ID_CACHE_DISABLE_PERSISTENCE` | Disables persistence of the id cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false.| false | -| `OCIS_CACHE_AUTH_USERNAME` + +| `OC_CACHE_AUTH_USERNAME` + `STORAGE_USERS_ID_CACHE_AUTH_USERNAME` | The username to authenticate with the cache store. Only applies when store type 'nats-js-kv' is configured.| | -| `OCIS_CACHE_AUTH_PASSWORD` + +| `OC_CACHE_AUTH_PASSWORD` + `STORAGE_USERS_ID_CACHE_AUTH_PASSWORD` | The password to authenticate with the cache store. Only applies when store type 'nats-js-kv' is configured.| | -| `OCIS_SERVICE_ACCOUNT_ID` + +| `OC_SERVICE_ACCOUNT_ID` + `STORAGE_USERS_SERVICE_ACCOUNT_ID` | The ID of the service account the service should use. See the 'auth-service' service description for more details.| | -| `OCIS_SERVICE_ACCOUNT_SECRET` + +| `OC_SERVICE_ACCOUNT_SECRET` + `STORAGE_USERS_SERVICE_ACCOUNT_SECRET` | The service account secret.| | xref:{s-path}/userlog.adoc[userlog] -| `OCIS_DEFAULT_LANGUAGE` +| `OC_DEFAULT_LANGUAGE` | The default language used by services and the WebUI. If not defined, English will be used as default. See the documentation for more details.| | -| `OCIS_PERSISTENT_STORE_AUTH_USERNAME` + +| `OC_PERSISTENT_STORE_AUTH_USERNAME` + `USERLOG_STORE_AUTH_USERNAME` | The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured.| | -| `OCIS_PERSISTENT_STORE_AUTH_PASSWORD` + +| `OC_PERSISTENT_STORE_AUTH_PASSWORD` + `USERLOG_STORE_AUTH_PASSWORD` | The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured.| | -| `OCIS_EVENTS_AUTH_USERNAME` + +| `OC_EVENTS_AUTH_USERNAME` + `USERLOG_EVENTS_AUTH_USERNAME` | The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.| | -| `OCIS_EVENTS_AUTH_PASSWORD` + +| `OC_EVENTS_AUTH_PASSWORD` + `USERLOG_EVENTS_AUTH_PASSWORD` | The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.| | -| `OCIS_SERVICE_ACCOUNT_ID` + +| `OC_SERVICE_ACCOUNT_ID` + `USERLOG_SERVICE_ACCOUNT_ID` | The ID of the service account the service should use. See the 'auth-service' service description for more details.| | -| `OCIS_SERVICE_ACCOUNT_SECRET` + +| `OC_SERVICE_ACCOUNT_SECRET` + `USERLOG_SERVICE_ACCOUNT_SECRET` | The service account secret.| diff --git a/docs/services/general-info/env-var-deltas/4.0.0-5.0.0-added.md b/docs/services/general-info/env-var-deltas/4.0.0-5.0.0-added.md index 3e273a99a..ab8c659c9 100644 --- a/docs/services/general-info/env-var-deltas/4.0.0-5.0.0-added.md +++ b/docs/services/general-info/env-var-deltas/4.0.0-5.0.0-added.md @@ -2,118 +2,118 @@ | File | Variable | Description | Default | |-----------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------| -| ocis-pkg/shared/shared_types.go | `OCIS_CACHE_DISABLE_PERSISTENCE` | Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured. | `false` | +| ocis-pkg/shared/shared_types.go | `OC_CACHE_DISABLE_PERSISTENCE` | Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured. | `false` | | ocis-pkg/registry/registry.go | `MICRO_REGISTRY` (important change) | The Go micro registry type to use. Supported types are: 'memory', 'nats-js-kv' (default) and 'kubernetes'. Note that 'nats', 'etcd', 'consul' and 'mdns' are deprecated and will be removed in a later version. Only change on supervision of ownCloud Support. | `nats-js-kv` | | ocis-pkg/natsjsregistry/registry.go | `MICRO_REGISTRY_AUTH_USERNAME` | Optional when using nats to authenticate with the nats cluster. | | | | `MICRO_REGISTRY_AUTH_PASSWORD` | Optional when using nats to authenticate with the nats cluster. | | -| services/antivirus/pkg/config/config.go | `OCIS_EVENTS_AUTH_USERNAME` | The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | -| | `OCIS_EVENTS_AUTH_PASSWORD` | The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | +| services/antivirus/pkg/config/config.go | `OC_EVENTS_AUTH_USERNAME` | The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | +| | `OC_EVENTS_AUTH_PASSWORD` | The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | | | `ANTIVIRUS_ICAP_SCAN_TIMEOUT` | Scan timeout for the ICAP client. Defaults to '5m' (5 minutes). See the Environment Variable Types description for more details. | 5m0s | -| services/audit/pkg/config/config.go | `OCIS_EVENTS_AUTH_USERNAME` | The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | -| | `OCIS_EVENTS_AUTH_PASSWORD` | The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | -| services/auth-service/pkg/config/config.go | `OCIS_LOG_LEVEL;AUTH_SERVICE_LOG_LEVEL` | The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." | | -| | `OCIS_LOG_PRETTY;AUTH_SERVICE_LOG_PRETTY` | Activates pretty log output. | | -| | `OCIS_LOG_COLOR;AUTH_SERVICE_LOG_COLOR` | Activates colorized log output. | | -| | `OCIS_LOG_FILE;AUTH_SERVICE_LOG_FILE` | The path to the log file. Activates logging to this file if set. | | +| services/audit/pkg/config/config.go | `OC_EVENTS_AUTH_USERNAME` | The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | +| | `OC_EVENTS_AUTH_PASSWORD` | The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | +| services/auth-service/pkg/config/config.go | `OC_LOG_LEVEL;AUTH_SERVICE_LOG_LEVEL` | The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." | | +| | `OC_LOG_PRETTY;AUTH_SERVICE_LOG_PRETTY` | Activates pretty log output. | | +| | `OC_LOG_COLOR;AUTH_SERVICE_LOG_COLOR` | Activates colorized log output. | | +| | `OC_LOG_FILE;AUTH_SERVICE_LOG_FILE` | The path to the log file. Activates logging to this file if set. | | | | `AUTH_SERVICE_DEBUG_ADDR` | Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. | | | | `AUTH_SERVICE_DEBUG_PPROF` | Enables pprof, which can be used for profiling. | | | | `AUTH_SERVICE_DEBUG_TOKEN` | Enables pprof, which can be used for profiling. | | | | `AUTH_SERVICE_DEBUG_ZPAGES` | Enables zpages, which can be used for collecting and viewing in-memory traces. | | | | `AUTH_SERVICE_GRPC_ADDR` | The bind address of the GRPC service. | | | | `AUTH_SERVICE_GRPC_PROTOCOL` | The transport protocol of the GRPC service. | | -| | `OCIS_SERVICE_ACCOUNT_ID;AUTH_SERVICE_SERVICE_ACCOUNT_ID` | The ID of the service account the service should use. See the 'auth-service' service description for more details. | | -| | `OCIS_SERVICE_ACCOUNT_SECRET;AUTH_SERVICE_SERVICE_ACCOUNT_SECRET` | The service account secret. | | -| services/auth-service/pkg/config/reva.go | `OCIS_JWT_SECRET;AUTH_SERVICE_JWT_SECRET` | The secret to mint and validate jwt tokens. | | -| services/auth-service/pkg/config/tracing.go | `OCIS_TRACING_ENABLED;AUTH_SERVICE_TRACING_ENABLED` | Activates tracing. | | -| | `OCIS_TRACING_TYPE;AUTH_SERVICE_TRACING_TYPE` | The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now."` | | -| | `OCIS_TRACING_ENDPOINT;AUTH_SERVICE_TRACING_ENDPOINT` | The endpoint of the tracing agent. | | -| | `OCIS_TRACING_COLLECTOR;AUTH_SERVICE_TRACING_COLLECTOR` | The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. | | -| services/clientlog/pkg/config/config.go | `OCIS_REVA_GATEWAY;CLIENTLOG_REVA_GATEWAY` | CS3 gateway used to look up user metadata | | -| | `OCIS_EVENTS_ENDPOINT;CLIENTLOG_EVENTS_ENDPOINT` | The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. | | -| | `OCIS_EVENTS_CLUSTER;CLIENTLOG_EVENTS_CLUSTER` | The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system. | | -| | `OCIS_INSECURE;CLIENTLOG_EVENTS_TLS_INSECURE` | Whether to verify the server TLS certificates. | | -| | `OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;CLIENTLOG_EVENTS_TLS_ROOT_CA_CERTIFICATE` | The root CA certificate used to validate the server's TLS certificate. If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false. | | -| | `OCIS_EVENTS_ENABLE_TLS;CLIENTLOG_EVENTS_ENABLE_TLS` | Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services.. | | -| | `OCIS_EVENTS_AUTH_USERNAME;CLIENTLOG_EVENTS_AUTH_USERNAME` | The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.. | | -| | `OCIS_EVENTS_AUTH_PASSWORD;CLIENTLOG_EVENTS_AUTH_PASSWORD` | The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.. | | -| | `OCIS_JWT_SECRET;CLIENTLOG_JWT_SECRET` | The secret to mint and validate jwt tokens. | | -| | `OCIS_SERVICE_ACCOUNT_ID;CLIENTLOG_SERVICE_ACCOUNT_ID` | The ID of the service account the service should use. See the 'auth-service' service description for more details. | | -| | `OCIS_SERVICE_ACCOUNT_SECRET;CLIENTLOG_SERVICE_ACCOUNT_SECRET` | The service account secret. | | +| | `OC_SERVICE_ACCOUNT_ID;AUTH_SERVICE_SERVICE_ACCOUNT_ID` | The ID of the service account the service should use. See the 'auth-service' service description for more details. | | +| | `OC_SERVICE_ACCOUNT_SECRET;AUTH_SERVICE_SERVICE_ACCOUNT_SECRET` | The service account secret. | | +| services/auth-service/pkg/config/reva.go | `OC_JWT_SECRET;AUTH_SERVICE_JWT_SECRET` | The secret to mint and validate jwt tokens. | | +| services/auth-service/pkg/config/tracing.go | `OC_TRACING_ENABLED;AUTH_SERVICE_TRACING_ENABLED` | Activates tracing. | | +| | `OC_TRACING_TYPE;AUTH_SERVICE_TRACING_TYPE` | The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now."` | | +| | `OC_TRACING_ENDPOINT;AUTH_SERVICE_TRACING_ENDPOINT` | The endpoint of the tracing agent. | | +| | `OC_TRACING_COLLECTOR;AUTH_SERVICE_TRACING_COLLECTOR` | The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. | | +| services/clientlog/pkg/config/config.go | `OC_REVA_GATEWAY;CLIENTLOG_REVA_GATEWAY` | CS3 gateway used to look up user metadata | | +| | `OC_EVENTS_ENDPOINT;CLIENTLOG_EVENTS_ENDPOINT` | The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. | | +| | `OC_EVENTS_CLUSTER;CLIENTLOG_EVENTS_CLUSTER` | The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system. | | +| | `OC_INSECURE;CLIENTLOG_EVENTS_TLS_INSECURE` | Whether to verify the server TLS certificates. | | +| | `OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;CLIENTLOG_EVENTS_TLS_ROOT_CA_CERTIFICATE` | The root CA certificate used to validate the server's TLS certificate. If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false. | | +| | `OC_EVENTS_ENABLE_TLS;CLIENTLOG_EVENTS_ENABLE_TLS` | Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services.. | | +| | `OC_EVENTS_AUTH_USERNAME;CLIENTLOG_EVENTS_AUTH_USERNAME` | The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.. | | +| | `OC_EVENTS_AUTH_PASSWORD;CLIENTLOG_EVENTS_AUTH_PASSWORD` | The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.. | | +| | `OC_JWT_SECRET;CLIENTLOG_JWT_SECRET` | The secret to mint and validate jwt tokens. | | +| | `OC_SERVICE_ACCOUNT_ID;CLIENTLOG_SERVICE_ACCOUNT_ID` | The ID of the service account the service should use. See the 'auth-service' service description for more details. | | +| | `OC_SERVICE_ACCOUNT_SECRET;CLIENTLOG_SERVICE_ACCOUNT_SECRET` | The service account secret. | | | services/clientlog/pkg/config/debug.go | `CLIENTLOG_DEBUG_ADDR` | Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. | | | | `CLIENTLOG_DEBUG_TOKEN` | Token to secure the metrics endpoint. | | | | `CLIENTLOG_DEBUG_PPROF` | Enables pprof, which can be used for profiling. | | | | `CLIENTLOG_DEBUG_ZPAGES` | Enables zpages, which can be used for collecting and viewing in-memory traces. | | -| services/clientlog/pkg/config/log.go | `OCIS_LOG_LEVEL;CLIENTLOG_USERLOG_LOG_LEVEL` | The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." | | -| | `OCIS_LOG_PRETTY;CLIENTLOG_USERLOG_LOG_PRETTY` | Activates pretty log output. | | -| | `OCIS_LOG_COLOR;CLIENTLOG_USERLOG_LOG_COLOR` | Activates colorized log output. | | -| | `OCIS_LOG_FILE;CLIENTLOG_USERLOG_LOG_FILE` | The path to the log file. Activates logging to this file if set. | | -| services/clientlog/pkg/config/tracing.go | `OCIS_TRACING_ENABLED;CLIENTLOG_TRACING_ENABLED` | Activates tracing. | | -| | `OCIS_TRACING_TYPE;CLIENTLOG_TRACING_TYPE` | The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now."` | | -| | `OCIS_TRACING_ENDPOINT;CLIENTLOG_TRACING_ENDPOINT` | The endpoint of the tracing agent. | | -| | `OCIS_TRACING_COLLECTOR;CLIENTLOG_TRACING_COLLECTOR` | The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. | | -| services/eventhistory/pkg/config/config.go | `OCIS_PERSISTENT_STORE_AUTH_USERNAME;EVENTHISTORY_STORE_AUTH_USERNAME` | The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. | | -| | `OCIS_PERSISTENT_STORE_AUTH_PASSWORD;EVENTHISTORY_STORE_AUTH_PASSWORD` | The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. | | -| | `OCIS_EVENTS_AUTH_USERNAME;EVENTHISTORY_EVENTS_AUTH_USERNAME` | The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | -| | `OCIS_EVENTS_AUTH_PASSWORD;EVENTHISTORY_EVENTS_AUTH_PASSWORD` | The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | -| services/frontend/pkg/config/config.go | `OCIS_ENABLE_RESHARING` | Changing this value is NOT supported. Enables the support for resharing in the clients. | | +| services/clientlog/pkg/config/log.go | `OC_LOG_LEVEL;CLIENTLOG_USERLOG_LOG_LEVEL` | The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." | | +| | `OC_LOG_PRETTY;CLIENTLOG_USERLOG_LOG_PRETTY` | Activates pretty log output. | | +| | `OC_LOG_COLOR;CLIENTLOG_USERLOG_LOG_COLOR` | Activates colorized log output. | | +| | `OC_LOG_FILE;CLIENTLOG_USERLOG_LOG_FILE` | The path to the log file. Activates logging to this file if set. | | +| services/clientlog/pkg/config/tracing.go | `OC_TRACING_ENABLED;CLIENTLOG_TRACING_ENABLED` | Activates tracing. | | +| | `OC_TRACING_TYPE;CLIENTLOG_TRACING_TYPE` | The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now."` | | +| | `OC_TRACING_ENDPOINT;CLIENTLOG_TRACING_ENDPOINT` | The endpoint of the tracing agent. | | +| | `OC_TRACING_COLLECTOR;CLIENTLOG_TRACING_COLLECTOR` | The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. | | +| services/eventhistory/pkg/config/config.go | `OC_PERSISTENT_STORE_AUTH_USERNAME;EVENTHISTORY_STORE_AUTH_USERNAME` | The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. | | +| | `OC_PERSISTENT_STORE_AUTH_PASSWORD;EVENTHISTORY_STORE_AUTH_PASSWORD` | The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. | | +| | `OC_EVENTS_AUTH_USERNAME;EVENTHISTORY_EVENTS_AUTH_USERNAME` | The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | +| | `OC_EVENTS_AUTH_PASSWORD;EVENTHISTORY_EVENTS_AUTH_PASSWORD` | The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | +| services/frontend/pkg/config/config.go | `OC_ENABLE_RESHARING` | Changing this value is NOT supported. Enables the support for resharing in the clients. | | | | `FRONTEND_DEFAULT_LINK_PERMISSIONS` | Defines the default permissions a link is being created with. Possible values are 0 (= internal link, for instance members only) and 1 (= public link with viewer permissions). Defaults to 1. | | | | `FRONTEND_AUTO_ACCEPT_SHARES` | Defines if shares should be auto accepted by default. Users can change this setting individually in their profile. | true | -| | `OCIS_CACHE_DISABLE_PERSISTENCE;FRONTEND_OCS_STAT_CACHE_DISABLE_PERSISTENCE` | Disable persistence of the cache. Only applies when using the 'nats-js-kv' store type. Defaults to false. | false | -| | `OCIS_CACHE_AUTH_USERNAME;FRONTEND_OCS_STAT_CACHE_AUTH_USERNAME` | The username to use for authentication. Only applies when using the 'nats-js-kv' store type. | | -| | `OCIS_CACHE_AUTH_PASSWORD;FRONTEND_OCS_STAT_CACHE_AUTH_PASSWORD` | The password to use for authentication. Only applies when using the 'nats-js-kv' store type. | | +| | `OC_CACHE_DISABLE_PERSISTENCE;FRONTEND_OCS_STAT_CACHE_DISABLE_PERSISTENCE` | Disable persistence of the cache. Only applies when using the 'nats-js-kv' store type. Defaults to false. | false | +| | `OC_CACHE_AUTH_USERNAME;FRONTEND_OCS_STAT_CACHE_AUTH_USERNAME` | The username to use for authentication. Only applies when using the 'nats-js-kv' store type. | | +| | `OC_CACHE_AUTH_PASSWORD;FRONTEND_OCS_STAT_CACHE_AUTH_PASSWORD` | The password to use for authentication. Only applies when using the 'nats-js-kv' store type. | | | | `FRONTEND_OCS_LIST_OCM_SHARES` | Include OCM shares when listing shares. See the OCM service documentation for more details. | | -| | `OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD` | Set this to true if you want to enforce passwords on all public shares. | | -| | `OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD` | Set this to true if you want to enforce passwords on Uploader, Editor or Contributor shares. | | +| | `OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD` | Set this to true if you want to enforce passwords on all public shares. | | +| | `OC_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD` | Set this to true if you want to enforce passwords on Uploader, Editor or Contributor shares. | | | | `FRONTEND_OCS_INCLUDE_OCM_SHAREES` | Include OCM sharees when listing sharees. | | -| | `OCIS_EVENTS_ENDPOINT;FRONTEND_EVENTS_ENDPOINT` | The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. | | -| | `OCIS_EVENTS_CLUSTER;FRONTEND_EVENTS_CLUSTER` | The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system. | | -| | `OCIS_INSECURE;FRONTEND_EVENTS_TLS_INSECURE` | Whether to verify the server TLS certificates. | | +| | `OC_EVENTS_ENDPOINT;FRONTEND_EVENTS_ENDPOINT` | The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. | | +| | `OC_EVENTS_CLUSTER;FRONTEND_EVENTS_CLUSTER` | The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system. | | +| | `OC_INSECURE;FRONTEND_EVENTS_TLS_INSECURE` | Whether to verify the server TLS certificates. | | | | `FRONTEND_EVENTS_TLS_ROOT_CA_CERTIFICATE;OCS_EVENTS_TLS_ROOT_CA_CERTIFICATE` | The root CA certificate used to validate the server's TLS certificate. If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false. | | -| | `OCIS_EVENTS_ENABLE_TLS;FRONTEND_EVENTS_ENABLE_TLS` | Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services. | | -| | `OCIS_EVENTS_AUTH_USERNAME;FRONTEND_EVENTS_AUTH_USERNAME` | The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.. | | -| | `OCIS_EVENTS_AUTH_PASSWORD;FRONTEND_EVENTS_AUTH_PASSWORD` | The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.. | | -| | `OCIS_SERVICE_ACCOUNT_ID;FRONTEND_SERVICE_ACCOUNT_ID` | The ID of the service account the service should use. See the 'auth-service' service description for more details. | | -| | `OCIS_SERVICE_ACCOUNT_SECRET;FRONTEND_SERVICE_ACCOUNT_SECRET` | The service account secret. | | -| | `OCIS_PASSWORD_POLICY_DISABLED;FRONTEND_PASSWORD_POLICY_DISABLED` | Disable the password policy. Defaults to false if not set. | | -| | `OCIS_PASSWORD_POLICY_MIN_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_CHARACTERS` | Define the minimum password length. Defaults to 0 if not set. | 0 | -| | `OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS` | Define the minimum number of lowercase characters. Defaults to 0 if not set. | 0 | -| | `OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS` | Define the minimum number of uppercase characters. Defaults to 0 if not set. | 0 | -| | `OCIS_PASSWORD_POLICY_MIN_DIGITS;FRONTEND_PASSWORD_POLICY_MIN_DIGITS` | Define the minimum number of digits. Defaults to 0 if not set. | 0 | -| | `OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS` | Define the minimum number of special characters. Defaults to 0 if not set. | 0 | -| | `OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST;FRONTEND_PASSWORD_POLICY_BANNED_PASSWORDS_LIST` | Path to the 'banned passwords list' file. See the documentation for more details. | | -| services/gateway/pkg/config/config.go | `OCIS_CACHE_DISABLE_PERSISTENCE;GATEWAY_STAT_CACHE_DISABLE_PERSISTENCE` | Disables persistence of the stat cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false. | false | -| | `OCIS_CACHE_DISABLE_PERSISTENCE;GATEWAY_PROVIDER_CACHE_DISABLE_PERSISTENCE` | Disables persistence of the provider cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false. | false | -| | `OCIS_CACHE_AUTH_USERNAME;GATEWAY_PROVIDER_CACHE_AUTH_USERNAME` | The username to use for authentication. Only applies when store type 'nats-js-kv' is configured. | | -| | `OCIS_CACHE_AUTH_PASSWORD;GATEWAY_PROVIDER_CACHE_AUTH_PASSWORD` | The password to use for authentication. Only applies when store type 'nats-js-kv' is configured. | | -| | `OCIS_CACHE_DISABLE_PERSISTENCE;GATEWAY_CREATE_HOME_CACHE_DISABLE_PERSISTENCE` | Disables persistence of the create home cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false. | | -| | `OCIS_CACHE_AUTH_USERNAME;GATEWAY_CREATE_HOME_CACHE_AUTH_USERNAME` | The username to use for authentication. Only applies when store type 'nats-js-kv' is configured. | false | -| | `OCIS_CACHE_AUTH_PASSWORD;GATEWAY_CREATE_HOME_CACHE_AUTH_PASSWORD` | The password to use for authentication. Only applies when store type 'nats-js-kv' is configured. | | -| services/graph/pkg/config/cache.go | `OCIS_CACHE_DISABLE_PERSISTENCE;GRAPH_CACHE_DISABLE_PERSISTENCE` | Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false. | false | -| | `OCIS_CACHE_AUTH_USERNAME;GRAPH_CACHE_AUTH_USERNAME` | The username to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured. | | -| | `OCIS_CACHE_AUTH_PASSWORD;GRAPH_CACHE_AUTH_PASSWORD` | The password to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured. | | +| | `OC_EVENTS_ENABLE_TLS;FRONTEND_EVENTS_ENABLE_TLS` | Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services. | | +| | `OC_EVENTS_AUTH_USERNAME;FRONTEND_EVENTS_AUTH_USERNAME` | The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.. | | +| | `OC_EVENTS_AUTH_PASSWORD;FRONTEND_EVENTS_AUTH_PASSWORD` | The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.. | | +| | `OC_SERVICE_ACCOUNT_ID;FRONTEND_SERVICE_ACCOUNT_ID` | The ID of the service account the service should use. See the 'auth-service' service description for more details. | | +| | `OC_SERVICE_ACCOUNT_SECRET;FRONTEND_SERVICE_ACCOUNT_SECRET` | The service account secret. | | +| | `OC_PASSWORD_POLICY_DISABLED;FRONTEND_PASSWORD_POLICY_DISABLED` | Disable the password policy. Defaults to false if not set. | | +| | `OC_PASSWORD_POLICY_MIN_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_CHARACTERS` | Define the minimum password length. Defaults to 0 if not set. | 0 | +| | `OC_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS` | Define the minimum number of lowercase characters. Defaults to 0 if not set. | 0 | +| | `OC_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS` | Define the minimum number of uppercase characters. Defaults to 0 if not set. | 0 | +| | `OC_PASSWORD_POLICY_MIN_DIGITS;FRONTEND_PASSWORD_POLICY_MIN_DIGITS` | Define the minimum number of digits. Defaults to 0 if not set. | 0 | +| | `OC_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS` | Define the minimum number of special characters. Defaults to 0 if not set. | 0 | +| | `OC_PASSWORD_POLICY_BANNED_PASSWORDS_LIST;FRONTEND_PASSWORD_POLICY_BANNED_PASSWORDS_LIST` | Path to the 'banned passwords list' file. See the documentation for more details. | | +| services/gateway/pkg/config/config.go | `OC_CACHE_DISABLE_PERSISTENCE;GATEWAY_STAT_CACHE_DISABLE_PERSISTENCE` | Disables persistence of the stat cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false. | false | +| | `OC_CACHE_DISABLE_PERSISTENCE;GATEWAY_PROVIDER_CACHE_DISABLE_PERSISTENCE` | Disables persistence of the provider cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false. | false | +| | `OC_CACHE_AUTH_USERNAME;GATEWAY_PROVIDER_CACHE_AUTH_USERNAME` | The username to use for authentication. Only applies when store type 'nats-js-kv' is configured. | | +| | `OC_CACHE_AUTH_PASSWORD;GATEWAY_PROVIDER_CACHE_AUTH_PASSWORD` | The password to use for authentication. Only applies when store type 'nats-js-kv' is configured. | | +| | `OC_CACHE_DISABLE_PERSISTENCE;GATEWAY_CREATE_HOME_CACHE_DISABLE_PERSISTENCE` | Disables persistence of the create home cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false. | | +| | `OC_CACHE_AUTH_USERNAME;GATEWAY_CREATE_HOME_CACHE_AUTH_USERNAME` | The username to use for authentication. Only applies when store type 'nats-js-kv' is configured. | false | +| | `OC_CACHE_AUTH_PASSWORD;GATEWAY_CREATE_HOME_CACHE_AUTH_PASSWORD` | The password to use for authentication. Only applies when store type 'nats-js-kv' is configured. | | +| services/graph/pkg/config/cache.go | `OC_CACHE_DISABLE_PERSISTENCE;GRAPH_CACHE_DISABLE_PERSISTENCE` | Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false. | false | +| | `OC_CACHE_AUTH_USERNAME;GRAPH_CACHE_AUTH_USERNAME` | The username to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured. | | +| | `OC_CACHE_AUTH_PASSWORD;GRAPH_CACHE_AUTH_PASSWORD` | The password to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured. | | | services/graph/pkg/config/config.go | `GRAPH_IDENTITY_SEARCH_MIN_LENGTH` | The minimum length the search term needs to have for unprivileged users when searching for users or groups. | | -| | `OCIS_EVENTS_AUTH_USERNAME;GRAPH_EVENTS_AUTH_USERNAME` | The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | -| | `OCIS_EVENTS_AUTH_PASSWORD;GRAPH_EVENTS_AUTH_PASSWORD` | The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | -| | `OCIS_SERVICE_ACCOUNT_ID;GRAPH_SERVICE_ACCOUNT_ID` | The ID of the service account the service should use. See the 'auth-service' service description for more details. | | -| | `OCIS_SERVICE_ACCOUNT_SECRET;GRAPH_SERVICE_ACCOUNT_SECRET` | The service account secret. | | -| | `OCIS_ENABLE_RESHARING;GRAPH_ENABLE_RESHARING` | Changing this value is NOT supported. Enables the support for resharing in the clients. | | +| | `OC_EVENTS_AUTH_USERNAME;GRAPH_EVENTS_AUTH_USERNAME` | The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | +| | `OC_EVENTS_AUTH_PASSWORD;GRAPH_EVENTS_AUTH_PASSWORD` | The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | +| | `OC_SERVICE_ACCOUNT_ID;GRAPH_SERVICE_ACCOUNT_ID` | The ID of the service account the service should use. See the 'auth-service' service description for more details. | | +| | `OC_SERVICE_ACCOUNT_SECRET;GRAPH_SERVICE_ACCOUNT_SECRET` | The service account secret. | | +| | `OC_ENABLE_RESHARING;GRAPH_ENABLE_RESHARING` | Changing this value is NOT supported. Enables the support for resharing in the clients. | | | services/idp/pkg/config/config.go | `IDP_LOGIN_BACKGROUND_URL` | Configure an alternative URL to the background image for the login page. | | -| services/notifications/pkg/config/config.go | `OCIS_DEFAULT_LANGUAGE` | The default language used by services and the WebUI. If not defined, English will be used as default. See the documentation for more details. | | -| | `OCIS_EVENTS_AUTH_USERNAME;NOTIFICATIONS_EVENTS_AUTH_USERNAME` | The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | -| | `OCIS_EVENTS_AUTH_PASSWORD;NOTIFICATIONS_EVENTS_AUTH_PASSWORD` | The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | -| | `OCIS_SERVICE_ACCOUNT_ID;NOTIFICATIONS_SERVICE_ACCOUNT_ID` | The ID of the service account the service should use. See the 'auth-service' service description for more details. | | -| | `OCIS_SERVICE_ACCOUNT_SECRET;NOTIFICATIONS_SERVICE_ACCOUNT_SECRET` | The service account secret. | | +| services/notifications/pkg/config/config.go | `OC_DEFAULT_LANGUAGE` | The default language used by services and the WebUI. If not defined, English will be used as default. See the documentation for more details. | | +| | `OC_EVENTS_AUTH_USERNAME;NOTIFICATIONS_EVENTS_AUTH_USERNAME` | The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | +| | `OC_EVENTS_AUTH_PASSWORD;NOTIFICATIONS_EVENTS_AUTH_PASSWORD` | The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | +| | `OC_SERVICE_ACCOUNT_ID;NOTIFICATIONS_SERVICE_ACCOUNT_ID` | The ID of the service account the service should use. See the 'auth-service' service description for more details. | | +| | `OC_SERVICE_ACCOUNT_SECRET;NOTIFICATIONS_SERVICE_ACCOUNT_SECRET` | The service account secret. | | | services/ocdav/pkg/config/config.go | `OCDAV_OCM_NAMESPACE` | The human readable path prefix for the ocm shares. | | | services/ocm/pkg/config/config.go | `SHARING_OCM_PROVIDER_AUTHORIZER_DRIVER` | Driver to be used to persist ocm invites. Supported value is only 'json'. | `json` | | | `OCM_HTTP_ADDR` | The bind address of the HTTP service. | | | | `OCM_HTTP_PROTOCOL` | The transport protocol of the HTTP service. | | | | `OCM_HTTP_PREFIX` | The path prefix where OCM can be accessed (defaults to /). | | -| | `OCIS_SERVICE_ACCOUNT_ID;OCM_SERVICE_ACCOUNT_ID` | The ID of the service account the service should use. See the 'auth-service' service description for more details. | | -| | `OCIS_SERVICE_ACCOUNT_SECRET;OCM_SERVICE_ACCOUNT_SECRET` | The service account secret. | | -| | `OCIS_CORS_ALLOW_ORIGINS;OCM_CORS_ALLOW_ORIGINS` | A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details. | | -| | `OCIS_CORS_ALLOW_METHODS;OCM_CORS_ALLOW_METHODS` | A list of allowed CORS methods. See following chapter for more details: *Access-Control-Allow-Methods* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods. See the Environment Variable Types description for more details. | | -| | `OCIS_CORS_ALLOW_HEADERS;OCM_CORS_ALLOW_HEADERS` | A list of allowed CORS headers. See following chapter for more details: *Access-Control-Allow-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers. See the Environment Variable Types description for more details. | | -| | `OCIS_CORS_ALLOW_CREDENTIALS;OCM_CORS_ALLOW_CREDENTIALS` | Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials. | | +| | `OC_SERVICE_ACCOUNT_ID;OCM_SERVICE_ACCOUNT_ID` | The ID of the service account the service should use. See the 'auth-service' service description for more details. | | +| | `OC_SERVICE_ACCOUNT_SECRET;OCM_SERVICE_ACCOUNT_SECRET` | The service account secret. | | +| | `OC_CORS_ALLOW_ORIGINS;OCM_CORS_ALLOW_ORIGINS` | A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details. | | +| | `OC_CORS_ALLOW_METHODS;OCM_CORS_ALLOW_METHODS` | A list of allowed CORS methods. See following chapter for more details: *Access-Control-Allow-Methods* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods. See the Environment Variable Types description for more details. | | +| | `OC_CORS_ALLOW_HEADERS;OCM_CORS_ALLOW_HEADERS` | A list of allowed CORS headers. See following chapter for more details: *Access-Control-Allow-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers. See the Environment Variable Types description for more details. | | +| | `OC_CORS_ALLOW_CREDENTIALS;OCM_CORS_ALLOW_CREDENTIALS` | Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials. | | | | `OCM_GRPC_ADDR` | The bind address of the GRPC service. | | | | `OCM_GRPC_PROTOCOL` | The transport protocol of the GRPC service. | | | | `OCM_SCIENCEMESH_PREFIX` | URL path prefix for the ScienceMesh service. Note that the string must not start with '/'. | | @@ -122,133 +122,133 @@ | | `OCM_OCMD_EXPOSE_RECIPIENT_DISPLAY_NAME` | Expose the display name of OCM share recipients. | | | | `OCM_OCM_INVITE_MANAGER_DRIVER` | Driver to be used to persist ocm invites. Supported value is only 'json'. | `json` | | | `OCM_OCM_INVITE_MANAGER_INSECURE` | Disable TLS certificate validation for the OCM connections. Do not set this in production environments. | | -| | `OCM_OCM_INVITE_MANAGER_JSON_FILE` | Path to the JSON file where OCM invite data will be stored. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage. | | -| | `OCM_OCM_PROVIDER_AUTHORIZER_PROVIDERS_FILE` | Path to the JSON file where ocm invite data will be stored. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage. | | +| | `OCM_OCM_INVITE_MANAGER_JSON_FILE` | Path to the JSON file where OCM invite data will be stored. If not defined, the root directory derives from $OC_BASE_DATA_PATH:/storage. | | +| | `OCM_OCM_PROVIDER_AUTHORIZER_PROVIDERS_FILE` | Path to the JSON file where ocm invite data will be stored. If not defined, the root directory derives from $OC_BASE_DATA_PATH:/storage. | | | | `OCM_OCM_PROVIDER_AUTHORIZER_VERIFY_REQUEST_HOSTNAME` | Verify the hostname of the request against the hostname of the OCM provider. | | | | `OCM_OCM_CORE_DRIVER` | Driver to be used to persist ocm shares. Supported value is only 'json'. | `json` | | | `OCM_OCM_STORAGE_PROVIDER_INSECURE` | Disable TLS certificate validation for the OCM connections. Do not set this in production environments. | | | | `OCM_OCM_STORAGE_PROVIDER_STORAGE_ROOT` | Directory where the ocm storage provider persists its data like tus upload info files. | | -| | `OCM_OCM_CORE_JSON_FILE` | Path to the JSON file where OCM share data will be stored. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage. | | +| | `OCM_OCM_CORE_JSON_FILE` | Path to the JSON file where OCM share data will be stored. If not defined, the root directory derives from $OC_BASE_DATA_PATH:/storage. | | | | `OCM_OCM_SHARE_PROVIDER_DRIVER` | Driver to be used to persist ocm shares. Supported value is only 'json'. | `json` | | | `OCM_OCM_SHARE_PROVIDER_INSECURE` | Disable TLS certificate validation for the OCM connections. Do not set this in production environments. | | | | `OCM_WEBAPP_TEMPLATE` | Template for the webapp url. | | -| | `OCM_OCM_SHAREPROVIDER_JSON_FILE` | Path to the JSON file where OCM share data will be stored. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage. | | +| | `OCM_OCM_SHAREPROVIDER_JSON_FILE` | Path to the JSON file where OCM share data will be stored. If not defined, the root directory derives from $OC_BASE_DATA_PATH:/storage. | | | services/ocm/pkg/config/debug.go | `OCM_DEBUG_ADDR` | Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. | | | | `OCM_DEBUG_TOKEN` | Token to secure the metrics endpoint. | | | | `OCM_DEBUG_PPROF` | Enables pprof, which can be used for profiling. | | | | `OCM_DEBUG_ZPAGES` | Enables zpages, which can be used for collecting and viewing in-memory traces. | | -| services/ocm/pkg/config/log.go | `OCIS_LOG_LEVEL;OCM_LOG_LEVEL` | The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." | | -| | `OCIS_LOG_PRETTY;OCM_LOG_PRETTY` | Activates pretty log output. | | -| | `OCIS_LOG_COLOR;OCM_LOG_COLOR` | Activates colorized log output. | | -| | `OCIS_LOG_FILE;OCM_LOG_FILE` | The path to the log file. Activates logging to this file if set. | | -| services/ocm/pkg/config/tracing.go | `OCIS_TRACING_ENABLED;OCM_TRACING_ENABLED` | Activates tracing. | | -| | `OCIS_TRACING_TYPE;OCM_TRACING_TYPE` | The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now."` | | -| | `OCIS_TRACING_ENDPOINT;OCM_TRACING_ENDPOINT` | The endpoint of the tracing agent. | | -| | `OCIS_TRACING_COLLECTOR;OCM_TRACING_COLLECTOR` | The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. | | -| services/ocs/pkg/config/config.go | `OCIS_CACHE_STORE;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE` | The type of the signing key store. Supported values are: 'redis-sentinel' and 'nats-js-kv'. See the text description for details. | | -| | `OCIS_CACHE_STORE_NODES;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES` | A list of nodes to access the configured store. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details. | | -| | `OCIS_CACHE_TTL;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_TTL` | Default time to live for signing keys. See the Environment Variable Types description for more details. | | -| | `OCIS_CACHE_AUTH_USERNAME;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_USERNAME` | The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. | | -| | `OCIS_CACHE_AUTH_PASSWORD;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_PASSWORD` | The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. | | -| services/policies/pkg/config/config.go | `OCIS_EVENTS_AUTH_USERNAME;POLICIES_EVENTS_AUTH_USERNAME` | The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | -| | `OCIS_EVENTS_AUTH_PASSWORD;POLICIES_EVENTS_AUTH_PASSWORD` | The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | -| services/policies/pkg/config/tracing.go | `OCIS_TRACING_ENABLED;POLICIES_TRACING_ENABLED` | Activates tracing. | | -| | `OCIS_TRACING_TYPE;POLICIES_TRACING_TYPE` | The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now."` | | -| | `OCIS_TRACING_ENDPOINT;POLICIES_TRACING_ENDPOINT` | The endpoint of the tracing agent. | | -| | `OCIS_TRACING_COLLECTOR;POLICIES_TRACING_COLLECTOR` | The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. | | +| services/ocm/pkg/config/log.go | `OC_LOG_LEVEL;OCM_LOG_LEVEL` | The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." | | +| | `OC_LOG_PRETTY;OCM_LOG_PRETTY` | Activates pretty log output. | | +| | `OC_LOG_COLOR;OCM_LOG_COLOR` | Activates colorized log output. | | +| | `OC_LOG_FILE;OCM_LOG_FILE` | The path to the log file. Activates logging to this file if set. | | +| services/ocm/pkg/config/tracing.go | `OC_TRACING_ENABLED;OCM_TRACING_ENABLED` | Activates tracing. | | +| | `OC_TRACING_TYPE;OCM_TRACING_TYPE` | The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now."` | | +| | `OC_TRACING_ENDPOINT;OCM_TRACING_ENDPOINT` | The endpoint of the tracing agent. | | +| | `OC_TRACING_COLLECTOR;OCM_TRACING_COLLECTOR` | The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. | | +| services/ocs/pkg/config/config.go | `OC_CACHE_STORE;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE` | The type of the signing key store. Supported values are: 'redis-sentinel' and 'nats-js-kv'. See the text description for details. | | +| | `OC_CACHE_STORE_NODES;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES` | A list of nodes to access the configured store. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details. | | +| | `OC_CACHE_TTL;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_TTL` | Default time to live for signing keys. See the Environment Variable Types description for more details. | | +| | `OC_CACHE_AUTH_USERNAME;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_USERNAME` | The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. | | +| | `OC_CACHE_AUTH_PASSWORD;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_PASSWORD` | The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. | | +| services/policies/pkg/config/config.go | `OC_EVENTS_AUTH_USERNAME;POLICIES_EVENTS_AUTH_USERNAME` | The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | +| | `OC_EVENTS_AUTH_PASSWORD;POLICIES_EVENTS_AUTH_PASSWORD` | The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | +| services/policies/pkg/config/tracing.go | `OC_TRACING_ENABLED;POLICIES_TRACING_ENABLED` | Activates tracing. | | +| | `OC_TRACING_TYPE;POLICIES_TRACING_TYPE` | The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now."` | | +| | `OC_TRACING_ENDPOINT;POLICIES_TRACING_ENDPOINT` | The endpoint of the tracing agent. | | +| | `OC_TRACING_COLLECTOR;POLICIES_TRACING_COLLECTOR` | The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. | | | services/postprocessing/pkg/config/config.go | `POSTPROCESSING_RETRY_BACKOFF_DURATION` | The base for the exponential backoff duration before retrying a failed postprocessing step. See the Environment Variable Types description for more details. | | | | `POSTPROCESSING_MAX_RETRIES` | The maximum number of retries for a failed postprocessing step. | | -| | `OCIS_EVENTS_AUTH_USERNAME;POSTPROCESSING_EVENTS_AUTH_USERNAME` | The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | -| | `OCIS_EVENTS_AUTH_PASSWORD;POSTPROCESSING_EVENTS_AUTH_PASSWORD` | The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | -| | `OCIS_PERSISTENT_STORE_AUTH_USERNAME;POSTPROCESSING_STORE_AUTH_USERNAME` | The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. | | -| | `OCIS_PERSISTENT_STORE_AUTH_PASSWORD;POSTPROCESSING_STORE_AUTH_PASSWORD` | The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. | | -| services/postprocessing/pkg/config/tracing.go | `OCIS_TRACING_ENABLED;POSTPROCESSING_TRACING_ENABLED` | Activates tracing. | | -| | `OCIS_TRACING_TYPE;POSTPROCESSING_TRACING_TYPE` | The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now."` | | -| | `OCIS_TRACING_ENDPOINT;POSTPROCESSING_TRACING_ENDPOINT` | The endpoint of the tracing agent. | | -| | `OCIS_TRACING_COLLECTOR;POSTPROCESSING_TRACING_COLLECTOR` | The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. | | -| services/proxy/pkg/config/config.go | `OCIS_CACHE_AUTH_USERNAME;PROXY_OIDC_USERINFO_CACHE_AUTH_USERNAME` | The username to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured. | | -| | `OCIS_CACHE_AUTH_PASSWORD;PROXY_OIDC_USERINFO_CACHE_AUTH_PASSWORD` | The password to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured. | | -| | `OCIS_CACHE_STORE;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE` | The type of the signing key store. Supported values are: 'redis-sentinel' and 'nats-js-kv'. See the text description for details. | | -| | `OCIS_CACHE_STORE_NODES;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES` | A list of nodes to access the configured store. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details. | | -| | `OCIS_CACHE_TTL;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_TTL` | Default time to live for signing keys. See the Environment Variable Types description for more details. | | -| | `OCIS_CACHE_DISABLE_PERSISTENCE;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_DISABLE_PERSISTENCE` | Disables persistence of the store. Only applies when store type 'nats-js-kv' is configured. Defaults to true. | | -| | `OCIS_CACHE_AUTH_USERNAME;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_USERNAME` | The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. | | -| | `OCIS_CACHE_AUTH_PASSWORD;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_PASSWORD` | The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. | | -| | `OCIS_SERVICE_ACCOUNT_ID;PROXY_SERVICE_ACCOUNT_ID` | The ID of the service account the service should use. See the 'auth-service' service description for more details. | | -| | `OCIS_SERVICE_ACCOUNT_SECRET;PROXY_SERVICE_ACCOUNT_SECRET` | The service account secret. | | -| services/search/pkg/config/config.go | `OCIS_SERVICE_ACCOUNT_ID;SEARCH_SERVICE_ACCOUNT_ID` | The ID of the service account the service should use. See the 'auth-service' service description for more details. | | -| | `OCIS_SERVICE_ACCOUNT_SECRET;SEARCH_SERVICE_ACCOUNT_SECRET` | The service account secret. | | +| | `OC_EVENTS_AUTH_USERNAME;POSTPROCESSING_EVENTS_AUTH_USERNAME` | The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | +| | `OC_EVENTS_AUTH_PASSWORD;POSTPROCESSING_EVENTS_AUTH_PASSWORD` | The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | +| | `OC_PERSISTENT_STORE_AUTH_USERNAME;POSTPROCESSING_STORE_AUTH_USERNAME` | The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. | | +| | `OC_PERSISTENT_STORE_AUTH_PASSWORD;POSTPROCESSING_STORE_AUTH_PASSWORD` | The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. | | +| services/postprocessing/pkg/config/tracing.go | `OC_TRACING_ENABLED;POSTPROCESSING_TRACING_ENABLED` | Activates tracing. | | +| | `OC_TRACING_TYPE;POSTPROCESSING_TRACING_TYPE` | The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now."` | | +| | `OC_TRACING_ENDPOINT;POSTPROCESSING_TRACING_ENDPOINT` | The endpoint of the tracing agent. | | +| | `OC_TRACING_COLLECTOR;POSTPROCESSING_TRACING_COLLECTOR` | The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. | | +| services/proxy/pkg/config/config.go | `OC_CACHE_AUTH_USERNAME;PROXY_OIDC_USERINFO_CACHE_AUTH_USERNAME` | The username to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured. | | +| | `OC_CACHE_AUTH_PASSWORD;PROXY_OIDC_USERINFO_CACHE_AUTH_PASSWORD` | The password to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured. | | +| | `OC_CACHE_STORE;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE` | The type of the signing key store. Supported values are: 'redis-sentinel' and 'nats-js-kv'. See the text description for details. | | +| | `OC_CACHE_STORE_NODES;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES` | A list of nodes to access the configured store. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details. | | +| | `OC_CACHE_TTL;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_TTL` | Default time to live for signing keys. See the Environment Variable Types description for more details. | | +| | `OC_CACHE_DISABLE_PERSISTENCE;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_DISABLE_PERSISTENCE` | Disables persistence of the store. Only applies when store type 'nats-js-kv' is configured. Defaults to true. | | +| | `OC_CACHE_AUTH_USERNAME;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_USERNAME` | The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. | | +| | `OC_CACHE_AUTH_PASSWORD;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_PASSWORD` | The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. | | +| | `OC_SERVICE_ACCOUNT_ID;PROXY_SERVICE_ACCOUNT_ID` | The ID of the service account the service should use. See the 'auth-service' service description for more details. | | +| | `OC_SERVICE_ACCOUNT_SECRET;PROXY_SERVICE_ACCOUNT_SECRET` | The service account secret. | | +| services/search/pkg/config/config.go | `OC_SERVICE_ACCOUNT_ID;SEARCH_SERVICE_ACCOUNT_ID` | The ID of the service account the service should use. See the 'auth-service' service description for more details. | | +| | `OC_SERVICE_ACCOUNT_SECRET;SEARCH_SERVICE_ACCOUNT_SECRET` | The service account secret. | | | services/search/pkg/config/content.go | `SEARCH_EXTRACTOR_TIKA_CLEAN_STOP_WORDS` | Defines if stop words should be cleaned or not. See the documentation for more details. | | -| services/search/pkg/config/search.go | `OCIS_EVENTS_AUTH_USERNAME;SEARCH_EVENTS_AUTH_USERNAME` | The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | -| | `OCIS_EVENTS_AUTH_PASSWORD;SEARCH_EVENTS_AUTH_PASSWORD` | The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | -| services/settings/pkg/config/config.go | `SETTINGS_SERVICE_ACCOUNT_IDS;OCIS_SERVICE_ACCOUNT_ID` | The list of all service account IDs. These will be assigned the hidden 'service-account' role. Note: When using 'OCIS_SERVICE_ACCOUNT_ID' this will contain only one value while 'SETTINGS_SERVICE_ACCOUNT_IDS' can have multiple. See the 'auth-service' service description for more details about service accounts. | | -| | `OCIS_DEFAULT_LANGUAGE` | The default language used by services and the WebUI. If not defined, English will be used as default. See the documentation for more details. | | -| | `OCIS_CACHE_DISABLE_PERSISTENCE;SETTINGS_CACHE_DISABLE_PERSISTENCE` | Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false. | | -| | `OCIS_CACHE_AUTH_USERNAME;SETTINGS_CACHE_AUTH_USERNAME` | The username to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured. | | -| | `OCIS_CACHE_AUTH_PASSWORD;SETTINGS_CACHE_AUTH_PASSWORD` | The password to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured. | | -| | `OCIS_EVENTS_AUTH_USERNAME;SETTINGS_EVENTS_AUTH_USERNAME` | The username to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured. | | -| | `OCIS_EVENTS_AUTH_PASSWORD;SETTINGS_EVENTS_AUTH_PASSWORD` | The password to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured. | | -| services/sharing/pkg/config/config.go | `OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD;SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD` | Set this to true if you want to enforce passwords on Uploader, Editor or Contributor shares. If not using the global OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD, you must define the FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD in the frontend service. | | -| | `OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD;SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD` | Set this to true if you want to enforce passwords on all public shares. | | -| | `OCIS_EVENTS_AUTH_USERNAME;SHARING_EVENTS_AUTH_USERNAME` | Username for the events broker. | | -| | `OCIS_EVENTS_AUTH_PASSWORD;SHARING_EVENTS_AUTH_PASSWORD` | Password for the events broker. | | -| | `OCIS_PASSWORD_POLICY_DISABLED;SHARING_PASSWORD_POLICY_DISABLED` | Disable the password policy. Defaults to false if not set. | | -| | `OCIS_PASSWORD_POLICY_MIN_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_CHARACTERS` | Define the minimum password length. Defaults to 0 if not set. | 0 | -| | `OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS` | Define the minimum number of lowercase characters. Defaults to 0 if not set. | 0 | -| | `OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS` | Define the minimum number of uppercase characters. Defaults to 0 if not set. | 0 | -| | `OCIS_PASSWORD_POLICY_MIN_DIGITS;SHARING_PASSWORD_POLICY_MIN_DIGITS` | Define the minimum number of digits. Defaults to 0 if not set. | 0 | -| | `OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS` | Define the minimum number of special characters. Defaults to 0 if not set. | 0 | -| | `OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST;SHARING_PASSWORD_POLICY_BANNED_PASSWORDS_LIST` | Path to the 'banned passwords list' file. See the documentation for more details. | | -| services/sse/pkg/config/config.go | `OCIS_LOG_LEVEL;SSE_LOG_LEVEL` | The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." | | -| | `OCIS_LOG_PRETTY;SSE_LOG_PRETTY` | Activates pretty log output. | | -| | `OCIS_LOG_COLOR;SSE_LOG_COLOR` | Activates colorized log output. | | -| | `OCIS_LOG_FILE;SSE_LOG_FILE` | The path to the log file. Activates logging to this file if set. | | +| services/search/pkg/config/search.go | `OC_EVENTS_AUTH_USERNAME;SEARCH_EVENTS_AUTH_USERNAME` | The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | +| | `OC_EVENTS_AUTH_PASSWORD;SEARCH_EVENTS_AUTH_PASSWORD` | The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | +| services/settings/pkg/config/config.go | `SETTINGS_SERVICE_ACCOUNT_IDS;OC_SERVICE_ACCOUNT_ID` | The list of all service account IDs. These will be assigned the hidden 'service-account' role. Note: When using 'OC_SERVICE_ACCOUNT_ID' this will contain only one value while 'SETTINGS_SERVICE_ACCOUNT_IDS' can have multiple. See the 'auth-service' service description for more details about service accounts. | | +| | `OC_DEFAULT_LANGUAGE` | The default language used by services and the WebUI. If not defined, English will be used as default. See the documentation for more details. | | +| | `OC_CACHE_DISABLE_PERSISTENCE;SETTINGS_CACHE_DISABLE_PERSISTENCE` | Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false. | | +| | `OC_CACHE_AUTH_USERNAME;SETTINGS_CACHE_AUTH_USERNAME` | The username to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured. | | +| | `OC_CACHE_AUTH_PASSWORD;SETTINGS_CACHE_AUTH_PASSWORD` | The password to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured. | | +| | `OC_EVENTS_AUTH_USERNAME;SETTINGS_EVENTS_AUTH_USERNAME` | The username to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured. | | +| | `OC_EVENTS_AUTH_PASSWORD;SETTINGS_EVENTS_AUTH_PASSWORD` | The password to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured. | | +| services/sharing/pkg/config/config.go | `OC_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD;SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD` | Set this to true if you want to enforce passwords on Uploader, Editor or Contributor shares. If not using the global OC_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD, you must define the FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD in the frontend service. | | +| | `OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD;SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD` | Set this to true if you want to enforce passwords on all public shares. | | +| | `OC_EVENTS_AUTH_USERNAME;SHARING_EVENTS_AUTH_USERNAME` | Username for the events broker. | | +| | `OC_EVENTS_AUTH_PASSWORD;SHARING_EVENTS_AUTH_PASSWORD` | Password for the events broker. | | +| | `OC_PASSWORD_POLICY_DISABLED;SHARING_PASSWORD_POLICY_DISABLED` | Disable the password policy. Defaults to false if not set. | | +| | `OC_PASSWORD_POLICY_MIN_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_CHARACTERS` | Define the minimum password length. Defaults to 0 if not set. | 0 | +| | `OC_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS` | Define the minimum number of lowercase characters. Defaults to 0 if not set. | 0 | +| | `OC_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS` | Define the minimum number of uppercase characters. Defaults to 0 if not set. | 0 | +| | `OC_PASSWORD_POLICY_MIN_DIGITS;SHARING_PASSWORD_POLICY_MIN_DIGITS` | Define the minimum number of digits. Defaults to 0 if not set. | 0 | +| | `OC_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS` | Define the minimum number of special characters. Defaults to 0 if not set. | 0 | +| | `OC_PASSWORD_POLICY_BANNED_PASSWORDS_LIST;SHARING_PASSWORD_POLICY_BANNED_PASSWORDS_LIST` | Path to the 'banned passwords list' file. See the documentation for more details. | | +| services/sse/pkg/config/config.go | `OC_LOG_LEVEL;SSE_LOG_LEVEL` | The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." | | +| | `OC_LOG_PRETTY;SSE_LOG_PRETTY` | Activates pretty log output. | | +| | `OC_LOG_COLOR;SSE_LOG_COLOR` | Activates colorized log output. | | +| | `OC_LOG_FILE;SSE_LOG_FILE` | The path to the log file. Activates logging to this file if set. | | | | `SSE_DEBUG_ADDR` | Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. | | | | `SSE_DEBUG_TOKEN` | Token to secure the metrics endpoint. | | | | `SSE_DEBUG_PPROF` | Enables pprof, which can be used for profiling. | | | | `SSE_DEBUG_ZPAGES` | Enables zpages, which can be used for collecting and viewing in-memory traces. | | -| | `OCIS_EVENTS_ENDPOINT;SSE_EVENTS_ENDPOINT` | The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. | | -| | `OCIS_EVENTS_CLUSTER;SSE_EVENTS_CLUSTER` | The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system. | | -| | `OCIS_INSECURE;SSE_EVENTS_TLS_INSECURE` | Whether to verify the server TLS certificates. | | -| | `OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;SSE_EVENTS_TLS_ROOT_CA_CERTIFICATE` | The root CA certificate used to validate the server's TLS certificate. If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false. | | -| | `OCIS_EVENTS_ENABLE_TLS;SSE_EVENTS_ENABLE_TLS` | Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services.. | | -| | `OCIS_EVENTS_AUTH_USERNAME;SSE_EVENTS_AUTH_USERNAME` | The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.. | | -| | `OCIS_EVENTS_AUTH_PASSWORD;SSE_EVENTS_AUTH_PASSWORD` | The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.. | | -| | `OCIS_CORS_ALLOW_ORIGINS;SSE_CORS_ALLOW_ORIGINS` | A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details. | | -| | `OCIS_CORS_ALLOW_METHODS;SSE_CORS_ALLOW_METHODS` | A list of allowed CORS methods. See following chapter for more details: *Access-Control-Allow-Methods* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods. See the Environment Variable Types description for more details. | | -| | `OCIS_CORS_ALLOW_HEADERS;SSE_CORS_ALLOW_HEADERS` | A list of allowed CORS headers. See following chapter for more details: *Access-Control-Allow-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers. See the Environment Variable Types description for more details. | | -| | `OCIS_CORS_ALLOW_CREDENTIALS;SSE_CORS_ALLOW_CREDENTIALS` | Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials. | | +| | `OC_EVENTS_ENDPOINT;SSE_EVENTS_ENDPOINT` | The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. | | +| | `OC_EVENTS_CLUSTER;SSE_EVENTS_CLUSTER` | The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system. | | +| | `OC_INSECURE;SSE_EVENTS_TLS_INSECURE` | Whether to verify the server TLS certificates. | | +| | `OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;SSE_EVENTS_TLS_ROOT_CA_CERTIFICATE` | The root CA certificate used to validate the server's TLS certificate. If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false. | | +| | `OC_EVENTS_ENABLE_TLS;SSE_EVENTS_ENABLE_TLS` | Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services.. | | +| | `OC_EVENTS_AUTH_USERNAME;SSE_EVENTS_AUTH_USERNAME` | The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.. | | +| | `OC_EVENTS_AUTH_PASSWORD;SSE_EVENTS_AUTH_PASSWORD` | The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services.. | | +| | `OC_CORS_ALLOW_ORIGINS;SSE_CORS_ALLOW_ORIGINS` | A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details. | | +| | `OC_CORS_ALLOW_METHODS;SSE_CORS_ALLOW_METHODS` | A list of allowed CORS methods. See following chapter for more details: *Access-Control-Allow-Methods* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods. See the Environment Variable Types description for more details. | | +| | `OC_CORS_ALLOW_HEADERS;SSE_CORS_ALLOW_HEADERS` | A list of allowed CORS headers. See following chapter for more details: *Access-Control-Allow-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers. See the Environment Variable Types description for more details. | | +| | `OC_CORS_ALLOW_CREDENTIALS;SSE_CORS_ALLOW_CREDENTIALS` | Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials. | | | | `SSE_HTTP_ADDR` | The bind address of the HTTP service. | | | | `SSE_HTTP_ROOT` | The root path of the HTTP service. | | -| | `OCIS_JWT_SECRET;SSE_JWT_SECRET` | The secret to mint and validate jwt tokens. | | -| services/sse/pkg/config/tracing.go | `OCIS_TRACING_ENABLED;SSE_TRACING_ENABLED` | Activates tracing. | | -| | `OCIS_TRACING_TYPE;SSE_TRACING_TYPE` | The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now."` | | -| | `OCIS_TRACING_ENDPOINT;SSE_TRACING_ENDPOINT` | The endpoint of the tracing agent. | | -| | `OCIS_TRACING_COLLECTOR;SSE_TRACING_COLLECTOR` | The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. | | -| services/storage-system/pkg/config/config.go | `OCIS_CACHE_DISABLE_PERSISTENCE;STORAGE_SYSTEM_CACHE_DISABLE_PERSISTENCE` | Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false. | false | -| | `OCIS_CACHE_AUTH_USERNAME;STORAGE_SYSTEM_CACHE_AUTH_USERNAME` | Username for the configured store. Only applies when store type 'nats-js-kv' is configured. | | -| | `OCIS_CACHE_AUTH_PASSWORD;STORAGE_SYSTEM_CACHE_AUTH_PASSWORD` | TPassword for the configured store. Only applies when store type 'nats-js-kv' is configured. | | -| services/storage-users/pkg/config/config.go | `OCIS_GATEWAY_GRPC_ADDR;STORAGE_USERS_GATEWAY_GRPC_ADDR` | The bind address of the gateway GRPC address. | | -| | `OCIS_MACHINE_AUTH_API_KEY;STORAGE_USERS_MACHINE_AUTH_API_KEY` | Machine auth API key used to validate internal requests necessary for the access to resources from other services. | | +| | `OC_JWT_SECRET;SSE_JWT_SECRET` | The secret to mint and validate jwt tokens. | | +| services/sse/pkg/config/tracing.go | `OC_TRACING_ENABLED;SSE_TRACING_ENABLED` | Activates tracing. | | +| | `OC_TRACING_TYPE;SSE_TRACING_TYPE` | The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now."` | | +| | `OC_TRACING_ENDPOINT;SSE_TRACING_ENDPOINT` | The endpoint of the tracing agent. | | +| | `OC_TRACING_COLLECTOR;SSE_TRACING_COLLECTOR` | The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. | | +| services/storage-system/pkg/config/config.go | `OC_CACHE_DISABLE_PERSISTENCE;STORAGE_SYSTEM_CACHE_DISABLE_PERSISTENCE` | Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false. | false | +| | `OC_CACHE_AUTH_USERNAME;STORAGE_SYSTEM_CACHE_AUTH_USERNAME` | Username for the configured store. Only applies when store type 'nats-js-kv' is configured. | | +| | `OC_CACHE_AUTH_PASSWORD;STORAGE_SYSTEM_CACHE_AUTH_PASSWORD` | TPassword for the configured store. Only applies when store type 'nats-js-kv' is configured. | | +| services/storage-users/pkg/config/config.go | `OC_GATEWAY_GRPC_ADDR;STORAGE_USERS_GATEWAY_GRPC_ADDR` | The bind address of the gateway GRPC address. | | +| | `OC_MACHINE_AUTH_API_KEY;STORAGE_USERS_MACHINE_AUTH_API_KEY` | Machine auth API key used to validate internal requests necessary for the access to resources from other services. | | | | `STORAGE_USERS_CLI_MAX_ATTEMPTS_RENAME_FILE` | The maximum number of attempts to rename a file when a user restores a file to an existing destination with the same name. The minimum value is 100. | | -| | `OCIS_EVENTS_AUTH_USERNAME;STORAGE_USERS_EVENTS_AUTH_USERNAME` | The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | -| | `OCIS_EVENTS_AUTH_PASSWORD;STORAGE_USERS_EVENTS_AUTH_PASSWORD` | The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | -| | `OCIS_CACHE_DISABLE_PERSISTENCE;STORAGE_USERS_STAT_CACHE_DISABLE_PERSISTENCE` | Disables persistence of the stat cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false. | false | -| | `OCIS_CACHE_DISABLE_PERSISTENCE;STORAGE_USERS_FILEMETADATA_CACHE_DISABLE_PERSISTENCE` | Disables persistence of the file metadata cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false. | false | -| | `OCIS_CACHE_AUTH_USERNAME;STORAGE_USERS_FILEMETADATA_CACHE_AUTH_USERNAME` | The username to authenticate with the cache store. Only applies when store type 'nats-js-kv' is configured. | | -| | `OCIS_CACHE_AUTH_PASSWORD;STORAGE_USERS_FILEMETADATA_CACHE_AUTH_PASSWORD` | The password to authenticate with the cache store. Only applies when store type 'nats-js-kv' is configured. | | -| | `OCIS_CACHE_DISABLE_PERSISTENCE;STORAGE_USERS_ID_CACHE_DISABLE_PERSISTENCE` | Disables persistence of the id cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false. | false | -| | `OCIS_CACHE_AUTH_USERNAME;STORAGE_USERS_ID_CACHE_AUTH_USERNAME` | The username to authenticate with the cache store. Only applies when store type 'nats-js-kv' is configured | | -| | `OCIS_CACHE_AUTH_PASSWORD;STORAGE_USERS_ID_CACHE_AUTH_PASSWORD` | The password to authenticate with the cache store. Only applies when store type 'nats-js-kv' is configured. | | -| | `OCIS_SERVICE_ACCOUNT_ID;STORAGE_USERS_SERVICE_ACCOUNT_ID` | The ID of the service account the service should use. See the 'auth-service' service description for more details. | | -| | `OCIS_SERVICE_ACCOUNT_SECRET;STORAGE_USERS_SERVICE_ACCOUNT_SECRET` | The service account secret. | | -| services/userlog/pkg/config/config.go | `OCIS_DEFAULT_LANGUAGE` | The default language used by services and the WebUI. If not defined, English will be used as default. See the documentation for more details. | | -| | `OCIS_PERSISTENT_STORE_AUTH_USERNAME;USERLOG_STORE_AUTH_USERNAME` | The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. | | -| | `OCIS_PERSISTENT_STORE_AUTH_PASSWORD;USERLOG_STORE_AUTH_PASSWORD` | The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. | | -| | `OCIS_EVENTS_AUTH_USERNAME;USERLOG_EVENTS_AUTH_USERNAME` | The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | -| | `OCIS_EVENTS_AUTH_PASSWORD;USERLOG_EVENTS_AUTH_PASSWORD` | The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | -| | `OCIS_SERVICE_ACCOUNT_ID;USERLOG_SERVICE_ACCOUNT_ID` | The ID of the service account the service should use. See the 'auth-service' service description for more details. | | -| | `OCIS_SERVICE_ACCOUNT_SECRET;USERLOG_SERVICE_ACCOUNT_SECRET` | The service account secret. | | +| | `OC_EVENTS_AUTH_USERNAME;STORAGE_USERS_EVENTS_AUTH_USERNAME` | The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | +| | `OC_EVENTS_AUTH_PASSWORD;STORAGE_USERS_EVENTS_AUTH_PASSWORD` | The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | +| | `OC_CACHE_DISABLE_PERSISTENCE;STORAGE_USERS_STAT_CACHE_DISABLE_PERSISTENCE` | Disables persistence of the stat cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false. | false | +| | `OC_CACHE_DISABLE_PERSISTENCE;STORAGE_USERS_FILEMETADATA_CACHE_DISABLE_PERSISTENCE` | Disables persistence of the file metadata cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false. | false | +| | `OC_CACHE_AUTH_USERNAME;STORAGE_USERS_FILEMETADATA_CACHE_AUTH_USERNAME` | The username to authenticate with the cache store. Only applies when store type 'nats-js-kv' is configured. | | +| | `OC_CACHE_AUTH_PASSWORD;STORAGE_USERS_FILEMETADATA_CACHE_AUTH_PASSWORD` | The password to authenticate with the cache store. Only applies when store type 'nats-js-kv' is configured. | | +| | `OC_CACHE_DISABLE_PERSISTENCE;STORAGE_USERS_ID_CACHE_DISABLE_PERSISTENCE` | Disables persistence of the id cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false. | false | +| | `OC_CACHE_AUTH_USERNAME;STORAGE_USERS_ID_CACHE_AUTH_USERNAME` | The username to authenticate with the cache store. Only applies when store type 'nats-js-kv' is configured | | +| | `OC_CACHE_AUTH_PASSWORD;STORAGE_USERS_ID_CACHE_AUTH_PASSWORD` | The password to authenticate with the cache store. Only applies when store type 'nats-js-kv' is configured. | | +| | `OC_SERVICE_ACCOUNT_ID;STORAGE_USERS_SERVICE_ACCOUNT_ID` | The ID of the service account the service should use. See the 'auth-service' service description for more details. | | +| | `OC_SERVICE_ACCOUNT_SECRET;STORAGE_USERS_SERVICE_ACCOUNT_SECRET` | The service account secret. | | +| services/userlog/pkg/config/config.go | `OC_DEFAULT_LANGUAGE` | The default language used by services and the WebUI. If not defined, English will be used as default. See the documentation for more details. | | +| | `OC_PERSISTENT_STORE_AUTH_USERNAME;USERLOG_STORE_AUTH_USERNAME` | The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. | | +| | `OC_PERSISTENT_STORE_AUTH_PASSWORD;USERLOG_STORE_AUTH_PASSWORD` | The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. | | +| | `OC_EVENTS_AUTH_USERNAME;USERLOG_EVENTS_AUTH_USERNAME` | The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | +| | `OC_EVENTS_AUTH_PASSWORD;USERLOG_EVENTS_AUTH_PASSWORD` | The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. | | +| | `OC_SERVICE_ACCOUNT_ID;USERLOG_SERVICE_ACCOUNT_ID` | The ID of the service account the service should use. See the 'auth-service' service description for more details. | | +| | `OC_SERVICE_ACCOUNT_SECRET;USERLOG_SERVICE_ACCOUNT_SECRET` | The service account secret. | | | services/web/pkg/config/options.go | `WEB_OPTION_LOGIN_URL` | Specifies the target URL to the login page. This is helpful when an external IdP is used. This option is disabled by default. Example URL like: https://www.myidp.com/login. | | | | | `WEB_OPTION_DISABLED_EXTENSIONS` | A list to disable specific Web extensions identified by their ID. The ID can e.g. be taken from the 'index.ts' file of the web extension. Example: 'com.github.owncloud.web.files.search,com.github.owncloud.web.files.print'. See the Environment Variable Types description for more details. | | | | `WEB_OPTION_USER_LIST_REQUIRES_FILTER` | Defines whether one or more filters must be set in order to list users in the Web admin settings. Set this option to 'true' if running in an environment with a lot of users and listing all users could slow down performance. Defaults to 'false'. | false | diff --git a/docs/services/general-info/env-var-deltas/4.0.0-5.0.0-removed.adoc b/docs/services/general-info/env-var-deltas/4.0.0-5.0.0-removed.adoc index 34120a5ae..47de4f390 100644 --- a/docs/services/general-info/env-var-deltas/4.0.0-5.0.0-removed.adoc +++ b/docs/services/general-info/env-var-deltas/4.0.0-5.0.0-removed.adoc @@ -10,22 +10,22 @@ | xref:{s-path}/auth-basic.adoc[auth-basic] | `LDAP_BIND_PASSWORD` -| `OCIS_LDAP_BIND_PASSWORD` +| `OC_LDAP_BIND_PASSWORD` | Password to use for authenticating the 'bind_dn'. | xref:{s-path}/graph.adoc[graph] | `LDAP_BIND_PASSWORD` -| `OCIS_LDAP_BIND_PASSWORD` +| `OC_LDAP_BIND_PASSWORD` | Password to use for authenticating the 'bind_dn'. | xref:{s-path}/groups.adoc[groups] | `LDAP_BIND_PASSWORD` -| `OCIS_LDAP_BIND_PASSWORD` +| `OC_LDAP_BIND_PASSWORD` | Password to use for authenticating the 'bind_dn'. | xref:{s-path}/idp.adoc[idp] | `LDAP_BIND_PASSWORD` -| `OCIS_LDAP_BIND_PASSWORD` +| `OC_LDAP_BIND_PASSWORD` | Password to use for authenticating the 'bind_dn'. | xref:{s-path}/sharing.adoc[sharing] @@ -35,12 +35,12 @@ | xref:{s-path}/users.adoc[users] | `LDAP_BIND_PASSWORD` -| `OCIS_LDAP_BIND_PASSWORD` +| `OC_LDAP_BIND_PASSWORD` | Password to use for authenticating the 'bind_dn'. | | `LDAP_USER_SCHEMA_ID_IS_OCTETSTRING` -| `OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING` +| `OC_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING` | Set this to true if the defined 'ID' attribute for users is of the 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute of Active Directory for the user ID's. | xref:{s-path}/web.adoc[web] diff --git a/docs/services/general-info/env-var-deltas/4.0.0-5.0.0-removed.md b/docs/services/general-info/env-var-deltas/4.0.0-5.0.0-removed.md index f20c695c0..d877a37b7 100644 --- a/docs/services/general-info/env-var-deltas/4.0.0-5.0.0-removed.md +++ b/docs/services/general-info/env-var-deltas/4.0.0-5.0.0-removed.md @@ -2,12 +2,12 @@ | File | Variable | Replacement | Description | |------------------------------------------|--------------------------------------|-------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| services/auth-basic/pkg/config/config.go | `LDAP_BIND_PASSWORD` | `OCIS_LDAP_BIND_PASSWORD` | Password to use for authenticating the 'bind_dn'. | -| services/graph/pkg/config/config.go | `LDAP_BIND_PASSWORD` | `OCIS_LDAP_BIND_PASSWORD` | Password to use for authenticating the 'bind_dn'. | -| services/groups/pkg/config/config.go | `LDAP_BIND_PASSWORD` | `OCIS_LDAP_BIND_PASSWORD` | Password to use for authenticating the 'bind_dn'. | -| services/idp/pkg/config/config.go | `LDAP_BIND_PASSWORD` | `OCIS_LDAP_BIND_PASSWORD` | Password to use for authenticating the 'bind_dn'. | +| services/auth-basic/pkg/config/config.go | `LDAP_BIND_PASSWORD` | `OC_LDAP_BIND_PASSWORD` | Password to use for authenticating the 'bind_dn'. | +| services/graph/pkg/config/config.go | `LDAP_BIND_PASSWORD` | `OC_LDAP_BIND_PASSWORD` | Password to use for authenticating the 'bind_dn'. | +| services/groups/pkg/config/config.go | `LDAP_BIND_PASSWORD` | `OC_LDAP_BIND_PASSWORD` | Password to use for authenticating the 'bind_dn'. | +| services/idp/pkg/config/config.go | `LDAP_BIND_PASSWORD` | `OC_LDAP_BIND_PASSWORD` | Password to use for authenticating the 'bind_dn'. | | services/sharing/pkg/config/config.go | `SHARING_EVENTS_TLS_ROOT_CA_CERT` | `SHARING_EVENTS_TLS_ROOT_CA_CERTIFICATE` | The root CA certificate used to validate the server's TLS certificate. If provided SHARING_EVENTS_TLS_INSECURE will be seen as false. | -| services/users/pkg/config/config.go | `LDAP_BIND_PASSWORD` | `OCIS_LDAP_BIND_PASSWORD` | Password to use for authenticating the 'bind_dn'. | -| | `LDAP_USER_SCHEMA_ID_IS_OCTETSTRING` | `OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING` | Set this to true if the defined 'ID' attribute for users is of the 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute of Active Directory for the user ID's. | +| services/users/pkg/config/config.go | `LDAP_BIND_PASSWORD` | `OC_LDAP_BIND_PASSWORD` | Password to use for authenticating the 'bind_dn'. | +| | `LDAP_USER_SCHEMA_ID_IS_OCTETSTRING` | `OC_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING` | Set this to true if the defined 'ID' attribute for users is of the 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute of Active Directory for the user ID's. | | services/web/pkg/config/options.go | `WEB_OPTION_IMPRINT_URL` | To be configured via the `theme.json` file | Specifies the target URL for the imprint link valid for the ocis instance in the account menu. | | | `WEB_OPTION_PRIVACY_URL` | To be configured via the `theme.json` file | Specifies the target URL for the privacy link valid for the ocis instance in the account menu. | diff --git a/docs/services/general-info/env-var-deltas/5.0.0-7.0.0-added.adoc b/docs/services/general-info/env-var-deltas/5.0.0-7.0.0-added.adoc index c624a2120..1c107483a 100644 --- a/docs/services/general-info/env-var-deltas/5.0.0-7.0.0-added.adoc +++ b/docs/services/general-info/env-var-deltas/5.0.0-7.0.0-added.adoc @@ -9,27 +9,27 @@ | Service | Variable | Description | Default | xref:deployment/services/env-vars-special-scope.adoc[Special Scope Envvars] -| OCIS_ASSET_THEMES_PATH -| Serve ownCloud themes from a path on the filesystem instead of the builtin assets. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/web/assets/themes +| OC_ASSET_THEMES_PATH +| Serve ownCloud themes from a path on the filesystem instead of the builtin assets. If not defined, the root directory derives from $OC_BASE_DATA_PATH/web/assets/themes | /var/lib/ocis/web/assets/themes | -| OCIS_DISABLE_VERSIONING +| OC_DISABLE_VERSIONING | Disables versioning of files. When set to true, new uploads with the same filename will overwrite existing files instead of creating a new version. | false | -| OCIS_SHOW_USER_EMAIL_IN_RESULTS +| OC_SHOW_USER_EMAIL_IN_RESULTS | Include user email addresses in responses. If absent or set to false emails will be omitted from results. Please note that admin users can always see all email addresses. | false | -| OCIS_TRANSLATION_PATH +| OC_TRANSLATION_PATH | (optional) Set this to a path with custom translations to overwrite the builtin translations. Note that file and folder naming rules apply, see the documentation for more details. | | -| OCIS_WOPI_DISABLE_CHAT +| OC_WOPI_DISABLE_CHAT | Disable chat in the office web frontend. This feature applies to OnlyOffice and Microsoft. | false @@ -550,7 +550,7 @@ | | STORAGE_USERS_POSIX_ROOT -| The directory where the filesystem storage will store its data. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/storage/users. +| The directory where the filesystem storage will store its data. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage/users. | /var/lib/ocis/storage/users | @@ -620,17 +620,17 @@ | xref:{s-path}/web.adoc[Web] | WEB_ASSET_APPS_PATH -| Serve ownCloud Web apps assets from a path on the filesystem instead of the builtin assets. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/web/assets/apps +| Serve ownCloud Web apps assets from a path on the filesystem instead of the builtin assets. If not defined, the root directory derives from $OC_BASE_DATA_PATH/web/assets/apps | /var/lib/ocis/web/assets/apps | | WEB_ASSET_CORE_PATH -| Serve ownCloud Web assets from a path on the filesystem instead of the builtin assets. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/web/assets/core +| Serve ownCloud Web assets from a path on the filesystem instead of the builtin assets. If not defined, the root directory derives from $OC_BASE_DATA_PATH/web/assets/core | /var/lib/ocis/web/assets/core | | WEB_ASSET_THEMES_PATH -| Serve ownCloud themes from a path on the filesystem instead of the builtin assets. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/web/assets/themes +| Serve ownCloud themes from a path on the filesystem instead of the builtin assets. If not defined, the root directory derives from $OC_BASE_DATA_PATH/web/assets/themes | /var/lib/ocis/web/assets/themes |=== diff --git a/docs/services/general-info/env-var-deltas/5.0.0-7.0.0-removed.adoc b/docs/services/general-info/env-var-deltas/5.0.0-7.0.0-removed.adoc index 174ea58d6..014b9cc98 100644 --- a/docs/services/general-info/env-var-deltas/5.0.0-7.0.0-removed.adoc +++ b/docs/services/general-info/env-var-deltas/5.0.0-7.0.0-removed.adoc @@ -9,22 +9,22 @@ | Service | Variable | Description | Default | xref:deployment/services/env-vars-special-scope.adoc[Special Scope Envvars] -| OCIS_CACHE_SIZE +| OC_CACHE_SIZE | The maximum quantity of items in the user info cache. Only applies when store type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package though not exclicitly set as default. | 0 | -| OCIS_DECOMPOSEDFS_METADATA_BACKEND +| OC_DECOMPOSEDFS_METADATA_BACKEND | The backend to use for storing metadata. Supported values are 'messagepack' and 'xattrs'. The setting 'messagepack' uses a dedicated file to store file metadata while 'xattrs' uses extended attributes to store file metadata. Defaults to 'messagepack'. | messagepack | -| OCIS_ENABLE_RESHARING +| OC_ENABLE_RESHARING | Changing this value is NOT supported. Enables the support for re-sharing in the clients. | false | -| OCIS_PERSISTENT_STORE_SIZE +| OC_PERSISTENT_STORE_SIZE | The maximum quantity of items in the store. Only applies when store type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package though not exclicitly set as default. | 0 @@ -90,7 +90,7 @@ | | SETTINGS_DATA_PATH -| The directory where the filesystem storage will store ocis settings. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/settings. +| The directory where the filesystem storage will store ocis settings. If not defined, the root directory derives from $OC_BASE_DATA_PATH:/settings. | /var/lib/ocis/settings | @@ -109,7 +109,7 @@ | 0 | -| STORAGE_SYSTEM_OCIS_METADATA_BACKEND +| STORAGE_SYSTEM_OC_METADATA_BACKEND | The backend to use for storing metadata. Supported values are 'messagepack' and 'xattrs'. The setting 'messagepack' uses a dedicated file to store file metadata while 'xattrs' uses extended attributes to store file metadata. Defaults to 'messagepack'. | messagepack @@ -135,7 +135,7 @@ | The `Store` service has been removed completely | STORE_DATA_PATH -| The directory where the filesystem storage will store ocis settings. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/store. +| The directory where the filesystem storage will store ocis settings. If not defined, the root directory derives from $OC_BASE_DATA_PATH:/store. | /var/lib/ocis/store | diff --git a/docs/services/general-info/envvar-scopes.md b/docs/services/general-info/envvar-scopes.md index 8d7dbbb2b..d67f86134 100644 --- a/docs/services/general-info/envvar-scopes.md +++ b/docs/services/general-info/envvar-scopes.md @@ -30,7 +30,7 @@ A local envvar always starts with the service name like `POSTPROCESSING_LOG_FILE ### Global Envvars -A global envvar always starts with `OCIS_` like `OCIS_LOG_FILE`. +A global envvar always starts with `OC_` like `OC_LOG_FILE`. Note that this envvar is the global representation of the local example from above. diff --git a/docs/services/general-info/new-service-checklist.md b/docs/services/general-info/new-service-checklist.md index eb72f9ad4..28c43c59b 100644 --- a/docs/services/general-info/new-service-checklist.md +++ b/docs/services/general-info/new-service-checklist.md @@ -25,7 +25,7 @@ Use this checklist with copy/paste in your PR - right from the beginning. It ren good `` - [ ] If new CLI commands are introduced, those commands must be described in the README.md. - Commands are added to `ocis/pkg/command` -- [ ] If new global envvars are introduced, the name must start with `OCIS_`. +- [ ] If new global envvars are introduced, the name must start with `OC_`. - [ ] Add the service to the makefile in the ocis repo root. - [ ] Service startup: - add it to `ocis/pkg/command/services.go` @@ -42,7 +42,7 @@ Use this checklist with copy/paste in your PR - right from the beginning. It ren - [ ] Create proper description strings for envvars - see other services for examples, especially when it comes to multiple values. This must include: - base description, set of available values, description of each value. - [ ] When suggested commits are created for text changes, and you agree, collect them to a batch and commit them. Do not forget to rebase locally to avoid overwriting the changes made. -- [ ] If new envvars are introduced which serve the same purpose but in multiple services, an additional envvar must be added at the beginning of the list starting with `OCIS_` (global envvar). +- [ ] If new envvars are introduced which serve the same purpose but in multiple services, an additional envvar must be added at the beginning of the list starting with `OC_` (global envvar). - [ ] Ensure that a service has a debug port - [ ] If the new service introduces a new port: - The port must be added to [port-ranges.md](https://github.com/owncloud/ocis/blob/master/docs/services/general-info/port-ranges.md) and to the README.md file. diff --git a/docs/services/general-info/registry.md b/docs/services/general-info/registry.md index b2bcb6d79..376e23ef3 100644 --- a/docs/services/general-info/registry.md +++ b/docs/services/general-info/registry.md @@ -20,7 +20,7 @@ The type of registry to use can be configured with the `MICRO_REGISTRY` environm Set the environment variable to `nats-js-kv` or leave it empty to use a nats-js key value store as registry. -- Note: If not running build-in nats, `MICRO_REGISTRY_ADDRESS` needs to be set to the address of the nats-js cluster, which is the same value as `OCIS_EVENTS_ENDPOINT`. +- Note: If not running build-in nats, `MICRO_REGISTRY_ADDRESS` needs to be set to the address of the nats-js cluster, which is the same value as `OC_EVENTS_ENDPOINT`. - Optional: Use `MICRO_REGISTRY_AUTH_USERNAME` and `MICRO_REGISTRY_AUTH_PASSWORD` to authenticate with the nats cluster. ### `kubernetes` diff --git a/ocis-pkg/config/config.go b/ocis-pkg/config/config.go index 46682dacf..19c5d34d7 100644 --- a/ocis-pkg/config/config.go +++ b/ocis-pkg/config/config.go @@ -50,11 +50,11 @@ type Mode int // Runtime configures the oCIS runtime when running in supervised mode. type Runtime struct { - Port string `yaml:"port" env:"OCIS_RUNTIME_PORT" desc:"The TCP port at which oCIS will be available" introductionVersion:"pre5.0"` - Host string `yaml:"host" env:"OCIS_RUNTIME_HOST" desc:"The host at which oCIS will be available" introductionVersion:"pre5.0"` - Services []string `yaml:"services" env:"OCIS_RUN_EXTENSIONS;OCIS_RUN_SERVICES" desc:"A comma-separated list of service names. Will start only the listed services." introductionVersion:"pre5.0"` - Disabled []string `yaml:"disabled_services" env:"OCIS_EXCLUDE_RUN_SERVICES" desc:"A comma-separated list of service names. Will start all default services except of the ones listed. Has no effect when OCIS_RUN_SERVICES is set." introductionVersion:"pre5.0"` - Additional []string `yaml:"add_services" env:"OCIS_ADD_RUN_SERVICES" desc:"A comma-separated list of service names. Will add the listed services to the default configuration. Has no effect when OCIS_RUN_SERVICES is set. Note that one can add services not started by the default list and exclude services from the default list by using both envvars at the same time." introductionVersion:"pre5.0"` + Port string `yaml:"port" env:"OC_RUNTIME_PORT" desc:"The TCP port at which oCIS will be available" introductionVersion:"pre5.0"` + Host string `yaml:"host" env:"OC_RUNTIME_HOST" desc:"The host at which oCIS will be available" introductionVersion:"pre5.0"` + Services []string `yaml:"services" env:"OC_RUN_EXTENSIONS;OC_RUN_SERVICES" desc:"A comma-separated list of service names. Will start only the listed services." introductionVersion:"pre5.0"` + Disabled []string `yaml:"disabled_services" env:"OC_EXCLUDE_RUN_SERVICES" desc:"A comma-separated list of service names. Will start all default services except of the ones listed. Has no effect when OC_RUN_SERVICES is set." introductionVersion:"pre5.0"` + Additional []string `yaml:"add_services" env:"OC_ADD_RUN_SERVICES" desc:"A comma-separated list of service names. Will add the listed services to the default configuration. Has no effect when OC_RUN_SERVICES is set. Note that one can add services not started by the default list and exclude services from the default list by using both envvars at the same time." introductionVersion:"pre5.0"` } // Config combines all available configuration parts. @@ -71,15 +71,15 @@ type Config struct { Mode Mode // DEPRECATED File string - OcisURL string `yaml:"ocis_url" env:"OCIS_URL" desc:"URL, where oCIS is reachable for users." introductionVersion:"pre5.0"` + OcisURL string `yaml:"ocis_url" env:"OC_URL" desc:"URL, where oCIS is reachable for users." introductionVersion:"pre5.0"` Registry string `yaml:"registry"` TokenManager *shared.TokenManager `yaml:"token_manager"` - MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY" desc:"Machine auth API key used to validate internal requests necessary for the access to resources from other services." introductionVersion:"pre5.0"` - TransferSecret string `yaml:"transfer_secret" env:"OCIS_TRANSFER_SECRET" desc:"Transfer secret for signing file up- and download requests." introductionVersion:"pre5.0"` - SystemUserID string `yaml:"system_user_id" env:"OCIS_SYSTEM_USER_ID" desc:"ID of the oCIS storage-system system user. Admins need to set the ID for the storage-system system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format." introductionVersion:"pre5.0"` - SystemUserAPIKey string `yaml:"system_user_api_key" env:"OCIS_SYSTEM_USER_API_KEY" desc:"API key for the storage-system system user." introductionVersion:"pre5.0"` - AdminUserID string `yaml:"admin_user_id" env:"OCIS_ADMIN_USER_ID" desc:"ID of a user, that should receive admin privileges. Consider that the UUID can be encoded in some LDAP deployment configurations like in .ldif files. These need to be decoded beforehand." introductionVersion:"pre5.0"` + MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OC_MACHINE_AUTH_API_KEY" desc:"Machine auth API key used to validate internal requests necessary for the access to resources from other services." introductionVersion:"pre5.0"` + TransferSecret string `yaml:"transfer_secret" env:"OC_TRANSFER_SECRET" desc:"Transfer secret for signing file up- and download requests." introductionVersion:"pre5.0"` + SystemUserID string `yaml:"system_user_id" env:"OC_SYSTEM_USER_ID" desc:"ID of the oCIS storage-system system user. Admins need to set the ID for the storage-system system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format." introductionVersion:"pre5.0"` + SystemUserAPIKey string `yaml:"system_user_api_key" env:"OC_SYSTEM_USER_API_KEY" desc:"API key for the storage-system system user." introductionVersion:"pre5.0"` + AdminUserID string `yaml:"admin_user_id" env:"OC_ADMIN_USER_ID" desc:"ID of a user, that should receive admin privileges. Consider that the UUID can be encoded in some LDAP deployment configurations like in .ldif files. These need to be decoded beforehand." introductionVersion:"pre5.0"` Runtime Runtime `yaml:"runtime"` Activitylog *activitylog.Config `yaml:"activitylog"` diff --git a/ocis-pkg/config/defaults/paths.go b/ocis-pkg/config/defaults/paths.go index fbbc2a637..c05e86c48 100644 --- a/ocis-pkg/config/defaults/paths.go +++ b/ocis-pkg/config/defaults/paths.go @@ -20,7 +20,7 @@ func BaseDataPath() string { // It is not nice to have hidden / secrete configuration options // But how can we update the base path for every occurrence with a flagset option? // This is currently not possible and needs a new configuration concept - p := os.Getenv("OCIS_BASE_DATA_PATH") + p := os.Getenv("OC_BASE_DATA_PATH") if p != "" { return p } @@ -53,7 +53,7 @@ func BaseConfigPath() string { // It is not nice to have hidden / secrete configuration options // But how can we update the base path for every occurrence with a flagset option? // This is currently not possible and needs a new configuration concept - p := os.Getenv("OCIS_CONFIG_DIR") + p := os.Getenv("OC_CONFIG_DIR") if p != "" { return p } diff --git a/ocis-pkg/shared/shared_types.go b/ocis-pkg/shared/shared_types.go index 4ed1df7a1..95d7353b2 100644 --- a/ocis-pkg/shared/shared_types.go +++ b/ocis-pkg/shared/shared_types.go @@ -12,58 +12,58 @@ type EnvBinding struct { // Log defines the available logging configuration. type Log struct { - Level string `yaml:"level" env:"OCIS_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` - Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` - Color bool `yaml:"color" env:"OCIS_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` - File string `yaml:"file" env:"OCIS_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` + Level string `yaml:"level" env:"OC_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` + Pretty bool `yaml:"pretty" env:"OC_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` + Color bool `yaml:"color" env:"OC_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` + File string `yaml:"file" env:"OC_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` } // Tracing defines the available tracing configuration. type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` } // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `mask:"password" yaml:"jwt_secret" env:"OCIS_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` + JWTSecret string `mask:"password" yaml:"jwt_secret" env:"OC_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` } // Reva defines all available REVA client configuration. type Reva struct { - Address string `yaml:"address" env:"OCIS_REVA_GATEWAY" desc:"The CS3 gateway endpoint." introductionVersion:"pre5.0"` + Address string `yaml:"address" env:"OC_REVA_GATEWAY" desc:"The CS3 gateway endpoint." introductionVersion:"pre5.0"` TLS GRPCClientTLS `yaml:"tls"` } type GRPCClientTLS struct { - Mode string `yaml:"mode" env:"OCIS_GRPC_CLIENT_TLS_MODE" desc:"TLS mode for grpc connection to the go-micro based grpc services. Possible values are 'off', 'insecure' and 'on'. 'off': disables transport security for the clients. 'insecure' allows using transport security, but disables certificate verification (to be used with the autogenerated self-signed certificates). 'on' enables transport security, including server certificate verification." introductionVersion:"pre5.0"` - CACert string `yaml:"cacert" env:"OCIS_GRPC_CLIENT_TLS_CACERT" desc:"Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the go-micro based grpc services." introductionVersion:"pre5.0"` + Mode string `yaml:"mode" env:"OC_GRPC_CLIENT_TLS_MODE" desc:"TLS mode for grpc connection to the go-micro based grpc services. Possible values are 'off', 'insecure' and 'on'. 'off': disables transport security for the clients. 'insecure' allows using transport security, but disables certificate verification (to be used with the autogenerated self-signed certificates). 'on' enables transport security, including server certificate verification." introductionVersion:"pre5.0"` + CACert string `yaml:"cacert" env:"OC_GRPC_CLIENT_TLS_CACERT" desc:"Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the go-micro based grpc services." introductionVersion:"pre5.0"` } type GRPCServiceTLS struct { - Enabled bool `yaml:"enabled" env:"OCIS_GRPC_TLS_ENABLED" desc:"Activates TLS for the grpc based services using the server certifcate and key configured via OCIS_GRPC_TLS_CERTIFICATE and OCIS_GRPC_TLS_KEY. If OCIS_GRPC_TLS_CERTIFICATE is not set a temporary server certificate is generated - to be used with OCIS_GRPC_CLIENT_TLS_MODE=insecure." introductionVersion:"pre5.0"` - Cert string `yaml:"cert" env:"OCIS_GRPC_TLS_CERTIFICATE" desc:"Path/File name of the TLS server certificate (in PEM format) for the grpc services." introductionVersion:"pre5.0"` - Key string `yaml:"key" env:"OCIS_GRPC_TLS_KEY" desc:"Path/File name for the TLS certificate key (in PEM format) for the server certificate to use for the grpc services." introductionVersion:"pre5.0"` + Enabled bool `yaml:"enabled" env:"OC_GRPC_TLS_ENABLED" desc:"Activates TLS for the grpc based services using the server certifcate and key configured via OC_GRPC_TLS_CERTIFICATE and OC_GRPC_TLS_KEY. If OC_GRPC_TLS_CERTIFICATE is not set a temporary server certificate is generated - to be used with OC_GRPC_CLIENT_TLS_MODE=insecure." introductionVersion:"pre5.0"` + Cert string `yaml:"cert" env:"OC_GRPC_TLS_CERTIFICATE" desc:"Path/File name of the TLS server certificate (in PEM format) for the grpc services." introductionVersion:"pre5.0"` + Key string `yaml:"key" env:"OC_GRPC_TLS_KEY" desc:"Path/File name for the TLS certificate key (in PEM format) for the server certificate to use for the grpc services." introductionVersion:"pre5.0"` } type HTTPServiceTLS struct { - Enabled bool `yaml:"enabled" env:"OCIS_HTTP_TLS_ENABLED" desc:"Activates TLS for the http based services using the server certifcate and key configured via OCIS_HTTP_TLS_CERTIFICATE and OCIS_HTTP_TLS_KEY. If OCIS_HTTP_TLS_CERTIFICATE is not set a temporary server certificate is generated - to be used with PROXY_INSECURE_BACKEND=true." introductionVersion:"pre5.0"` + Enabled bool `yaml:"enabled" env:"OC_HTTP_TLS_ENABLED" desc:"Activates TLS for the http based services using the server certifcate and key configured via OC_HTTP_TLS_CERTIFICATE and OC_HTTP_TLS_KEY. If OC_HTTP_TLS_CERTIFICATE is not set a temporary server certificate is generated - to be used with PROXY_INSECURE_BACKEND=true." introductionVersion:"pre5.0"` - Cert string `yaml:"cert" env:"OCIS_HTTP_TLS_CERTIFICATE" desc:"Path/File name of the TLS server certificate (in PEM format) for the http services." introductionVersion:"pre5.0"` - Key string `yaml:"key" env:"OCIS_HTTP_TLS_KEY" desc:"Path/File name for the TLS certificate key (in PEM format) for the server certificate to use for the http services." introductionVersion:"pre5.0"` + Cert string `yaml:"cert" env:"OC_HTTP_TLS_CERTIFICATE" desc:"Path/File name of the TLS server certificate (in PEM format) for the http services." introductionVersion:"pre5.0"` + Key string `yaml:"key" env:"OC_HTTP_TLS_KEY" desc:"Path/File name for the TLS certificate key (in PEM format) for the server certificate to use for the http services." introductionVersion:"pre5.0"` } type Cache struct { - Store string `yaml:"store" env:"OCIS_CACHE_STORE" desc:"The type of the cache store. Supported values are: 'memory', 'redis-sentinel', 'nats-js-kv', 'noop'. See the text description for details." introductionVersion:"pre5.0"` - Nodes []string `yaml:"nodes" env:"OCIS_CACHE_STORE_NODES" desc:"A comma separated list of nodes to access the configured store. This has no effect when 'memory' store is configured. Note that the behaviour how nodes are used is dependent on the library of the configured store." introductionVersion:"pre5.0"` - Database string `yaml:"database" env:"OCIS_CACHE_STORE_DATABASE" desc:"The database name the configured store should use." introductionVersion:"pre5.0"` - Table string `yaml:"table" env:"OCIS_CACHE_STORE_TABLE" desc:"The database table the store should use." introductionVersion:"pre5.0"` - TTL time.Duration `yaml:"ttl" env:"OCIS_CACHE_TTL" desc:"Time to live for events in the store. The duration can be set as number followed by a unit identifier like s, m or h." introductionVersion:"pre5.0"` - DisablePersistence bool `yaml:"disable_persistence" env:"OCIS_CACHE_DISABLE_PERSISTENCE" desc:"Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false." introductionVersion:"5.0"` - AuthUsername string `yaml:"auth_username" env:"OCIS_CACHE_AUTH_USERNAME" desc:"The username to use for authentication. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"pre5.0"` - AuthPassword string `yaml:"auth_password" env:"OCIS_CACHE_AUTH_PASSWORD" desc:"The password to use for authentication. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"pre5.0"` + Store string `yaml:"store" env:"OC_CACHE_STORE" desc:"The type of the cache store. Supported values are: 'memory', 'redis-sentinel', 'nats-js-kv', 'noop'. See the text description for details." introductionVersion:"pre5.0"` + Nodes []string `yaml:"nodes" env:"OC_CACHE_STORE_NODES" desc:"A comma separated list of nodes to access the configured store. This has no effect when 'memory' store is configured. Note that the behaviour how nodes are used is dependent on the library of the configured store." introductionVersion:"pre5.0"` + Database string `yaml:"database" env:"OC_CACHE_STORE_DATABASE" desc:"The database name the configured store should use." introductionVersion:"pre5.0"` + Table string `yaml:"table" env:"OC_CACHE_STORE_TABLE" desc:"The database table the store should use." introductionVersion:"pre5.0"` + TTL time.Duration `yaml:"ttl" env:"OC_CACHE_TTL" desc:"Time to live for events in the store. The duration can be set as number followed by a unit identifier like s, m or h." introductionVersion:"pre5.0"` + DisablePersistence bool `yaml:"disable_persistence" env:"OC_CACHE_DISABLE_PERSISTENCE" desc:"Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false." introductionVersion:"5.0"` + AuthUsername string `yaml:"auth_username" env:"OC_CACHE_AUTH_USERNAME" desc:"The username to use for authentication. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"pre5.0"` + AuthPassword string `yaml:"auth_password" env:"OC_CACHE_AUTH_PASSWORD" desc:"The password to use for authentication. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"pre5.0"` } // Commons holds configuration that are common to all extensions. Each extension can then decide whether @@ -75,16 +75,16 @@ type Commons struct { GRPCClientTLS *GRPCClientTLS `yaml:"grpc_client_tls"` GRPCServiceTLS *GRPCServiceTLS `yaml:"grpc_service_tls"` HTTPServiceTLS HTTPServiceTLS `yaml:"http_service_tls"` - OcisURL string `yaml:"ocis_url" env:"OCIS_URL" desc:"URL, where oCIS is reachable for users." introductionVersion:"pre5.0"` + OcisURL string `yaml:"ocis_url" env:"OC_URL" desc:"URL, where oCIS is reachable for users." introductionVersion:"pre5.0"` TokenManager *TokenManager `mask:"struct" yaml:"token_manager"` Reva *Reva `yaml:"reva"` - MachineAuthAPIKey string `mask:"password" yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY" desc:"Machine auth API key used to validate internal requests necessary for the access to resources from other services." introductionVersion:"pre5.0"` + MachineAuthAPIKey string `mask:"password" yaml:"machine_auth_api_key" env:"OC_MACHINE_AUTH_API_KEY" desc:"Machine auth API key used to validate internal requests necessary for the access to resources from other services." introductionVersion:"pre5.0"` TransferSecret string `mask:"password" yaml:"transfer_secret,omitempty" env:"REVA_TRANSFER_SECRET" desc:"The secret used for signing the requests towards the data gateway for up- and downloads." introductionVersion:"pre5.0"` - SystemUserID string `yaml:"system_user_id" env:"OCIS_SYSTEM_USER_ID" desc:"ID of the oCIS storage-system system user. Admins need to set the ID for the storage-system system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format." introductionVersion:"pre5.0"` + SystemUserID string `yaml:"system_user_id" env:"OC_SYSTEM_USER_ID" desc:"ID of the oCIS storage-system system user. Admins need to set the ID for the storage-system system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format." introductionVersion:"pre5.0"` SystemUserAPIKey string `mask:"password" yaml:"system_user_api_key" env:"SYSTEM_USER_API_KEY" desc:"API key for all system users." introductionVersion:"pre5.0"` - AdminUserID string `yaml:"admin_user_id" env:"OCIS_ADMIN_USER_ID" desc:"ID of a user, that should receive admin privileges. Consider that the UUID can be encoded in some LDAP deployment configurations like in .ldif files. These need to be decoded beforehand." introductionVersion:"pre5.0"` + AdminUserID string `yaml:"admin_user_id" env:"OC_ADMIN_USER_ID" desc:"ID of a user, that should receive admin privileges. Consider that the UUID can be encoded in some LDAP deployment configurations like in .ldif files. These need to be decoded beforehand." introductionVersion:"pre5.0"` // NOTE: you will not fing GRPCMaxReceivedMessageSize size being used in the code. The envvar is actually extracted in revas `pool` package: https://github.com/cs3org/reva/blob/edge/pkg/rgrpc/todo/pool/connection.go // It is mentioned here again so it is documented - GRPCMaxReceivedMessageSize int `env:"OCIS_GRPC_MAX_RECEIVED_MESSAGE_SIZE" desc:"The maximum body size for grpc requests. Defaults to '10240000' bytes (10MB). Note that large values can potentially hide errors but may lead to network timeouts. Should only be changed temporarily to regain access for large folders with 25.000+ files to copy out data." introductionVersion:"pre5.0"` + GRPCMaxReceivedMessageSize int `env:"OC_GRPC_MAX_RECEIVED_MESSAGE_SIZE" desc:"The maximum body size for grpc requests. Defaults to '10240000' bytes (10MB). Note that large values can potentially hide errors but may lead to network timeouts. Should only be changed temporarily to regain access for large folders with 25.000+ files to copy out data." introductionVersion:"pre5.0"` } diff --git a/ocis-pkg/tracing/config.go b/ocis-pkg/tracing/config.go index ecc6a7f72..2410bdf7e 100644 --- a/ocis-pkg/tracing/config.go +++ b/ocis-pkg/tracing/config.go @@ -7,8 +7,8 @@ type ConfigConverter interface { // Tracing defines the available tracing configuration. type Config struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE" desc:"The type of tracing. Defaults to \"\", which is the same as \"jaeger\". Allowed tracing types are \"jaeger\" and \"\" as of now." introductionVersion:"pre5.0" introductionVersion:"pre5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE" desc:"The type of tracing. Defaults to \"\", which is the same as \"jaeger\". Allowed tracing types are \"jaeger\" and \"\" as of now." introductionVersion:"pre5.0" introductionVersion:"pre5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` } diff --git a/opencloud/pkg/command/init.go b/opencloud/pkg/command/init.go index 19b15bdc9..f711a4d95 100644 --- a/opencloud/pkg/command/init.go +++ b/opencloud/pkg/command/init.go @@ -22,7 +22,7 @@ func InitCommand(cfg *config.Config) *cli.Command { Flags: []cli.Flag{ &cli.StringFlag{ Name: "insecure", - EnvVars: []string{"OCIS_INSECURE"}, + EnvVars: []string{"OC_INSECURE"}, Value: "ask", Usage: "Allow insecure oCIS config", }, @@ -35,7 +35,7 @@ func InitCommand(cfg *config.Config) *cli.Command { &cli.BoolFlag{ Name: "force-overwrite", Aliases: []string{"f"}, - EnvVars: []string{"OCIS_FORCE_CONFIG_OVERWRITE"}, + EnvVars: []string{"OC_FORCE_CONFIG_OVERWRITE"}, Value: false, Usage: "Force overwrite existing config file", }, @@ -43,7 +43,7 @@ func InitCommand(cfg *config.Config) *cli.Command { Name: "config-path", Value: defaults.BaseConfigPath(), Usage: "Config path for the ocis runtime", - EnvVars: []string{"OCIS_CONFIG_DIR", "OCIS_BASE_DATA_PATH"}, + EnvVars: []string{"OC_CONFIG_DIR", "OC_BASE_DATA_PATH"}, }, &cli.StringFlag{ Name: "admin-password", diff --git a/opencloud/pkg/command/list.go b/opencloud/pkg/command/list.go index d07f7e91f..72d0fd706 100644 --- a/opencloud/pkg/command/list.go +++ b/opencloud/pkg/command/list.go @@ -21,13 +21,13 @@ func ListCommand(cfg *config.Config) *cli.Command { &cli.StringFlag{ Name: "hostname", Value: "localhost", - EnvVars: []string{"OCIS_RUNTIME_HOST"}, + EnvVars: []string{"OC_RUNTIME_HOST"}, Destination: &cfg.Runtime.Host, }, &cli.StringFlag{ Name: "port", Value: "9250", - EnvVars: []string{"OCIS_RUNTIME_PORT"}, + EnvVars: []string{"OC_RUNTIME_PORT"}, Destination: &cfg.Runtime.Port, }, }, diff --git a/opencloud/pkg/command/shares.go b/opencloud/pkg/command/shares.go index ecc5a1623..124181a51 100644 --- a/opencloud/pkg/command/shares.go +++ b/opencloud/pkg/command/shares.go @@ -54,14 +54,14 @@ func cleanupCmd(cfg *config.Config) *cli.Command { Name: "service-account-id", Value: "", Usage: "Name of the service account to use for the cleanup", - EnvVars: []string{"OCIS_SERVICE_ACCOUNT_ID"}, + EnvVars: []string{"OC_SERVICE_ACCOUNT_ID"}, Required: true, }, &cli.StringFlag{ Name: "service-account-secret", Value: "", Usage: "Secret for the service account", - EnvVars: []string{"OCIS_SERVICE_ACCOUNT_SECRET"}, + EnvVars: []string{"OC_SERVICE_ACCOUNT_SECRET"}, Required: true, }, }, diff --git a/scripts/create-files.sh b/scripts/create-files.sh index 81777c256..0c2973c3d 100644 --- a/scripts/create-files.sh +++ b/scripts/create-files.sh @@ -1,20 +1,20 @@ #!/bin/bash CLIENTS=${CLIENTS:-2} COUNT=${COUNT:-100} -OCIS_URL=${OCIS_URL:-https://localhost:9200} +OC_URL=${OC_URL:-https://localhost:9200} ENDPOINT=${ENDPOINT:-/webdav} FOLDER=${FOLDER:-c$CLIENTS x i$COUNT files} USER=${USER:-einstein} PASSWORD=${PASSWORD:-relativity} CURL_OPTS=${CURL_OPTS:--k} -curl -X MKCOL "$OCIS_URL$ENDPOINT/$FOLDER/" -u $USER:$PASSWORD $CURL_OPTS || { echo "could not create collection '$OCIS_URL$ENDPOINT/$FOLDER/'" >&2; exit 1; } +curl -X MKCOL "$OC_URL$ENDPOINT/$FOLDER/" -u $USER:$PASSWORD $CURL_OPTS || { echo "could not create collection '$OC_URL$ENDPOINT/$FOLDER/'" >&2; exit 1; } for c in $(seq 1 $CLIENTS); do { for i in $(seq 1 $COUNT); do - curl -X PUT -d "$c,$i" "$OCIS_URL$ENDPOINT/$FOLDER/file c$c i$i.txt" -u $USER:$PASSWORD $CURL_OPTS + curl -X PUT -d "$c,$i" "$OC_URL$ENDPOINT/$FOLDER/file c$c i$i.txt" -u $USER:$PASSWORD $CURL_OPTS done } & done \ No newline at end of file diff --git a/scripts/create-tree.sh b/scripts/create-tree.sh index 9c61503d9..c13b379c8 100644 --- a/scripts/create-tree.sh +++ b/scripts/create-tree.sh @@ -1,7 +1,7 @@ #!/bin/bash DEPTH=${DEPTH:-3} WIDTH=${WIDTH:-10} -OCIS_URL=${OCIS_URL:-https://localhost:9200} +OC_URL=${OC_URL:-https://localhost:9200} ENDPOINT=${ENDPOINT:-/webdav} FOLDER=${FOLDER:-w$WIDTH x d$DEPTH folders} USER=${USER:-einstein} @@ -30,8 +30,8 @@ create_tree() do { p="$3/w${w}d$2" COUNT=$(( COUNT + 1 )) - echo "creating $COUNT/$MAX $OCIS_URL$ENDPOINT/$FOLDER$p" - curl -X MKCOL "$OCIS_URL$ENDPOINT/$FOLDER$p" -u $USER:$PASSWORD -w "%{http_code}" $CURL_OPTS || { echo "could not create collection '$OCIS_URL$ENDPOINT/$FOLDER$p'" >&2; exit 1; } & + echo "creating $COUNT/$MAX $OC_URL$ENDPOINT/$FOLDER$p" + curl -X MKCOL "$OC_URL$ENDPOINT/$FOLDER$p" -u $USER:$PASSWORD -w "%{http_code}" $CURL_OPTS || { echo "could not create collection '$OC_URL$ENDPOINT/$FOLDER$p'" >&2; exit 1; } & create_tree $1 $(( $2 - 1 )) $p } done @@ -49,6 +49,6 @@ create_tree() # w^d + -curl -X MKCOL "$OCIS_URL$ENDPOINT/$FOLDER" -u $USER:$PASSWORD -w "%{http_code}" $CURL_OPTS || { echo "could not create collection '$OCIS_URL$ENDPOINT/$FOLDER/'" >&2; exit 1; } +curl -X MKCOL "$OC_URL$ENDPOINT/$FOLDER" -u $USER:$PASSWORD -w "%{http_code}" $CURL_OPTS || { echo "could not create collection '$OC_URL$ENDPOINT/$FOLDER/'" >&2; exit 1; } create_tree $WIDTH $DEPTH diff --git a/services/activitylog/README.md b/services/activitylog/README.md index d4058dd75..d05650ba4 100644 --- a/services/activitylog/README.md +++ b/services/activitylog/README.md @@ -38,4 +38,4 @@ which is the source of the texts provided by the code. ## Default Language -The default language can be defined via the `OCIS_DEFAULT_LANGUAGE` environment variable. See the `settings` service for a detailed description. +The default language can be defined via the `OC_DEFAULT_LANGUAGE` environment variable. See the `settings` service for a detailed description. diff --git a/services/activitylog/pkg/config/config.go b/services/activitylog/pkg/config/config.go index e7fe6c384..0e05f8fb9 100644 --- a/services/activitylog/pkg/config/config.go +++ b/services/activitylog/pkg/config/config.go @@ -20,14 +20,14 @@ type Config struct { Events Events `yaml:"events"` Store Store `yaml:"store"` - RevaGateway string `yaml:"reva_gateway" env:"OCIS_REVA_GATEWAY" desc:"CS3 gateway used to look up user metadata" introductionVersion:"5.0"` + RevaGateway string `yaml:"reva_gateway" env:"OC_REVA_GATEWAY" desc:"CS3 gateway used to look up user metadata" introductionVersion:"5.0"` GRPCClientTLS *shared.GRPCClientTLS `yaml:"grpc_client_tls"` HTTP HTTP `yaml:"http"` TokenManager *TokenManager `yaml:"token_manager"` - TranslationPath string `yaml:"translation_path" env:"OCIS_TRANSLATION_PATH;ACTIVITYLOG_TRANSLATION_PATH" desc:"(optional) Set this to a path with custom translations to overwrite the builtin translations. Note that file and folder naming rules apply, see the documentation for more details." introductionVersion:"7.0.0"` - DefaultLanguage string `yaml:"default_language" env:"OCIS_DEFAULT_LANGUAGE" desc:"The default language used by services and the WebUI. If not defined, English will be used as default. See the documentation for more details." introductionVersion:"7.0.0"` + TranslationPath string `yaml:"translation_path" env:"OC_TRANSLATION_PATH;ACTIVITYLOG_TRANSLATION_PATH" desc:"(optional) Set this to a path with custom translations to overwrite the builtin translations. Note that file and folder naming rules apply, see the documentation for more details." introductionVersion:"7.0.0"` + DefaultLanguage string `yaml:"default_language" env:"OC_DEFAULT_LANGUAGE" desc:"The default language used by services and the WebUI. If not defined, English will be used as default. See the documentation for more details." introductionVersion:"7.0.0"` ServiceAccount ServiceAccount `yaml:"service_account"` @@ -36,38 +36,38 @@ type Config struct { // Events combines the configuration options for the event bus. type Events struct { - Endpoint string `yaml:"endpoint" env:"OCIS_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"5.0"` - Cluster string `yaml:"cluster" env:"OCIS_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"5.0"` - TLSInsecure bool `yaml:"tls_insecure" env:"OCIS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"5.0"` - TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"5.0"` - EnableTLS bool `yaml:"enable_tls" env:"OCIS_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` - AuthUsername string `yaml:"username" env:"OCIS_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` - AuthPassword string `yaml:"password" env:"OCIS_EVENTS_AUTH_PASSWORD" desc:"The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` + Endpoint string `yaml:"endpoint" env:"OC_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"5.0"` + Cluster string `yaml:"cluster" env:"OC_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"5.0"` + TLSInsecure bool `yaml:"tls_insecure" env:"OC_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"5.0"` + TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OC_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"5.0"` + EnableTLS bool `yaml:"enable_tls" env:"OC_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` + AuthUsername string `yaml:"username" env:"OC_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` + AuthPassword string `yaml:"password" env:"OC_EVENTS_AUTH_PASSWORD" desc:"The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` } // Store configures the store to use type Store struct { - Store string `yaml:"store" env:"OCIS_PERSISTENT_STORE;ACTIVITYLOG_STORE" desc:"The type of the store. Supported values are: 'memory', 'nats-js-kv', 'redis-sentinel', 'noop'. See the text description for details." introductionVersion:"pre5.0"` - Nodes []string `yaml:"nodes" env:"OCIS_PERSISTENT_STORE_NODES;ACTIVITYLOG_STORE_NODES" desc:"A list of nodes to access the configured store. This has no effect when 'memory' store is configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + Store string `yaml:"store" env:"OC_PERSISTENT_STORE;ACTIVITYLOG_STORE" desc:"The type of the store. Supported values are: 'memory', 'nats-js-kv', 'redis-sentinel', 'noop'. See the text description for details." introductionVersion:"pre5.0"` + Nodes []string `yaml:"nodes" env:"OC_PERSISTENT_STORE_NODES;ACTIVITYLOG_STORE_NODES" desc:"A list of nodes to access the configured store. This has no effect when 'memory' store is configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` Database string `yaml:"database" env:"ACTIVITYLOG_STORE_DATABASE" desc:"The database name the configured store should use." introductionVersion:"pre5.0"` Table string `yaml:"table" env:"ACTIVITYLOG_STORE_TABLE" desc:"The database table the store should use." introductionVersion:"pre5.0"` - TTL time.Duration `yaml:"ttl" env:"OCIS_PERSISTENT_STORE_TTL;ACTIVITYLOG_STORE_TTL" desc:"Time to live for events in the store. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AuthUsername string `yaml:"username" env:"OCIS_PERSISTENT_STORE_AUTH_USERNAME;ACTIVITYLOG_STORE_AUTH_USERNAME" desc:"The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` - AuthPassword string `yaml:"password" env:"OCIS_PERSISTENT_STORE_AUTH_PASSWORD;ACTIVITYLOG_STORE_AUTH_PASSWORD" desc:"The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` + TTL time.Duration `yaml:"ttl" env:"OC_PERSISTENT_STORE_TTL;ACTIVITYLOG_STORE_TTL" desc:"Time to live for events in the store. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AuthUsername string `yaml:"username" env:"OC_PERSISTENT_STORE_AUTH_USERNAME;ACTIVITYLOG_STORE_AUTH_USERNAME" desc:"The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` + AuthPassword string `yaml:"password" env:"OC_PERSISTENT_STORE_AUTH_PASSWORD;ACTIVITYLOG_STORE_AUTH_PASSWORD" desc:"The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` } // ServiceAccount is the configuration for the used service account type ServiceAccount struct { - ServiceAccountID string `yaml:"service_account_id" env:"OCIS_SERVICE_ACCOUNT_ID;ACTIVITYLOG_SERVICE_ACCOUNT_ID" desc:"The ID of the service account the service should use. See the 'auth-service' service description for more details." introductionVersion:"5.0"` - ServiceAccountSecret string `yaml:"service_account_secret" env:"OCIS_SERVICE_ACCOUNT_SECRET;ACTIVITYLOG_SERVICE_ACCOUNT_SECRET" desc:"The service account secret." introductionVersion:"5.0"` + ServiceAccountID string `yaml:"service_account_id" env:"OC_SERVICE_ACCOUNT_ID;ACTIVITYLOG_SERVICE_ACCOUNT_ID" desc:"The ID of the service account the service should use. See the 'auth-service' service description for more details." introductionVersion:"5.0"` + ServiceAccountSecret string `yaml:"service_account_secret" env:"OC_SERVICE_ACCOUNT_SECRET;ACTIVITYLOG_SERVICE_ACCOUNT_SECRET" desc:"The service account secret." introductionVersion:"5.0"` } // CORS defines the available cors configuration. type CORS struct { - AllowedOrigins []string `yaml:"allow_origins" env:"OCIS_CORS_ALLOW_ORIGINS;ACTIVITYLOG_CORS_ALLOW_ORIGINS" desc:"A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AllowedMethods []string `yaml:"allow_methods" env:"OCIS_CORS_ALLOW_METHODS;ACTIVITYLOG_CORS_ALLOW_METHODS" desc:"A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AllowedHeaders []string `yaml:"allow_headers" env:"OCIS_CORS_ALLOW_HEADERS;ACTIVITYLOG_CORS_ALLOW_HEADERS" desc:"A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AllowCredentials bool `yaml:"allow_credentials" env:"OCIS_CORS_ALLOW_CREDENTIALS;ACTIVITYLOG_CORS_ALLOW_CREDENTIALS" desc:"Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials." introductionVersion:"pre5.0"` + AllowedOrigins []string `yaml:"allow_origins" env:"OC_CORS_ALLOW_ORIGINS;ACTIVITYLOG_CORS_ALLOW_ORIGINS" desc:"A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowedMethods []string `yaml:"allow_methods" env:"OC_CORS_ALLOW_METHODS;ACTIVITYLOG_CORS_ALLOW_METHODS" desc:"A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowedHeaders []string `yaml:"allow_headers" env:"OC_CORS_ALLOW_HEADERS;ACTIVITYLOG_CORS_ALLOW_HEADERS" desc:"A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowCredentials bool `yaml:"allow_credentials" env:"OC_CORS_ALLOW_CREDENTIALS;ACTIVITYLOG_CORS_ALLOW_CREDENTIALS" desc:"Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials." introductionVersion:"pre5.0"` } // HTTP defines the available http configuration. @@ -81,5 +81,5 @@ type HTTP struct { // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;ACTIVITYLOG_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` + JWTSecret string `yaml:"jwt_secret" env:"OC_JWT_SECRET;ACTIVITYLOG_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` } diff --git a/services/activitylog/pkg/config/log.go b/services/activitylog/pkg/config/log.go index 6b19a6204..c81f995ee 100644 --- a/services/activitylog/pkg/config/log.go +++ b/services/activitylog/pkg/config/log.go @@ -2,8 +2,8 @@ package config // Log defines the available log configuration. type Log struct { - Level string `mapstructure:"level" env:"OCIS_LOG_LEVEL;ACTIVITYLOG_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"5.0"` - Pretty bool `mapstructure:"pretty" env:"OCIS_LOG_PRETTY;ACTIVITYLOG_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"5.0"` - Color bool `mapstructure:"color" env:"OCIS_LOG_COLOR;ACTIVITYLOG_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"5.0"` - File string `mapstructure:"file" env:"OCIS_LOG_FILE;ACTIVITYLOG_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"5.0"` + Level string `mapstructure:"level" env:"OC_LOG_LEVEL;ACTIVITYLOG_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"5.0"` + Pretty bool `mapstructure:"pretty" env:"OC_LOG_PRETTY;ACTIVITYLOG_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"5.0"` + Color bool `mapstructure:"color" env:"OC_LOG_COLOR;ACTIVITYLOG_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"5.0"` + File string `mapstructure:"file" env:"OC_LOG_FILE;ACTIVITYLOG_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"5.0"` } diff --git a/services/activitylog/pkg/config/tracing.go b/services/activitylog/pkg/config/tracing.go index 4a051afa6..7c0780a88 100644 --- a/services/activitylog/pkg/config/tracing.go +++ b/services/activitylog/pkg/config/tracing.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/tracing" // Tracing defines the available tracing configuration. type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;ACTIVITYLOG_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;ACTIVITYLOG_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;ACTIVITYLOG_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;ACTIVITYLOG_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;ACTIVITYLOG_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;ACTIVITYLOG_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;ACTIVITYLOG_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;ACTIVITYLOG_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"5.0"` } // Convert Tracing to the tracing package's Config struct. diff --git a/services/antivirus/pkg/config/config.go b/services/antivirus/pkg/config/config.go index f2ffa6871..8a0179273 100644 --- a/services/antivirus/pkg/config/config.go +++ b/services/antivirus/pkg/config/config.go @@ -35,10 +35,10 @@ type Service struct { // Log defines the available log configuration. type Log struct { - Level string `mapstructure:"level" env:"OCIS_LOG_LEVEL;ANTIVIRUS_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` - Pretty bool `mapstructure:"pretty" env:"OCIS_LOG_PRETTY;ANTIVIRUS_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` - Color bool `mapstructure:"color" env:"OCIS_LOG_COLOR;ANTIVIRUS_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` - File string `mapstructure:"file" env:"OCIS_LOG_FILE;ANTIVIRUS_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` + Level string `mapstructure:"level" env:"OC_LOG_LEVEL;ANTIVIRUS_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` + Pretty bool `mapstructure:"pretty" env:"OC_LOG_PRETTY;ANTIVIRUS_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` + Color bool `mapstructure:"color" env:"OC_LOG_COLOR;ANTIVIRUS_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` + File string `mapstructure:"file" env:"OC_LOG_FILE;ANTIVIRUS_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` } // Debug defines the available debug configuration. @@ -51,13 +51,13 @@ type Debug struct { // Events combines the configuration options for the event bus. type Events struct { - Endpoint string `yaml:"endpoint" env:"OCIS_EVENTS_ENDPOINT;ANTIVIRUS_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"pre5.0"` - Cluster string `yaml:"cluster" env:"OCIS_EVENTS_CLUSTER;ANTIVIRUS_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"pre5.0"` - TLSInsecure bool `yaml:"tls_insecure" env:"OCIS_INSECURE;ANTIVIRUS_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"pre5.0"` - TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;ANTIVIRUS_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided ANTIVIRUS_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"pre5.0"` - EnableTLS bool `yaml:"enable_tls" env:"OCIS_EVENTS_ENABLE_TLS;ANTIVIRUS_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"pre5.0"` - AuthUsername string `yaml:"username" env:"OCIS_EVENTS_AUTH_USERNAME;ANTIVIRUS_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` - AuthPassword string `yaml:"password" env:"OCIS_EVENTS_AUTH_PASSWORD;ANTIVIRUS_EVENTS_AUTH_PASSWORD" desc:"The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` + Endpoint string `yaml:"endpoint" env:"OC_EVENTS_ENDPOINT;ANTIVIRUS_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"pre5.0"` + Cluster string `yaml:"cluster" env:"OC_EVENTS_CLUSTER;ANTIVIRUS_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"pre5.0"` + TLSInsecure bool `yaml:"tls_insecure" env:"OC_INSECURE;ANTIVIRUS_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"pre5.0"` + TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;ANTIVIRUS_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided ANTIVIRUS_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"pre5.0"` + EnableTLS bool `yaml:"enable_tls" env:"OC_EVENTS_ENABLE_TLS;ANTIVIRUS_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"pre5.0"` + AuthUsername string `yaml:"username" env:"OC_EVENTS_AUTH_USERNAME;ANTIVIRUS_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` + AuthPassword string `yaml:"password" env:"OC_EVENTS_AUTH_PASSWORD;ANTIVIRUS_EVENTS_AUTH_PASSWORD" desc:"The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` } // Scanner provides configuration options for the virus scanner diff --git a/services/antivirus/pkg/config/tracing.go b/services/antivirus/pkg/config/tracing.go index 4fa48090e..0e32c4f00 100644 --- a/services/antivirus/pkg/config/tracing.go +++ b/services/antivirus/pkg/config/tracing.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/tracing" // Tracing defines the available tracing configuration. type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;ANTIVIRUS_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;ANTIVIRUS_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;ANTIVIRUS_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;ANTIVIRUS_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;ANTIVIRUS_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;ANTIVIRUS_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;ANTIVIRUS_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;ANTIVIRUS_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` } // Convert Tracing to the tracing package's Config struct. diff --git a/services/app-provider/pkg/config/config.go b/services/app-provider/pkg/config/config.go index 857c01682..3362fe894 100644 --- a/services/app-provider/pkg/config/config.go +++ b/services/app-provider/pkg/config/config.go @@ -26,10 +26,10 @@ type Config struct { } type Log struct { - Level string `yaml:"level" env:"OCIS_LOG_LEVEL;APP_PROVIDER_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` - Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;APP_PROVIDER_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` - Color bool `yaml:"color" env:"OCIS_LOG_COLOR;APP_PROVIDER_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` - File string `yaml:"file" env:"OCIS_LOG_FILE;APP_PROVIDER_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` + Level string `yaml:"level" env:"OC_LOG_LEVEL;APP_PROVIDER_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` + Pretty bool `yaml:"pretty" env:"OC_LOG_PRETTY;APP_PROVIDER_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` + Color bool `yaml:"color" env:"OC_LOG_COLOR;APP_PROVIDER_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` + File string `yaml:"file" env:"OC_LOG_FILE;APP_PROVIDER_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` } type Debug struct { @@ -47,7 +47,7 @@ type GRPCConfig struct { Addr string `yaml:"addr" env:"APP_PROVIDER_GRPC_ADDR" desc:"The bind address of the GRPC service." introductionVersion:"pre5.0"` TLS *shared.GRPCServiceTLS `yaml:"tls"` Namespace string `yaml:"-"` - Protocol string `yaml:"protocol" env:"OCIS_GRPC_PROTOCOL;APP_PROVIDER_GRPC_PROTOCOL" desc:"The transport protocol of the GPRC service." introductionVersion:"pre5.0"` + Protocol string `yaml:"protocol" env:"OC_GRPC_PROTOCOL;APP_PROVIDER_GRPC_PROTOCOL" desc:"The transport protocol of the GPRC service." introductionVersion:"pre5.0"` } type Drivers struct { @@ -61,10 +61,10 @@ type WOPIDriver struct { AppInternalURL string `yaml:"app_internal_url" env:"APP_PROVIDER_WOPI_APP_INTERNAL_URL" desc:"Internal URL to the app, like in your DMZ." introductionVersion:"pre5.0"` AppName string `yaml:"app_name" env:"APP_PROVIDER_WOPI_APP_NAME" desc:"Human readable app name." introductionVersion:"pre5.0"` AppURL string `yaml:"app_url" env:"APP_PROVIDER_WOPI_APP_URL" desc:"URL for end users to access the app." introductionVersion:"pre5.0"` - AppDisableChat bool `yaml:"app_disable_chat" env:"APP_PROVIDER_WOPI_DISABLE_CHAT;OCIS_WOPI_DISABLE_CHAT" desc:"Disable the chat functionality of the office app." introductionVersion:"pre5.0"` + AppDisableChat bool `yaml:"app_disable_chat" env:"APP_PROVIDER_WOPI_DISABLE_CHAT;OC_WOPI_DISABLE_CHAT" desc:"Disable the chat functionality of the office app." introductionVersion:"pre5.0"` Insecure bool `yaml:"insecure" env:"APP_PROVIDER_WOPI_INSECURE" desc:"Disable TLS certificate validation for requests to the WOPI server and the web office application. Do not set this in production environments." introductionVersion:"pre5.0"` IopSecret string `yaml:"wopi_server_iop_secret" env:"APP_PROVIDER_WOPI_WOPI_SERVER_IOP_SECRET" desc:"Shared secret of the CS3org WOPI server." introductionVersion:"pre5.0"` WopiURL string `yaml:"wopi_server_external_url" env:"APP_PROVIDER_WOPI_WOPI_SERVER_EXTERNAL_URL" desc:"External url of the CS3org WOPI server." introductionVersion:"pre5.0"` - WopiFolderURLBaseURL string `yaml:"wopi_folder_url_base_url" env:"OCIS_URL;APP_PROVIDER_WOPI_FOLDER_URL_BASE_URL" desc:"Base url to navigate back from the app to the containing folder in the file list." introductionVersion:"pre5.0"` + WopiFolderURLBaseURL string `yaml:"wopi_folder_url_base_url" env:"OC_URL;APP_PROVIDER_WOPI_FOLDER_URL_BASE_URL" desc:"Base url to navigate back from the app to the containing folder in the file list." introductionVersion:"pre5.0"` WopiFolderURLPathTemplate string `yaml:"wopi_folder_url_path_template" env:"APP_PROVIDER_WOPI_FOLDER_URL_PATH_TEMPLATE" desc:"Path template to navigate back from the app to the containing folder in the file list. Supported template variables are {{.ResourceInfo.ResourceID}}, {{.ResourceInfo.Mtime.Seconds}}, {{.ResourceInfo.Name}}, {{.ResourceInfo.Path}}, {{.ResourceInfo.Type}}, {{.ResourceInfo.Id.SpaceId}}, {{.ResourceInfo.Id.StorageId}}, {{.ResourceInfo.Id.OpaqueId}}, {{.ResourceInfo.MimeType}}" introductionVersion:"pre5.0"` } diff --git a/services/app-provider/pkg/config/reva.go b/services/app-provider/pkg/config/reva.go index ec9f1ffcf..9be833ee5 100644 --- a/services/app-provider/pkg/config/reva.go +++ b/services/app-provider/pkg/config/reva.go @@ -2,5 +2,5 @@ package config // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;APP_PROVIDER_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` + JWTSecret string `yaml:"jwt_secret" env:"OC_JWT_SECRET;APP_PROVIDER_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` } diff --git a/services/app-provider/pkg/config/tracing.go b/services/app-provider/pkg/config/tracing.go index 052d99d4e..5d3c8a894 100644 --- a/services/app-provider/pkg/config/tracing.go +++ b/services/app-provider/pkg/config/tracing.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/tracing" // Tracing defines the configuration options for tracing. type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;APP_PROVIDER_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;APP_PROVIDER_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;APP_PROVIDER_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;APP_PROVIDER_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;APP_PROVIDER_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;APP_PROVIDER_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;APP_PROVIDER_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;APP_PROVIDER_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` } // Convert Tracing to the tracing package's Config struct. diff --git a/services/app-registry/pkg/config/config.go b/services/app-registry/pkg/config/config.go index 86c52c34d..7e216b927 100644 --- a/services/app-registry/pkg/config/config.go +++ b/services/app-registry/pkg/config/config.go @@ -25,10 +25,10 @@ type Config struct { } type Log struct { - Level string `yaml:"level" env:"OCIS_LOG_LEVEL;APP_REGISTRY_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` - Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;APP_REGISTRY_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` - Color bool `yaml:"color" env:"OCIS_LOG_COLOR;APP_REGISTRY_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` - File string `yaml:"file" env:"OCIS_LOG_FILE;APP_REGISTRY_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` + Level string `yaml:"level" env:"OC_LOG_LEVEL;APP_REGISTRY_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` + Pretty bool `yaml:"pretty" env:"OC_LOG_PRETTY;APP_REGISTRY_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` + Color bool `yaml:"color" env:"OC_LOG_COLOR;APP_REGISTRY_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` + File string `yaml:"file" env:"OC_LOG_FILE;APP_REGISTRY_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` } type Service struct { @@ -46,7 +46,7 @@ type GRPCConfig struct { Addr string `yaml:"addr" env:"APP_REGISTRY_GRPC_ADDR" desc:"The bind address of the GRPC service." introductionVersion:"pre5.0"` TLS *shared.GRPCServiceTLS `yaml:"tls"` Namespace string `yaml:"-"` - Protocol string `yaml:"protocol" env:"OCIS_GRPC_PROTOCOL;APP_REGISTRY_GRPC_PROTOCOL" desc:"The transport protocol of the GRPC service." introductionVersion:"pre5.0"` + Protocol string `yaml:"protocol" env:"OC_GRPC_PROTOCOL;APP_REGISTRY_GRPC_PROTOCOL" desc:"The transport protocol of the GRPC service." introductionVersion:"pre5.0"` } type AppRegistry struct { diff --git a/services/app-registry/pkg/config/reva.go b/services/app-registry/pkg/config/reva.go index 11f6ac0cf..487693e27 100644 --- a/services/app-registry/pkg/config/reva.go +++ b/services/app-registry/pkg/config/reva.go @@ -2,5 +2,5 @@ package config // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;APP_REGISTRY_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` + JWTSecret string `yaml:"jwt_secret" env:"OC_JWT_SECRET;APP_REGISTRY_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` } diff --git a/services/app-registry/pkg/config/tracing.go b/services/app-registry/pkg/config/tracing.go index bea58e3f1..2df1b5845 100644 --- a/services/app-registry/pkg/config/tracing.go +++ b/services/app-registry/pkg/config/tracing.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/tracing" // Tracing contains the tracing config parameters. type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;APP_REGISTRY_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;APP_REGISTRY_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;APP_REGISTRY_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;APP_REGISTRY_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;APP_REGISTRY_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;APP_REGISTRY_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;APP_REGISTRY_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;APP_REGISTRY_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` } // Convert Tracing to the tracing package's Config struct. diff --git a/services/audit/pkg/config/config.go b/services/audit/pkg/config/config.go index fa676a2a1..2b0c83f0a 100644 --- a/services/audit/pkg/config/config.go +++ b/services/audit/pkg/config/config.go @@ -24,13 +24,13 @@ type Config struct { // Events combines the configuration options for the event bus. type Events struct { - Endpoint string `yaml:"endpoint" env:"OCIS_EVENTS_ENDPOINT;AUDIT_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"pre5.0"` - Cluster string `yaml:"cluster" env:"OCIS_EVENTS_CLUSTER;AUDIT_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"pre5.0"` - TLSInsecure bool `yaml:"tls_insecure" env:"OCIS_INSECURE;AUDIT_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"pre5.0"` - TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;AUDIT_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided AUDIT_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"pre5.0"` - EnableTLS bool `yaml:"enable_tls" env:"OCIS_EVENTS_ENABLE_TLS;AUDIT_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"pre5.0"` - AuthUsername string `yaml:"username" env:"OCIS_EVENTS_AUTH_USERNAME;AUDIT_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` - AuthPassword string `yaml:"password" env:"OCIS_EVENTS_AUTH_PASSWORD;AUDIT_EVENTS_AUTH_PASSWORD" desc:"The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` + Endpoint string `yaml:"endpoint" env:"OC_EVENTS_ENDPOINT;AUDIT_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"pre5.0"` + Cluster string `yaml:"cluster" env:"OC_EVENTS_CLUSTER;AUDIT_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"pre5.0"` + TLSInsecure bool `yaml:"tls_insecure" env:"OC_INSECURE;AUDIT_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"pre5.0"` + TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;AUDIT_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided AUDIT_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"pre5.0"` + EnableTLS bool `yaml:"enable_tls" env:"OC_EVENTS_ENABLE_TLS;AUDIT_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"pre5.0"` + AuthUsername string `yaml:"username" env:"OC_EVENTS_AUTH_USERNAME;AUDIT_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` + AuthPassword string `yaml:"password" env:"OC_EVENTS_AUTH_PASSWORD;AUDIT_EVENTS_AUTH_PASSWORD" desc:"The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` } // Auditlog holds audit log information @@ -43,8 +43,8 @@ type Auditlog struct { // Tracing defines the available tracing configuration. type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;AUDIT_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;AUDIT_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;AUDIT_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;AUDIT_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;AUDIT_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;AUDIT_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;AUDIT_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;AUDIT_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` } diff --git a/services/audit/pkg/config/log.go b/services/audit/pkg/config/log.go index d4c38e5cd..5645e55bf 100644 --- a/services/audit/pkg/config/log.go +++ b/services/audit/pkg/config/log.go @@ -2,8 +2,8 @@ package config // Log defines the available log configuration. type Log struct { - Level string `yaml:"level" env:"OCIS_LOG_LEVEL;AUDIT_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` - Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;AUDIT_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` - Color bool `yaml:"color" env:"OCIS_LOG_COLOR;AUDIT_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` - File string `yaml:"file" env:"OCIS_LOG_FILE;AUDIT_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` + Level string `yaml:"level" env:"OC_LOG_LEVEL;AUDIT_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` + Pretty bool `yaml:"pretty" env:"OC_LOG_PRETTY;AUDIT_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` + Color bool `yaml:"color" env:"OC_LOG_COLOR;AUDIT_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` + File string `yaml:"file" env:"OC_LOG_FILE;AUDIT_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` } diff --git a/services/auth-app/README.md b/services/auth-app/README.md index 907b56da1..bdc23a89d 100644 --- a/services/auth-app/README.md +++ b/services/auth-app/README.md @@ -15,7 +15,7 @@ ocis uses serveral authentication services for different use cases. All services Because this service is not started automatically, a manual start needs to be initiated which can be done in several ways. To configure the service usage, an environment variable for the proxy service needs to be set to allow app authentication. ```bash -OCIS_ADD_RUN_SERVICES=auth-app # deployment specific. Add the service to the manual startup list, use with binary deployments. Alternatively you can start the service explicitly via the command line. +OC_ADD_RUN_SERVICES=auth-app # deployment specific. Add the service to the manual startup list, use with binary deployments. Alternatively you can start the service explicitly via the command line. PROXY_ENABLE_APP_AUTH=true # mandatory, allow app authentication. In case of a distributed environment, this envvar needs to be set in the proxy service. ``` diff --git a/services/auth-app/pkg/config/config.go b/services/auth-app/pkg/config/config.go index 04ca7e3a5..dcc778967 100644 --- a/services/auth-app/pkg/config/config.go +++ b/services/auth-app/pkg/config/config.go @@ -24,7 +24,7 @@ type Config struct { SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token" env:"AUTH_APP_SKIP_USER_GROUPS_IN_TOKEN" desc:"Disables the encoding of the user's group memberships in the access token. This reduces the token size, especially when users are members of a large number of groups." introductionVersion:"7.0.0"` - MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY;AUTH_APP_MACHINE_AUTH_API_KEY" desc:"The machine auth API key used to validate internal requests necessary to access resources from other services." introductionVersion:"7.0.0"` + MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OC_MACHINE_AUTH_API_KEY;AUTH_APP_MACHINE_AUTH_API_KEY" desc:"The machine auth API key used to validate internal requests necessary to access resources from other services." introductionVersion:"7.0.0"` AllowImpersonation bool `yaml:"allow_impersonation" env:"AUTH_APP_ENABLE_IMPERSONATION" desc:"Allows admins to create app tokens for other users. Used for migration. Do NOT use in productive deployments." introductionVersion:"7.0.0"` @@ -33,10 +33,10 @@ type Config struct { // Log defines the loging configuration type Log struct { - Level string `yaml:"level" env:"OCIS_LOG_LEVEL;AUTH_APP_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"7.0.0"` - Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;AUTH_APP_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"7.0.0"` - Color bool `yaml:"color" env:"OCIS_LOG_COLOR;AUTH_APP_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"7.0.0"` - File string `yaml:"file" env:"OCIS_LOG_FILE;AUTH_APP_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"7.0.0"` + Level string `yaml:"level" env:"OC_LOG_LEVEL;AUTH_APP_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"7.0.0"` + Pretty bool `yaml:"pretty" env:"OC_LOG_PRETTY;AUTH_APP_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"7.0.0"` + Color bool `yaml:"color" env:"OC_LOG_COLOR;AUTH_APP_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"7.0.0"` + File string `yaml:"file" env:"OC_LOG_FILE;AUTH_APP_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"7.0.0"` } // Service defines the service configuration @@ -57,7 +57,7 @@ type GRPCConfig struct { Addr string `yaml:"addr" env:"AUTH_APP_GRPC_ADDR" desc:"The bind address of the GRPC service." introductionVersion:"7.0.0"` TLS *shared.GRPCServiceTLS `yaml:"tls"` Namespace string `yaml:"-"` - Protocol string `yaml:"protocol" env:"OCIS_GRPC_PROTOCOL;AUTH_APP_GRPC_PROTOCOL" desc:"The transport protocol of the GRPC service." introductionVersion:"7.0.0"` + Protocol string `yaml:"protocol" env:"OC_GRPC_PROTOCOL;AUTH_APP_GRPC_PROTOCOL" desc:"The transport protocol of the GRPC service." introductionVersion:"7.0.0"` } // HTTP defines the available http configuration. @@ -71,8 +71,8 @@ type HTTP struct { // CORS defines the available cors configuration. type CORS struct { - AllowedOrigins []string `yaml:"allow_origins" env:"OCIS_CORS_ALLOW_ORIGINS;AUTH_APP_CORS_ALLOW_ORIGINS" desc:"A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AllowedMethods []string `yaml:"allow_methods" env:"OCIS_CORS_ALLOW_METHODS;AUTH_APP_CORS_ALLOW_METHODS" desc:"A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AllowedHeaders []string `yaml:"allow_headers" env:"OCIS_CORS_ALLOW_HEADERS;AUTH_APP_CORS_ALLOW_HEADERS" desc:"A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AllowCredentials bool `yaml:"allow_credentials" env:"OCIS_CORS_ALLOW_CREDENTIALS;AUTH_APP_CORS_ALLOW_CREDENTIALS" desc:"Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials." introductionVersion:"pre5.0"` + AllowedOrigins []string `yaml:"allow_origins" env:"OC_CORS_ALLOW_ORIGINS;AUTH_APP_CORS_ALLOW_ORIGINS" desc:"A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowedMethods []string `yaml:"allow_methods" env:"OC_CORS_ALLOW_METHODS;AUTH_APP_CORS_ALLOW_METHODS" desc:"A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowedHeaders []string `yaml:"allow_headers" env:"OC_CORS_ALLOW_HEADERS;AUTH_APP_CORS_ALLOW_HEADERS" desc:"A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowCredentials bool `yaml:"allow_credentials" env:"OC_CORS_ALLOW_CREDENTIALS;AUTH_APP_CORS_ALLOW_CREDENTIALS" desc:"Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials." introductionVersion:"pre5.0"` } diff --git a/services/auth-app/pkg/config/reva.go b/services/auth-app/pkg/config/reva.go index 53c6486a7..76b5cece6 100644 --- a/services/auth-app/pkg/config/reva.go +++ b/services/auth-app/pkg/config/reva.go @@ -2,5 +2,5 @@ package config // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;AUTH_APP_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"7.0.0"` + JWTSecret string `yaml:"jwt_secret" env:"OC_JWT_SECRET;AUTH_APP_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"7.0.0"` } diff --git a/services/auth-app/pkg/config/tracing.go b/services/auth-app/pkg/config/tracing.go index 5bcd12e6d..3cf445d0c 100644 --- a/services/auth-app/pkg/config/tracing.go +++ b/services/auth-app/pkg/config/tracing.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/tracing" // Tracing defines the tracing configuration. type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;AUTH_APP_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"7.0.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;AUTH_APP_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"7.0.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;AUTH_APP_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"7.0.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;AUTH_APP_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"7.0.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;AUTH_APP_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"7.0.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;AUTH_APP_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"7.0.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;AUTH_APP_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"7.0.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;AUTH_APP_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"7.0.0"` } // Convert Tracing to the tracing package's Config struct. diff --git a/services/auth-basic/pkg/config/config.go b/services/auth-basic/pkg/config/config.go index a461554c8..cdc1c29c6 100644 --- a/services/auth-basic/pkg/config/config.go +++ b/services/auth-basic/pkg/config/config.go @@ -26,10 +26,10 @@ type Config struct { } type Log struct { - Level string `yaml:"level" env:"OCIS_LOG_LEVEL;AUTH_BASIC_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` - Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;AUTH_BASIC_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` - Color bool `yaml:"color" env:"OCIS_LOG_COLOR;AUTH_BASIC_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` - File string `yaml:"file" env:"OCIS_LOG_FILE;AUTH_BASIC_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` + Level string `yaml:"level" env:"OC_LOG_LEVEL;AUTH_BASIC_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` + Pretty bool `yaml:"pretty" env:"OC_LOG_PRETTY;AUTH_BASIC_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` + Color bool `yaml:"color" env:"OC_LOG_COLOR;AUTH_BASIC_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` + File string `yaml:"file" env:"OC_LOG_FILE;AUTH_BASIC_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` } type Service struct { @@ -47,7 +47,7 @@ type GRPCConfig struct { Addr string `yaml:"addr" env:"AUTH_BASIC_GRPC_ADDR" desc:"The bind address of the GRPC service." introductionVersion:"pre5.0"` TLS *shared.GRPCServiceTLS `yaml:"tls"` Namespace string `yaml:"-"` - Protocol string `yaml:"protocol" env:"OCIS_GRPC_PROTOCOL;AUTH_BASIC_GRPC_PROTOCOL" desc:"The transport protocol of the GRPC service." introductionVersion:"pre5.0"` + Protocol string `yaml:"protocol" env:"OC_GRPC_PROTOCOL;AUTH_BASIC_GRPC_PROTOCOL" desc:"The transport protocol of the GRPC service." introductionVersion:"pre5.0"` } type AuthProviders struct { @@ -61,43 +61,43 @@ type JSONProvider struct { } type LDAPProvider struct { - URI string `yaml:"uri" env:"OCIS_LDAP_URI;AUTH_BASIC_LDAP_URI" desc:"URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' and 'ldap://'" introductionVersion:"pre5.0"` - CACert string `yaml:"ca_cert" env:"OCIS_LDAP_CACERT;AUTH_BASIC_LDAP_CACERT" desc:"Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/idm." introductionVersion:"pre5.0"` - Insecure bool `yaml:"insecure" env:"OCIS_LDAP_INSECURE;AUTH_BASIC_LDAP_INSECURE" desc:"Disable TLS certificate validation for the LDAP connections. Do not set this in production environments." introductionVersion:"pre5.0"` - BindDN string `yaml:"bind_dn" env:"OCIS_LDAP_BIND_DN;AUTH_BASIC_LDAP_BIND_DN" desc:"LDAP DN to use for simple bind authentication with the target LDAP server." introductionVersion:"pre5.0"` - BindPassword string `yaml:"bind_password" env:"OCIS_LDAP_BIND_PASSWORD;AUTH_BASIC_LDAP_BIND_PASSWORD" desc:"Password to use for authenticating the 'bind_dn'." introductionVersion:"pre5.0"` - UserBaseDN string `yaml:"user_base_dn" env:"OCIS_LDAP_USER_BASE_DN;AUTH_BASIC_LDAP_USER_BASE_DN" desc:"Search base DN for looking up LDAP users." introductionVersion:"pre5.0"` - GroupBaseDN string `yaml:"group_base_dn" env:"OCIS_LDAP_GROUP_BASE_DN;AUTH_BASIC_LDAP_GROUP_BASE_DN" desc:"Search base DN for looking up LDAP groups." introductionVersion:"pre5.0"` - UserScope string `yaml:"user_scope" env:"OCIS_LDAP_USER_SCOPE;AUTH_BASIC_LDAP_USER_SCOPE" desc:"LDAP search scope to use when looking up users. Supported values are 'base', 'one' and 'sub'." introductionVersion:"pre5.0"` - GroupScope string `yaml:"group_scope" env:"OCIS_LDAP_GROUP_SCOPE;AUTH_BASIC_LDAP_GROUP_SCOPE" desc:"LDAP search scope to use when looking up groups. Supported values are 'base', 'one' and 'sub'." introductionVersion:"pre5.0"` - UserFilter string `yaml:"user_filter" env:"OCIS_LDAP_USER_FILTER;AUTH_BASIC_LDAP_USER_FILTER" desc:"LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'." introductionVersion:"pre5.0"` - GroupFilter string `yaml:"group_filter" env:"OCIS_LDAP_GROUP_FILTER;AUTH_BASIC_LDAP_GROUP_FILTER" desc:"LDAP filter to add to the default filters for group searches." introductionVersion:"pre5.0"` - UserObjectClass string `yaml:"user_object_class" env:"OCIS_LDAP_USER_OBJECTCLASS;AUTH_BASIC_LDAP_USER_OBJECTCLASS" desc:"The object class to use for users in the default user search filter ('inetOrgPerson')." introductionVersion:"pre5.0"` - GroupObjectClass string `yaml:"group_object_class" env:"OCIS_LDAP_GROUP_OBJECTCLASS;AUTH_BASIC_LDAP_GROUP_OBJECTCLASS" desc:"The object class to use for groups in the default group search filter ('groupOfNames')." introductionVersion:"pre5.0"` + URI string `yaml:"uri" env:"OC_LDAP_URI;AUTH_BASIC_LDAP_URI" desc:"URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' and 'ldap://'" introductionVersion:"pre5.0"` + CACert string `yaml:"ca_cert" env:"OC_LDAP_CACERT;AUTH_BASIC_LDAP_CACERT" desc:"Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idm." introductionVersion:"pre5.0"` + Insecure bool `yaml:"insecure" env:"OC_LDAP_INSECURE;AUTH_BASIC_LDAP_INSECURE" desc:"Disable TLS certificate validation for the LDAP connections. Do not set this in production environments." introductionVersion:"pre5.0"` + BindDN string `yaml:"bind_dn" env:"OC_LDAP_BIND_DN;AUTH_BASIC_LDAP_BIND_DN" desc:"LDAP DN to use for simple bind authentication with the target LDAP server." introductionVersion:"pre5.0"` + BindPassword string `yaml:"bind_password" env:"OC_LDAP_BIND_PASSWORD;AUTH_BASIC_LDAP_BIND_PASSWORD" desc:"Password to use for authenticating the 'bind_dn'." introductionVersion:"pre5.0"` + UserBaseDN string `yaml:"user_base_dn" env:"OC_LDAP_USER_BASE_DN;AUTH_BASIC_LDAP_USER_BASE_DN" desc:"Search base DN for looking up LDAP users." introductionVersion:"pre5.0"` + GroupBaseDN string `yaml:"group_base_dn" env:"OC_LDAP_GROUP_BASE_DN;AUTH_BASIC_LDAP_GROUP_BASE_DN" desc:"Search base DN for looking up LDAP groups." introductionVersion:"pre5.0"` + UserScope string `yaml:"user_scope" env:"OC_LDAP_USER_SCOPE;AUTH_BASIC_LDAP_USER_SCOPE" desc:"LDAP search scope to use when looking up users. Supported values are 'base', 'one' and 'sub'." introductionVersion:"pre5.0"` + GroupScope string `yaml:"group_scope" env:"OC_LDAP_GROUP_SCOPE;AUTH_BASIC_LDAP_GROUP_SCOPE" desc:"LDAP search scope to use when looking up groups. Supported values are 'base', 'one' and 'sub'." introductionVersion:"pre5.0"` + UserFilter string `yaml:"user_filter" env:"OC_LDAP_USER_FILTER;AUTH_BASIC_LDAP_USER_FILTER" desc:"LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'." introductionVersion:"pre5.0"` + GroupFilter string `yaml:"group_filter" env:"OC_LDAP_GROUP_FILTER;AUTH_BASIC_LDAP_GROUP_FILTER" desc:"LDAP filter to add to the default filters for group searches." introductionVersion:"pre5.0"` + UserObjectClass string `yaml:"user_object_class" env:"OC_LDAP_USER_OBJECTCLASS;AUTH_BASIC_LDAP_USER_OBJECTCLASS" desc:"The object class to use for users in the default user search filter ('inetOrgPerson')." introductionVersion:"pre5.0"` + GroupObjectClass string `yaml:"group_object_class" env:"OC_LDAP_GROUP_OBJECTCLASS;AUTH_BASIC_LDAP_GROUP_OBJECTCLASS" desc:"The object class to use for groups in the default group search filter ('groupOfNames')." introductionVersion:"pre5.0"` LoginAttributes []string `yaml:"login_attributes" env:"LDAP_LOGIN_ATTRIBUTES;AUTH_BASIC_LDAP_LOGIN_ATTRIBUTES" desc:"A list of user object attributes that can be used for login. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - IDP string `yaml:"idp" env:"OCIS_URL;OCIS_OIDC_ISSUER;AUTH_BASIC_IDP_URL" desc:"The identity provider value to set in the userids of the CS3 user objects for users returned by this user provider." introductionVersion:"pre5.0"` - DisableUserMechanism string `yaml:"disable_user_mechanism" env:"OCIS_LDAP_DISABLE_USER_MECHANISM;AUTH_BASIC_DISABLE_USER_MECHANISM" desc:"An option to control the behavior for disabling users. Valid options are 'none', 'attribute' and 'group'. If set to 'group', disabling a user via API will add the user to the configured group for disabled users, if set to 'attribute' this will be done in the ldap user entry, if set to 'none' the disable request is not processed." introductionVersion:"pre5.0"` - LdapDisabledUsersGroupDN string `yaml:"ldap_disabled_users_group_dn" env:"OCIS_LDAP_DISABLED_USERS_GROUP_DN;AUTH_BASIC_DISABLED_USERS_GROUP_DN" desc:"The distinguished name of the group to which added users will be classified as disabled when 'disable_user_mechanism' is set to 'group'." introductionVersion:"pre5.0"` + IDP string `yaml:"idp" env:"OC_URL;OC_OIDC_ISSUER;AUTH_BASIC_IDP_URL" desc:"The identity provider value to set in the userids of the CS3 user objects for users returned by this user provider." introductionVersion:"pre5.0"` + DisableUserMechanism string `yaml:"disable_user_mechanism" env:"OC_LDAP_DISABLE_USER_MECHANISM;AUTH_BASIC_DISABLE_USER_MECHANISM" desc:"An option to control the behavior for disabling users. Valid options are 'none', 'attribute' and 'group'. If set to 'group', disabling a user via API will add the user to the configured group for disabled users, if set to 'attribute' this will be done in the ldap user entry, if set to 'none' the disable request is not processed." introductionVersion:"pre5.0"` + LdapDisabledUsersGroupDN string `yaml:"ldap_disabled_users_group_dn" env:"OC_LDAP_DISABLED_USERS_GROUP_DN;AUTH_BASIC_DISABLED_USERS_GROUP_DN" desc:"The distinguished name of the group to which added users will be classified as disabled when 'disable_user_mechanism' is set to 'group'." introductionVersion:"pre5.0"` UserSchema LDAPUserSchema `yaml:"user_schema"` GroupSchema LDAPGroupSchema `yaml:"group_schema"` } type LDAPUserSchema struct { - ID string `yaml:"id" env:"OCIS_LDAP_USER_SCHEMA_ID;AUTH_BASIC_LDAP_USER_SCHEMA_ID" desc:"LDAP Attribute to use as the unique ID for users. This should be a stable globally unique ID like a UUID." introductionVersion:"pre5.0"` - IDIsOctetString bool `yaml:"id_is_octet_string" env:"OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;AUTH_BASIC_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING" desc:"Set this to true if the defined 'ID' attribute for users is of the 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute of Active Directory for the user IDs." introductionVersion:"pre5.0"` - Mail string `yaml:"mail" env:"OCIS_LDAP_USER_SCHEMA_MAIL;AUTH_BASIC_LDAP_USER_SCHEMA_MAIL" desc:"LDAP Attribute to use for the email address of users." introductionVersion:"pre5.0"` - DisplayName string `yaml:"display_name" env:"OCIS_LDAP_USER_SCHEMA_DISPLAYNAME;AUTH_BASIC_LDAP_USER_SCHEMA_DISPLAYNAME" desc:"LDAP Attribute to use for the displayname of users." introductionVersion:"pre5.0"` - Username string `yaml:"user_name" env:"OCIS_LDAP_USER_SCHEMA_USERNAME;AUTH_BASIC_LDAP_USER_SCHEMA_USERNAME" desc:"LDAP Attribute to use for username of users." introductionVersion:"pre5.0"` - Enabled string `yaml:"user_enabled" env:"OCIS_LDAP_USER_ENABLED_ATTRIBUTE;AUTH_BASIC_LDAP_USER_ENABLED_ATTRIBUTE" desc:"LDAP attribute to use as a flag telling if the user is enabled or disabled." introductionVersion:"pre5.0"` + ID string `yaml:"id" env:"OC_LDAP_USER_SCHEMA_ID;AUTH_BASIC_LDAP_USER_SCHEMA_ID" desc:"LDAP Attribute to use as the unique ID for users. This should be a stable globally unique ID like a UUID." introductionVersion:"pre5.0"` + IDIsOctetString bool `yaml:"id_is_octet_string" env:"OC_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;AUTH_BASIC_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING" desc:"Set this to true if the defined 'ID' attribute for users is of the 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute of Active Directory for the user IDs." introductionVersion:"pre5.0"` + Mail string `yaml:"mail" env:"OC_LDAP_USER_SCHEMA_MAIL;AUTH_BASIC_LDAP_USER_SCHEMA_MAIL" desc:"LDAP Attribute to use for the email address of users." introductionVersion:"pre5.0"` + DisplayName string `yaml:"display_name" env:"OC_LDAP_USER_SCHEMA_DISPLAYNAME;AUTH_BASIC_LDAP_USER_SCHEMA_DISPLAYNAME" desc:"LDAP Attribute to use for the displayname of users." introductionVersion:"pre5.0"` + Username string `yaml:"user_name" env:"OC_LDAP_USER_SCHEMA_USERNAME;AUTH_BASIC_LDAP_USER_SCHEMA_USERNAME" desc:"LDAP Attribute to use for username of users." introductionVersion:"pre5.0"` + Enabled string `yaml:"user_enabled" env:"OC_LDAP_USER_ENABLED_ATTRIBUTE;AUTH_BASIC_LDAP_USER_ENABLED_ATTRIBUTE" desc:"LDAP attribute to use as a flag telling if the user is enabled or disabled." introductionVersion:"pre5.0"` } type LDAPGroupSchema struct { - ID string `yaml:"id" env:"OCIS_LDAP_GROUP_SCHEMA_ID;AUTH_BASIC_LDAP_GROUP_SCHEMA_ID" desc:"LDAP Attribute to use as the unique id for groups. This should be a stable globally unique id (e.g. a UUID)." introductionVersion:"pre5.0"` - IDIsOctetString bool `yaml:"id_is_octet_string" env:"OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;AUTH_BASIC_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING" desc:"Set this to true if the defined 'id' attribute for groups is of the 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute of Active Directory for the group IDs." introductionVersion:"pre5.0"` - Mail string `yaml:"mail" env:"OCIS_LDAP_GROUP_SCHEMA_MAIL;AUTH_BASIC_LDAP_GROUP_SCHEMA_MAIL" desc:"LDAP Attribute to use for the email address of groups (can be empty)." introductionVersion:"pre5.0"` - DisplayName string `yaml:"display_name" env:"OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME;AUTH_BASIC_LDAP_GROUP_SCHEMA_DISPLAYNAME" desc:"LDAP Attribute to use for the displayname of groups (often the same as groupname attribute)." introductionVersion:"pre5.0"` - Groupname string `yaml:"group_name" env:"OCIS_LDAP_GROUP_SCHEMA_GROUPNAME;AUTH_BASIC_LDAP_GROUP_SCHEMA_GROUPNAME" desc:"LDAP Attribute to use for the name of groups." introductionVersion:"pre5.0"` - Member string `yaml:"member" env:"OCIS_LDAP_GROUP_SCHEMA_MEMBER;AUTH_BASIC_LDAP_GROUP_SCHEMA_MEMBER" desc:"LDAP Attribute that is used for group members." introductionVersion:"pre5.0"` + ID string `yaml:"id" env:"OC_LDAP_GROUP_SCHEMA_ID;AUTH_BASIC_LDAP_GROUP_SCHEMA_ID" desc:"LDAP Attribute to use as the unique id for groups. This should be a stable globally unique id (e.g. a UUID)." introductionVersion:"pre5.0"` + IDIsOctetString bool `yaml:"id_is_octet_string" env:"OC_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;AUTH_BASIC_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING" desc:"Set this to true if the defined 'id' attribute for groups is of the 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute of Active Directory for the group IDs." introductionVersion:"pre5.0"` + Mail string `yaml:"mail" env:"OC_LDAP_GROUP_SCHEMA_MAIL;AUTH_BASIC_LDAP_GROUP_SCHEMA_MAIL" desc:"LDAP Attribute to use for the email address of groups (can be empty)." introductionVersion:"pre5.0"` + DisplayName string `yaml:"display_name" env:"OC_LDAP_GROUP_SCHEMA_DISPLAYNAME;AUTH_BASIC_LDAP_GROUP_SCHEMA_DISPLAYNAME" desc:"LDAP Attribute to use for the displayname of groups (often the same as groupname attribute)." introductionVersion:"pre5.0"` + Groupname string `yaml:"group_name" env:"OC_LDAP_GROUP_SCHEMA_GROUPNAME;AUTH_BASIC_LDAP_GROUP_SCHEMA_GROUPNAME" desc:"LDAP Attribute to use for the name of groups." introductionVersion:"pre5.0"` + Member string `yaml:"member" env:"OC_LDAP_GROUP_SCHEMA_MEMBER;AUTH_BASIC_LDAP_GROUP_SCHEMA_MEMBER" desc:"LDAP Attribute that is used for group members." introductionVersion:"pre5.0"` } type OwnCloudSQLProvider struct { diff --git a/services/auth-basic/pkg/config/reva.go b/services/auth-basic/pkg/config/reva.go index 224b22266..5ee121b04 100644 --- a/services/auth-basic/pkg/config/reva.go +++ b/services/auth-basic/pkg/config/reva.go @@ -2,5 +2,5 @@ package config // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;AUTH_BASIC_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` + JWTSecret string `yaml:"jwt_secret" env:"OC_JWT_SECRET;AUTH_BASIC_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` } diff --git a/services/auth-basic/pkg/config/tracing.go b/services/auth-basic/pkg/config/tracing.go index 1c5b5bd6a..64c409cf4 100644 --- a/services/auth-basic/pkg/config/tracing.go +++ b/services/auth-basic/pkg/config/tracing.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/tracing" // Tracing defines the tracing configuration. type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;AUTH_BASIC_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;AUTH_BASIC_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;AUTH_BASIC_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;AUTH_BASIC_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;AUTH_BASIC_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;AUTH_BASIC_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;AUTH_BASIC_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;AUTH_BASIC_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` } // Convert Tracing to the tracing package's Config struct. diff --git a/services/auth-bearer/pkg/config/config.go b/services/auth-bearer/pkg/config/config.go index 6eff5d40b..36ea451b0 100644 --- a/services/auth-bearer/pkg/config/config.go +++ b/services/auth-bearer/pkg/config/config.go @@ -26,10 +26,10 @@ type Config struct { } type Log struct { - Level string `yaml:"level" env:"OCIS_LOG_LEVEL;AUTH_BEARER_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` - Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;AUTH_BEARER_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` - Color bool `yaml:"color" env:"OCIS_LOG_COLOR;AUTH_BEARER_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` - File string `yaml:"file" env:"OCIS_LOG_FILE;AUTH_BEARER_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` + Level string `yaml:"level" env:"OC_LOG_LEVEL;AUTH_BEARER_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` + Pretty bool `yaml:"pretty" env:"OC_LOG_PRETTY;AUTH_BEARER_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` + Color bool `yaml:"color" env:"OC_LOG_COLOR;AUTH_BEARER_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` + File string `yaml:"file" env:"OC_LOG_FILE;AUTH_BEARER_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` } type Service struct { @@ -47,12 +47,12 @@ type GRPCConfig struct { Addr string `yaml:"addr" env:"AUTH_BEARER_GRPC_ADDR" desc:"The bind address of the GRPC service." introductionVersion:"pre5.0"` TLS *shared.GRPCServiceTLS `yaml:"tls"` Namespace string `yaml:"-"` - Protocol string `yaml:"protocol" env:"OCIS_GRPC_PROTOCOL;AUTH_BEARER_GRPC_PROTOCOL" desc:"The transport protocol of the GRPC service." introductionVersion:"pre5.0"` + Protocol string `yaml:"protocol" env:"OC_GRPC_PROTOCOL;AUTH_BEARER_GRPC_PROTOCOL" desc:"The transport protocol of the GRPC service." introductionVersion:"pre5.0"` } type OIDC struct { - Issuer string `yaml:"issuer" env:"OCIS_URL;OCIS_OIDC_ISSUER;AUTH_BEARER_OIDC_ISSUER" desc:"URL of the OIDC issuer. It defaults to URL of the builtin IDP." introductionVersion:"pre5.0"` - Insecure bool `yaml:"insecure" env:"OCIS_INSECURE;AUTH_BEARER_OIDC_INSECURE" desc:"Allow insecure connections to the OIDC issuer." introductionVersion:"pre5.0"` + Issuer string `yaml:"issuer" env:"OC_URL;OC_OIDC_ISSUER;AUTH_BEARER_OIDC_ISSUER" desc:"URL of the OIDC issuer. It defaults to URL of the builtin IDP." introductionVersion:"pre5.0"` + Insecure bool `yaml:"insecure" env:"OC_INSECURE;AUTH_BEARER_OIDC_INSECURE" desc:"Allow insecure connections to the OIDC issuer." introductionVersion:"pre5.0"` IDClaim string `yaml:"id_claim" env:"AUTH_BEARER_OIDC_ID_CLAIM" desc:"Name of the claim, which holds the user identifier." introductionVersion:"pre5.0"` UIDClaim string `yaml:"uid_claim" env:"AUTH_BEARER_OIDC_UID_CLAIM" desc:"Name of the claim, which holds the UID." introductionVersion:"pre5.0"` GIDClaim string `yaml:"gid_claim" env:"AUTH_BEARER_OIDC_GID_CLAIM" desc:"Name of the claim, which holds the GID." introductionVersion:"pre5.0"` diff --git a/services/auth-bearer/pkg/config/reva.go b/services/auth-bearer/pkg/config/reva.go index 6641c1410..c633ad41a 100644 --- a/services/auth-bearer/pkg/config/reva.go +++ b/services/auth-bearer/pkg/config/reva.go @@ -2,5 +2,5 @@ package config // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;AUTH_BEARER_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` + JWTSecret string `yaml:"jwt_secret" env:"OC_JWT_SECRET;AUTH_BEARER_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` } diff --git a/services/auth-bearer/pkg/config/tracing.go b/services/auth-bearer/pkg/config/tracing.go index 931e47170..f7fa6a6d5 100644 --- a/services/auth-bearer/pkg/config/tracing.go +++ b/services/auth-bearer/pkg/config/tracing.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/tracing" // Tracing defines the tracing parameters. type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;AUTH_BEARER_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;AUTH_BEARER_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;AUTH_BEARER_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;AUTH_BEARER_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;AUTH_BEARER_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;AUTH_BEARER_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;AUTH_BEARER_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;AUTH_BEARER_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` } // Convert Tracing to the tracing package's Config struct. diff --git a/services/auth-machine/pkg/config/config.go b/services/auth-machine/pkg/config/config.go index dc3c07534..3a9cf6979 100644 --- a/services/auth-machine/pkg/config/config.go +++ b/services/auth-machine/pkg/config/config.go @@ -20,16 +20,16 @@ type Config struct { SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token" env:"AUTH_MACHINE_SKIP_USER_GROUPS_IN_TOKEN" desc:"Disables the encoding of the user's group memberships in the reva access token. This reduces the token size, especially when users are members of a large number of groups." introductionVersion:"pre5.0"` - MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY;AUTH_MACHINE_API_KEY" desc:"Machine auth API key used to validate internal requests necessary for the access to resources from other services." introductionVersion:"pre5.0"` + MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OC_MACHINE_AUTH_API_KEY;AUTH_MACHINE_API_KEY" desc:"Machine auth API key used to validate internal requests necessary for the access to resources from other services." introductionVersion:"pre5.0"` Context context.Context `yaml:"-"` } type Log struct { - Level string `yaml:"level" env:"OCIS_LOG_LEVEL;AUTH_MACHINE_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` - Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;AUTH_MACHINE_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` - Color bool `yaml:"color" env:"OCIS_LOG_COLOR;AUTH_MACHINE_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` - File string `yaml:"file" env:"OCIS_LOG_FILE;AUTH_MACHINE_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` + Level string `yaml:"level" env:"OC_LOG_LEVEL;AUTH_MACHINE_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` + Pretty bool `yaml:"pretty" env:"OC_LOG_PRETTY;AUTH_MACHINE_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` + Color bool `yaml:"color" env:"OC_LOG_COLOR;AUTH_MACHINE_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` + File string `yaml:"file" env:"OC_LOG_FILE;AUTH_MACHINE_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` } type Service struct { @@ -47,5 +47,5 @@ type GRPCConfig struct { Addr string `yaml:"addr" env:"AUTH_MACHINE_GRPC_ADDR" desc:"The bind address of the GRPC service." introductionVersion:"pre5.0"` TLS *shared.GRPCServiceTLS `yaml:"tls"` Namespace string `yaml:"-"` - Protocol string `yaml:"protocol" env:"OCIS_GRPC_PROTOCOL;AUTH_MACHINE_GRPC_PROTOCOL" desc:"The transport protocol of the GRPC service." introductionVersion:"pre5.0"` + Protocol string `yaml:"protocol" env:"OC_GRPC_PROTOCOL;AUTH_MACHINE_GRPC_PROTOCOL" desc:"The transport protocol of the GRPC service." introductionVersion:"pre5.0"` } diff --git a/services/auth-machine/pkg/config/reva.go b/services/auth-machine/pkg/config/reva.go index 94e3dada0..6d40666e8 100644 --- a/services/auth-machine/pkg/config/reva.go +++ b/services/auth-machine/pkg/config/reva.go @@ -2,5 +2,5 @@ package config // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;AUTH_MACHINE_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` + JWTSecret string `yaml:"jwt_secret" env:"OC_JWT_SECRET;AUTH_MACHINE_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` } diff --git a/services/auth-machine/pkg/config/tracing.go b/services/auth-machine/pkg/config/tracing.go index 5e8df881c..533053177 100644 --- a/services/auth-machine/pkg/config/tracing.go +++ b/services/auth-machine/pkg/config/tracing.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/tracing" // Tracing is the config for tracing parameters type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;AUTH_MACHINE_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;AUTH_MACHINE_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;AUTH_MACHINE_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;AUTH_MACHINE_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;AUTH_MACHINE_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;AUTH_MACHINE_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;AUTH_MACHINE_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;AUTH_MACHINE_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` } // Convert Tracing to the tracing package's Config struct. diff --git a/services/auth-service/README.md b/services/auth-service/README.md index b4b94633e..2a9ac8f30 100644 --- a/services/auth-service/README.md +++ b/services/auth-service/README.md @@ -17,4 +17,4 @@ Service accounts are user accounts that are only used for inter service communic ## Configuring Service Accounts -By using the envvars `OCIS_SERVICE_ACCOUNT_ID` and `OCIS_SERVICE_ACCOUNT_SECRET`, one can configure the ID and the secret of the service user. The secret can be rotated regulary to increase security. For activating a new secret, all services where the envvars are used need to be restarted. The secret is always and only stored in memory and never written into any persistant store. Though you can use any string for the service account, it is recommmended to use a UUIDv4 string. +By using the envvars `OC_SERVICE_ACCOUNT_ID` and `OC_SERVICE_ACCOUNT_SECRET`, one can configure the ID and the secret of the service user. The secret can be rotated regulary to increase security. For activating a new secret, all services where the envvars are used need to be restarted. The secret is always and only stored in memory and never written into any persistant store. Though you can use any string for the service account, it is recommmended to use a UUIDv4 string. diff --git a/services/auth-service/pkg/config/config.go b/services/auth-service/pkg/config/config.go index d01c1d526..b33af5218 100644 --- a/services/auth-service/pkg/config/config.go +++ b/services/auth-service/pkg/config/config.go @@ -25,10 +25,10 @@ type Config struct { } type Log struct { - Level string `yaml:"level" env:"OCIS_LOG_LEVEL;AUTH_SERVICE_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"5.0"` - Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;AUTH_SERVICE_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"5.0"` - Color bool `yaml:"color" env:"OCIS_LOG_COLOR;AUTH_SERVICE_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"5.0"` - File string `yaml:"file" env:"OCIS_LOG_FILE;AUTH_SERVICE_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"5.0"` + Level string `yaml:"level" env:"OC_LOG_LEVEL;AUTH_SERVICE_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"5.0"` + Pretty bool `yaml:"pretty" env:"OC_LOG_PRETTY;AUTH_SERVICE_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"5.0"` + Color bool `yaml:"color" env:"OC_LOG_COLOR;AUTH_SERVICE_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"5.0"` + File string `yaml:"file" env:"OC_LOG_FILE;AUTH_SERVICE_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"5.0"` } type Service struct { @@ -46,11 +46,11 @@ type GRPCConfig struct { Addr string `yaml:"addr" env:"AUTH_SERVICE_GRPC_ADDR" desc:"The bind address of the GRPC service." introductionVersion:"5.0"` TLS *shared.GRPCServiceTLS `yaml:"tls"` Namespace string `yaml:"-"` - Protocol string `yaml:"protocol" env:"OCIS_GRPC_PROTOCOL;AUTH_SERVICE_GRPC_PROTOCOL" desc:"The transport protocol of the GRPC service." introductionVersion:"5.0"` + Protocol string `yaml:"protocol" env:"OC_GRPC_PROTOCOL;AUTH_SERVICE_GRPC_PROTOCOL" desc:"The transport protocol of the GRPC service." introductionVersion:"5.0"` } // ServiceAccount is the configuration for the used service account type ServiceAccount struct { - ServiceAccountID string `yaml:"service_account_id" env:"OCIS_SERVICE_ACCOUNT_ID;AUTH_SERVICE_SERVICE_ACCOUNT_ID" desc:"The ID of the service account the service should use. See the 'auth-service' service description for more details." introductionVersion:"5.0"` - ServiceAccountSecret string `yaml:"service_account_secret" env:"OCIS_SERVICE_ACCOUNT_SECRET;AUTH_SERVICE_SERVICE_ACCOUNT_SECRET" desc:"The service account secret." introductionVersion:"5.0"` + ServiceAccountID string `yaml:"service_account_id" env:"OC_SERVICE_ACCOUNT_ID;AUTH_SERVICE_SERVICE_ACCOUNT_ID" desc:"The ID of the service account the service should use. See the 'auth-service' service description for more details." introductionVersion:"5.0"` + ServiceAccountSecret string `yaml:"service_account_secret" env:"OC_SERVICE_ACCOUNT_SECRET;AUTH_SERVICE_SERVICE_ACCOUNT_SECRET" desc:"The service account secret." introductionVersion:"5.0"` } diff --git a/services/auth-service/pkg/config/reva.go b/services/auth-service/pkg/config/reva.go index e61482a25..0f706db6f 100644 --- a/services/auth-service/pkg/config/reva.go +++ b/services/auth-service/pkg/config/reva.go @@ -2,5 +2,5 @@ package config // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;AUTH_SERVICE_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"5.0"` + JWTSecret string `yaml:"jwt_secret" env:"OC_JWT_SECRET;AUTH_SERVICE_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"5.0"` } diff --git a/services/auth-service/pkg/config/tracing.go b/services/auth-service/pkg/config/tracing.go index b3227c78f..fb6d344d7 100644 --- a/services/auth-service/pkg/config/tracing.go +++ b/services/auth-service/pkg/config/tracing.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/tracing" // Tracing is the config for tracing parameters type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;AUTH_SERVICE_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;AUTH_SERVICE_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;AUTH_SERVICE_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;AUTH_SERVICE_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;AUTH_SERVICE_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;AUTH_SERVICE_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;AUTH_SERVICE_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;AUTH_SERVICE_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"5.0"` } // Convert Tracing to the tracing package's Config struct. diff --git a/services/clientlog/pkg/config/config.go b/services/clientlog/pkg/config/config.go index aafd31054..5002b2912 100644 --- a/services/clientlog/pkg/config/config.go +++ b/services/clientlog/pkg/config/config.go @@ -20,7 +20,7 @@ type Config struct { TokenManager *TokenManager `yaml:"token_manager"` - RevaGateway string `yaml:"reva_gateway" env:"OCIS_REVA_GATEWAY;CLIENTLOG_REVA_GATEWAY" desc:"CS3 gateway used to look up user metadata" introductionVersion:"5.0" deprecationVersion:"6.0" removalVersion:"%%NEXT_PRODUCTION_VERSION%%" deprecationInfo:"CLIENTLOG_REVA_GATEWAY removed for simplicity."` + RevaGateway string `yaml:"reva_gateway" env:"OC_REVA_GATEWAY;CLIENTLOG_REVA_GATEWAY" desc:"CS3 gateway used to look up user metadata" introductionVersion:"5.0" deprecationVersion:"6.0" removalVersion:"%%NEXT_PRODUCTION_VERSION%%" deprecationInfo:"CLIENTLOG_REVA_GATEWAY removed for simplicity."` Events Events `yaml:"events"` ServiceAccount ServiceAccount `yaml:"service_account"` @@ -30,22 +30,22 @@ type Config struct { // Events combines the configuration options for the event bus. type Events struct { - Endpoint string `yaml:"endpoint" env:"OCIS_EVENTS_ENDPOINT;CLIENTLOG_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"5.0"` - Cluster string `yaml:"cluster" env:"OCIS_EVENTS_CLUSTER;CLIENTLOG_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"5.0"` - TLSInsecure bool `yaml:"tls_insecure" env:"OCIS_INSECURE;CLIENTLOG_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"5.0"` - TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;CLIENTLOG_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"5.0"` - EnableTLS bool `yaml:"enable_tls" env:"OCIS_EVENTS_ENABLE_TLS;CLIENTLOG_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` - AuthUsername string `yaml:"username" env:"OCIS_EVENTS_AUTH_USERNAME;CLIENTLOG_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` - AuthPassword string `yaml:"password" env:"OCIS_EVENTS_AUTH_PASSWORD;CLIENTLOG_EVENTS_AUTH_PASSWORD" desc:"The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` + Endpoint string `yaml:"endpoint" env:"OC_EVENTS_ENDPOINT;CLIENTLOG_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"5.0"` + Cluster string `yaml:"cluster" env:"OC_EVENTS_CLUSTER;CLIENTLOG_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"5.0"` + TLSInsecure bool `yaml:"tls_insecure" env:"OC_INSECURE;CLIENTLOG_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"5.0"` + TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;CLIENTLOG_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"5.0"` + EnableTLS bool `yaml:"enable_tls" env:"OC_EVENTS_ENABLE_TLS;CLIENTLOG_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` + AuthUsername string `yaml:"username" env:"OC_EVENTS_AUTH_USERNAME;CLIENTLOG_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` + AuthPassword string `yaml:"password" env:"OC_EVENTS_AUTH_PASSWORD;CLIENTLOG_EVENTS_AUTH_PASSWORD" desc:"The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` } // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;CLIENTLOG_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"5.0"` + JWTSecret string `yaml:"jwt_secret" env:"OC_JWT_SECRET;CLIENTLOG_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"5.0"` } // ServiceAccount is the configuration for the used service account type ServiceAccount struct { - ServiceAccountID string `yaml:"service_account_id" env:"OCIS_SERVICE_ACCOUNT_ID;CLIENTLOG_SERVICE_ACCOUNT_ID" desc:"The ID of the service account the service should use. See the 'auth-service' service description for more details." introductionVersion:"5.0"` - ServiceAccountSecret string `yaml:"service_account_secret" env:"OCIS_SERVICE_ACCOUNT_SECRET;CLIENTLOG_SERVICE_ACCOUNT_SECRET" desc:"The service account secret." introductionVersion:"5.0"` + ServiceAccountID string `yaml:"service_account_id" env:"OC_SERVICE_ACCOUNT_ID;CLIENTLOG_SERVICE_ACCOUNT_ID" desc:"The ID of the service account the service should use. See the 'auth-service' service description for more details." introductionVersion:"5.0"` + ServiceAccountSecret string `yaml:"service_account_secret" env:"OC_SERVICE_ACCOUNT_SECRET;CLIENTLOG_SERVICE_ACCOUNT_SECRET" desc:"The service account secret." introductionVersion:"5.0"` } diff --git a/services/clientlog/pkg/config/log.go b/services/clientlog/pkg/config/log.go index 666107621..d3e4d5e32 100644 --- a/services/clientlog/pkg/config/log.go +++ b/services/clientlog/pkg/config/log.go @@ -2,8 +2,8 @@ package config // Log defines the available log configuration. type Log struct { - Level string `mapstructure:"level" env:"OCIS_LOG_LEVEL;CLIENTLOG_USERLOG_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"5.0"` - Pretty bool `mapstructure:"pretty" env:"OCIS_LOG_PRETTY;CLIENTLOG_USERLOG_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"5.0"` - Color bool `mapstructure:"color" env:"OCIS_LOG_COLOR;CLIENTLOG_USERLOG_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"5.0"` - File string `mapstructure:"file" env:"OCIS_LOG_FILE;CLIENTLOG_USERLOG_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"5.0"` + Level string `mapstructure:"level" env:"OC_LOG_LEVEL;CLIENTLOG_USERLOG_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"5.0"` + Pretty bool `mapstructure:"pretty" env:"OC_LOG_PRETTY;CLIENTLOG_USERLOG_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"5.0"` + Color bool `mapstructure:"color" env:"OC_LOG_COLOR;CLIENTLOG_USERLOG_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"5.0"` + File string `mapstructure:"file" env:"OC_LOG_FILE;CLIENTLOG_USERLOG_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"5.0"` } diff --git a/services/clientlog/pkg/config/tracing.go b/services/clientlog/pkg/config/tracing.go index 4c00e30dd..8918b0b9d 100644 --- a/services/clientlog/pkg/config/tracing.go +++ b/services/clientlog/pkg/config/tracing.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/tracing" // Tracing defines the available tracing configuration. type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;CLIENTLOG_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;CLIENTLOG_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;CLIENTLOG_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;CLIENTLOG_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;CLIENTLOG_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;CLIENTLOG_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;CLIENTLOG_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;CLIENTLOG_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"5.0"` } // Convert Tracing to the tracing package's Config struct. diff --git a/services/collaboration/README.md b/services/collaboration/README.md index 140ea7a54..af0ac72b8 100644 --- a/services/collaboration/README.md +++ b/services/collaboration/README.md @@ -7,9 +7,9 @@ Since this service requires an external document server, it won't start by defau Because the collaboration service needs to be started manually, the following prerequisite applies: On collaboration service startup, particular environment variables are required to be populated. If environment variables have a default like the `MICRO_REGISTRY_ADDRESS`, the default will be used, if not set otherwise. Use for all others the instance values as defined. If these environment variables are not provided or misconfigured, the collaboration service will not start up. Required environment variables: -* `OCIS_URL` -* `OCIS_JWT_SECRET` -* `OCIS_REVA_GATEWAY` +* `OC_URL` +* `OC_JWT_SECRET` +* `OC_REVA_GATEWAY` * `MICRO_REGISTRY_ADDRESS` ## Requirements @@ -64,7 +64,7 @@ Note: The service can only be scaled if not using `memory` store and the stores Note that if you have used one of the deprecated stores, you should reconfigure to one of the supported ones as the deprecated stores will be removed in a later version. Store specific notes: - - When using `redis-sentinel`, the Redis master to use is configured via e.g. `OCIS_CACHE_STORE_NODES` in the form of `:/` like `10.10.0.200:26379/mymaster`. - - When using `nats-js-kv` it is recommended to set `OCIS_CACHE_STORE_NODES` to the same value as `OCIS_EVENTS_ENDPOINT`. That way the cache uses the same nats instance as the event bus. - - When using the `nats-js-kv` store, it is possible to set `OCIS_CACHE_DISABLE_PERSISTENCE` to instruct nats to not persist cache data on disc. + - When using `redis-sentinel`, the Redis master to use is configured via e.g. `OC_CACHE_STORE_NODES` in the form of `:/` like `10.10.0.200:26379/mymaster`. + - When using `nats-js-kv` it is recommended to set `OC_CACHE_STORE_NODES` to the same value as `OC_EVENTS_ENDPOINT`. That way the cache uses the same nats instance as the event bus. + - When using the `nats-js-kv` store, it is possible to set `OC_CACHE_DISABLE_PERSISTENCE` to instruct nats to not persist cache data on disc. diff --git a/services/collaboration/pkg/config/config.go b/services/collaboration/pkg/config/config.go index e04a1b8cc..670024f2f 100644 --- a/services/collaboration/pkg/config/config.go +++ b/services/collaboration/pkg/config/config.go @@ -32,10 +32,10 @@ type Config struct { // Tracing defines the available tracing configuration. Not used at the moment type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;COLLABORATION_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"6.0.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;COLLABORATION_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"6.0.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;COLLABORATION_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"6.0.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;COLLABORATION_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"6.0.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;COLLABORATION_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"6.0.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;COLLABORATION_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"6.0.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;COLLABORATION_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"6.0.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;COLLABORATION_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"6.0.0"` } // Convert Tracing to the tracing package's Config struct. diff --git a/services/collaboration/pkg/config/cs3api.go b/services/collaboration/pkg/config/cs3api.go index 3a9200dc4..265b76420 100644 --- a/services/collaboration/pkg/config/cs3api.go +++ b/services/collaboration/pkg/config/cs3api.go @@ -11,7 +11,7 @@ type CS3Api struct { // Gateway defines the available configuration for the CS3 API gateway type Gateway struct { - Name string `yaml:"name" env:"OCIS_REVA_GATEWAY" desc:"CS3 gateway used to look up user metadata." introductionVersion:"6.0.0"` + Name string `yaml:"name" env:"OC_REVA_GATEWAY" desc:"CS3 gateway used to look up user metadata." introductionVersion:"6.0.0"` } // DataGateway defines the available configuration for the CS3 API data gateway diff --git a/services/collaboration/pkg/config/grpc.go b/services/collaboration/pkg/config/grpc.go index ea3b5b6c5..a7326576a 100644 --- a/services/collaboration/pkg/config/grpc.go +++ b/services/collaboration/pkg/config/grpc.go @@ -3,7 +3,7 @@ package config // GRPC defines the available grpc configuration. type GRPC struct { Addr string `yaml:"addr" env:"COLLABORATION_GRPC_ADDR" desc:"The bind address of the GRPC service." introductionVersion:"6.0.0"` - Protocol string `yaml:"protocol" env:"OCIS_GRPC_PROTOCOL;COLLABORATION_GRPC_PROTOCOL" desc:"The transport protocol of the GRPC service." introductionVersion:"7.0.0"` + Protocol string `yaml:"protocol" env:"OC_GRPC_PROTOCOL;COLLABORATION_GRPC_PROTOCOL" desc:"The transport protocol of the GRPC service." introductionVersion:"7.0.0"` Namespace string `yaml:"-"` } diff --git a/services/collaboration/pkg/config/log.go b/services/collaboration/pkg/config/log.go index 048b370df..f70691b51 100644 --- a/services/collaboration/pkg/config/log.go +++ b/services/collaboration/pkg/config/log.go @@ -2,8 +2,8 @@ package config // Log defines the available log configuration. type Log struct { - Level string `yaml:"level" env:"OCIS_LOG_LEVEL;COLLABORATION_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"6.0.0"` - Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;COLLABORATION_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"6.0.0"` - Color bool `yaml:"color" env:"OCIS_LOG_COLOR;COLLABORATION_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"6.0.0"` - File string `yaml:"file" env:"OCIS_LOG_FILE;COLLABORATION_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"6.0.0"` + Level string `yaml:"level" env:"OC_LOG_LEVEL;COLLABORATION_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"6.0.0"` + Pretty bool `yaml:"pretty" env:"OC_LOG_PRETTY;COLLABORATION_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"6.0.0"` + Color bool `yaml:"color" env:"OC_LOG_COLOR;COLLABORATION_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"6.0.0"` + File string `yaml:"file" env:"OC_LOG_FILE;COLLABORATION_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"6.0.0"` } diff --git a/services/collaboration/pkg/config/reva.go b/services/collaboration/pkg/config/reva.go index 5e2d87d22..1c69a45be 100644 --- a/services/collaboration/pkg/config/reva.go +++ b/services/collaboration/pkg/config/reva.go @@ -2,5 +2,5 @@ package config // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;COLLABORATION_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` + JWTSecret string `yaml:"jwt_secret" env:"OC_JWT_SECRET;COLLABORATION_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` } diff --git a/services/collaboration/pkg/config/store.go b/services/collaboration/pkg/config/store.go index 6f2051e4b..895d5c3ee 100644 --- a/services/collaboration/pkg/config/store.go +++ b/services/collaboration/pkg/config/store.go @@ -4,11 +4,11 @@ import "time" // Store configures the store to use type Store struct { - Store string `yaml:"store" env:"OCIS_PERSISTENT_STORE;COLLABORATION_STORE" desc:"The type of the store. Supported values are: 'memory', 'nats-js-kv', 'redis-sentinel', 'noop'. See the text description for details." introductionVersion:"7.0.0"` - Nodes []string `yaml:"nodes" env:"OCIS_PERSISTENT_STORE_NODES;COLLABORATION_STORE_NODES" desc:"A list of nodes to access the configured store. This has no effect when 'memory' store is configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details." introductionVersion:"7.0.0"` + Store string `yaml:"store" env:"OC_PERSISTENT_STORE;COLLABORATION_STORE" desc:"The type of the store. Supported values are: 'memory', 'nats-js-kv', 'redis-sentinel', 'noop'. See the text description for details." introductionVersion:"7.0.0"` + Nodes []string `yaml:"nodes" env:"OC_PERSISTENT_STORE_NODES;COLLABORATION_STORE_NODES" desc:"A list of nodes to access the configured store. This has no effect when 'memory' store is configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details." introductionVersion:"7.0.0"` Database string `yaml:"database" env:"COLLABORATION_STORE_DATABASE" desc:"The database name the configured store should use." introductionVersion:"7.0.0"` Table string `yaml:"table" env:"COLLABORATION_STORE_TABLE" desc:"The database table the store should use." introductionVersion:"7.0.0"` - TTL time.Duration `yaml:"ttl" env:"OCIS_PERSISTENT_STORE_TTL;COLLABORATION_STORE_TTL" desc:"Time to live for events in the store. Defaults to '30m' (30 minutes). See the Environment Variable Types description for more details." introductionVersion:"7.0.0"` - AuthUsername string `yaml:"username" env:"OCIS_PERSISTENT_STORE_AUTH_USERNAME;COLLABORATION_STORE_AUTH_USERNAME" desc:"The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"7.0.0"` - AuthPassword string `yaml:"password" env:"OCIS_PERSISTENT_STORE_AUTH_PASSWORD;COLLABORATION_STORE_AUTH_PASSWORD" desc:"The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"7.0.0"` + TTL time.Duration `yaml:"ttl" env:"OC_PERSISTENT_STORE_TTL;COLLABORATION_STORE_TTL" desc:"Time to live for events in the store. Defaults to '30m' (30 minutes). See the Environment Variable Types description for more details." introductionVersion:"7.0.0"` + AuthUsername string `yaml:"username" env:"OC_PERSISTENT_STORE_AUTH_USERNAME;COLLABORATION_STORE_AUTH_USERNAME" desc:"The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"7.0.0"` + AuthPassword string `yaml:"password" env:"OC_PERSISTENT_STORE_AUTH_PASSWORD;COLLABORATION_STORE_AUTH_PASSWORD" desc:"The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"7.0.0"` } diff --git a/services/collaboration/pkg/config/wopi.go b/services/collaboration/pkg/config/wopi.go index f4705a026..9a428a581 100644 --- a/services/collaboration/pkg/config/wopi.go +++ b/services/collaboration/pkg/config/wopi.go @@ -4,7 +4,7 @@ package config type Wopi struct { WopiSrc string `yaml:"wopisrc" env:"COLLABORATION_WOPI_SRC" desc:"The WOPI source base URL containing schema, host and port. Set this to the schema and domain where the collaboration service is reachable for the wopi app, such as https://office.owncloud.test." introductionVersion:"6.0.0"` Secret string `yaml:"secret" env:"COLLABORATION_WOPI_SECRET" desc:"Used to mint and verify WOPI JWT tokens and encrypt and decrypt the REVA JWT token embedded in the WOPI JWT token." introductionVersion:"6.0.0"` - DisableChat bool `yaml:"disable_chat" env:"COLLABORATION_WOPI_DISABLE_CHAT;OCIS_WOPI_DISABLE_CHAT" desc:"Disable chat in the office web frontend. This feature applies to OnlyOffice and Microsoft." introductionVersion:"7.0.0"` + DisableChat bool `yaml:"disable_chat" env:"COLLABORATION_WOPI_DISABLE_CHAT;OC_WOPI_DISABLE_CHAT" desc:"Disable chat in the office web frontend. This feature applies to OnlyOffice and Microsoft." introductionVersion:"7.0.0"` ProxyURL string `yaml:"proxy_url" env:"COLLABORATION_WOPI_PROXY_URL" desc:"The URL to the ownCloud Office365 WOPI proxy. Optional. To use this feature, you need an office365 proxy subscription. If you become part of the Microsoft CSP program (https://learn.microsoft.com/en-us/partner-center/enroll/csp-overview), you can use WebOffice without a proxy." introductionVersion:"7.0.0"` ProxySecret string `yaml:"proxy_secret" env:"COLLABORATION_WOPI_PROXY_SECRET" desc:"Optional, the secret to authenticate against the ownCloud Office365 WOPI proxy. This secret can be obtained from ownCloud via the office365 proxy subscription." introductionVersion:"7.0.0"` ShortTokens bool `yaml:"short_tokens" env:"COLLABORATION_WOPI_SHORTTOKENS" desc:"Use short access tokens for WOPI access. This is useful for office packages, like Microsoft Office Online, which have URL length restrictions. If enabled, a persistent store must be configured." introductionVersion:"7.0.0"` diff --git a/services/eventhistory/README.md b/services/eventhistory/README.md index 1648d1667..bf7e841a5 100644 --- a/services/eventhistory/README.md +++ b/services/eventhistory/README.md @@ -25,9 +25,9 @@ Note: The service can only be scaled if not using `memory` store and the stores Note that if you have used one of the deprecated stores, you should reconfigure to one of the supported ones as the deprecated stores will be removed in a later version. Store specific notes: - - When using `redis-sentinel`, the Redis master to use is configured via e.g. `OCIS_CACHE_STORE_NODES` in the form of `:/` like `10.10.0.200:26379/mymaster`. - - When using `nats-js-kv` it is recommended to set `OCIS_CACHE_STORE_NODES` to the same value as `OCIS_EVENTS_ENDPOINT`. That way the cache uses the same nats instance as the event bus. - - When using the `nats-js-kv` store, it is possible to set `OCIS_CACHE_DISABLE_PERSISTENCE` to instruct nats to not persist cache data on disc. + - When using `redis-sentinel`, the Redis master to use is configured via e.g. `OC_CACHE_STORE_NODES` in the form of `:/` like `10.10.0.200:26379/mymaster`. + - When using `nats-js-kv` it is recommended to set `OC_CACHE_STORE_NODES` to the same value as `OC_EVENTS_ENDPOINT`. That way the cache uses the same nats instance as the event bus. + - When using the `nats-js-kv` store, it is possible to set `OC_CACHE_DISABLE_PERSISTENCE` to instruct nats to not persist cache data on disc. ## Retrieving diff --git a/services/eventhistory/pkg/config/config.go b/services/eventhistory/pkg/config/config.go index 161593132..91fd6eecd 100644 --- a/services/eventhistory/pkg/config/config.go +++ b/services/eventhistory/pkg/config/config.go @@ -37,22 +37,22 @@ type GRPCConfig struct { // Store configures the store to use type Store struct { - Store string `yaml:"store" env:"OCIS_PERSISTENT_STORE;EVENTHISTORY_STORE" desc:"The type of the store. Supported values are: 'memory', 'nats-js-kv', 'redis-sentinel', 'noop'. See the text description for details." introductionVersion:"pre5.0"` - Nodes []string `yaml:"nodes" env:"OCIS_PERSISTENT_STORE_NODES;EVENTHISTORY_STORE_NODES" desc:"A list of nodes to access the configured store. This has no effect when 'memory' store is configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + Store string `yaml:"store" env:"OC_PERSISTENT_STORE;EVENTHISTORY_STORE" desc:"The type of the store. Supported values are: 'memory', 'nats-js-kv', 'redis-sentinel', 'noop'. See the text description for details." introductionVersion:"pre5.0"` + Nodes []string `yaml:"nodes" env:"OC_PERSISTENT_STORE_NODES;EVENTHISTORY_STORE_NODES" desc:"A list of nodes to access the configured store. This has no effect when 'memory' store is configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` Database string `yaml:"database" env:"EVENTHISTORY_STORE_DATABASE" desc:"The database name the configured store should use." introductionVersion:"pre5.0"` Table string `yaml:"table" env:"EVENTHISTORY_STORE_TABLE" desc:"The database table the store should use." introductionVersion:"pre5.0"` - TTL time.Duration `yaml:"ttl" env:"OCIS_PERSISTENT_STORE_TTL;EVENTHISTORY_STORE_TTL" desc:"Time to live for events in the store. Defaults to '336h' (2 weeks). See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AuthUsername string `yaml:"username" env:"OCIS_PERSISTENT_STORE_AUTH_USERNAME;EVENTHISTORY_STORE_AUTH_USERNAME" desc:"The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` - AuthPassword string `yaml:"password" env:"OCIS_PERSISTENT_STORE_AUTH_PASSWORD;EVENTHISTORY_STORE_AUTH_PASSWORD" desc:"The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` + TTL time.Duration `yaml:"ttl" env:"OC_PERSISTENT_STORE_TTL;EVENTHISTORY_STORE_TTL" desc:"Time to live for events in the store. Defaults to '336h' (2 weeks). See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AuthUsername string `yaml:"username" env:"OC_PERSISTENT_STORE_AUTH_USERNAME;EVENTHISTORY_STORE_AUTH_USERNAME" desc:"The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` + AuthPassword string `yaml:"password" env:"OC_PERSISTENT_STORE_AUTH_PASSWORD;EVENTHISTORY_STORE_AUTH_PASSWORD" desc:"The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` } // Events combines the configuration options for the event bus. type Events struct { - Endpoint string `yaml:"endpoint" env:"OCIS_EVENTS_ENDPOINT;EVENTHISTORY_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"pre5.0"` - Cluster string `yaml:"cluster" env:"OCIS_EVENTS_CLUSTER;EVENTHISTORY_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"pre5.0"` - TLSInsecure bool `yaml:"tls_insecure" env:"OCIS_INSECURE;EVENTHISTORY_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"pre5.0"` - TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;EVENTHISTORY_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. Will be seen as empty if NOTIFICATIONS_EVENTS_TLS_INSECURE is provided." introductionVersion:"pre5.0"` - EnableTLS bool `yaml:"enable_tls" env:"OCIS_EVENTS_ENABLE_TLS;EVENTHISTORY_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"pre5.0"` - AuthUsername string `yaml:"username" env:"OCIS_EVENTS_AUTH_USERNAME;EVENTHISTORY_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` - AuthPassword string `yaml:"password" env:"OCIS_EVENTS_AUTH_PASSWORD;EVENTHISTORY_EVENTS_AUTH_PASSWORD" desc:"The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` + Endpoint string `yaml:"endpoint" env:"OC_EVENTS_ENDPOINT;EVENTHISTORY_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"pre5.0"` + Cluster string `yaml:"cluster" env:"OC_EVENTS_CLUSTER;EVENTHISTORY_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"pre5.0"` + TLSInsecure bool `yaml:"tls_insecure" env:"OC_INSECURE;EVENTHISTORY_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"pre5.0"` + TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;EVENTHISTORY_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. Will be seen as empty if NOTIFICATIONS_EVENTS_TLS_INSECURE is provided." introductionVersion:"pre5.0"` + EnableTLS bool `yaml:"enable_tls" env:"OC_EVENTS_ENABLE_TLS;EVENTHISTORY_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"pre5.0"` + AuthUsername string `yaml:"username" env:"OC_EVENTS_AUTH_USERNAME;EVENTHISTORY_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` + AuthPassword string `yaml:"password" env:"OC_EVENTS_AUTH_PASSWORD;EVENTHISTORY_EVENTS_AUTH_PASSWORD" desc:"The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` } diff --git a/services/eventhistory/pkg/config/log.go b/services/eventhistory/pkg/config/log.go index 65df013aa..b4d43f3e2 100644 --- a/services/eventhistory/pkg/config/log.go +++ b/services/eventhistory/pkg/config/log.go @@ -2,8 +2,8 @@ package config // Log defines the available log configuration. type Log struct { - Level string `mapstructure:"level" env:"OCIS_LOG_LEVEL;EVENTHISTORY_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` - Pretty bool `mapstructure:"pretty" env:"OCIS_LOG_PRETTY;EVENTHISTORY_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` - Color bool `mapstructure:"color" env:"OCIS_LOG_COLOR;EVENTHISTORY_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` - File string `mapstructure:"file" env:"OCIS_LOG_FILE;EVENTHISTORY_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` + Level string `mapstructure:"level" env:"OC_LOG_LEVEL;EVENTHISTORY_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` + Pretty bool `mapstructure:"pretty" env:"OC_LOG_PRETTY;EVENTHISTORY_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` + Color bool `mapstructure:"color" env:"OC_LOG_COLOR;EVENTHISTORY_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` + File string `mapstructure:"file" env:"OC_LOG_FILE;EVENTHISTORY_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` } diff --git a/services/eventhistory/pkg/config/tracing.go b/services/eventhistory/pkg/config/tracing.go index 3adedba5f..f0dde6845 100644 --- a/services/eventhistory/pkg/config/tracing.go +++ b/services/eventhistory/pkg/config/tracing.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/tracing" // Tracing defines the available tracing configuration. type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;EVENTHISTORY_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;EVENTHISTORY_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;EVENTHISTORY_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;EVENTHISTORY_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;EVENTHISTORY_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;EVENTHISTORY_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;EVENTHISTORY_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;EVENTHISTORY_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` } // Convert Tracing to the tracing package's Config struct. diff --git a/services/frontend/README.md b/services/frontend/README.md index 9da4e8977..4cf140177 100644 --- a/services/frontend/README.md +++ b/services/frontend/README.md @@ -59,9 +59,9 @@ Note: The service can only be scaled if not using `memory` store and the stores Note that if you have used one of the deprecated stores, you should reconfigure to one of the supported ones as the deprecated stores will be removed in a later version. Store specific notes: - - When using `redis-sentinel`, the Redis master to use is configured via e.g. `OCIS_CACHE_STORE_NODES` in the form of `:/` like `10.10.0.200:26379/mymaster`. - - When using `nats-js-kv` it is recommended to set `OCIS_CACHE_STORE_NODES` to the same value as `OCIS_EVENTS_ENDPOINT`. That way the cache uses the same nats instance as the event bus. - - When using the `nats-js-kv` store, it is possible to set `OCIS_CACHE_DISABLE_PERSISTENCE` to instruct nats to not persist cache data on disc. + - When using `redis-sentinel`, the Redis master to use is configured via e.g. `OC_CACHE_STORE_NODES` in the form of `:/` like `10.10.0.200:26379/mymaster`. + - When using `nats-js-kv` it is recommended to set `OC_CACHE_STORE_NODES` to the same value as `OC_EVENTS_ENDPOINT`. That way the cache uses the same nats instance as the event bus. + - When using the `nats-js-kv` store, it is possible to set `OC_CACHE_DISABLE_PERSISTENCE` to instruct nats to not persist cache data on disc. ### Auto-Accept Shares @@ -79,23 +79,23 @@ With the password policy, mandatory criteria for the password can be defined via Generally, a password can contain any UTF-8 characters, however some characters are regarded as special since they are not used in ordinary texts. Which characters should be treated as special is defined by "The OWASP® Foundation" [password-special-characters](https://owasp.org/www-community/password-special-characters) (between double quotes): " !"#$%&'()*+,-./:;<=>?@[\]^_`{|}~" -The validation against the banned passwords list can be configured via a text file with words separated by new lines. If a user tries to set a password listed in the banned passwords list, the password can not be used (is invalid) even if the other mandatory criteria are passed. The admin can define the path of the banned passwords list file. If the file doesn't exist in a location, Infinite Scale tries to load a file from the `OCIS_CONFIG_DIR/OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST`. An option will be enabled when the file has been loaded successfully. +The validation against the banned passwords list can be configured via a text file with words separated by new lines. If a user tries to set a password listed in the banned passwords list, the password can not be used (is invalid) even if the other mandatory criteria are passed. The admin can define the path of the banned passwords list file. If the file doesn't exist in a location, Infinite Scale tries to load a file from the `OC_CONFIG_DIR/OC_PASSWORD_POLICY_BANNED_PASSWORDS_LIST`. An option will be enabled when the file has been loaded successfully. Following environment variables can be set to define the password policy behaviour: -- `OCIS_PASSWORD_POLICY_DISABLED` +- `OC_PASSWORD_POLICY_DISABLED` Disable the password policy -- `OCIS_PASSWORD_POLICY_MIN_CHARACTERS` +- `OC_PASSWORD_POLICY_MIN_CHARACTERS` Define the minimum password length. -- `OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS` +- `OC_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS` Define the minimum number of uppercase letters. -- `OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS` +- `OC_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS` Define the minimum number of lowercase letters. -- `OCIS_PASSWORD_POLICY_MIN_DIGITS` +- `OC_PASSWORD_POLICY_MIN_DIGITS` Define the minimum number of digits. -- `OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS` +- `OC_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS` Define the minimum number of special characters. -- `OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST` +- `OC_PASSWORD_POLICY_BANNED_PASSWORDS_LIST` Path to the 'banned passwords list' file. These variables are global ocis variables because they are used not only in the frontend service, but also in the sharing service. @@ -129,14 +129,14 @@ The capabilities endpoint (e.g. https://ocis.test/ocs/v1.php/cloud/capabilities? For public accessible shares, independent if read only or writable, a password is enforced. To change this requirement, set the following environment variable to `false`: -`OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD` +`OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD` ### Password Enforcement for Writeable Public Links For public accessible writable shares, a password can be enforced. To change the current setting, set the following environment variable to `true`: -`OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD` +`OC_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD` Note that changing this environment variable only makes sense if\ -`OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD`\ +`OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD`\ is set to `false`. diff --git a/services/frontend/pkg/config/config.go b/services/frontend/pkg/config/config.go index abafe4eee..e0508ffcd 100644 --- a/services/frontend/pkg/config/config.go +++ b/services/frontend/pkg/config/config.go @@ -18,35 +18,35 @@ type Config struct { // JWTSecret used to verify reva access token - TransferSecret string `yaml:"transfer_secret" env:"OCIS_TRANSFER_SECRET" desc:"Transfer secret for signing file up- and download requests." introductionVersion:"pre5.0"` + TransferSecret string `yaml:"transfer_secret" env:"OC_TRANSFER_SECRET" desc:"Transfer secret for signing file up- and download requests." introductionVersion:"pre5.0"` TokenManager *TokenManager `yaml:"token_manager"` Reva *shared.Reva `yaml:"reva"` - MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY;FRONTEND_MACHINE_AUTH_API_KEY" desc:"The machine auth API key used to validate internal requests necessary to access resources from other services." introductionVersion:"pre5.0"` + MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OC_MACHINE_AUTH_API_KEY;FRONTEND_MACHINE_AUTH_API_KEY" desc:"The machine auth API key used to validate internal requests necessary to access resources from other services." introductionVersion:"pre5.0"` SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token" env:"FRONTEND_SKIP_USER_GROUPS_IN_TOKEN" desc:"Disables the loading of user's group memberships from the reva access token." introductionVersion:"pre5.0"` EnableFavorites bool `yaml:"enable_favorites" env:"FRONTEND_ENABLE_FAVORITES" desc:"Enables the support for favorites in the clients." introductionVersion:"pre5.0"` - MaxQuota uint64 `yaml:"max_quota" env:"OCIS_SPACES_MAX_QUOTA;FRONTEND_MAX_QUOTA" desc:"Set the global max quota value in bytes. A value of 0 equals unlimited. The value is provided via capabilities." introductionVersion:"pre5.0"` + MaxQuota uint64 `yaml:"max_quota" env:"OC_SPACES_MAX_QUOTA;FRONTEND_MAX_QUOTA" desc:"Set the global max quota value in bytes. A value of 0 equals unlimited. The value is provided via capabilities." introductionVersion:"pre5.0"` UploadMaxChunkSize int `yaml:"upload_max_chunk_size" env:"FRONTEND_UPLOAD_MAX_CHUNK_SIZE" desc:"Sets the max chunk sizes in bytes for uploads via the clients." introductionVersion:"pre5.0"` UploadHTTPMethodOverride string `yaml:"upload_http_method_override" env:"FRONTEND_UPLOAD_HTTP_METHOD_OVERRIDE" desc:"Advise TUS to replace PATCH requests by POST requests." introductionVersion:"pre5.0"` DefaultUploadProtocol string `yaml:"default_upload_protocol" env:"FRONTEND_DEFAULT_UPLOAD_PROTOCOL" desc:"The default upload protocol to use in clients. Currently only 'tus' is available. See the developer API documentation for more details about TUS." introductionVersion:"pre5.0"` - EnableFederatedSharingIncoming bool `yaml:"enable_federated_sharing_incoming" env:"OCIS_ENABLE_OCM;FRONTEND_ENABLE_FEDERATED_SHARING_INCOMING" desc:"Changing this value is NOT supported. Enables support for incoming federated sharing for clients. The backend behaviour is not changed." introductionVersion:"pre5.0"` - EnableFederatedSharingOutgoing bool `yaml:"enable_federated_sharing_outgoing" env:"OCIS_ENABLE_OCM;FRONTEND_ENABLE_FEDERATED_SHARING_OUTGOING" desc:"Changing this value is NOT supported. Enables support for outgoing federated sharing for clients. The backend behaviour is not changed." introductionVersion:"pre5.0"` + EnableFederatedSharingIncoming bool `yaml:"enable_federated_sharing_incoming" env:"OC_ENABLE_OCM;FRONTEND_ENABLE_FEDERATED_SHARING_INCOMING" desc:"Changing this value is NOT supported. Enables support for incoming federated sharing for clients. The backend behaviour is not changed." introductionVersion:"pre5.0"` + EnableFederatedSharingOutgoing bool `yaml:"enable_federated_sharing_outgoing" env:"OC_ENABLE_OCM;FRONTEND_ENABLE_FEDERATED_SHARING_OUTGOING" desc:"Changing this value is NOT supported. Enables support for outgoing federated sharing for clients. The backend behaviour is not changed." introductionVersion:"pre5.0"` SearchMinLength int `yaml:"search_min_length" env:"FRONTEND_SEARCH_MIN_LENGTH" desc:"Minimum number of characters to enter before a client should start a search for Share receivers. This setting can be used to customize the user experience if e.g too many results are displayed." introductionVersion:"pre5.0"` - Edition string `yaml:"edition" env:"OCIS_EDITION;FRONTEND_EDITION" desc:"Edition of oCIS. Used for branding purposes." introductionVersion:"pre5.0"` - DisableSSE bool `yaml:"disable_sse" env:"OCIS_DISABLE_SSE;FRONTEND_DISABLE_SSE" desc:"When set to true, clients are informed that the Server-Sent Events endpoint is not accessible." introductionVersion:"pre5.0"` + Edition string `yaml:"edition" env:"OC_EDITION;FRONTEND_EDITION" desc:"Edition of oCIS. Used for branding purposes." introductionVersion:"pre5.0"` + DisableSSE bool `yaml:"disable_sse" env:"OC_DISABLE_SSE;FRONTEND_DISABLE_SSE" desc:"When set to true, clients are informed that the Server-Sent Events endpoint is not accessible." introductionVersion:"pre5.0"` DefaultLinkPermissions int `yaml:"default_link_permissions" env:"FRONTEND_DEFAULT_LINK_PERMISSIONS" desc:"Defines the default permissions a link is being created with. Possible values are 0 (= internal link, for instance members only) and 1 (= public link with viewer permissions). Defaults to 1." introductionVersion:"5.0"` - PublicURL string `yaml:"public_url" env:"OCIS_URL;FRONTEND_PUBLIC_URL" desc:"The public facing URL of the oCIS frontend." introductionVersion:"pre5.0"` - MaxConcurrency int `yaml:"max_concurrency" env:"OCIS_MAX_CONCURRENCY;FRONTEND_MAX_CONCURRENCY" desc:"Maximum number of concurrent go-routines. Higher values can potentially get work done faster but will also cause more load on the system. Values of 0 or below will be ignored and the default value will be used." introductionVersion:"7.0.0"` + PublicURL string `yaml:"public_url" env:"OC_URL;FRONTEND_PUBLIC_URL" desc:"The public facing URL of the oCIS frontend." introductionVersion:"pre5.0"` + MaxConcurrency int `yaml:"max_concurrency" env:"OC_MAX_CONCURRENCY;FRONTEND_MAX_CONCURRENCY" desc:"Maximum number of concurrent go-routines. Higher values can potentially get work done faster but will also cause more load on the system. Values of 0 or below will be ignored and the default value will be used." introductionVersion:"7.0.0"` AppHandler AppHandler `yaml:"app_handler"` Archiver Archiver `yaml:"archiver"` DataGateway DataGateway `yaml:"data_gateway"` OCS OCS `yaml:"ocs"` Checksums Checksums `yaml:"checksums"` ReadOnlyUserAttributes []string `yaml:"read_only_user_attributes" env:"FRONTEND_READONLY_USER_ATTRIBUTES" desc:"A list of user attributes to indicate as read-only. Supported values: 'user.onPremisesSamAccountName' (username), 'user.displayName', 'user.mail', 'user.passwordProfile' (password), 'user.appRoleAssignments' (role), 'user.memberOf' (groups), 'user.accountEnabled' (login allowed), 'drive.quota' (quota). See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - LDAPServerWriteEnabled bool `yaml:"ldap_server_write_enabled" env:"OCIS_LDAP_SERVER_WRITE_ENABLED;FRONTEND_LDAP_SERVER_WRITE_ENABLED" desc:"Allow creating, modifying and deleting LDAP users via the GRAPH API. This can only be set to 'true' when keeping default settings for the LDAP user and group attribute types (the 'OCIS_LDAP_USER_SCHEMA_* and 'OCIS_LDAP_GROUP_SCHEMA_* variables)." introductionVersion:"pre5.0"` + LDAPServerWriteEnabled bool `yaml:"ldap_server_write_enabled" env:"OC_LDAP_SERVER_WRITE_ENABLED;FRONTEND_LDAP_SERVER_WRITE_ENABLED" desc:"Allow creating, modifying and deleting LDAP users via the GRAPH API. This can only be set to 'true' when keeping default settings for the LDAP user and group attribute types (the 'OC_LDAP_USER_SCHEMA_* and 'OC_LDAP_GROUP_SCHEMA_* variables)." introductionVersion:"pre5.0"` FullTextSearch bool `yaml:"full_text_search" env:"FRONTEND_FULL_TEXT_SEARCH_ENABLED" desc:"Set to true to signal the web client that full-text search is enabled." introductionVersion:"pre5.0"` Middleware Middleware `yaml:"middleware"` @@ -64,10 +64,10 @@ type Config struct { } type Log struct { - Level string `yaml:"level" env:"OCIS_LOG_LEVEL;FRONTEND_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` - Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;FRONTEND_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` - Color bool `yaml:"color" env:"OCIS_LOG_COLOR;FRONTEND_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` - File string `yaml:"file" env:"OCIS_LOG_FILE;FRONTEND_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` + Level string `yaml:"level" env:"OC_LOG_LEVEL;FRONTEND_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` + Pretty bool `yaml:"pretty" env:"OC_LOG_PRETTY;FRONTEND_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` + Color bool `yaml:"color" env:"OC_LOG_COLOR;FRONTEND_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` + File string `yaml:"file" env:"OC_LOG_FILE;FRONTEND_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` } type Service struct { @@ -91,10 +91,10 @@ type HTTPConfig struct { // CORS defines the available cors configuration. type CORS struct { - AllowedOrigins []string `yaml:"allow_origins" env:"OCIS_CORS_ALLOW_ORIGINS;FRONTEND_CORS_ALLOW_ORIGINS" desc:"A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AllowedMethods []string `yaml:"allow_methods" env:"OCIS_CORS_ALLOW_METHODS;FRONTEND_CORS_ALLOW_METHODS" desc:"A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AllowedHeaders []string `yaml:"allow_headers" env:"OCIS_CORS_ALLOW_HEADERS;FRONTEND_CORS_ALLOW_HEADERS" desc:"A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AllowCredentials bool `yaml:"allow_credentials" env:"OCIS_CORS_ALLOW_CREDENTIALS;FRONTEND_CORS_ALLOW_CREDENTIALS" desc:"Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials." introductionVersion:"pre5.0"` + AllowedOrigins []string `yaml:"allow_origins" env:"OC_CORS_ALLOW_ORIGINS;FRONTEND_CORS_ALLOW_ORIGINS" desc:"A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowedMethods []string `yaml:"allow_methods" env:"OC_CORS_ALLOW_METHODS;FRONTEND_CORS_ALLOW_METHODS" desc:"A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowedHeaders []string `yaml:"allow_headers" env:"OC_CORS_ALLOW_HEADERS;FRONTEND_CORS_ALLOW_HEADERS" desc:"A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowCredentials bool `yaml:"allow_credentials" env:"OC_CORS_ALLOW_CREDENTIALS;FRONTEND_CORS_ALLOW_CREDENTIALS" desc:"Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials." introductionVersion:"pre5.0"` } // Middleware configures reva middlewares. @@ -109,7 +109,7 @@ type Auth struct { type AppHandler struct { Prefix string `yaml:"-"` - Insecure bool `yaml:"insecure" env:"OCIS_INSECURE;FRONTEND_APP_HANDLER_INSECURE" desc:"Allow insecure connections to the frontend." introductionVersion:"pre5.0"` + Insecure bool `yaml:"insecure" env:"OC_INSECURE;FRONTEND_APP_HANDLER_INSECURE" desc:"Allow insecure connections to the frontend." introductionVersion:"pre5.0"` SecureViewAppAddr string `yaml:"secure_view_app_addr" env:"FRONTEND_APP_HANDLER_SECURE_VIEW_APP_ADDR" desc:"Service name or address of the app provider to use for secure view. Should match the service name or address of the registered CS3 app provider." introductionVersion:"6.0.0"` } @@ -117,7 +117,7 @@ type Archiver struct { MaxNumFiles int64 `yaml:"max_num_files" env:"FRONTEND_ARCHIVER_MAX_NUM_FILES" desc:"Max number of files that can be packed into an archive." introductionVersion:"pre5.0"` MaxSize int64 `yaml:"max_size" env:"FRONTEND_ARCHIVER_MAX_SIZE" desc:"Max size in bytes of the zip archive the archiver can create." introductionVersion:"pre5.0"` Prefix string `yaml:"-"` - Insecure bool `yaml:"insecure" env:"OCIS_INSECURE;FRONTEND_ARCHIVER_INSECURE" desc:"Allow insecure connections to the archiver." introductionVersion:"pre5.0"` + Insecure bool `yaml:"insecure" env:"OC_INSECURE;FRONTEND_ARCHIVER_INSECURE" desc:"Allow insecure connections to the archiver." introductionVersion:"pre5.0"` } type DataGateway struct { @@ -129,23 +129,23 @@ type OCS struct { SharePrefix string `yaml:"share_prefix" env:"FRONTEND_OCS_SHARE_PREFIX" desc:"Path prefix for shares as part of an ocis resource. Note that the path must start with '/'." introductionVersion:"pre5.0" deprecationVersion:"7.0.0" removalVersion:"%%NEXT_PRODUCTION_VERSION%%" deprecationInfo:"The OCS API is deprecated" deprecationReplacement:""` HomeNamespace string `yaml:"home_namespace" env:"FRONTEND_OCS_PERSONAL_NAMESPACE" desc:"Home namespace identifier." introductionVersion:"pre5.0" deprecationVersion:"7.0.0" removalVersion:"%%NEXT_PRODUCTION_VERSION%%" deprecationInfo:"The OCS API is deprecated" deprecationReplacement:""` AdditionalInfoAttribute string `yaml:"additional_info_attribute" env:"FRONTEND_OCS_ADDITIONAL_INFO_ATTRIBUTE" desc:"Additional information attribute for the user like {{.Mail}}." introductionVersion:"pre5.0" deprecationVersion:"7.0.0" removalVersion:"%%NEXT_PRODUCTION_VERSION%%" deprecationInfo:"The OCS API is deprecated" deprecationReplacement:""` - StatCacheType string `yaml:"stat_cache_type" env:"OCIS_CACHE_STORE;FRONTEND_OCS_STAT_CACHE_STORE" desc:"The type of the cache store. Supported values are: 'memory', 'redis-sentinel', 'nats-js-kv', 'noop'. See the text description for details." introductionVersion:"pre5.0" deprecationVersion:"7.0.0" removalVersion:"%%NEXT_PRODUCTION_VERSION%%" deprecationInfo:"FRONTEND_OCS_STAT_CACHE_STORE, the OCS API is deprecated" deprecationReplacement:""` - StatCacheNodes []string `yaml:"stat_cache_nodes" env:"OCIS_CACHE_STORE_NODES;FRONTEND_OCS_STAT_CACHE_STORE_NODES" desc:"A list of nodes to access the configured store. This has no effect when 'memory' store is configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details." introductionVersion:"pre5.0" deprecationVersion:"7.0.0" removalVersion:"%%NEXT_PRODUCTION_VERSION%%" deprecationInfo:"FRONTEND_OCS_STAT_CACHE_STORE_NODES, the OCS API is deprecated" deprecationReplacement:""` - StatCacheDatabase string `yaml:"stat_cache_database" env:"OCIS_CACHE_DATABASE" desc:"The database name the configured store should use." introductionVersion:"pre5.0"` + StatCacheType string `yaml:"stat_cache_type" env:"OC_CACHE_STORE;FRONTEND_OCS_STAT_CACHE_STORE" desc:"The type of the cache store. Supported values are: 'memory', 'redis-sentinel', 'nats-js-kv', 'noop'. See the text description for details." introductionVersion:"pre5.0" deprecationVersion:"7.0.0" removalVersion:"%%NEXT_PRODUCTION_VERSION%%" deprecationInfo:"FRONTEND_OCS_STAT_CACHE_STORE, the OCS API is deprecated" deprecationReplacement:""` + StatCacheNodes []string `yaml:"stat_cache_nodes" env:"OC_CACHE_STORE_NODES;FRONTEND_OCS_STAT_CACHE_STORE_NODES" desc:"A list of nodes to access the configured store. This has no effect when 'memory' store is configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details." introductionVersion:"pre5.0" deprecationVersion:"7.0.0" removalVersion:"%%NEXT_PRODUCTION_VERSION%%" deprecationInfo:"FRONTEND_OCS_STAT_CACHE_STORE_NODES, the OCS API is deprecated" deprecationReplacement:""` + StatCacheDatabase string `yaml:"stat_cache_database" env:"OC_CACHE_DATABASE" desc:"The database name the configured store should use." introductionVersion:"pre5.0"` StatCacheTable string `yaml:"stat_cache_table" env:"FRONTEND_OCS_STAT_CACHE_TABLE" desc:"The database table the store should use." introductionVersion:"pre5.0" deprecationVersion:"7.0.0" removalVersion:"%%NEXT_PRODUCTION_VERSION%%" deprecationInfo:"The OCS API is deprecated" deprecationReplacement:""` - StatCacheTTL time.Duration `yaml:"stat_cache_ttl" env:"OCIS_CACHE_TTL;FRONTEND_OCS_STAT_CACHE_TTL" desc:"Default time to live for user info in the cache. Only applied when access tokens has no expiration. See the Environment Variable Types description for more details." introductionVersion:"pre5.0" deprecationVersion:"7.0.0" removalVersion:"%%NEXT_PRODUCTION_VERSION%%" deprecationInfo:"FRONTEND_OCS_STAT_CACHE_TTL, the OCS API is deprecated" deprecationReplacement:""` - StatCacheDisablePersistence bool `yaml:"stat_cache_disable_persistence" env:"OCIS_CACHE_DISABLE_PERSISTENCE;FRONTEND_OCS_STAT_CACHE_DISABLE_PERSISTENCE" desc:"Disable persistence of the cache. Only applies when using the 'nats-js-kv' store type. Defaults to false." introductionVersion:"5.0" deprecationVersion:"7.0.0" removalVersion:"%%NEXT_PRODUCTION_VERSION%%" deprecationInfo:"FRONTEND_OCS_STAT_CACHE_DISABLE_PERSISTENCE, the OCS API is deprecated" deprecationReplacement:""` - StatCacheAuthUsername string `yaml:"stat_cache_auth_username" env:"OCIS_CACHE_AUTH_USERNAME;FRONTEND_OCS_STAT_CACHE_AUTH_USERNAME" desc:"The username to use for authentication. Only applies when using the 'nats-js-kv' store type." introductionVersion:"5.0" deprecationVersion:"7.0.0" removalVersion:"%%NEXT_PRODUCTION_VERSION%%" deprecationInfo:"FRONTEND_OCS_STAT_CACHE_AUTH_USERNAME, the OCS API is deprecated" deprecationReplacement:""` - StatCacheAuthPassword string `yaml:"stat_cache_auth_password" env:"OCIS_CACHE_AUTH_PASSWORD;FRONTEND_OCS_STAT_CACHE_AUTH_PASSWORD" desc:"The password to use for authentication. Only applies when using the 'nats-js-kv' store type." introductionVersion:"5.0" deprecationVersion:"7.0.0" removalVersion:"%%NEXT_PRODUCTION_VERSION%%" deprecationInfo:"FRONTEND_OCS_STAT_CACHE_AUTH_PASSWORD, the OCS API is deprecated" deprecationReplacement:""` + StatCacheTTL time.Duration `yaml:"stat_cache_ttl" env:"OC_CACHE_TTL;FRONTEND_OCS_STAT_CACHE_TTL" desc:"Default time to live for user info in the cache. Only applied when access tokens has no expiration. See the Environment Variable Types description for more details." introductionVersion:"pre5.0" deprecationVersion:"7.0.0" removalVersion:"%%NEXT_PRODUCTION_VERSION%%" deprecationInfo:"FRONTEND_OCS_STAT_CACHE_TTL, the OCS API is deprecated" deprecationReplacement:""` + StatCacheDisablePersistence bool `yaml:"stat_cache_disable_persistence" env:"OC_CACHE_DISABLE_PERSISTENCE;FRONTEND_OCS_STAT_CACHE_DISABLE_PERSISTENCE" desc:"Disable persistence of the cache. Only applies when using the 'nats-js-kv' store type. Defaults to false." introductionVersion:"5.0" deprecationVersion:"7.0.0" removalVersion:"%%NEXT_PRODUCTION_VERSION%%" deprecationInfo:"FRONTEND_OCS_STAT_CACHE_DISABLE_PERSISTENCE, the OCS API is deprecated" deprecationReplacement:""` + StatCacheAuthUsername string `yaml:"stat_cache_auth_username" env:"OC_CACHE_AUTH_USERNAME;FRONTEND_OCS_STAT_CACHE_AUTH_USERNAME" desc:"The username to use for authentication. Only applies when using the 'nats-js-kv' store type." introductionVersion:"5.0" deprecationVersion:"7.0.0" removalVersion:"%%NEXT_PRODUCTION_VERSION%%" deprecationInfo:"FRONTEND_OCS_STAT_CACHE_AUTH_USERNAME, the OCS API is deprecated" deprecationReplacement:""` + StatCacheAuthPassword string `yaml:"stat_cache_auth_password" env:"OC_CACHE_AUTH_PASSWORD;FRONTEND_OCS_STAT_CACHE_AUTH_PASSWORD" desc:"The password to use for authentication. Only applies when using the 'nats-js-kv' store type." introductionVersion:"5.0" deprecationVersion:"7.0.0" removalVersion:"%%NEXT_PRODUCTION_VERSION%%" deprecationInfo:"FRONTEND_OCS_STAT_CACHE_AUTH_PASSWORD, the OCS API is deprecated" deprecationReplacement:""` CacheWarmupDriver string `yaml:"cache_warmup_driver,omitempty"` // not supported by the oCIS product, therefore not part of docs CacheWarmupDrivers CacheWarmupDrivers `yaml:"cache_warmup_drivers,omitempty"` // not supported by the oCIS product, therefore not part of docs EnableDenials bool `yaml:"enable_denials" env:"FRONTEND_OCS_ENABLE_DENIALS" desc:"EXPERIMENTAL: enable the feature to deny access on folders." introductionVersion:"pre5.0" deprecationVersion:"7.0.0" removalVersion:"%%NEXT_PRODUCTION_VERSION%%" deprecationInfo:"The OCS API is deprecated" deprecationReplacement:""` - ListOCMShares bool `yaml:"list_ocm_shares" env:"OCIS_ENABLE_OCM;FRONTEND_OCS_LIST_OCM_SHARES" desc:"Include OCM shares when listing shares. See the OCM service documentation for more details." introductionVersion:"5.0" deprecationVersion:"7.0.0" removalVersion:"%%NEXT_PRODUCTION_VERSION%%" deprecationInfo:"FRONTEND_OCS_LIST_OCM_SHARES, the OCS API is deprecated" deprecationReplacement:""` - IncludeOCMSharees bool `yaml:"include_ocm_sharees" env:"OCIS_ENABLE_OCM;FRONTEND_OCS_INCLUDE_OCM_SHAREES" desc:"Include OCM sharees when listing sharees." introductionVersion:"5.0" deprecationVersion:"7.0.0" removalVersion:"%%NEXT_PRODUCTION_VERSION%%" deprecationInfo:"FRONTEND_OCS_INCLUDE_OCM_SHAREES, the OCS API is deprecated" deprecationReplacement:""` - PublicShareMustHavePassword bool `yaml:"public_sharing_share_must_have_password" env:"OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD" desc:"Set this to true if you want to enforce passwords on all public shares." introductionVersion:"5.0" deprecationVersion:"7.0.0" removalVersion:"%%NEXT_PRODUCTION_VERSION%%" deprecationInfo:"FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated" deprecationReplacement:""` - WriteablePublicShareMustHavePassword bool `yaml:"public_sharing_writeableshare_must_have_password" env:"OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD" desc:"Set this to true if you want to enforce passwords for writable shares. Only effective if the setting for 'passwords on all public shares' is set to false." introductionVersion:"5.0" deprecationVersion:"7.0.0" removalVersion:"%%NEXT_PRODUCTION_VERSION%%" deprecationInfo:"FRONTEND_OCS_PUBLIC_WRITABLE_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated" deprecationReplacement:""` - ShowUserEmailInResults bool `yaml:"show_email_in_results" env:"OCIS_SHOW_USER_EMAIL_IN_RESULTS" desc:"Include user email addresses in responses. If absent or set to false emails will be omitted from results. Please note that admin users can always see all email addresses." introductionVersion:"6.0.0"` + ListOCMShares bool `yaml:"list_ocm_shares" env:"OC_ENABLE_OCM;FRONTEND_OCS_LIST_OCM_SHARES" desc:"Include OCM shares when listing shares. See the OCM service documentation for more details." introductionVersion:"5.0" deprecationVersion:"7.0.0" removalVersion:"%%NEXT_PRODUCTION_VERSION%%" deprecationInfo:"FRONTEND_OCS_LIST_OCM_SHARES, the OCS API is deprecated" deprecationReplacement:""` + IncludeOCMSharees bool `yaml:"include_ocm_sharees" env:"OC_ENABLE_OCM;FRONTEND_OCS_INCLUDE_OCM_SHAREES" desc:"Include OCM sharees when listing sharees." introductionVersion:"5.0" deprecationVersion:"7.0.0" removalVersion:"%%NEXT_PRODUCTION_VERSION%%" deprecationInfo:"FRONTEND_OCS_INCLUDE_OCM_SHAREES, the OCS API is deprecated" deprecationReplacement:""` + PublicShareMustHavePassword bool `yaml:"public_sharing_share_must_have_password" env:"OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD" desc:"Set this to true if you want to enforce passwords on all public shares." introductionVersion:"5.0" deprecationVersion:"7.0.0" removalVersion:"%%NEXT_PRODUCTION_VERSION%%" deprecationInfo:"FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated" deprecationReplacement:""` + WriteablePublicShareMustHavePassword bool `yaml:"public_sharing_writeableshare_must_have_password" env:"OC_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD" desc:"Set this to true if you want to enforce passwords for writable shares. Only effective if the setting for 'passwords on all public shares' is set to false." introductionVersion:"5.0" deprecationVersion:"7.0.0" removalVersion:"%%NEXT_PRODUCTION_VERSION%%" deprecationInfo:"FRONTEND_OCS_PUBLIC_WRITABLE_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated" deprecationReplacement:""` + ShowUserEmailInResults bool `yaml:"show_email_in_results" env:"OC_SHOW_USER_EMAIL_IN_RESULTS" desc:"Include user email addresses in responses. If absent or set to false emails will be omitted from results. Please note that admin users can always see all email addresses." introductionVersion:"6.0.0"` } type CacheWarmupDrivers struct { @@ -168,28 +168,28 @@ type Checksums struct { // Events combines the configuration options for the event bus. type Events struct { - Endpoint string `yaml:"endpoint" env:"OCIS_EVENTS_ENDPOINT;FRONTEND_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"5.0"` - Cluster string `yaml:"cluster" env:"OCIS_EVENTS_CLUSTER;FRONTEND_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"5.0"` - TLSInsecure bool `yaml:"tls_insecure" env:"OCIS_INSECURE;FRONTEND_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"5.0"` + Endpoint string `yaml:"endpoint" env:"OC_EVENTS_ENDPOINT;FRONTEND_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"5.0"` + Cluster string `yaml:"cluster" env:"OC_EVENTS_CLUSTER;FRONTEND_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"5.0"` + TLSInsecure bool `yaml:"tls_insecure" env:"OC_INSECURE;FRONTEND_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"5.0"` TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"FRONTEND_EVENTS_TLS_ROOT_CA_CERTIFICATE;OCS_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"5.0"` - EnableTLS bool `yaml:"enable_tls" env:"OCIS_EVENTS_ENABLE_TLS;FRONTEND_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` - AuthUsername string `yaml:"username" env:"OCIS_EVENTS_AUTH_USERNAME;FRONTEND_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` - AuthPassword string `yaml:"password" env:"OCIS_EVENTS_AUTH_PASSWORD;FRONTEND_EVENTS_AUTH_PASSWORD" desc:"The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` + EnableTLS bool `yaml:"enable_tls" env:"OC_EVENTS_ENABLE_TLS;FRONTEND_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` + AuthUsername string `yaml:"username" env:"OC_EVENTS_AUTH_USERNAME;FRONTEND_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` + AuthPassword string `yaml:"password" env:"OC_EVENTS_AUTH_PASSWORD;FRONTEND_EVENTS_AUTH_PASSWORD" desc:"The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` } // ServiceAccount is the configuration for the used service account type ServiceAccount struct { - ServiceAccountID string `yaml:"service_account_id" env:"OCIS_SERVICE_ACCOUNT_ID;FRONTEND_SERVICE_ACCOUNT_ID" desc:"The ID of the service account the service should use. See the 'auth-service' service description for more details." introductionVersion:"5.0"` - ServiceAccountSecret string `yaml:"service_account_secret" env:"OCIS_SERVICE_ACCOUNT_SECRET;FRONTEND_SERVICE_ACCOUNT_SECRET" desc:"The service account secret." introductionVersion:"5.0"` + ServiceAccountID string `yaml:"service_account_id" env:"OC_SERVICE_ACCOUNT_ID;FRONTEND_SERVICE_ACCOUNT_ID" desc:"The ID of the service account the service should use. See the 'auth-service' service description for more details." introductionVersion:"5.0"` + ServiceAccountSecret string `yaml:"service_account_secret" env:"OC_SERVICE_ACCOUNT_SECRET;FRONTEND_SERVICE_ACCOUNT_SECRET" desc:"The service account secret." introductionVersion:"5.0"` } // PasswordPolicy configures reva password policy type PasswordPolicy struct { - Disabled bool `yaml:"disabled,omitempty" env:"OCIS_PASSWORD_POLICY_DISABLED;FRONTEND_PASSWORD_POLICY_DISABLED" desc:"Disable the password policy. Defaults to false if not set." introductionVersion:"5.0"` - MinCharacters int `yaml:"min_characters,omitempty" env:"OCIS_PASSWORD_POLICY_MIN_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_CHARACTERS" desc:"Define the minimum password length. Defaults to 8 if not set." introductionVersion:"5.0"` - MinLowerCaseCharacters int `yaml:"min_lowercase_characters" env:"OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS" desc:"Define the minimum number of uppercase letters. Defaults to 1 if not set." introductionVersion:"5.0"` - MinUpperCaseCharacters int `yaml:"min_uppercase_characters" env:"OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS" desc:"Define the minimum number of lowercase letters. Defaults to 1 if not set." introductionVersion:"5.0"` - MinDigits int `yaml:"min_digits" env:"OCIS_PASSWORD_POLICY_MIN_DIGITS;FRONTEND_PASSWORD_POLICY_MIN_DIGITS" desc:"Define the minimum number of digits. Defaults to 1 if not set." introductionVersion:"5.0"` - MinSpecialCharacters int `yaml:"min_special_characters" env:"OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS" desc:"Define the minimum number of characters from the special characters list to be present. Defaults to 1 if not set." introductionVersion:"5.0"` - BannedPasswordsList string `yaml:"banned_passwords_list" env:"OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST;FRONTEND_PASSWORD_POLICY_BANNED_PASSWORDS_LIST" desc:"Path to the 'banned passwords list' file. This only impacts public link password validation. See the documentation for more details." introductionVersion:"5.0"` + Disabled bool `yaml:"disabled,omitempty" env:"OC_PASSWORD_POLICY_DISABLED;FRONTEND_PASSWORD_POLICY_DISABLED" desc:"Disable the password policy. Defaults to false if not set." introductionVersion:"5.0"` + MinCharacters int `yaml:"min_characters,omitempty" env:"OC_PASSWORD_POLICY_MIN_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_CHARACTERS" desc:"Define the minimum password length. Defaults to 8 if not set." introductionVersion:"5.0"` + MinLowerCaseCharacters int `yaml:"min_lowercase_characters" env:"OC_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS" desc:"Define the minimum number of uppercase letters. Defaults to 1 if not set." introductionVersion:"5.0"` + MinUpperCaseCharacters int `yaml:"min_uppercase_characters" env:"OC_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS" desc:"Define the minimum number of lowercase letters. Defaults to 1 if not set." introductionVersion:"5.0"` + MinDigits int `yaml:"min_digits" env:"OC_PASSWORD_POLICY_MIN_DIGITS;FRONTEND_PASSWORD_POLICY_MIN_DIGITS" desc:"Define the minimum number of digits. Defaults to 1 if not set." introductionVersion:"5.0"` + MinSpecialCharacters int `yaml:"min_special_characters" env:"OC_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS" desc:"Define the minimum number of characters from the special characters list to be present. Defaults to 1 if not set." introductionVersion:"5.0"` + BannedPasswordsList string `yaml:"banned_passwords_list" env:"OC_PASSWORD_POLICY_BANNED_PASSWORDS_LIST;FRONTEND_PASSWORD_POLICY_BANNED_PASSWORDS_LIST" desc:"Path to the 'banned passwords list' file. This only impacts public link password validation. See the documentation for more details." introductionVersion:"5.0"` } diff --git a/services/frontend/pkg/config/reva.go b/services/frontend/pkg/config/reva.go index 6b3785b15..40ebc791b 100644 --- a/services/frontend/pkg/config/reva.go +++ b/services/frontend/pkg/config/reva.go @@ -2,5 +2,5 @@ package config // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;FRONTEND_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` + JWTSecret string `yaml:"jwt_secret" env:"OC_JWT_SECRET;FRONTEND_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` } diff --git a/services/frontend/pkg/config/tracing.go b/services/frontend/pkg/config/tracing.go index d4f412dcb..b5fb8ed4d 100644 --- a/services/frontend/pkg/config/tracing.go +++ b/services/frontend/pkg/config/tracing.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/tracing" // Tracing sets the tracing parameters for the frontend service. type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;FRONTEND_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;FRONTEND_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;FRONTEND_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;FRONTEND_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;FRONTEND_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;FRONTEND_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;FRONTEND_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;FRONTEND_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` } // Convert Tracing to the tracing package's Config struct. diff --git a/services/gateway/README.md b/services/gateway/README.md index 5227e27bf..7af9034fd 100644 --- a/services/gateway/README.md +++ b/services/gateway/README.md @@ -8,9 +8,9 @@ The gateway service is using caching as it is highly frequented with the same re - the `provider cache` is caching requests to list or get storage providers. - the `create home cache` is caching requests to create personal spaces (as they only need to be executed once). -Both caches can be configured via the `OCIS_CACHE_*` envvars (or `GATEWAY_PROVIDER_CACHE_*` and `GATEWAY_CREATE_HOME_CACHE_*` respectively). See the [envvar section](/services/gateway/configuration/#environment-variables) for details. +Both caches can be configured via the `OC_CACHE_*` envvars (or `GATEWAY_PROVIDER_CACHE_*` and `GATEWAY_CREATE_HOME_CACHE_*` respectively). See the [envvar section](/services/gateway/configuration/#environment-variables) for details. -Use `OCIS_CACHE_STORE` (`GATEWAY_PROVIDER_CACHE_STORE`, `GATEWAY_CREATE_HOME_CACHE_STORE`) to define the type of cache to use: +Use `OC_CACHE_STORE` (`GATEWAY_PROVIDER_CACHE_STORE`, `GATEWAY_CREATE_HOME_CACHE_STORE`) to define the type of cache to use: - `memory`: Basic in-memory store and the default. - `redis-sentinel`: Stores data in a configured Redis Sentinel cluster. - `nats-js-kv`: Stores data using key-value-store feature of [nats jetstream](https://docs.nats.io/nats-concepts/jetstream/key-value-store) @@ -23,9 +23,9 @@ Note: The service can only be scaled if not using `memory` store and the stores Note that if you have used one of the deprecated stores, you should reconfigure to one of the supported ones as the deprecated stores will be removed in a later version. Store specific notes: - - When using `redis-sentinel`, the Redis master to use is configured via e.g. `OCIS_CACHE_STORE_NODES` in the form of `:/` like `10.10.0.200:26379/mymaster`. - - When using `nats-js-kv` it is recommended to set `OCIS_CACHE_STORE_NODES` to the same value as `OCIS_EVENTS_ENDPOINT`. That way the cache uses the same nats instance as the event bus. - - When using the `nats-js-kv` store, it is possible to set `OCIS_CACHE_DISABLE_PERSISTENCE` to instruct nats to not persist cache data on disc. + - When using `redis-sentinel`, the Redis master to use is configured via e.g. `OC_CACHE_STORE_NODES` in the form of `:/` like `10.10.0.200:26379/mymaster`. + - When using `nats-js-kv` it is recommended to set `OC_CACHE_STORE_NODES` to the same value as `OC_EVENTS_ENDPOINT`. That way the cache uses the same nats instance as the event bus. + - When using the `nats-js-kv` store, it is possible to set `OC_CACHE_DISABLE_PERSISTENCE` to instruct nats to not persist cache data on disc. ## Service Endpoints @@ -40,7 +40,7 @@ The scheme for this setup is the following. Note that there is, except storage, | **envvar** | **default** | **alternative** | |------|------|------| -| OCIS_GRPC_PROTOCOL or
``_GRPC_PROTOCOL | tcp | unix | +| OC_GRPC_PROTOCOL or
``_GRPC_PROTOCOL | tcp | unix | | ``_GRPC_ADDR | 127.0.0.1:`` | /var/run/ocis/``.sock | | GATEWAY_``_ENDPOINT | com.owncloud.api.`` | unix:/var/run/ocis/``.sock
dns: ...
kubernetes: ... | diff --git a/services/gateway/pkg/config/config.go b/services/gateway/pkg/config/config.go index f539cb2c5..2586589cf 100644 --- a/services/gateway/pkg/config/config.go +++ b/services/gateway/pkg/config/config.go @@ -25,11 +25,11 @@ type Config struct { CommitShareToStorageGrant bool `yaml:"commit_share_to_storage_grant" env:"GATEWAY_COMMIT_SHARE_TO_STORAGE_GRANT" desc:"Commit shares to storage grants. This grants access to shared resources for the share receiver directly on the storage." introductionVersion:"pre5.0"` ShareFolder string `yaml:"share_folder_name" env:"GATEWAY_SHARE_FOLDER_NAME" desc:"Name of the share folder in users' home space." introductionVersion:"pre5.0"` DisableHomeCreationOnLogin bool `yaml:"disable_home_creation_on_login" env:"GATEWAY_DISABLE_HOME_CREATION_ON_LOGIN" desc:"Disable creation of the home space on login." introductionVersion:"pre5.0"` - TransferSecret string `yaml:"transfer_secret" env:"OCIS_TRANSFER_SECRET" desc:"The storage transfer secret." introductionVersion:"pre5.0"` + TransferSecret string `yaml:"transfer_secret" env:"OC_TRANSFER_SECRET" desc:"The storage transfer secret." introductionVersion:"pre5.0"` TransferExpires int `yaml:"transfer_expires" env:"GATEWAY_TRANSFER_EXPIRES" desc:"Expiry for the gateway tokens." introductionVersion:"pre5.0"` Cache Cache `yaml:"cache"` - FrontendPublicURL string `yaml:"frontend_public_url" env:"OCIS_URL;GATEWAY_FRONTEND_PUBLIC_URL" desc:"The public facing URL of the oCIS frontend." introductionVersion:"pre5.0"` + FrontendPublicURL string `yaml:"frontend_public_url" env:"OC_URL;GATEWAY_FRONTEND_PUBLIC_URL" desc:"The public facing URL of the oCIS frontend." introductionVersion:"pre5.0"` UsersEndpoint string `yaml:"users_endpoint" env:"GATEWAY_USERS_ENDPOINT" desc:"The endpoint of the users service. Can take a service name or a gRPC URI with the dns, kubernetes or unix protocol." introductionVersion:"7.0.0"` GroupsEndpoint string `yaml:"groups_endpoint" env:"GATEWAY_GROUPS_ENDPOINT" desc:"The endpoint of the groups service. Can take a service name or a gRPC URI with the dns, kubernetes or unix protocol." introductionVersion:"7.0.0"` @@ -52,10 +52,10 @@ type Config struct { } type Log struct { - Level string `yaml:"level" env:"OCIS_LOG_LEVEL;GATEWAY_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` - Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;GATEWAY_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` - Color bool `yaml:"color" env:"OCIS_LOG_COLOR;GATEWAY_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` - File string `yaml:"file" env:"OCIS_LOG_FILE;GATEWAY_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` + Level string `yaml:"level" env:"OC_LOG_LEVEL;GATEWAY_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` + Pretty bool `yaml:"pretty" env:"OC_LOG_PRETTY;GATEWAY_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` + Color bool `yaml:"color" env:"OC_LOG_COLOR;GATEWAY_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` + File string `yaml:"file" env:"OC_LOG_FILE;GATEWAY_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` } type Service struct { @@ -70,10 +70,10 @@ type Debug struct { } type GRPCConfig struct { - Addr string `yaml:"addr" env:"OCIS_GATEWAY_GRPC_ADDR;GATEWAY_GRPC_ADDR" desc:"The bind address of the GRPC service." introductionVersion:"pre5.0"` + Addr string `yaml:"addr" env:"OC_GATEWAY_GRPC_ADDR;GATEWAY_GRPC_ADDR" desc:"The bind address of the GRPC service." introductionVersion:"pre5.0"` TLS *shared.GRPCServiceTLS `yaml:"tls"` Namespace string `yaml:"-"` - Protocol string `yaml:"protocol" env:"OCIS_GRPC_PROTOCOL;GATEWAY_GRPC_PROTOCOL" desc:"The transport protocol of the GRPC service." introductionVersion:"pre5.0"` + Protocol string `yaml:"protocol" env:"OC_GRPC_PROTOCOL;GATEWAY_GRPC_PROTOCOL" desc:"The transport protocol of the GRPC service." introductionVersion:"pre5.0"` } type StorageRegistry struct { @@ -85,18 +85,18 @@ type StorageRegistry struct { // Cache holds cache config type Cache struct { - ProviderCacheStore string `yaml:"provider_cache_store" env:"OCIS_CACHE_STORE;GATEWAY_PROVIDER_CACHE_STORE" desc:"The type of the cache store. Supported values are: 'memory', 'redis-sentinel', 'nats-js-kv', 'noop'. See the text description for details." introductionVersion:"pre5.0"` - ProviderCacheNodes []string `yaml:"provider_cache_nodes" env:"OCIS_CACHE_STORE_NODES;GATEWAY_PROVIDER_CACHE_STORE_NODES" desc:"A list of nodes to access the configured store. This has no effect when 'memory' store is configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - ProviderCacheDatabase string `yaml:"provider_cache_database" env:"OCIS_CACHE_DATABASE" desc:"The database name the configured store should use." introductionVersion:"pre5.0"` - ProviderCacheTTL time.Duration `yaml:"provider_cache_ttl" env:"OCIS_CACHE_TTL;GATEWAY_PROVIDER_CACHE_TTL" desc:"Default time to live for user info in the cache. Only applied when access tokens has no expiration. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - ProviderCacheDisablePersistence bool `yaml:"provider_cache_disable_persistence" env:"OCIS_CACHE_DISABLE_PERSISTENCE;GATEWAY_PROVIDER_CACHE_DISABLE_PERSISTENCE" desc:"Disables persistence of the provider cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false." introductionVersion:"5.0"` - ProviderCacheAuthUsername string `yaml:"provider_cache_auth_username" env:"OCIS_CACHE_AUTH_USERNAME;GATEWAY_PROVIDER_CACHE_AUTH_USERNAME" desc:"The username to use for authentication. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` - ProviderCacheAuthPassword string `yaml:"provider_cache_auth_password" env:"OCIS_CACHE_AUTH_PASSWORD;GATEWAY_PROVIDER_CACHE_AUTH_PASSWORD" desc:"The password to use for authentication. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` - CreateHomeCacheStore string `yaml:"create_home_cache_store" env:"OCIS_CACHE_STORE;GATEWAY_CREATE_HOME_CACHE_STORE" desc:"The type of the cache store. Supported values are: 'memory', 'redis-sentinel', 'nats-js-kv', 'noop'. See the text description for details." introductionVersion:"pre5.0"` - CreateHomeCacheNodes []string `yaml:"create_home_cache_nodes" env:"OCIS_CACHE_STORE_NODES;GATEWAY_CREATE_HOME_CACHE_STORE_NODES" desc:"A list of nodes to access the configured store. This has no effect when 'memory' store is configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - CreateHomeCacheDatabase string `yaml:"create_home_cache_database" env:"OCIS_CACHE_DATABASE" desc:"The database name the configured store should use." introductionVersion:"pre5.0"` - CreateHomeCacheTTL time.Duration `yaml:"create_home_cache_ttl" env:"OCIS_CACHE_TTL;GATEWAY_CREATE_HOME_CACHE_TTL" desc:"Default time to live for user info in the cache. Only applied when access tokens has no expiration. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - CreateHomeCacheDisablePersistence bool `yaml:"create_home_cache_disable_persistence" env:"OCIS_CACHE_DISABLE_PERSISTENCE;GATEWAY_CREATE_HOME_CACHE_DISABLE_PERSISTENCE" desc:"Disables persistence of the create home cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false." introductionVersion:"5.0"` - CreateHomeCacheAuthUsername string `yaml:"create_home_cache_auth_username" env:"OCIS_CACHE_AUTH_USERNAME;GATEWAY_CREATE_HOME_CACHE_AUTH_USERNAME" desc:"The username to use for authentication. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` - CreateHomeCacheAuthPassword string `yaml:"create_home_cache_auth_password" env:"OCIS_CACHE_AUTH_PASSWORD;GATEWAY_CREATE_HOME_CACHE_AUTH_PASSWORD" desc:"The password to use for authentication. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` + ProviderCacheStore string `yaml:"provider_cache_store" env:"OC_CACHE_STORE;GATEWAY_PROVIDER_CACHE_STORE" desc:"The type of the cache store. Supported values are: 'memory', 'redis-sentinel', 'nats-js-kv', 'noop'. See the text description for details." introductionVersion:"pre5.0"` + ProviderCacheNodes []string `yaml:"provider_cache_nodes" env:"OC_CACHE_STORE_NODES;GATEWAY_PROVIDER_CACHE_STORE_NODES" desc:"A list of nodes to access the configured store. This has no effect when 'memory' store is configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + ProviderCacheDatabase string `yaml:"provider_cache_database" env:"OC_CACHE_DATABASE" desc:"The database name the configured store should use." introductionVersion:"pre5.0"` + ProviderCacheTTL time.Duration `yaml:"provider_cache_ttl" env:"OC_CACHE_TTL;GATEWAY_PROVIDER_CACHE_TTL" desc:"Default time to live for user info in the cache. Only applied when access tokens has no expiration. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + ProviderCacheDisablePersistence bool `yaml:"provider_cache_disable_persistence" env:"OC_CACHE_DISABLE_PERSISTENCE;GATEWAY_PROVIDER_CACHE_DISABLE_PERSISTENCE" desc:"Disables persistence of the provider cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false." introductionVersion:"5.0"` + ProviderCacheAuthUsername string `yaml:"provider_cache_auth_username" env:"OC_CACHE_AUTH_USERNAME;GATEWAY_PROVIDER_CACHE_AUTH_USERNAME" desc:"The username to use for authentication. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` + ProviderCacheAuthPassword string `yaml:"provider_cache_auth_password" env:"OC_CACHE_AUTH_PASSWORD;GATEWAY_PROVIDER_CACHE_AUTH_PASSWORD" desc:"The password to use for authentication. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` + CreateHomeCacheStore string `yaml:"create_home_cache_store" env:"OC_CACHE_STORE;GATEWAY_CREATE_HOME_CACHE_STORE" desc:"The type of the cache store. Supported values are: 'memory', 'redis-sentinel', 'nats-js-kv', 'noop'. See the text description for details." introductionVersion:"pre5.0"` + CreateHomeCacheNodes []string `yaml:"create_home_cache_nodes" env:"OC_CACHE_STORE_NODES;GATEWAY_CREATE_HOME_CACHE_STORE_NODES" desc:"A list of nodes to access the configured store. This has no effect when 'memory' store is configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + CreateHomeCacheDatabase string `yaml:"create_home_cache_database" env:"OC_CACHE_DATABASE" desc:"The database name the configured store should use." introductionVersion:"pre5.0"` + CreateHomeCacheTTL time.Duration `yaml:"create_home_cache_ttl" env:"OC_CACHE_TTL;GATEWAY_CREATE_HOME_CACHE_TTL" desc:"Default time to live for user info in the cache. Only applied when access tokens has no expiration. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + CreateHomeCacheDisablePersistence bool `yaml:"create_home_cache_disable_persistence" env:"OC_CACHE_DISABLE_PERSISTENCE;GATEWAY_CREATE_HOME_CACHE_DISABLE_PERSISTENCE" desc:"Disables persistence of the create home cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false." introductionVersion:"5.0"` + CreateHomeCacheAuthUsername string `yaml:"create_home_cache_auth_username" env:"OC_CACHE_AUTH_USERNAME;GATEWAY_CREATE_HOME_CACHE_AUTH_USERNAME" desc:"The username to use for authentication. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` + CreateHomeCacheAuthPassword string `yaml:"create_home_cache_auth_password" env:"OC_CACHE_AUTH_PASSWORD;GATEWAY_CREATE_HOME_CACHE_AUTH_PASSWORD" desc:"The password to use for authentication. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` } diff --git a/services/gateway/pkg/config/reva.go b/services/gateway/pkg/config/reva.go index 717c26069..474601915 100644 --- a/services/gateway/pkg/config/reva.go +++ b/services/gateway/pkg/config/reva.go @@ -2,5 +2,5 @@ package config // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;GATEWAY_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` + JWTSecret string `yaml:"jwt_secret" env:"OC_JWT_SECRET;GATEWAY_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` } diff --git a/services/gateway/pkg/config/tracing.go b/services/gateway/pkg/config/tracing.go index 2caf008b0..cf6d9840a 100644 --- a/services/gateway/pkg/config/tracing.go +++ b/services/gateway/pkg/config/tracing.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/tracing" // Tracing defines the configuration options for tracing. type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;GATEWAY_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;GATEWAY_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;GATEWAY_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;GATEWAY_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;GATEWAY_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;GATEWAY_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;GATEWAY_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;GATEWAY_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` } // Convert Tracing to the tracing package's Config struct. diff --git a/services/graph/README.md b/services/graph/README.md index f5b0d0327..4dc03c618 100644 --- a/services/graph/README.md +++ b/services/graph/README.md @@ -28,13 +28,13 @@ The graph service provides endpoints for querying users and groups. It features The LDAP backend is configured using a set of environment variables. A detailed list of all the available configuration options can be found in the [documentation](https://owncloud.dev/services/graph/configuration/#environment-variables). -The LDAP related options are prefixed with `OCIS_LDAP_` (or `GRAPH_LDAP_` for settings specific to graph service). +The LDAP related options are prefixed with `OC_LDAP_` (or `GRAPH_LDAP_` for settings specific to graph service). #### Read-Only Access to Existing LDAP Servers -To connect the graph service to an existing LDAP server, set `OCIS_LDAP_SERVER_WRITE_ENABLED` to +To connect the graph service to an existing LDAP server, set `OC_LDAP_SERVER_WRITE_ENABLED` to `false` to prevent the graph service from sending write operations to the LDAP server. Also set the -various `OCIS_LDAP_*` environment variables to match the configuration of the LDAP server you are connecting +various `OC_LDAP_*` environment variables to match the configuration of the LDAP server you are connecting to. An example configuration for connecting oCIS to an instance of Microsoft Active Directory is available [here](https://owncloud.dev/ocis/identity-provider/ldap-active-directory/). @@ -74,20 +74,20 @@ Note: The service can only be scaled if not using `memory` store and the stores Note that if you have used one of the deprecated stores, you should reconfigure to one of the supported ones as the deprecated stores will be removed in a later version. Store specific notes: - - When using `redis-sentinel`, the Redis master to use is configured via e.g. `OCIS_CACHE_STORE_NODES` in the form of `:/` like `10.10.0.200:26379/mymaster`. - - When using `nats-js-kv` it is recommended to set `OCIS_CACHE_STORE_NODES` to the same value as `OCIS_EVENTS_ENDPOINT`. That way the cache uses the same nats instance as the event bus. - - When using the `nats-js-kv` store, it is possible to set `OCIS_CACHE_DISABLE_PERSISTENCE` to instruct nats to not persist cache data on disc. + - When using `redis-sentinel`, the Redis master to use is configured via e.g. `OC_CACHE_STORE_NODES` in the form of `:/` like `10.10.0.200:26379/mymaster`. + - When using `nats-js-kv` it is recommended to set `OC_CACHE_STORE_NODES` to the same value as `OC_EVENTS_ENDPOINT`. That way the cache uses the same nats instance as the event bus. + - When using the `nats-js-kv` store, it is possible to set `OC_CACHE_DISABLE_PERSISTENCE` to instruct nats to not persist cache data on disc. ## Keycloak Configuration For The Personal Data Export If Keycloak is used for authentication, GDPR regulations require to add all personal identifiable information that Keycloak has about the user to the personal data export. To do this, the following environment variables must be set: -* `OCIS_KEYCLOAK_BASE_PATH` - The URL to the keycloak instance. -* `OCIS_KEYCLOAK_CLIENT_ID` - The client ID of the client that is used to authenticate with keycloak, this client has to be able to list users and get the credential data. -* `OCIS_KEYCLOAK_CLIENT_SECRET` - The client secret of the client that is used to authenticate with keycloak. -* `OCIS_KEYCLOAK_CLIENT_REALM` - The realm the client is defined in. -* `OCIS_KEYCLOAK_USER_REALM` - The realm the oCIS users are defined in. -* `OCIS_KEYCLOAK_INSECURE_SKIP_VERIFY` - If set to true, the TLS certificate of the keycloak instance is not verified. +* `OC_KEYCLOAK_BASE_PATH` - The URL to the keycloak instance. +* `OC_KEYCLOAK_CLIENT_ID` - The client ID of the client that is used to authenticate with keycloak, this client has to be able to list users and get the credential data. +* `OC_KEYCLOAK_CLIENT_SECRET` - The client secret of the client that is used to authenticate with keycloak. +* `OC_KEYCLOAK_CLIENT_REALM` - The realm the client is defined in. +* `OC_KEYCLOAK_USER_REALM` - The realm the oCIS users are defined in. +* `OC_KEYCLOAK_INSECURE_SKIP_VERIFY` - If set to true, the TLS certificate of the keycloak instance is not verified. For more details see the [User-Triggered GDPR Report](https://doc.owncloud.com/ocis/next/deployment/gdpr/gdpr.html) in the ocis admin documentation. @@ -128,7 +128,7 @@ which is the source of the texts provided by the code. ## Default Language -The default language can be defined via the `OCIS_DEFAULT_LANGUAGE` environment variable. See the `settings` service for a detailed description. +The default language can be defined via the `OC_DEFAULT_LANGUAGE` environment variable. See the `settings` service for a detailed description. ## Unified Role Management diff --git a/services/graph/pkg/config/cache.go b/services/graph/pkg/config/cache.go index ca7a103a8..1a3974710 100644 --- a/services/graph/pkg/config/cache.go +++ b/services/graph/pkg/config/cache.go @@ -4,12 +4,12 @@ import "time" // Cache defines the available configuration for a cache store type Cache struct { - Store string `yaml:"store" env:"OCIS_CACHE_STORE;GRAPH_CACHE_STORE" desc:"The type of the cache store. Supported values are: 'memory', 'redis-sentinel', 'nats-js-kv', 'noop'. See the text description for details." introductionVersion:"pre5.0"` - Nodes []string `yaml:"nodes" env:"OCIS_CACHE_STORE_NODES;GRAPH_CACHE_STORE_NODES" desc:"A list of nodes to access the configured store. This has no effect when 'memory' store are configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + Store string `yaml:"store" env:"OC_CACHE_STORE;GRAPH_CACHE_STORE" desc:"The type of the cache store. Supported values are: 'memory', 'redis-sentinel', 'nats-js-kv', 'noop'. See the text description for details." introductionVersion:"pre5.0"` + Nodes []string `yaml:"nodes" env:"OC_CACHE_STORE_NODES;GRAPH_CACHE_STORE_NODES" desc:"A list of nodes to access the configured store. This has no effect when 'memory' store are configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` Database string `yaml:"database" env:"GRAPH_CACHE_STORE_DATABASE" desc:"The database name the configured store should use." introductionVersion:"pre5.0"` Table string `yaml:"table" env:"GRAPH_CACHE_STORE_TABLE" desc:"The database table the store should use." introductionVersion:"pre5.0"` - TTL time.Duration `yaml:"ttl" env:"OCIS_CACHE_TTL;GRAPH_CACHE_TTL" desc:"Time to live for cache records in the graph. Defaults to '336h' (2 weeks). See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - DisablePersistence bool `yaml:"disable_persistence" env:"OCIS_CACHE_DISABLE_PERSISTENCE;GRAPH_CACHE_DISABLE_PERSISTENCE" desc:"Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false." introductionVersion:"5.0"` - AuthUsername string `yaml:"username" env:"OCIS_CACHE_AUTH_USERNAME;GRAPH_CACHE_AUTH_USERNAME" desc:"The username to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` - AuthPassword string `yaml:"password" env:"OCIS_CACHE_AUTH_PASSWORD;GRAPH_CACHE_AUTH_PASSWORD" desc:"The password to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` + TTL time.Duration `yaml:"ttl" env:"OC_CACHE_TTL;GRAPH_CACHE_TTL" desc:"Time to live for cache records in the graph. Defaults to '336h' (2 weeks). See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + DisablePersistence bool `yaml:"disable_persistence" env:"OC_CACHE_DISABLE_PERSISTENCE;GRAPH_CACHE_DISABLE_PERSISTENCE" desc:"Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false." introductionVersion:"5.0"` + AuthUsername string `yaml:"username" env:"OC_CACHE_AUTH_USERNAME;GRAPH_CACHE_AUTH_USERNAME" desc:"The username to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` + AuthPassword string `yaml:"password" env:"OC_CACHE_AUTH_PASSWORD;GRAPH_CACHE_AUTH_PASSWORD" desc:"The password to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` } diff --git a/services/graph/pkg/config/config.go b/services/graph/pkg/config/config.go index 0b127950c..ad4542b5e 100644 --- a/services/graph/pkg/config/config.go +++ b/services/graph/pkg/config/config.go @@ -28,10 +28,10 @@ type Config struct { Application Application `yaml:"application"` Spaces Spaces `yaml:"spaces"` Identity Identity `yaml:"identity"` - IncludeOCMSharees bool `yaml:"include_ocm_sharees" env:"OCIS_ENABLE_OCM;GRAPH_INCLUDE_OCM_SHAREES" desc:"Include OCM sharees when listing users." introductionVersion:"5.0"` + IncludeOCMSharees bool `yaml:"include_ocm_sharees" env:"OC_ENABLE_OCM;GRAPH_INCLUDE_OCM_SHAREES" desc:"Include OCM sharees when listing users." introductionVersion:"5.0"` Events Events `yaml:"events"` UnifiedRoles UnifiedRoles `yaml:"unified_roles"` - MaxConcurrency int `yaml:"max_concurrency" env:"OCIS_MAX_CONCURRENCY;GRAPH_MAX_CONCURRENCY" desc:"The maximum number of concurrent requests the service will handle." introductionVersion:"7.0.0"` + MaxConcurrency int `yaml:"max_concurrency" env:"OC_MAX_CONCURRENCY;GRAPH_MAX_CONCURRENCY" desc:"The maximum number of concurrent requests the service will handle." introductionVersion:"7.0.0"` Keycloak Keycloak `yaml:"keycloak"` ServiceAccount ServiceAccount `yaml:"service_account"` @@ -40,51 +40,51 @@ type Config struct { } type Spaces struct { - WebDavBase string `yaml:"webdav_base" env:"OCIS_URL;GRAPH_SPACES_WEBDAV_BASE" desc:"The public facing URL of WebDAV." introductionVersion:"pre5.0"` + WebDavBase string `yaml:"webdav_base" env:"OC_URL;GRAPH_SPACES_WEBDAV_BASE" desc:"The public facing URL of WebDAV." introductionVersion:"pre5.0"` WebDavPath string `yaml:"webdav_path" env:"GRAPH_SPACES_WEBDAV_PATH" desc:"The WebDAV sub-path for spaces." introductionVersion:"pre5.0"` DefaultQuota string `yaml:"default_quota" env:"GRAPH_SPACES_DEFAULT_QUOTA" desc:"The default quota in bytes." introductionVersion:"pre5.0"` ExtendedSpacePropertiesCacheTTL int `yaml:"extended_space_properties_cache_ttl" env:"GRAPH_SPACES_EXTENDED_SPACE_PROPERTIES_CACHE_TTL" desc:"Max TTL in seconds for the spaces property cache." introductionVersion:"pre5.0"` UsersCacheTTL int `yaml:"users_cache_ttl" env:"GRAPH_SPACES_USERS_CACHE_TTL" desc:"Max TTL in seconds for the spaces users cache." introductionVersion:"pre5.0"` GroupsCacheTTL int `yaml:"groups_cache_ttl" env:"GRAPH_SPACES_GROUPS_CACHE_TTL" desc:"Max TTL in seconds for the spaces groups cache." introductionVersion:"pre5.0"` StorageUsersAddress string `yaml:"storage_users_address" env:"GRAPH_SPACES_STORAGE_USERS_ADDRESS" desc:"The address of the storage-users service." introductionVersion:"5.0"` - DefaultLanguage string `yaml:"default_language" env:"OCIS_DEFAULT_LANGUAGE" desc:"The default language used by services and the WebUI. If not defined, English will be used as default. See the documentation for more details." introductionVersion:"5.0"` - TranslationPath string `yaml:"translation_path" env:"OCIS_TRANSLATION_PATH;GRAPH_TRANSLATION_PATH" desc:"(optional) Set this to a path with custom translations to overwrite the builtin translations. Note that file and folder naming rules apply, see the documentation for more details." introductionVersion:"7.0.0"` + DefaultLanguage string `yaml:"default_language" env:"OC_DEFAULT_LANGUAGE" desc:"The default language used by services and the WebUI. If not defined, English will be used as default. See the documentation for more details." introductionVersion:"5.0"` + TranslationPath string `yaml:"translation_path" env:"OC_TRANSLATION_PATH;GRAPH_TRANSLATION_PATH" desc:"(optional) Set this to a path with custom translations to overwrite the builtin translations. Note that file and folder naming rules apply, see the documentation for more details." introductionVersion:"7.0.0"` } type LDAP struct { - URI string `yaml:"uri" env:"OCIS_LDAP_URI;GRAPH_LDAP_URI" desc:"URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' and 'ldap://'" introductionVersion:"pre5.0"` - CACert string `yaml:"cacert" env:"OCIS_LDAP_CACERT;GRAPH_LDAP_CACERT" desc:"Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/idm." introductionVersion:"pre5.0"` - Insecure bool `yaml:"insecure" env:"OCIS_LDAP_INSECURE;GRAPH_LDAP_INSECURE" desc:"Disable TLS certificate validation for the LDAP connections. Do not set this in production environments." introductionVersion:"pre5.0"` - BindDN string `yaml:"bind_dn" env:"OCIS_LDAP_BIND_DN;GRAPH_LDAP_BIND_DN" desc:"LDAP DN to use for simple bind authentication with the target LDAP server." introductionVersion:"pre5.0"` - BindPassword string `yaml:"bind_password" env:"OCIS_LDAP_BIND_PASSWORD;GRAPH_LDAP_BIND_PASSWORD" desc:"Password to use for authenticating the 'bind_dn'." introductionVersion:"pre5.0"` + URI string `yaml:"uri" env:"OC_LDAP_URI;GRAPH_LDAP_URI" desc:"URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' and 'ldap://'" introductionVersion:"pre5.0"` + CACert string `yaml:"cacert" env:"OC_LDAP_CACERT;GRAPH_LDAP_CACERT" desc:"Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idm." introductionVersion:"pre5.0"` + Insecure bool `yaml:"insecure" env:"OC_LDAP_INSECURE;GRAPH_LDAP_INSECURE" desc:"Disable TLS certificate validation for the LDAP connections. Do not set this in production environments." introductionVersion:"pre5.0"` + BindDN string `yaml:"bind_dn" env:"OC_LDAP_BIND_DN;GRAPH_LDAP_BIND_DN" desc:"LDAP DN to use for simple bind authentication with the target LDAP server." introductionVersion:"pre5.0"` + BindPassword string `yaml:"bind_password" env:"OC_LDAP_BIND_PASSWORD;GRAPH_LDAP_BIND_PASSWORD" desc:"Password to use for authenticating the 'bind_dn'." introductionVersion:"pre5.0"` UseServerUUID bool `yaml:"use_server_uuid" env:"GRAPH_LDAP_SERVER_UUID" desc:"If set to true, rely on the LDAP Server to generate a unique ID for users and groups, like when using 'entryUUID' as the user ID attribute." introductionVersion:"pre5.0"` UsePasswordModExOp bool `yaml:"use_password_modify_exop" env:"GRAPH_LDAP_SERVER_USE_PASSWORD_MODIFY_EXOP" desc:"Use the 'Password Modify Extended Operation' for updating user passwords." introductionVersion:"pre5.0"` - WriteEnabled bool `yaml:"write_enabled" env:"OCIS_LDAP_SERVER_WRITE_ENABLED;GRAPH_LDAP_SERVER_WRITE_ENABLED" desc:"Allow creating, modifying and deleting LDAP users via the GRAPH API. This can only be set to 'true' when keeping default settings for the LDAP user and group attribute types (the 'OCIS_LDAP_USER_SCHEMA_* and 'OCIS_LDAP_GROUP_SCHEMA_* variables)." introductionVersion:"pre5.0"` + WriteEnabled bool `yaml:"write_enabled" env:"OC_LDAP_SERVER_WRITE_ENABLED;GRAPH_LDAP_SERVER_WRITE_ENABLED" desc:"Allow creating, modifying and deleting LDAP users via the GRAPH API. This can only be set to 'true' when keeping default settings for the LDAP user and group attribute types (the 'OC_LDAP_USER_SCHEMA_* and 'OC_LDAP_GROUP_SCHEMA_* variables)." introductionVersion:"pre5.0"` RefintEnabled bool `yaml:"refint_enabled" env:"GRAPH_LDAP_REFINT_ENABLED" desc:"Signals that the server has the refint plugin enabled, which makes some actions not needed." introductionVersion:"pre5.0"` - UserBaseDN string `yaml:"user_base_dn" env:"OCIS_LDAP_USER_BASE_DN;GRAPH_LDAP_USER_BASE_DN" desc:"Search base DN for looking up LDAP users." introductionVersion:"pre5.0"` - UserSearchScope string `yaml:"user_search_scope" env:"OCIS_LDAP_USER_SCOPE;GRAPH_LDAP_USER_SCOPE" desc:"LDAP search scope to use when looking up users. Supported scopes are 'base', 'one' and 'sub'." introductionVersion:"pre5.0"` - UserFilter string `yaml:"user_filter" env:"OCIS_LDAP_USER_FILTER;GRAPH_LDAP_USER_FILTER" desc:"LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'." introductionVersion:"pre5.0"` - UserObjectClass string `yaml:"user_objectclass" env:"OCIS_LDAP_USER_OBJECTCLASS;GRAPH_LDAP_USER_OBJECTCLASS" desc:"The object class to use for users in the default user search filter ('inetOrgPerson')." introductionVersion:"pre5.0"` - UserEmailAttribute string `yaml:"user_mail_attribute" env:"OCIS_LDAP_USER_SCHEMA_MAIL;GRAPH_LDAP_USER_EMAIL_ATTRIBUTE" desc:"LDAP Attribute to use for the email address of users." introductionVersion:"pre5.0"` - UserDisplayNameAttribute string `yaml:"user_displayname_attribute" env:"OCIS_LDAP_USER_SCHEMA_DISPLAYNAME;LDAP_USER_SCHEMA_DISPLAY_NAME;GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE" desc:"LDAP Attribute to use for the display name of users." introductionVersion:"pre5.0" deprecationVersion:"7.0.0" removalVersion:"%%NEXT_PRODUCTION_VERSION%%" deprecationInfo:"LDAP_USER_SCHEMA_DISPLAY_NAME changing name for consistency" deprecationReplacement:"OCIS_LDAP_USER_SCHEMA_DISPLAYNAME"` - UserNameAttribute string `yaml:"user_name_attribute" env:"OCIS_LDAP_USER_SCHEMA_USERNAME;GRAPH_LDAP_USER_NAME_ATTRIBUTE" desc:"LDAP Attribute to use for username of users." introductionVersion:"pre5.0"` - UserIDAttribute string `yaml:"user_id_attribute" env:"OCIS_LDAP_USER_SCHEMA_ID;GRAPH_LDAP_USER_UID_ATTRIBUTE" desc:"LDAP Attribute to use as the unique ID for users. This should be a stable globally unique ID like a UUID." introductionVersion:"pre5.0"` - UserIDIsOctetString bool `yaml:"user_id_is_octet_string" env:"OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;GRAPH_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING" desc:"Set this to true if the defined 'ID' attribute for users is of the 'OCTETSTRING' syntax. This is required when using the 'objectGUID' attribute of Active Directory for the user ID's." introductionVersion:"pre5.0"` - UserTypeAttribute string `yaml:"user_type_attribute" env:"OCIS_LDAP_USER_SCHEMA_USER_TYPE;GRAPH_LDAP_USER_TYPE_ATTRIBUTE" desc:"LDAP Attribute to distinguish between 'Member' and 'Guest' users. Default is 'ownCloudUserType'." introductionVersion:"pre5.0"` - UserEnabledAttribute string `yaml:"user_enabled_attribute" env:"OCIS_LDAP_USER_ENABLED_ATTRIBUTE;GRAPH_USER_ENABLED_ATTRIBUTE" desc:"LDAP Attribute to use as a flag telling if the user is enabled or disabled." introductionVersion:"pre5.0"` - DisableUserMechanism string `yaml:"disable_user_mechanism" env:"OCIS_LDAP_DISABLE_USER_MECHANISM;GRAPH_DISABLE_USER_MECHANISM" desc:"An option to control the behavior for disabling users. Supported options are 'none', 'attribute' and 'group'. If set to 'group', disabling a user via API will add the user to the configured group for disabled users, if set to 'attribute' this will be done in the ldap user entry, if set to 'none' the disable request is not processed. Default is 'attribute'." introductionVersion:"pre5.0"` - LdapDisabledUsersGroupDN string `yaml:"ldap_disabled_users_group_dn" env:"OCIS_LDAP_DISABLED_USERS_GROUP_DN;GRAPH_DISABLED_USERS_GROUP_DN" desc:"The distinguished name of the group to which added users will be classified as disabled when 'disable_user_mechanism' is set to 'group'." introductionVersion:"pre5.0"` + UserBaseDN string `yaml:"user_base_dn" env:"OC_LDAP_USER_BASE_DN;GRAPH_LDAP_USER_BASE_DN" desc:"Search base DN for looking up LDAP users." introductionVersion:"pre5.0"` + UserSearchScope string `yaml:"user_search_scope" env:"OC_LDAP_USER_SCOPE;GRAPH_LDAP_USER_SCOPE" desc:"LDAP search scope to use when looking up users. Supported scopes are 'base', 'one' and 'sub'." introductionVersion:"pre5.0"` + UserFilter string `yaml:"user_filter" env:"OC_LDAP_USER_FILTER;GRAPH_LDAP_USER_FILTER" desc:"LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'." introductionVersion:"pre5.0"` + UserObjectClass string `yaml:"user_objectclass" env:"OC_LDAP_USER_OBJECTCLASS;GRAPH_LDAP_USER_OBJECTCLASS" desc:"The object class to use for users in the default user search filter ('inetOrgPerson')." introductionVersion:"pre5.0"` + UserEmailAttribute string `yaml:"user_mail_attribute" env:"OC_LDAP_USER_SCHEMA_MAIL;GRAPH_LDAP_USER_EMAIL_ATTRIBUTE" desc:"LDAP Attribute to use for the email address of users." introductionVersion:"pre5.0"` + UserDisplayNameAttribute string `yaml:"user_displayname_attribute" env:"OC_LDAP_USER_SCHEMA_DISPLAYNAME;LDAP_USER_SCHEMA_DISPLAY_NAME;GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE" desc:"LDAP Attribute to use for the display name of users." introductionVersion:"pre5.0" deprecationVersion:"7.0.0" removalVersion:"%%NEXT_PRODUCTION_VERSION%%" deprecationInfo:"LDAP_USER_SCHEMA_DISPLAY_NAME changing name for consistency" deprecationReplacement:"OC_LDAP_USER_SCHEMA_DISPLAYNAME"` + UserNameAttribute string `yaml:"user_name_attribute" env:"OC_LDAP_USER_SCHEMA_USERNAME;GRAPH_LDAP_USER_NAME_ATTRIBUTE" desc:"LDAP Attribute to use for username of users." introductionVersion:"pre5.0"` + UserIDAttribute string `yaml:"user_id_attribute" env:"OC_LDAP_USER_SCHEMA_ID;GRAPH_LDAP_USER_UID_ATTRIBUTE" desc:"LDAP Attribute to use as the unique ID for users. This should be a stable globally unique ID like a UUID." introductionVersion:"pre5.0"` + UserIDIsOctetString bool `yaml:"user_id_is_octet_string" env:"OC_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;GRAPH_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING" desc:"Set this to true if the defined 'ID' attribute for users is of the 'OCTETSTRING' syntax. This is required when using the 'objectGUID' attribute of Active Directory for the user ID's." introductionVersion:"pre5.0"` + UserTypeAttribute string `yaml:"user_type_attribute" env:"OC_LDAP_USER_SCHEMA_USER_TYPE;GRAPH_LDAP_USER_TYPE_ATTRIBUTE" desc:"LDAP Attribute to distinguish between 'Member' and 'Guest' users. Default is 'ownCloudUserType'." introductionVersion:"pre5.0"` + UserEnabledAttribute string `yaml:"user_enabled_attribute" env:"OC_LDAP_USER_ENABLED_ATTRIBUTE;GRAPH_USER_ENABLED_ATTRIBUTE" desc:"LDAP Attribute to use as a flag telling if the user is enabled or disabled." introductionVersion:"pre5.0"` + DisableUserMechanism string `yaml:"disable_user_mechanism" env:"OC_LDAP_DISABLE_USER_MECHANISM;GRAPH_DISABLE_USER_MECHANISM" desc:"An option to control the behavior for disabling users. Supported options are 'none', 'attribute' and 'group'. If set to 'group', disabling a user via API will add the user to the configured group for disabled users, if set to 'attribute' this will be done in the ldap user entry, if set to 'none' the disable request is not processed. Default is 'attribute'." introductionVersion:"pre5.0"` + LdapDisabledUsersGroupDN string `yaml:"ldap_disabled_users_group_dn" env:"OC_LDAP_DISABLED_USERS_GROUP_DN;GRAPH_DISABLED_USERS_GROUP_DN" desc:"The distinguished name of the group to which added users will be classified as disabled when 'disable_user_mechanism' is set to 'group'." introductionVersion:"pre5.0"` - GroupBaseDN string `yaml:"group_base_dn" env:"OCIS_LDAP_GROUP_BASE_DN;GRAPH_LDAP_GROUP_BASE_DN" desc:"Search base DN for looking up LDAP groups." introductionVersion:"pre5.0"` + GroupBaseDN string `yaml:"group_base_dn" env:"OC_LDAP_GROUP_BASE_DN;GRAPH_LDAP_GROUP_BASE_DN" desc:"Search base DN for looking up LDAP groups." introductionVersion:"pre5.0"` GroupCreateBaseDN string `yaml:"group_create_base_dn" env:"GRAPH_LDAP_GROUP_CREATE_BASE_DN" desc:"Parent DN under which new groups are created. This DN needs to be subordinate to the 'GRAPH_LDAP_GROUP_BASE_DN'. This setting is only relevant when 'GRAPH_LDAP_SERVER_WRITE_ENABLED' is 'true'. It defaults to the value of 'GRAPH_LDAP_GROUP_BASE_DN'. All groups outside of this subtree are treated as readonly groups and cannot be updated." introductionVersion:"pre5.0"` - GroupSearchScope string `yaml:"group_search_scope" env:"OCIS_LDAP_GROUP_SCOPE;GRAPH_LDAP_GROUP_SEARCH_SCOPE" desc:"LDAP search scope to use when looking up groups. Supported scopes are 'base', 'one' and 'sub'." introductionVersion:"pre5.0"` - GroupFilter string `yaml:"group_filter" env:"OCIS_LDAP_GROUP_FILTER;GRAPH_LDAP_GROUP_FILTER" desc:"LDAP filter to add to the default filters for group searches." introductionVersion:"pre5.0"` - GroupObjectClass string `yaml:"group_objectclass" env:"OCIS_LDAP_GROUP_OBJECTCLASS;GRAPH_LDAP_GROUP_OBJECTCLASS" desc:"The object class to use for groups in the default group search filter ('groupOfNames')." introductionVersion:"pre5.0"` - GroupNameAttribute string `yaml:"group_name_attribute" env:"OCIS_LDAP_GROUP_SCHEMA_GROUPNAME;GRAPH_LDAP_GROUP_NAME_ATTRIBUTE" desc:"LDAP Attribute to use for the name of groups." introductionVersion:"pre5.0"` - GroupMemberAttribute string `yaml:"group_member_attribute" env:"OCIS_LDAP_GROUP_SCHEMA_MEMBER;GRAPH_LDAP_GROUP_MEMBER_ATTRIBUTE" desc:"LDAP Attribute that is used for group members." introductionVersion:"pre5.0"` - GroupIDAttribute string `yaml:"group_id_attribute" env:"OCIS_LDAP_GROUP_SCHEMA_ID;GRAPH_LDAP_GROUP_ID_ATTRIBUTE" desc:"LDAP Attribute to use as the unique id for groups. This should be a stable globally unique ID like a UUID." introductionVersion:"pre5.0"` - GroupIDIsOctetString bool `yaml:"group_id_is_octet_string" env:"OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;GRAPH_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING" desc:"Set this to true if the defined 'ID' attribute for groups is of the 'OCTETSTRING' syntax. This is required when using the 'objectGUID' attribute of Active Directory for the group ID's." introductionVersion:"pre5.0"` + GroupSearchScope string `yaml:"group_search_scope" env:"OC_LDAP_GROUP_SCOPE;GRAPH_LDAP_GROUP_SEARCH_SCOPE" desc:"LDAP search scope to use when looking up groups. Supported scopes are 'base', 'one' and 'sub'." introductionVersion:"pre5.0"` + GroupFilter string `yaml:"group_filter" env:"OC_LDAP_GROUP_FILTER;GRAPH_LDAP_GROUP_FILTER" desc:"LDAP filter to add to the default filters for group searches." introductionVersion:"pre5.0"` + GroupObjectClass string `yaml:"group_objectclass" env:"OC_LDAP_GROUP_OBJECTCLASS;GRAPH_LDAP_GROUP_OBJECTCLASS" desc:"The object class to use for groups in the default group search filter ('groupOfNames')." introductionVersion:"pre5.0"` + GroupNameAttribute string `yaml:"group_name_attribute" env:"OC_LDAP_GROUP_SCHEMA_GROUPNAME;GRAPH_LDAP_GROUP_NAME_ATTRIBUTE" desc:"LDAP Attribute to use for the name of groups." introductionVersion:"pre5.0"` + GroupMemberAttribute string `yaml:"group_member_attribute" env:"OC_LDAP_GROUP_SCHEMA_MEMBER;GRAPH_LDAP_GROUP_MEMBER_ATTRIBUTE" desc:"LDAP Attribute that is used for group members." introductionVersion:"pre5.0"` + GroupIDAttribute string `yaml:"group_id_attribute" env:"OC_LDAP_GROUP_SCHEMA_ID;GRAPH_LDAP_GROUP_ID_ATTRIBUTE" desc:"LDAP Attribute to use as the unique id for groups. This should be a stable globally unique ID like a UUID." introductionVersion:"pre5.0"` + GroupIDIsOctetString bool `yaml:"group_id_is_octet_string" env:"OC_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;GRAPH_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING" desc:"Set this to true if the defined 'ID' attribute for groups is of the 'OCTETSTRING' syntax. This is required when using the 'objectGUID' attribute of Active Directory for the group ID's." introductionVersion:"pre5.0"` EducationResourcesEnabled bool `yaml:"education_resources_enabled" env:"GRAPH_LDAP_EDUCATION_RESOURCES_ENABLED" desc:"Enable LDAP support for managing education related resources." introductionVersion:"pre5.0"` EducationConfig LDAPEducationConfig @@ -116,40 +116,40 @@ type API struct { UsernameMatch string `yaml:"graph_username_match" env:"GRAPH_USERNAME_MATCH" desc:"Apply restrictions to usernames. Supported values are 'default' and 'none'. When set to 'default', user names must not start with a number and are restricted to ASCII characters. When set to 'none', no restrictions are applied. The default value is 'default'." introductionVersion:"pre5.0"` AssignDefaultUserRole bool `yaml:"graph_assign_default_user_role" env:"GRAPH_ASSIGN_DEFAULT_USER_ROLE" desc:"Whether to assign newly created users the default role 'User'. Set this to 'false' if you want to assign roles manually, or if the role assignment should happen at first login. Set this to 'true' (the default) to assign the role 'User' when creating a new user." introductionVersion:"pre5.0"` IdentitySearchMinLength int `yaml:"graph_identity_search_min_length" env:"GRAPH_IDENTITY_SEARCH_MIN_LENGTH" desc:"The minimum length the search term needs to have for unprivileged users when searching for users or groups." introductionVersion:"5.0"` - ShowUserEmailInResults bool `yaml:"show_email_in_results" env:"OCIS_SHOW_USER_EMAIL_IN_RESULTS" desc:"Include user email addresses in responses. If absent or set to false emails will be omitted from results. Please note that admin users can always see all email addresses." introductionVersion:"6.0.0"` + ShowUserEmailInResults bool `yaml:"show_email_in_results" env:"OC_SHOW_USER_EMAIL_IN_RESULTS" desc:"Include user email addresses in responses. If absent or set to false emails will be omitted from results. Please note that admin users can always see all email addresses." introductionVersion:"6.0.0"` } // Events combines the configuration options for the event bus. type Events struct { - Endpoint string `yaml:"endpoint" env:"OCIS_EVENTS_ENDPOINT;GRAPH_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Set to a empty string to disable emitting events." introductionVersion:"pre5.0"` - Cluster string `yaml:"cluster" env:"OCIS_EVENTS_CLUSTER;GRAPH_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"pre5.0"` - TLSInsecure bool `yaml:"tls_insecure" env:"OCIS_INSECURE;GRAPH_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"pre5.0"` - TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;GRAPH_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided GRAPH_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"pre5.0"` - EnableTLS bool `yaml:"enable_tls" env:"OCIS_EVENTS_ENABLE_TLS;GRAPH_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"pre5.0"` - AuthUsername string `yaml:"username" env:"OCIS_EVENTS_AUTH_USERNAME;GRAPH_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` - AuthPassword string `yaml:"password" env:"OCIS_EVENTS_AUTH_PASSWORD;GRAPH_EVENTS_AUTH_PASSWORD" desc:"The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` + Endpoint string `yaml:"endpoint" env:"OC_EVENTS_ENDPOINT;GRAPH_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Set to a empty string to disable emitting events." introductionVersion:"pre5.0"` + Cluster string `yaml:"cluster" env:"OC_EVENTS_CLUSTER;GRAPH_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"pre5.0"` + TLSInsecure bool `yaml:"tls_insecure" env:"OC_INSECURE;GRAPH_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"pre5.0"` + TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;GRAPH_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided GRAPH_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"pre5.0"` + EnableTLS bool `yaml:"enable_tls" env:"OC_EVENTS_ENABLE_TLS;GRAPH_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"pre5.0"` + AuthUsername string `yaml:"username" env:"OC_EVENTS_AUTH_USERNAME;GRAPH_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` + AuthPassword string `yaml:"password" env:"OC_EVENTS_AUTH_PASSWORD;GRAPH_EVENTS_AUTH_PASSWORD" desc:"The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` } // CORS defines the available cors configuration. type CORS struct { - AllowedOrigins []string `yaml:"allow_origins" env:"OCIS_CORS_ALLOW_ORIGINS;GRAPH_CORS_ALLOW_ORIGINS" desc:"A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AllowedMethods []string `yaml:"allow_methods" env:"OCIS_CORS_ALLOW_METHODS;GRAPH_CORS_ALLOW_METHODS" desc:"A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AllowedHeaders []string `yaml:"allow_headers" env:"OCIS_CORS_ALLOW_HEADERS;GRAPH_CORS_ALLOW_HEADERS" desc:"A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AllowCredentials bool `yaml:"allow_credentials" env:"OCIS_CORS_ALLOW_CREDENTIALS;GRAPH_CORS_ALLOW_CREDENTIALS" desc:"Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials." introductionVersion:"pre5.0"` + AllowedOrigins []string `yaml:"allow_origins" env:"OC_CORS_ALLOW_ORIGINS;GRAPH_CORS_ALLOW_ORIGINS" desc:"A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowedMethods []string `yaml:"allow_methods" env:"OC_CORS_ALLOW_METHODS;GRAPH_CORS_ALLOW_METHODS" desc:"A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowedHeaders []string `yaml:"allow_headers" env:"OC_CORS_ALLOW_HEADERS;GRAPH_CORS_ALLOW_HEADERS" desc:"A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowCredentials bool `yaml:"allow_credentials" env:"OC_CORS_ALLOW_CREDENTIALS;GRAPH_CORS_ALLOW_CREDENTIALS" desc:"Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials." introductionVersion:"pre5.0"` } // Keycloak configuration type Keycloak struct { - BasePath string `yaml:"base_path" env:"OCIS_KEYCLOAK_BASE_PATH;GRAPH_KEYCLOAK_BASE_PATH" desc:"The URL to access keycloak." introductionVersion:"pre5.0"` - ClientID string `yaml:"client_id" env:"OCIS_KEYCLOAK_CLIENT_ID;GRAPH_KEYCLOAK_CLIENT_ID" desc:"The client id to authenticate with keycloak." introductionVersion:"pre5.0"` - ClientSecret string `yaml:"client_secret" env:"OCIS_KEYCLOAK_CLIENT_SECRET;GRAPH_KEYCLOAK_CLIENT_SECRET" desc:"The client secret to use in authentication." introductionVersion:"pre5.0"` - ClientRealm string `yaml:"client_realm" env:"OCIS_KEYCLOAK_CLIENT_REALM;GRAPH_KEYCLOAK_CLIENT_REALM" desc:"The realm the client is defined in." introductionVersion:"pre5.0"` - UserRealm string `yaml:"user_realm" env:"OCIS_KEYCLOAK_USER_REALM;GRAPH_KEYCLOAK_USER_REALM" desc:"The realm users are defined." introductionVersion:"pre5.0"` - InsecureSkipVerify bool `yaml:"insecure_skip_verify" env:"OCIS_KEYCLOAK_INSECURE_SKIP_VERIFY;GRAPH_KEYCLOAK_INSECURE_SKIP_VERIFY" desc:"Disable TLS certificate validation for Keycloak connections. Do not set this in production environments." introductionVersion:"pre5.0"` + BasePath string `yaml:"base_path" env:"OC_KEYCLOAK_BASE_PATH;GRAPH_KEYCLOAK_BASE_PATH" desc:"The URL to access keycloak." introductionVersion:"pre5.0"` + ClientID string `yaml:"client_id" env:"OC_KEYCLOAK_CLIENT_ID;GRAPH_KEYCLOAK_CLIENT_ID" desc:"The client id to authenticate with keycloak." introductionVersion:"pre5.0"` + ClientSecret string `yaml:"client_secret" env:"OC_KEYCLOAK_CLIENT_SECRET;GRAPH_KEYCLOAK_CLIENT_SECRET" desc:"The client secret to use in authentication." introductionVersion:"pre5.0"` + ClientRealm string `yaml:"client_realm" env:"OC_KEYCLOAK_CLIENT_REALM;GRAPH_KEYCLOAK_CLIENT_REALM" desc:"The realm the client is defined in." introductionVersion:"pre5.0"` + UserRealm string `yaml:"user_realm" env:"OC_KEYCLOAK_USER_REALM;GRAPH_KEYCLOAK_USER_REALM" desc:"The realm users are defined." introductionVersion:"pre5.0"` + InsecureSkipVerify bool `yaml:"insecure_skip_verify" env:"OC_KEYCLOAK_INSECURE_SKIP_VERIFY;GRAPH_KEYCLOAK_INSECURE_SKIP_VERIFY" desc:"Disable TLS certificate validation for Keycloak connections. Do not set this in production environments." introductionVersion:"pre5.0"` } // ServiceAccount is the configuration for the used service account type ServiceAccount struct { - ServiceAccountID string `yaml:"service_account_id" env:"OCIS_SERVICE_ACCOUNT_ID;GRAPH_SERVICE_ACCOUNT_ID" desc:"The ID of the service account the service should use. See the 'auth-service' service description for more details." introductionVersion:"5.0"` - ServiceAccountSecret string `yaml:"service_account_secret" env:"OCIS_SERVICE_ACCOUNT_SECRET;GRAPH_SERVICE_ACCOUNT_SECRET" desc:"The service account secret." introductionVersion:"5.0"` + ServiceAccountID string `yaml:"service_account_id" env:"OC_SERVICE_ACCOUNT_ID;GRAPH_SERVICE_ACCOUNT_ID" desc:"The ID of the service account the service should use. See the 'auth-service' service description for more details." introductionVersion:"5.0"` + ServiceAccountSecret string `yaml:"service_account_secret" env:"OC_SERVICE_ACCOUNT_SECRET;GRAPH_SERVICE_ACCOUNT_SECRET" desc:"The service account secret." introductionVersion:"5.0"` } diff --git a/services/graph/pkg/config/log.go b/services/graph/pkg/config/log.go index 0bd642e0e..aea53c1e3 100644 --- a/services/graph/pkg/config/log.go +++ b/services/graph/pkg/config/log.go @@ -2,8 +2,8 @@ package config // Log defines the available log configuration. type Log struct { - Level string `mapstructure:"level" env:"OCIS_LOG_LEVEL;GRAPH_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` - Pretty bool `mapstructure:"pretty" env:"OCIS_LOG_PRETTY;GRAPH_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` - Color bool `mapstructure:"color" env:"OCIS_LOG_COLOR;GRAPH_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` - File string `mapstructure:"file" env:"OCIS_LOG_FILE;GRAPH_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` + Level string `mapstructure:"level" env:"OC_LOG_LEVEL;GRAPH_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` + Pretty bool `mapstructure:"pretty" env:"OC_LOG_PRETTY;GRAPH_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` + Color bool `mapstructure:"color" env:"OC_LOG_COLOR;GRAPH_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` + File string `mapstructure:"file" env:"OC_LOG_FILE;GRAPH_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` } diff --git a/services/graph/pkg/config/reva.go b/services/graph/pkg/config/reva.go index 646c3f36e..13a2730b4 100644 --- a/services/graph/pkg/config/reva.go +++ b/services/graph/pkg/config/reva.go @@ -2,5 +2,5 @@ package config // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;GRAPH_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` + JWTSecret string `yaml:"jwt_secret" env:"OC_JWT_SECRET;GRAPH_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` } diff --git a/services/graph/pkg/config/tracing.go b/services/graph/pkg/config/tracing.go index 0c3f2d7c5..128be1ee2 100644 --- a/services/graph/pkg/config/tracing.go +++ b/services/graph/pkg/config/tracing.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/tracing" // Tracing defines the available tracing configuration. type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;GRAPH_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;GRAPH_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;GRAPH_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;GRAPH_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;GRAPH_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;GRAPH_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;GRAPH_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;GRAPH_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` } // Convert Tracing to the tracing package's Config struct. diff --git a/services/groups/pkg/config/config.go b/services/groups/pkg/config/config.go index 161443a7e..7865793e8 100644 --- a/services/groups/pkg/config/config.go +++ b/services/groups/pkg/config/config.go @@ -27,10 +27,10 @@ type Config struct { } type Log struct { - Level string `yaml:"level" env:"OCIS_LOG_LEVEL;GROUPS_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` - Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;GROUPS_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` - Color bool `yaml:"color" env:"OCIS_LOG_COLOR;GROUPS_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` - File string `yaml:"file" env:"OCIS_LOG_FILE;GROUPS_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` + Level string `yaml:"level" env:"OC_LOG_LEVEL;GROUPS_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` + Pretty bool `yaml:"pretty" env:"OC_LOG_PRETTY;GROUPS_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` + Color bool `yaml:"color" env:"OC_LOG_COLOR;GROUPS_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` + File string `yaml:"file" env:"OC_LOG_FILE;GROUPS_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` } type Service struct { @@ -48,7 +48,7 @@ type GRPCConfig struct { Addr string `yaml:"addr" env:"GROUPS_GRPC_ADDR" desc:"The bind address of the GRPC service." introductionVersion:"pre5.0"` TLS *shared.GRPCServiceTLS `yaml:"tls"` Namespace string `yaml:"-"` - Protocol string `yaml:"protocol" env:"OCIS_GRPC_PROTOCOL;GROUPS_GRPC_PROTOCOL" desc:"The transport protocol of the GRPC service." introductionVersion:"pre5.0"` + Protocol string `yaml:"protocol" env:"OC_GRPC_PROTOCOL;GROUPS_GRPC_PROTOCOL" desc:"The transport protocol of the GRPC service." introductionVersion:"pre5.0"` } type Drivers struct { @@ -60,40 +60,40 @@ type Drivers struct { } type LDAPDriver struct { - URI string `yaml:"uri" env:"OCIS_LDAP_URI;GROUPS_LDAP_URI" desc:"URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' and 'ldap://'" introductionVersion:"pre5.0"` - CACert string `yaml:"ca_cert" env:"OCIS_LDAP_CACERT;GROUPS_LDAP_CACERT" desc:"Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/idm." introductionVersion:"pre5.0"` - Insecure bool `yaml:"insecure" env:"OCIS_LDAP_INSECURE;GROUPS_LDAP_INSECURE" desc:"Disable TLS certificate validation for the LDAP connections. Do not set this in production environments." introductionVersion:"pre5.0"` - BindDN string `yaml:"bind_dn" env:"OCIS_LDAP_BIND_DN;GROUPS_LDAP_BIND_DN" desc:"LDAP DN to use for simple bind authentication with the target LDAP server." introductionVersion:"pre5.0"` - BindPassword string `yaml:"bind_password" env:"OCIS_LDAP_BIND_PASSWORD;GROUPS_LDAP_BIND_PASSWORD" desc:"Password to use for authenticating the 'bind_dn'." introductionVersion:"pre5.0"` - UserBaseDN string `yaml:"user_base_dn" env:"OCIS_LDAP_USER_BASE_DN;GROUPS_LDAP_USER_BASE_DN" desc:"Search base DN for looking up LDAP users." introductionVersion:"pre5.0"` - GroupBaseDN string `yaml:"group_base_dn" env:"OCIS_LDAP_GROUP_BASE_DN;GROUPS_LDAP_GROUP_BASE_DN" desc:"Search base DN for looking up LDAP groups." introductionVersion:"pre5.0"` - UserScope string `yaml:"user_scope" env:"OCIS_LDAP_USER_SCOPE;GROUPS_LDAP_USER_SCOPE" desc:"LDAP search scope to use when looking up users. Supported scopes are 'base', 'one' and 'sub'." introductionVersion:"pre5.0"` - GroupScope string `yaml:"group_scope" env:"OCIS_LDAP_GROUP_SCOPE;GROUPS_LDAP_GROUP_SCOPE" desc:"LDAP search scope to use when looking up groups. Supported scopes are 'base', 'one' and 'sub'." introductionVersion:"pre5.0"` + URI string `yaml:"uri" env:"OC_LDAP_URI;GROUPS_LDAP_URI" desc:"URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' and 'ldap://'" introductionVersion:"pre5.0"` + CACert string `yaml:"ca_cert" env:"OC_LDAP_CACERT;GROUPS_LDAP_CACERT" desc:"Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idm." introductionVersion:"pre5.0"` + Insecure bool `yaml:"insecure" env:"OC_LDAP_INSECURE;GROUPS_LDAP_INSECURE" desc:"Disable TLS certificate validation for the LDAP connections. Do not set this in production environments." introductionVersion:"pre5.0"` + BindDN string `yaml:"bind_dn" env:"OC_LDAP_BIND_DN;GROUPS_LDAP_BIND_DN" desc:"LDAP DN to use for simple bind authentication with the target LDAP server." introductionVersion:"pre5.0"` + BindPassword string `yaml:"bind_password" env:"OC_LDAP_BIND_PASSWORD;GROUPS_LDAP_BIND_PASSWORD" desc:"Password to use for authenticating the 'bind_dn'." introductionVersion:"pre5.0"` + UserBaseDN string `yaml:"user_base_dn" env:"OC_LDAP_USER_BASE_DN;GROUPS_LDAP_USER_BASE_DN" desc:"Search base DN for looking up LDAP users." introductionVersion:"pre5.0"` + GroupBaseDN string `yaml:"group_base_dn" env:"OC_LDAP_GROUP_BASE_DN;GROUPS_LDAP_GROUP_BASE_DN" desc:"Search base DN for looking up LDAP groups." introductionVersion:"pre5.0"` + UserScope string `yaml:"user_scope" env:"OC_LDAP_USER_SCOPE;GROUPS_LDAP_USER_SCOPE" desc:"LDAP search scope to use when looking up users. Supported scopes are 'base', 'one' and 'sub'." introductionVersion:"pre5.0"` + GroupScope string `yaml:"group_scope" env:"OC_LDAP_GROUP_SCOPE;GROUPS_LDAP_GROUP_SCOPE" desc:"LDAP search scope to use when looking up groups. Supported scopes are 'base', 'one' and 'sub'." introductionVersion:"pre5.0"` GroupSubstringFilterType string `yaml:"group_substring_filter_type" env:"LDAP_GROUP_SUBSTRING_FILTER_TYPE;GROUPS_LDAP_GROUP_SUBSTRING_FILTER_TYPE" desc:"Type of substring search filter to use for substring searches for groups. Supported values are 'initial', 'final' and 'any'. The value 'initial' is used for doing prefix only searches, 'final' for doing suffix only searches or 'any' for doing full substring searches" introductionVersion:"pre5.0"` - UserFilter string `yaml:"user_filter" env:"OCIS_LDAP_USER_FILTER;GROUPS_LDAP_USER_FILTER" desc:"LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'." introductionVersion:"pre5.0"` - GroupFilter string `yaml:"group_filter" env:"OCIS_LDAP_GROUP_FILTER;GROUPS_LDAP_GROUP_FILTER" desc:"LDAP filter to add to the default filters for group searches." introductionVersion:"pre5.0"` - UserObjectClass string `yaml:"user_object_class" env:"OCIS_LDAP_USER_OBJECTCLASS;GROUPS_LDAP_USER_OBJECTCLASS" desc:"The object class to use for users in the default user search filter ('inetOrgPerson')." introductionVersion:"pre5.0"` - GroupObjectClass string `yaml:"group_object_class" env:"OCIS_LDAP_GROUP_OBJECTCLASS;GROUPS_LDAP_GROUP_OBJECTCLASS" desc:"The object class to use for groups in the default group search filter ('groupOfNames')." introductionVersion:"pre5.0"` - IDP string `yaml:"idp" env:"OCIS_URL;OCIS_OIDC_ISSUER;GROUPS_IDP_URL" desc:"The identity provider value to set in the group IDs of the CS3 group objects for groups returned by this group provider." introductionVersion:"pre5.0"` + UserFilter string `yaml:"user_filter" env:"OC_LDAP_USER_FILTER;GROUPS_LDAP_USER_FILTER" desc:"LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'." introductionVersion:"pre5.0"` + GroupFilter string `yaml:"group_filter" env:"OC_LDAP_GROUP_FILTER;GROUPS_LDAP_GROUP_FILTER" desc:"LDAP filter to add to the default filters for group searches." introductionVersion:"pre5.0"` + UserObjectClass string `yaml:"user_object_class" env:"OC_LDAP_USER_OBJECTCLASS;GROUPS_LDAP_USER_OBJECTCLASS" desc:"The object class to use for users in the default user search filter ('inetOrgPerson')." introductionVersion:"pre5.0"` + GroupObjectClass string `yaml:"group_object_class" env:"OC_LDAP_GROUP_OBJECTCLASS;GROUPS_LDAP_GROUP_OBJECTCLASS" desc:"The object class to use for groups in the default group search filter ('groupOfNames')." introductionVersion:"pre5.0"` + IDP string `yaml:"idp" env:"OC_URL;OC_OIDC_ISSUER;GROUPS_IDP_URL" desc:"The identity provider value to set in the group IDs of the CS3 group objects for groups returned by this group provider." introductionVersion:"pre5.0"` UserSchema LDAPUserSchema `yaml:"user_schema"` GroupSchema LDAPGroupSchema `yaml:"group_schema"` } type LDAPUserSchema struct { - ID string `yaml:"id" env:"OCIS_LDAP_USER_SCHEMA_ID;GROUPS_LDAP_USER_SCHEMA_ID" desc:"LDAP Attribute to use as the unique id for users. This should be a stable globally unique id like a UUID." introductionVersion:"pre5.0"` - IDIsOctetString bool `yaml:"id_is_octet_string" env:"OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;GROUPS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING" desc:"Set this to true if the defined 'ID' attribute for users is of the 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute of Active Directory for the user ID's." introductionVersion:"pre5.0"` - Mail string `yaml:"mail" env:"OCIS_LDAP_USER_SCHEMA_MAIL;GROUPS_LDAP_USER_SCHEMA_MAIL" desc:"LDAP Attribute to use for the email address of users." introductionVersion:"pre5.0"` - DisplayName string `yaml:"display_name" env:"OCIS_LDAP_USER_SCHEMA_DISPLAYNAME;GROUPS_LDAP_USER_SCHEMA_DISPLAYNAME" desc:"LDAP Attribute to use for the displayname of users." introductionVersion:"pre5.0"` - Username string `yaml:"user_name" env:"OCIS_LDAP_USER_SCHEMA_USERNAME;GROUPS_LDAP_USER_SCHEMA_USERNAME" desc:"LDAP Attribute to use for username of users." introductionVersion:"pre5.0"` + ID string `yaml:"id" env:"OC_LDAP_USER_SCHEMA_ID;GROUPS_LDAP_USER_SCHEMA_ID" desc:"LDAP Attribute to use as the unique id for users. This should be a stable globally unique id like a UUID." introductionVersion:"pre5.0"` + IDIsOctetString bool `yaml:"id_is_octet_string" env:"OC_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;GROUPS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING" desc:"Set this to true if the defined 'ID' attribute for users is of the 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute of Active Directory for the user ID's." introductionVersion:"pre5.0"` + Mail string `yaml:"mail" env:"OC_LDAP_USER_SCHEMA_MAIL;GROUPS_LDAP_USER_SCHEMA_MAIL" desc:"LDAP Attribute to use for the email address of users." introductionVersion:"pre5.0"` + DisplayName string `yaml:"display_name" env:"OC_LDAP_USER_SCHEMA_DISPLAYNAME;GROUPS_LDAP_USER_SCHEMA_DISPLAYNAME" desc:"LDAP Attribute to use for the displayname of users." introductionVersion:"pre5.0"` + Username string `yaml:"user_name" env:"OC_LDAP_USER_SCHEMA_USERNAME;GROUPS_LDAP_USER_SCHEMA_USERNAME" desc:"LDAP Attribute to use for username of users." introductionVersion:"pre5.0"` } type LDAPGroupSchema struct { - ID string `yaml:"id" env:"OCIS_LDAP_GROUP_SCHEMA_ID;GROUPS_LDAP_GROUP_SCHEMA_ID" desc:"LDAP Attribute to use as the unique id for groups. This should be a stable globally unique ID like a UUID." introductionVersion:"pre5.0"` - IDIsOctetString bool `yaml:"id_is_octet_string" env:"OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;GROUPS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING" desc:"Set this to true if the defined 'id' attribute for groups is of the 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute of Active Directory for the group ID's." introductionVersion:"pre5.0"` - Mail string `yaml:"mail" env:"OCIS_LDAP_GROUP_SCHEMA_MAIL;GROUPS_LDAP_GROUP_SCHEMA_MAIL" desc:"LDAP Attribute to use for the email address of groups (can be empty)." introductionVersion:"pre5.0"` - DisplayName string `yaml:"display_name" env:"OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME;GROUPS_LDAP_GROUP_SCHEMA_DISPLAYNAME" desc:"LDAP Attribute to use for the displayname of groups (often the same as groupname attribute)." introductionVersion:"pre5.0"` - Groupname string `yaml:"group_name" env:"OCIS_LDAP_GROUP_SCHEMA_GROUPNAME;GROUPS_LDAP_GROUP_SCHEMA_GROUPNAME" desc:"LDAP Attribute to use for the name of groups." introductionVersion:"pre5.0"` - Member string `yaml:"member" env:"OCIS_LDAP_GROUP_SCHEMA_MEMBER;GROUPS_LDAP_GROUP_SCHEMA_MEMBER" desc:"LDAP Attribute that is used for group members." introductionVersion:"pre5.0"` + ID string `yaml:"id" env:"OC_LDAP_GROUP_SCHEMA_ID;GROUPS_LDAP_GROUP_SCHEMA_ID" desc:"LDAP Attribute to use as the unique id for groups. This should be a stable globally unique ID like a UUID." introductionVersion:"pre5.0"` + IDIsOctetString bool `yaml:"id_is_octet_string" env:"OC_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;GROUPS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING" desc:"Set this to true if the defined 'id' attribute for groups is of the 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute of Active Directory for the group ID's." introductionVersion:"pre5.0"` + Mail string `yaml:"mail" env:"OC_LDAP_GROUP_SCHEMA_MAIL;GROUPS_LDAP_GROUP_SCHEMA_MAIL" desc:"LDAP Attribute to use for the email address of groups (can be empty)." introductionVersion:"pre5.0"` + DisplayName string `yaml:"display_name" env:"OC_LDAP_GROUP_SCHEMA_DISPLAYNAME;GROUPS_LDAP_GROUP_SCHEMA_DISPLAYNAME" desc:"LDAP Attribute to use for the displayname of groups (often the same as groupname attribute)." introductionVersion:"pre5.0"` + Groupname string `yaml:"group_name" env:"OC_LDAP_GROUP_SCHEMA_GROUPNAME;GROUPS_LDAP_GROUP_SCHEMA_GROUPNAME" desc:"LDAP Attribute to use for the name of groups." introductionVersion:"pre5.0"` + Member string `yaml:"member" env:"OC_LDAP_GROUP_SCHEMA_MEMBER;GROUPS_LDAP_GROUP_SCHEMA_MEMBER" desc:"LDAP Attribute that is used for group members." introductionVersion:"pre5.0"` } type OwnCloudSQLDriver struct { diff --git a/services/groups/pkg/config/reva.go b/services/groups/pkg/config/reva.go index 1d2822422..6668c3020 100644 --- a/services/groups/pkg/config/reva.go +++ b/services/groups/pkg/config/reva.go @@ -2,5 +2,5 @@ package config // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;GROUPS_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` + JWTSecret string `yaml:"jwt_secret" env:"OC_JWT_SECRET;GROUPS_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` } diff --git a/services/groups/pkg/config/tracing.go b/services/groups/pkg/config/tracing.go index 0304cec21..dd585c16f 100644 --- a/services/groups/pkg/config/tracing.go +++ b/services/groups/pkg/config/tracing.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/tracing" // Tracing contains the tracing configuration. type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;GROUPS_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;GROUPS_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;GROUPS_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;GROUPS_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;GROUPS_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;GROUPS_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;GROUPS_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;GROUPS_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` } // Convert Tracing to the tracing package's Config struct. diff --git a/services/idm/pkg/config/config.go b/services/idm/pkg/config/config.go index 20868bc80..9251794e2 100644 --- a/services/idm/pkg/config/config.go +++ b/services/idm/pkg/config/config.go @@ -18,19 +18,19 @@ type Config struct { IDM Settings `yaml:"idm"` CreateDemoUsers bool `yaml:"create_demo_users" env:"IDM_CREATE_DEMO_USERS" desc:"Flag to enable or disable the creation of the demo users." introductionVersion:"pre5.0"` - DemoUsersIssuerUrl string `yaml:"demo_users_issuer_url" env:"OCIS_URL;OCIS_OIDC_ISSUER" desc:"The OIDC issuer URL to assign to the demo users." introductionVersion:"pre5.0"` + DemoUsersIssuerUrl string `yaml:"demo_users_issuer_url" env:"OC_URL;OC_OIDC_ISSUER" desc:"The OIDC issuer URL to assign to the demo users." introductionVersion:"pre5.0"` ServiceUserPasswords ServiceUserPasswords `yaml:"service_user_passwords"` - AdminUserID string `yaml:"admin_user_id" env:"OCIS_ADMIN_USER_ID;IDM_ADMIN_USER_ID" desc:"ID of the user that should receive admin privileges. Consider that the UUID can be encoded in some LDAP deployment configurations like in .ldif files. These need to be decoded beforehand." introductionVersion:"pre5.0"` + AdminUserID string `yaml:"admin_user_id" env:"OC_ADMIN_USER_ID;IDM_ADMIN_USER_ID" desc:"ID of the user that should receive admin privileges. Consider that the UUID can be encoded in some LDAP deployment configurations like in .ldif files. These need to be decoded beforehand." introductionVersion:"pre5.0"` Context context.Context `yaml:"-"` } type Settings struct { LDAPSAddr string `yaml:"ldaps_addr" env:"IDM_LDAPS_ADDR" desc:"Listen address for the LDAPS listener (ip-addr:port)." introductionVersion:"pre5.0"` - Cert string `yaml:"cert" env:"IDM_LDAPS_CERT" desc:"File name of the TLS server certificate for the LDAPS listener. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/idm." introductionVersion:"pre5.0"` - Key string `yaml:"key" env:"IDM_LDAPS_KEY" desc:"File name for the TLS certificate key for the server certificate. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/idm." introductionVersion:"pre5.0"` - DatabasePath string `yaml:"database" env:"IDM_DATABASE_PATH" desc:"Full path to the IDM backend database. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/idm." introductionVersion:"pre5.0"` + Cert string `yaml:"cert" env:"IDM_LDAPS_CERT" desc:"File name of the TLS server certificate for the LDAPS listener. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idm." introductionVersion:"pre5.0"` + Key string `yaml:"key" env:"IDM_LDAPS_KEY" desc:"File name for the TLS certificate key for the server certificate. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idm." introductionVersion:"pre5.0"` + DatabasePath string `yaml:"database" env:"IDM_DATABASE_PATH" desc:"Full path to the IDM backend database. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idm." introductionVersion:"pre5.0"` } type ServiceUserPasswords struct { diff --git a/services/idm/pkg/config/log.go b/services/idm/pkg/config/log.go index d3d51bf56..76147e232 100644 --- a/services/idm/pkg/config/log.go +++ b/services/idm/pkg/config/log.go @@ -2,8 +2,8 @@ package config // Log defines the available log configuration. type Log struct { - Level string `mapstructure:"level" env:"OCIS_LOG_LEVEL;IDM_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` - Pretty bool `mapstructure:"pretty" env:"OCIS_LOG_PRETTY;IDM_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` - Color bool `mapstructure:"color" env:"OCIS_LOG_COLOR;IDM_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` - File string `mapstructure:"file" env:"OCIS_LOG_FILE;IDM_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0" introductionVersion:"pre5.0"` + Level string `mapstructure:"level" env:"OC_LOG_LEVEL;IDM_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` + Pretty bool `mapstructure:"pretty" env:"OC_LOG_PRETTY;IDM_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` + Color bool `mapstructure:"color" env:"OC_LOG_COLOR;IDM_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` + File string `mapstructure:"file" env:"OC_LOG_FILE;IDM_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0" introductionVersion:"pre5.0"` } diff --git a/services/idm/pkg/config/tracing.go b/services/idm/pkg/config/tracing.go index 9ee95436b..4e86bb412 100644 --- a/services/idm/pkg/config/tracing.go +++ b/services/idm/pkg/config/tracing.go @@ -2,8 +2,8 @@ package config // Tracing defines the available tracing configuration. type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;IDM_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;IDM_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;IDM_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;IDM_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;IDM_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;IDM_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;IDM_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;IDM_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` } diff --git a/services/idp/pkg/config/config.go b/services/idp/pkg/config/config.go index 8ffbfeae7..d317c5b20 100644 --- a/services/idp/pkg/config/config.go +++ b/services/idp/pkg/config/config.go @@ -21,7 +21,7 @@ type Config struct { Reva *shared.Reva `yaml:"reva"` - MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY;IDP_MACHINE_AUTH_API_KEY" desc:"Machine auth API key used to validate internal requests necessary for the access to resources from other services." introductionVersion:"pre5.0"` + MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OC_MACHINE_AUTH_API_KEY;IDP_MACHINE_AUTH_API_KEY" desc:"Machine auth API key used to validate internal requests necessary for the access to resources from other services." introductionVersion:"pre5.0"` Asset Asset `yaml:"asset"` IDP Settings `yaml:"idp"` @@ -33,24 +33,24 @@ type Config struct { // Ldap defines the available LDAP configuration. type Ldap struct { - URI string `yaml:"uri" env:"OCIS_LDAP_URI;IDP_LDAP_URI" desc:"Url of the LDAP service to use as IDP." introductionVersion:"pre5.0"` - TLSCACert string `yaml:"cacert" env:"OCIS_LDAP_CACERT;IDP_LDAP_TLS_CACERT" desc:"Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/idp." introductionVersion:"pre5.0"` + URI string `yaml:"uri" env:"OC_LDAP_URI;IDP_LDAP_URI" desc:"Url of the LDAP service to use as IDP." introductionVersion:"pre5.0"` + TLSCACert string `yaml:"cacert" env:"OC_LDAP_CACERT;IDP_LDAP_TLS_CACERT" desc:"Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idp." introductionVersion:"pre5.0"` - BindDN string `yaml:"bind_dn" env:"OCIS_LDAP_BIND_DN;IDP_LDAP_BIND_DN" desc:"LDAP DN to use for simple bind authentication with the target LDAP server." introductionVersion:"pre5.0"` - BindPassword string `yaml:"bind_password" env:"OCIS_LDAP_BIND_PASSWORD;IDP_LDAP_BIND_PASSWORD" desc:"Password to use for authenticating the 'bind_dn'." introductionVersion:"pre5.0"` + BindDN string `yaml:"bind_dn" env:"OC_LDAP_BIND_DN;IDP_LDAP_BIND_DN" desc:"LDAP DN to use for simple bind authentication with the target LDAP server." introductionVersion:"pre5.0"` + BindPassword string `yaml:"bind_password" env:"OC_LDAP_BIND_PASSWORD;IDP_LDAP_BIND_PASSWORD" desc:"Password to use for authenticating the 'bind_dn'." introductionVersion:"pre5.0"` - BaseDN string `yaml:"base_dn" env:"OCIS_LDAP_USER_BASE_DN;IDP_LDAP_BASE_DN" desc:"Search base DN for looking up LDAP users." introductionVersion:"pre5.0"` - Scope string `yaml:"scope" env:"OCIS_LDAP_USER_SCOPE;IDP_LDAP_SCOPE" desc:"LDAP search scope to use when looking up users. Supported scopes are 'base', 'one' and 'sub'." introductionVersion:"pre5.0"` + BaseDN string `yaml:"base_dn" env:"OC_LDAP_USER_BASE_DN;IDP_LDAP_BASE_DN" desc:"Search base DN for looking up LDAP users." introductionVersion:"pre5.0"` + Scope string `yaml:"scope" env:"OC_LDAP_USER_SCOPE;IDP_LDAP_SCOPE" desc:"LDAP search scope to use when looking up users. Supported scopes are 'base', 'one' and 'sub'." introductionVersion:"pre5.0"` LoginAttribute string `yaml:"login_attribute" env:"IDP_LDAP_LOGIN_ATTRIBUTE" desc:"LDAP User attribute to use for login like 'uid'." introductionVersion:"pre5.0"` - EmailAttribute string `yaml:"email_attribute" env:"OCIS_LDAP_USER_SCHEMA_MAIL;IDP_LDAP_EMAIL_ATTRIBUTE" desc:"LDAP User email attribute like 'mail'." introductionVersion:"pre5.0"` - NameAttribute string `yaml:"name_attribute" env:"OCIS_LDAP_USER_SCHEMA_USERNAME;IDP_LDAP_NAME_ATTRIBUTE" desc:"LDAP User name attribute like 'displayName'." introductionVersion:"pre5.0"` - UUIDAttribute string `yaml:"uuid_attribute" env:"OCIS_LDAP_USER_SCHEMA_ID;IDP_LDAP_UUID_ATTRIBUTE" desc:"LDAP User UUID attribute like 'uid'." introductionVersion:"pre5.0"` + EmailAttribute string `yaml:"email_attribute" env:"OC_LDAP_USER_SCHEMA_MAIL;IDP_LDAP_EMAIL_ATTRIBUTE" desc:"LDAP User email attribute like 'mail'." introductionVersion:"pre5.0"` + NameAttribute string `yaml:"name_attribute" env:"OC_LDAP_USER_SCHEMA_USERNAME;IDP_LDAP_NAME_ATTRIBUTE" desc:"LDAP User name attribute like 'displayName'." introductionVersion:"pre5.0"` + UUIDAttribute string `yaml:"uuid_attribute" env:"OC_LDAP_USER_SCHEMA_ID;IDP_LDAP_UUID_ATTRIBUTE" desc:"LDAP User UUID attribute like 'uid'." introductionVersion:"pre5.0"` UUIDAttributeType string `yaml:"uuid_attribute_type" env:"IDP_LDAP_UUID_ATTRIBUTE_TYPE" desc:"LDAP User uuid attribute type like 'text'." introductionVersion:"pre5.0"` - UserEnabledAttribute string `yaml:"user_enabled_attribute" env:"OCIS_LDAP_USER_ENABLED_ATTRIBUTE;IDP_USER_ENABLED_ATTRIBUTE" desc:"LDAP Attribute to use as a flag telling if the user is enabled or disabled." introductionVersion:"pre5.0"` - Filter string `yaml:"filter" env:"OCIS_LDAP_USER_FILTER;IDP_LDAP_FILTER" desc:"LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'." introductionVersion:"pre5.0"` - ObjectClass string `yaml:"objectclass" env:"OCIS_LDAP_USER_OBJECTCLASS;IDP_LDAP_OBJECTCLASS" desc:"LDAP User ObjectClass like 'inetOrgPerson'." introductionVersion:"pre5.0"` + UserEnabledAttribute string `yaml:"user_enabled_attribute" env:"OC_LDAP_USER_ENABLED_ATTRIBUTE;IDP_USER_ENABLED_ATTRIBUTE" desc:"LDAP Attribute to use as a flag telling if the user is enabled or disabled." introductionVersion:"pre5.0"` + Filter string `yaml:"filter" env:"OC_LDAP_USER_FILTER;IDP_LDAP_FILTER" desc:"LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'." introductionVersion:"pre5.0"` + ObjectClass string `yaml:"objectclass" env:"OC_LDAP_USER_OBJECTCLASS;IDP_LDAP_OBJECTCLASS" desc:"LDAP User ObjectClass like 'inetOrgPerson'." introductionVersion:"pre5.0"` } // Asset defines the available asset configuration. @@ -70,7 +70,7 @@ type Client struct { } type Settings struct { - Iss string `yaml:"iss" env:"OCIS_URL;OCIS_OIDC_ISSUER;IDP_ISS" desc:"The OIDC issuer URL to use." introductionVersion:"pre5.0"` + Iss string `yaml:"iss" env:"OC_URL;OC_OIDC_ISSUER;IDP_ISS" desc:"The OIDC issuer URL to use." introductionVersion:"pre5.0"` IdentityManager string `yaml:"identity_manager" env:"IDP_IDENTITY_MANAGER" desc:"The identity manager implementation to use. Supported identity managers are 'ldap', 'cs3', 'libregraph' and 'guest'." introductionVersion:"pre5.0"` @@ -82,7 +82,7 @@ type Settings struct { AuthorizationEndpointURI string `yaml:"authorization_endpoint_uri" env:"IDP_ENDPOINT_URI" desc:"URL of the IDP endpoint." introductionVersion:"pre5.0"` EndsessionEndpointURI string `yaml:"-"` // unused, not supported by lico-idp - Insecure bool `yaml:"ldap_insecure" env:"OCIS_LDAP_INSECURE;IDP_INSECURE" desc:"Disable TLS certificate validation for the LDAP connections. Do not set this in production environments." introductionVersion:"pre5.0"` + Insecure bool `yaml:"ldap_insecure" env:"OC_LDAP_INSECURE;IDP_INSECURE" desc:"Disable TLS certificate validation for the LDAP connections. Do not set this in production environments." introductionVersion:"pre5.0"` TrustedProxy []string `yaml:"trusted_proxy"` //TODO: how to configure this via env? @@ -90,7 +90,7 @@ type Settings struct { AllowClientGuests bool `yaml:"allow_client_guests" env:"IDP_ALLOW_CLIENT_GUESTS" desc:"Allow guest clients to access oCIS." introductionVersion:"pre5.0"` AllowDynamicClientRegistration bool `yaml:"allow_dynamic_client_registration" env:"IDP_ALLOW_DYNAMIC_CLIENT_REGISTRATION" desc:"Allow dynamic client registration." introductionVersion:"pre5.0"` - EncryptionSecretFile string `yaml:"encrypt_secret_file" env:"IDP_ENCRYPTION_SECRET_FILE" desc:"Path to the encryption secret file, if unset, a new certificate will be autogenerated upon each restart, thus invalidating all existing sessions. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/idp." introductionVersion:"pre5.0"` + EncryptionSecretFile string `yaml:"encrypt_secret_file" env:"IDP_ENCRYPTION_SECRET_FILE" desc:"Path to the encryption secret file, if unset, a new certificate will be autogenerated upon each restart, thus invalidating all existing sessions. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idp." introductionVersion:"pre5.0"` Listen string @@ -105,7 +105,7 @@ type Settings struct { SigningKid string `yaml:"signing_kid" env:"IDP_SIGNING_KID" desc:"Value of the KID (Key ID) field which is used in created tokens to uniquely identify the signing-private-key." introductionVersion:"pre5.0"` SigningMethod string `yaml:"signing_method" env:"IDP_SIGNING_METHOD" desc:"Signing method of IDP requests like 'PS256'" introductionVersion:"pre5.0"` - SigningPrivateKeyFiles []string `yaml:"signing_private_key_files" env:"IDP_SIGNING_PRIVATE_KEY_FILES" desc:"A list of private key files for signing IDP requests. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/idp. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + SigningPrivateKeyFiles []string `yaml:"signing_private_key_files" env:"IDP_SIGNING_PRIVATE_KEY_FILES" desc:"A list of private key files for signing IDP requests. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idp. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` ValidationKeysPath string `yaml:"validation_keys_path" env:"IDP_VALIDATION_KEYS_PATH" desc:"Path to validation keys for IDP requests." introductionVersion:"pre5.0"` CookieBackendURI string diff --git a/services/idp/pkg/config/defaults/defaultconfig.go b/services/idp/pkg/config/defaults/defaultconfig.go index 6984b3a00..097be232e 100644 --- a/services/idp/pkg/config/defaults/defaultconfig.go +++ b/services/idp/pkg/config/defaults/defaultconfig.go @@ -77,12 +77,12 @@ func DefaultConfig() *config.Config { Name: "ownCloud Web app", Trusted: true, RedirectURIs: []string{ - "{{OCIS_URL}}/", - "{{OCIS_URL}}/oidc-callback.html", - "{{OCIS_URL}}/oidc-silent-redirect.html", + "{{OC_URL}}/", + "{{OC_URL}}/oidc-callback.html", + "{{OC_URL}}/oidc-silent-redirect.html", }, Origins: []string{ - "{{OCIS_URL}}", + "{{OC_URL}}", }, }, { diff --git a/services/idp/pkg/config/http.go b/services/idp/pkg/config/http.go index 7c3f36dcf..638a7ba19 100644 --- a/services/idp/pkg/config/http.go +++ b/services/idp/pkg/config/http.go @@ -5,7 +5,7 @@ type HTTP struct { Addr string `yaml:"addr" env:"IDP_HTTP_ADDR" desc:"The bind address of the HTTP service." introductionVersion:"pre5.0"` Root string `yaml:"root" env:"IDP_HTTP_ROOT" desc:"Subdirectory that serves as the root for this HTTP service." introductionVersion:"pre5.0"` Namespace string `yaml:"-"` - TLSCert string `yaml:"tls_cert" env:"IDP_TRANSPORT_TLS_CERT" desc:"Path/File name of the TLS server certificate (in PEM format) for the IDP service. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/idp." introductionVersion:"pre5.0"` - TLSKey string `yaml:"tls_key" env:"IDP_TRANSPORT_TLS_KEY" desc:"Path/File name for the TLS certificate key (in PEM format) for the server certificate to use for the IDP service. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/idp." introductionVersion:"pre5.0"` + TLSCert string `yaml:"tls_cert" env:"IDP_TRANSPORT_TLS_CERT" desc:"Path/File name of the TLS server certificate (in PEM format) for the IDP service. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idp." introductionVersion:"pre5.0"` + TLSKey string `yaml:"tls_key" env:"IDP_TRANSPORT_TLS_KEY" desc:"Path/File name for the TLS certificate key (in PEM format) for the server certificate to use for the IDP service. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idp." introductionVersion:"pre5.0"` TLS bool `yaml:"tls" env:"IDP_TLS" desc:"Disable or Enable HTTPS for the communication between the Proxy service and the IDP service. If set to 'true', the key and cert files need to be configured and present." introductionVersion:"pre5.0"` } diff --git a/services/idp/pkg/config/log.go b/services/idp/pkg/config/log.go index a5d33918f..7a24dd215 100644 --- a/services/idp/pkg/config/log.go +++ b/services/idp/pkg/config/log.go @@ -2,8 +2,8 @@ package config // Log defines the available log configuration. type Log struct { - Level string `yaml:"level" env:"OCIS_LOG_LEVEL;IDP_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` - Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;IDP_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` - Color bool `yaml:"color" env:"OCIS_LOG_COLOR;IDP_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` - File string `yaml:"file" env:"OCIS_LOG_FILE;IDP_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` + Level string `yaml:"level" env:"OC_LOG_LEVEL;IDP_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` + Pretty bool `yaml:"pretty" env:"OC_LOG_PRETTY;IDP_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` + Color bool `yaml:"color" env:"OC_LOG_COLOR;IDP_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` + File string `yaml:"file" env:"OC_LOG_FILE;IDP_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` } diff --git a/services/idp/pkg/config/tracing.go b/services/idp/pkg/config/tracing.go index caa9fe986..babd80739 100644 --- a/services/idp/pkg/config/tracing.go +++ b/services/idp/pkg/config/tracing.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/tracing" // Tracing defines the available tracing configuration. type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;IDP_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;IDP_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;IDP_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;IDP_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;IDP_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;IDP_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;IDP_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;IDP_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` } // Convert Tracing to the tracing package's Config struct. diff --git a/services/idp/pkg/service/v0/service.go b/services/idp/pkg/service/v0/service.go index 1ea74618f..1ffe0df73 100644 --- a/services/idp/pkg/service/v0/service.go +++ b/services/idp/pkg/service/v0/service.go @@ -152,10 +152,10 @@ func createTemporaryClientsConfig(filePath, ocisURL string, clients []config.Cli for i, client := range clients { for i, entry := range client.RedirectURIs { - client.RedirectURIs[i] = strings.ReplaceAll(entry, "{{OCIS_URL}}", strings.TrimRight(ocisURL, "/")) + client.RedirectURIs[i] = strings.ReplaceAll(entry, "{{OC_URL}}", strings.TrimRight(ocisURL, "/")) } for i, entry := range client.Origins { - client.Origins[i] = strings.ReplaceAll(entry, "{{OCIS_URL}}", strings.TrimRight(ocisURL, "/")) + client.Origins[i] = strings.ReplaceAll(entry, "{{OC_URL}}", strings.TrimRight(ocisURL, "/")) } clients[i] = client } diff --git a/services/invitations/pkg/config/config.go b/services/invitations/pkg/config/config.go index b39f394a2..26088d53f 100644 --- a/services/invitations/pkg/config/config.go +++ b/services/invitations/pkg/config/config.go @@ -26,10 +26,10 @@ type Config struct { // Keycloak configuration type Keycloak struct { - BasePath string `yaml:"base_path" env:"OCIS_KEYCLOAK_BASE_PATH;INVITATIONS_KEYCLOAK_BASE_PATH" desc:"The URL to access keycloak." introductionVersion:"pre5.0"` - ClientID string `yaml:"client_id" env:"OCIS_KEYCLOAK_CLIENT_ID;INVITATIONS_KEYCLOAK_CLIENT_ID" desc:"The client ID to authenticate with keycloak." introductionVersion:"pre5.0"` - ClientSecret string `yaml:"client_secret" env:"OCIS_KEYCLOAK_CLIENT_SECRET;INVITATIONS_KEYCLOAK_CLIENT_SECRET" desc:"The client secret to use in authentication." introductionVersion:"pre5.0"` - ClientRealm string `yaml:"client_realm" env:"OCIS_KEYCLOAK_CLIENT_REALM;INVITATIONS_KEYCLOAK_CLIENT_REALM" desc:"The realm the client is defined in." introductionVersion:"pre5.0"` - UserRealm string `yaml:"user_realm" env:"OCIS_KEYCLOAK_USER_REALM;INVITATIONS_KEYCLOAK_USER_REALM" desc:"The realm users are defined." introductionVersion:"pre5.0"` - InsecureSkipVerify bool `yaml:"insecure_skip_verify" env:"OCIS_KEYCLOAK_INSECURE_SKIP_VERIFY;INVITATIONS_KEYCLOAK_INSECURE_SKIP_VERIFY" desc:"Disable TLS certificate validation for Keycloak connections. Do not set this in production environments." introductionVersion:"pre5.0"` + BasePath string `yaml:"base_path" env:"OC_KEYCLOAK_BASE_PATH;INVITATIONS_KEYCLOAK_BASE_PATH" desc:"The URL to access keycloak." introductionVersion:"pre5.0"` + ClientID string `yaml:"client_id" env:"OC_KEYCLOAK_CLIENT_ID;INVITATIONS_KEYCLOAK_CLIENT_ID" desc:"The client ID to authenticate with keycloak." introductionVersion:"pre5.0"` + ClientSecret string `yaml:"client_secret" env:"OC_KEYCLOAK_CLIENT_SECRET;INVITATIONS_KEYCLOAK_CLIENT_SECRET" desc:"The client secret to use in authentication." introductionVersion:"pre5.0"` + ClientRealm string `yaml:"client_realm" env:"OC_KEYCLOAK_CLIENT_REALM;INVITATIONS_KEYCLOAK_CLIENT_REALM" desc:"The realm the client is defined in." introductionVersion:"pre5.0"` + UserRealm string `yaml:"user_realm" env:"OC_KEYCLOAK_USER_REALM;INVITATIONS_KEYCLOAK_USER_REALM" desc:"The realm users are defined." introductionVersion:"pre5.0"` + InsecureSkipVerify bool `yaml:"insecure_skip_verify" env:"OC_KEYCLOAK_INSECURE_SKIP_VERIFY;INVITATIONS_KEYCLOAK_INSECURE_SKIP_VERIFY" desc:"Disable TLS certificate validation for Keycloak connections. Do not set this in production environments." introductionVersion:"pre5.0"` } diff --git a/services/invitations/pkg/config/http.go b/services/invitations/pkg/config/http.go index d2d4b1dca..babf9af25 100644 --- a/services/invitations/pkg/config/http.go +++ b/services/invitations/pkg/config/http.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/shared" // CORS defines the available cors configuration. type CORS struct { - AllowedOrigins []string `yaml:"allow_origins" env:"OCIS_CORS_ALLOW_ORIGINS;INVITATIONS_CORS_ALLOW_ORIGINS" desc:"A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AllowedMethods []string `yaml:"allow_methods" env:"OCIS_CORS_ALLOW_METHODS;INVITATIONS_CORS_ALLOW_METHODS" desc:"A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AllowedHeaders []string `yaml:"allow_headers" env:"OCIS_CORS_ALLOW_HEADERS;INVITATIONS_CORS_ALLOW_HEADERS" desc:"A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AllowCredentials bool `yaml:"allow_credentials" env:"OCIS_CORS_ALLOW_CREDENTIALS;INVITATIONS_CORS_ALLOW_CREDENTIALS" desc:"Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials." introductionVersion:"pre5.0"` + AllowedOrigins []string `yaml:"allow_origins" env:"OC_CORS_ALLOW_ORIGINS;INVITATIONS_CORS_ALLOW_ORIGINS" desc:"A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowedMethods []string `yaml:"allow_methods" env:"OC_CORS_ALLOW_METHODS;INVITATIONS_CORS_ALLOW_METHODS" desc:"A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowedHeaders []string `yaml:"allow_headers" env:"OC_CORS_ALLOW_HEADERS;INVITATIONS_CORS_ALLOW_HEADERS" desc:"A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowCredentials bool `yaml:"allow_credentials" env:"OC_CORS_ALLOW_CREDENTIALS;INVITATIONS_CORS_ALLOW_CREDENTIALS" desc:"Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials." introductionVersion:"pre5.0"` } // HTTP defines the available http configuration. diff --git a/services/invitations/pkg/config/log.go b/services/invitations/pkg/config/log.go index 03e18305b..4650391e2 100644 --- a/services/invitations/pkg/config/log.go +++ b/services/invitations/pkg/config/log.go @@ -2,8 +2,8 @@ package config // Log defines the available log configuration. type Log struct { - Level string `mapstructure:"level" env:"OCIS_LOG_LEVEL;INVITATIONS_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` - Pretty bool `mapstructure:"pretty" env:"OCIS_LOG_PRETTY;INVITATIONS_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` - Color bool `mapstructure:"color" env:"OCIS_LOG_COLOR;INVITATIONS_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` - File string `mapstructure:"file" env:"OCIS_LOG_FILE;INVITATIONS_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` + Level string `mapstructure:"level" env:"OC_LOG_LEVEL;INVITATIONS_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` + Pretty bool `mapstructure:"pretty" env:"OC_LOG_PRETTY;INVITATIONS_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` + Color bool `mapstructure:"color" env:"OC_LOG_COLOR;INVITATIONS_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` + File string `mapstructure:"file" env:"OC_LOG_FILE;INVITATIONS_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` } diff --git a/services/invitations/pkg/config/reva.go b/services/invitations/pkg/config/reva.go index 470e257d9..04a777408 100644 --- a/services/invitations/pkg/config/reva.go +++ b/services/invitations/pkg/config/reva.go @@ -2,5 +2,5 @@ package config // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;INVITATIONS_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` + JWTSecret string `yaml:"jwt_secret" env:"OC_JWT_SECRET;INVITATIONS_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` } diff --git a/services/invitations/pkg/config/tracing.go b/services/invitations/pkg/config/tracing.go index b1b0f169e..217db11aa 100644 --- a/services/invitations/pkg/config/tracing.go +++ b/services/invitations/pkg/config/tracing.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/tracing" // Tracing defines the available tracing configuration. type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;INVITATIONS_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;INVITATIONS_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;INVITATIONS_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;INVITATIONS_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;INVITATIONS_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;INVITATIONS_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;INVITATIONS_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;INVITATIONS_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` } // Convert Tracing to the tracing package's Config struct. diff --git a/services/nats/README.md b/services/nats/README.md index ff16ae63c..d5bedf584 100644 --- a/services/nats/README.md +++ b/services/nats/README.md @@ -10,16 +10,16 @@ As the service name suggests, this service is based on [NATS](https://nats.io/) ## Default Registry -By default, `nats-js-kv` is configured as embedded default registry via the `MICRO_REGISTRY` environment variable. If you do not want using the build-in nats registry, set `MICRO_REGISTRY_ADDRESS` to the address of the nats-js cluster, which is the same value as `OCIS_EVENTS_ENDPOINT`. Optionally use `MICRO_REGISTRY_AUTH_USERNAME` and `MICRO_REGISTRY_AUTH_PASSWORD` to authenticate with the external nats cluster. +By default, `nats-js-kv` is configured as embedded default registry via the `MICRO_REGISTRY` environment variable. If you do not want using the build-in nats registry, set `MICRO_REGISTRY_ADDRESS` to the address of the nats-js cluster, which is the same value as `OC_EVENTS_ENDPOINT`. Optionally use `MICRO_REGISTRY_AUTH_USERNAME` and `MICRO_REGISTRY_AUTH_PASSWORD` to authenticate with the external nats cluster. ## Persistance -To be able to deliver events even after a system or service restart, nats will store events in a folder on the local filesystem. This folder can be specified by setting the `NATS_NATS_STORE_DIR` enviroment variable. If not set, the service will fall back to `$OCIS_BASE_DATA_PATH/nats`. +To be able to deliver events even after a system or service restart, nats will store events in a folder on the local filesystem. This folder can be specified by setting the `NATS_NATS_STORE_DIR` enviroment variable. If not set, the service will fall back to `$OC_BASE_DATA_PATH/nats`. ## TLS Encryption Connections to the nats service (`Publisher`/`Consumer` see above) can be TLS encrypted by setting the corresponding env vars `NATS_TLS_CERT`, `NATS_TLS_KEY` to the cert and key files and `ENABLE_TLS` to true. Checking the certificate of incoming request can be disabled with the `NATS_EVENTS_ENABLE_TLS` environment variable. -Certificate files can also be set via global variables starting with `OCIS_`, for details see the environment variable list. +Certificate files can also be set via global variables starting with `OC_`, for details see the environment variable list. Note that using TLS is highly recommended for productive environments, especially when using container orchestration with Kubernetes. diff --git a/services/nats/pkg/config/config.go b/services/nats/pkg/config/config.go index 0499d36e2..36002c440 100644 --- a/services/nats/pkg/config/config.go +++ b/services/nats/pkg/config/config.go @@ -24,17 +24,17 @@ type Nats struct { Host string `yaml:"host" env:"NATS_NATS_HOST" desc:"Bind address." introductionVersion:"pre5.0"` Port int `yaml:"port" env:"NATS_NATS_PORT" desc:"Bind port." introductionVersion:"pre5.0"` ClusterID string `yaml:"clusterid" env:"NATS_NATS_CLUSTER_ID" desc:"ID of the NATS cluster." introductionVersion:"pre5.0"` - StoreDir string `yaml:"store_dir" env:"NATS_NATS_STORE_DIR" desc:"The directory where the filesystem storage will store NATS JetStream data. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/nats." introductionVersion:"pre5.0"` - TLSCert string `yaml:"tls_cert" env:"NATS_TLS_CERT" desc:"Path/File name of the TLS server certificate (in PEM format) for the NATS listener. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/nats." introductionVersion:"pre5.0"` - TLSKey string `yaml:"tls_key" env:"NATS_TLS_KEY" desc:"Path/File name for the TLS certificate key (in PEM format) for the NATS listener. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/nats." introductionVersion:"pre5.0"` - TLSSkipVerifyClientCert bool `yaml:"tls_skip_verify_client_cert" env:"OCIS_INSECURE;NATS_TLS_SKIP_VERIFY_CLIENT_CERT" desc:"Whether the NATS server should skip the client certificate verification during the TLS handshake." introductionVersion:"pre5.0"` - EnableTLS bool `yaml:"enable_tls" env:"OCIS_EVENTS_ENABLE_TLS;NATS_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"pre5.0"` + StoreDir string `yaml:"store_dir" env:"NATS_NATS_STORE_DIR" desc:"The directory where the filesystem storage will store NATS JetStream data. If not defined, the root directory derives from $OC_BASE_DATA_PATH/nats." introductionVersion:"pre5.0"` + TLSCert string `yaml:"tls_cert" env:"NATS_TLS_CERT" desc:"Path/File name of the TLS server certificate (in PEM format) for the NATS listener. If not defined, the root directory derives from $OC_BASE_DATA_PATH/nats." introductionVersion:"pre5.0"` + TLSKey string `yaml:"tls_key" env:"NATS_TLS_KEY" desc:"Path/File name for the TLS certificate key (in PEM format) for the NATS listener. If not defined, the root directory derives from $OC_BASE_DATA_PATH/nats." introductionVersion:"pre5.0"` + TLSSkipVerifyClientCert bool `yaml:"tls_skip_verify_client_cert" env:"OC_INSECURE;NATS_TLS_SKIP_VERIFY_CLIENT_CERT" desc:"Whether the NATS server should skip the client certificate verification during the TLS handshake." introductionVersion:"pre5.0"` + EnableTLS bool `yaml:"enable_tls" env:"OC_EVENTS_ENABLE_TLS;NATS_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"pre5.0"` } // Tracing is the tracing config type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;NATS_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;NATS_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;NATS_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;NATS_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;NATS_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;NATS_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;NATS_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;NATS_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` } diff --git a/services/nats/pkg/config/log.go b/services/nats/pkg/config/log.go index bd9825198..98ad0c73e 100644 --- a/services/nats/pkg/config/log.go +++ b/services/nats/pkg/config/log.go @@ -2,8 +2,8 @@ package config // Log defines the available log configuration. type Log struct { - Level string `mapstructure:"level" env:"OCIS_LOG_LEVEL;NATS_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` - Pretty bool `mapstructure:"pretty" env:"OCIS_LOG_PRETTY;NATS_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` - Color bool `mapstructure:"color" env:"OCIS_LOG_COLOR;NATS_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` - File string `mapstructure:"file" env:"OCIS_LOG_FILE;NATS_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` + Level string `mapstructure:"level" env:"OC_LOG_LEVEL;NATS_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` + Pretty bool `mapstructure:"pretty" env:"OC_LOG_PRETTY;NATS_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` + Color bool `mapstructure:"color" env:"OC_LOG_COLOR;NATS_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` + File string `mapstructure:"file" env:"OC_LOG_FILE;NATS_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` } diff --git a/services/notifications/README.md b/services/notifications/README.md index af93508e0..eeb66d5ed 100644 --- a/services/notifications/README.md +++ b/services/notifications/README.md @@ -50,7 +50,7 @@ Consider that embedding images via a CID resource may not be fully supported in The `notification` service can initiate sending emails based on events stored in the configured store that are grouped into a `daily` or `weekly` bucket. These groups contain events that get populated e.g. when the user configures `daily` or `weekly` email notifications in his personal settings in the web UI. If a user does not define any of the named groups for notification events, no event is stored. -Grouped events are stored for the TTL defined in `OCIS_PERSISTENT_STORE_TTL`. This TTL can either be configured globally or individually for the notification service via the `NOTIFICATIONS_STORE_TTL` envvar. +Grouped events are stored for the TTL defined in `OC_PERSISTENT_STORE_TTL`. This TTL can either be configured globally or individually for the notification service via the `NOTIFICATIONS_STORE_TTL` envvar. Grouped events that have passed the TTL are removed automatically without further notice or sending! @@ -71,9 +71,9 @@ Note: The service can only be scaled if not using `memory` store and the stores Note that if you have used one of the deprecated stores, you should reconfigure to one of the supported ones as the deprecated stores will be removed in a later version. Store specific notes: -- When using `redis-sentinel`, the Redis master to use is configured via e.g. `OCIS_CACHE_STORE_NODES` in the form of `:/` like `10.10.0.200:26379/mymaster`. -- When using `nats-js-kv` it is recommended to set `OCIS_CACHE_STORE_NODES` to the same value as `OCIS_EVENTS_ENDPOINT`. That way the cache uses the same nats instance as the event bus. -- When using the `nats-js-kv` store, it is possible to set `OCIS_CACHE_DISABLE_PERSISTENCE` to instruct nats to not persist cache data on disc. +- When using `redis-sentinel`, the Redis master to use is configured via e.g. `OC_CACHE_STORE_NODES` in the form of `:/` like `10.10.0.200:26379/mymaster`. +- When using `nats-js-kv` it is recommended to set `OC_CACHE_STORE_NODES` to the same value as `OC_EVENTS_ENDPOINT`. That way the cache uses the same nats instance as the event bus. +- When using the `nats-js-kv` store, it is possible to set `OC_CACHE_DISABLE_PERSISTENCE` to instruct nats to not persist cache data on disc. ## Translations @@ -102,4 +102,4 @@ which is the source of the texts provided by the code. ## Default Language -The default language can be defined via the `OCIS_DEFAULT_LANGUAGE` environment variable. See the `settings` service for a detailed description. +The default language can be defined via the `OC_DEFAULT_LANGUAGE` environment variable. See the `settings` service for a detailed description. diff --git a/services/notifications/pkg/config/config.go b/services/notifications/pkg/config/config.go index 59715e2ea..98b136fac 100644 --- a/services/notifications/pkg/config/config.go +++ b/services/notifications/pkg/config/config.go @@ -18,7 +18,7 @@ type Config struct { Log *Log `yaml:"log"` Debug Debug `yaml:"debug"` - WebUIURL string `yaml:"ocis_url" env:"OCIS_URL;NOTIFICATIONS_WEB_UI_URL" desc:"The public facing URL of the oCIS Web UI, used e.g. when sending notification eMails" introductionVersion:"pre5.0"` + WebUIURL string `yaml:"ocis_url" env:"OC_URL;NOTIFICATIONS_WEB_UI_URL" desc:"The public facing URL of the oCIS Web UI, used e.g. when sending notification eMails" introductionVersion:"pre5.0"` Notifications Notifications `yaml:"notifications"` GRPCClientTLS shared.GRPCClientTLS `yaml:"grpc_client_tls"` @@ -33,10 +33,10 @@ type Config struct { type Notifications struct { SMTP SMTP `yaml:"SMTP"` Events Events `yaml:"events"` - EmailTemplatePath string `yaml:"email_template_path" env:"OCIS_EMAIL_TEMPLATE_PATH;NOTIFICATIONS_EMAIL_TEMPLATE_PATH" desc:"Path to Email notification templates overriding embedded ones." introductionVersion:"pre5.0"` - TranslationPath string `yaml:"translation_path" env:"OCIS_TRANSLATION_PATH;NOTIFICATIONS_TRANSLATION_PATH" desc:"(optional) Set this to a path with custom translations to overwrite the builtin translations. Note that file and folder naming rules apply, see the documentation for more details." introductionVersion:"pre5.0"` - DefaultLanguage string `yaml:"default_language" env:"OCIS_DEFAULT_LANGUAGE" desc:"The default language used by services and the WebUI. If not defined, English will be used as default. See the documentation for more details." introductionVersion:"5.0"` - RevaGateway string `yaml:"reva_gateway" env:"OCIS_REVA_GATEWAY" desc:"CS3 gateway used to look up user metadata" introductionVersion:"pre5.0"` + EmailTemplatePath string `yaml:"email_template_path" env:"OC_EMAIL_TEMPLATE_PATH;NOTIFICATIONS_EMAIL_TEMPLATE_PATH" desc:"Path to Email notification templates overriding embedded ones." introductionVersion:"pre5.0"` + TranslationPath string `yaml:"translation_path" env:"OC_TRANSLATION_PATH;NOTIFICATIONS_TRANSLATION_PATH" desc:"(optional) Set this to a path with custom translations to overwrite the builtin translations. Note that file and folder naming rules apply, see the documentation for more details." introductionVersion:"pre5.0"` + DefaultLanguage string `yaml:"default_language" env:"OC_DEFAULT_LANGUAGE" desc:"The default language used by services and the WebUI. If not defined, English will be used as default. See the documentation for more details." introductionVersion:"5.0"` + RevaGateway string `yaml:"reva_gateway" env:"OC_REVA_GATEWAY" desc:"CS3 gateway used to look up user metadata" introductionVersion:"pre5.0"` GRPCClientTLS *shared.GRPCClientTLS `yaml:"grpc_client_tls"` } @@ -54,28 +54,28 @@ type SMTP struct { // Events combines the configuration options for the event bus. type Events struct { - Endpoint string `yaml:"endpoint" env:"OCIS_EVENTS_ENDPOINT;NOTIFICATIONS_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"pre5.0"` - Cluster string `yaml:"cluster" env:"OCIS_EVENTS_CLUSTER;NOTIFICATIONS_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"pre5.0"` - TLSInsecure bool `yaml:"tls_insecure" env:"OCIS_INSECURE;NOTIFICATIONS_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"pre5.0"` - TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;NOTIFICATIONS_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"pre5.0"` - EnableTLS bool `yaml:"enable_tls" env:"OCIS_EVENTS_ENABLE_TLS;NOTIFICATIONS_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"pre5.0"` - AuthUsername string `yaml:"username" env:"OCIS_EVENTS_AUTH_USERNAME;NOTIFICATIONS_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` - AuthPassword string `yaml:"password" env:"OCIS_EVENTS_AUTH_PASSWORD;NOTIFICATIONS_EVENTS_AUTH_PASSWORD" desc:"The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` + Endpoint string `yaml:"endpoint" env:"OC_EVENTS_ENDPOINT;NOTIFICATIONS_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"pre5.0"` + Cluster string `yaml:"cluster" env:"OC_EVENTS_CLUSTER;NOTIFICATIONS_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"pre5.0"` + TLSInsecure bool `yaml:"tls_insecure" env:"OC_INSECURE;NOTIFICATIONS_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"pre5.0"` + TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;NOTIFICATIONS_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"pre5.0"` + EnableTLS bool `yaml:"enable_tls" env:"OC_EVENTS_ENABLE_TLS;NOTIFICATIONS_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"pre5.0"` + AuthUsername string `yaml:"username" env:"OC_EVENTS_AUTH_USERNAME;NOTIFICATIONS_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` + AuthPassword string `yaml:"password" env:"OC_EVENTS_AUTH_PASSWORD;NOTIFICATIONS_EVENTS_AUTH_PASSWORD" desc:"The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` } // ServiceAccount is the configuration for the used service account type ServiceAccount struct { - ServiceAccountID string `yaml:"service_account_id" env:"OCIS_SERVICE_ACCOUNT_ID;NOTIFICATIONS_SERVICE_ACCOUNT_ID" desc:"The ID of the service account the service should use. See the 'auth-service' service description for more details." introductionVersion:"5.0"` - ServiceAccountSecret string `yaml:"service_account_secret" env:"OCIS_SERVICE_ACCOUNT_SECRET;NOTIFICATIONS_SERVICE_ACCOUNT_SECRET" desc:"The service account secret." introductionVersion:"5.0"` + ServiceAccountID string `yaml:"service_account_id" env:"OC_SERVICE_ACCOUNT_ID;NOTIFICATIONS_SERVICE_ACCOUNT_ID" desc:"The ID of the service account the service should use. See the 'auth-service' service description for more details." introductionVersion:"5.0"` + ServiceAccountSecret string `yaml:"service_account_secret" env:"OC_SERVICE_ACCOUNT_SECRET;NOTIFICATIONS_SERVICE_ACCOUNT_SECRET" desc:"The service account secret." introductionVersion:"5.0"` } // Store configures the store to use type Store struct { - Store string `yaml:"store" env:"OCIS_PERSISTENT_STORE;NOTIFICATIONS_STORE" desc:"The type of the store. Supported values are: 'memory', 'nats-js-kv', 'redis-sentinel', 'noop'. See the text description for details." introductionVersion:"7.1"` - Nodes []string `yaml:"nodes" env:"OCIS_PERSISTENT_STORE_NODES;NOTIFICATIONS_STORE_NODES" desc:"A list of nodes to access the configured store. This has no effect when 'memory' store is configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details." introductionVersion:"7.1"` + Store string `yaml:"store" env:"OC_PERSISTENT_STORE;NOTIFICATIONS_STORE" desc:"The type of the store. Supported values are: 'memory', 'nats-js-kv', 'redis-sentinel', 'noop'. See the text description for details." introductionVersion:"7.1"` + Nodes []string `yaml:"nodes" env:"OC_PERSISTENT_STORE_NODES;NOTIFICATIONS_STORE_NODES" desc:"A list of nodes to access the configured store. This has no effect when 'memory' store is configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details." introductionVersion:"7.1"` Database string `yaml:"database" env:"NOTIFICATIONS_STORE_DATABASE" desc:"The database name the configured store should use." introductionVersion:"7.1"` Table string `yaml:"table" env:"NOTIFICATIONS_STORE_TABLE" desc:"The database table the store should use." introductionVersion:"7.1"` - TTL time.Duration `yaml:"ttl" env:"OCIS_PERSISTENT_STORE_TTL;NOTIFICATIONS_STORE_TTL" desc:"Time to live for notifications in the store. Defaults to '336h' (2 weeks). See the Environment Variable Types description for more details." introductionVersion:"7.1"` - AuthUsername string `yaml:"username" env:"OCIS_PERSISTENT_STORE_AUTH_USERNAME;NOTIFICATIONS_STORE_AUTH_USERNAME" desc:"The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"7.1"` - AuthPassword string `yaml:"password" env:"OCIS_PERSISTENT_STORE_AUTH_PASSWORD;NOTIFICATIONS_STORE_AUTH_PASSWORD" desc:"The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"7.1"` + TTL time.Duration `yaml:"ttl" env:"OC_PERSISTENT_STORE_TTL;NOTIFICATIONS_STORE_TTL" desc:"Time to live for notifications in the store. Defaults to '336h' (2 weeks). See the Environment Variable Types description for more details." introductionVersion:"7.1"` + AuthUsername string `yaml:"username" env:"OC_PERSISTENT_STORE_AUTH_USERNAME;NOTIFICATIONS_STORE_AUTH_USERNAME" desc:"The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"7.1"` + AuthPassword string `yaml:"password" env:"OC_PERSISTENT_STORE_AUTH_PASSWORD;NOTIFICATIONS_STORE_AUTH_PASSWORD" desc:"The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"7.1"` } diff --git a/services/notifications/pkg/config/log.go b/services/notifications/pkg/config/log.go index d5e406ac4..65dcb60d6 100644 --- a/services/notifications/pkg/config/log.go +++ b/services/notifications/pkg/config/log.go @@ -2,8 +2,8 @@ package config // Log defines the available log configuration. type Log struct { - Level string `mapstructure:"level" env:"OCIS_LOG_LEVEL;NOTIFICATIONS_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` - Pretty bool `mapstructure:"pretty" env:"OCIS_LOG_PRETTY;NOTIFICATIONS_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` - Color bool `mapstructure:"color" env:"OCIS_LOG_COLOR;NOTIFICATIONS_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` - File string `mapstructure:"file" env:"OCIS_LOG_FILE;NOTIFICATIONS_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` + Level string `mapstructure:"level" env:"OC_LOG_LEVEL;NOTIFICATIONS_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` + Pretty bool `mapstructure:"pretty" env:"OC_LOG_PRETTY;NOTIFICATIONS_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` + Color bool `mapstructure:"color" env:"OC_LOG_COLOR;NOTIFICATIONS_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` + File string `mapstructure:"file" env:"OC_LOG_FILE;NOTIFICATIONS_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` } diff --git a/services/notifications/pkg/config/tracing.go b/services/notifications/pkg/config/tracing.go index 16fa701f8..b4ae8dc0f 100644 --- a/services/notifications/pkg/config/tracing.go +++ b/services/notifications/pkg/config/tracing.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/tracing" // Tracing defines the available tracing configuration. type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;NOTIFICATIONS_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;NOTIFICATIONS_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;NOTIFICATIONS_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;NOTIFICATIONS_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;NOTIFICATIONS_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;NOTIFICATIONS_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;NOTIFICATIONS_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;NOTIFICATIONS_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` } // Convert Tracing to the tracing package's Config struct. diff --git a/services/ocdav/pkg/config/config.go b/services/ocdav/pkg/config/config.go index 52f5408cb..fca1ca602 100644 --- a/services/ocdav/pkg/config/config.go +++ b/services/ocdav/pkg/config/config.go @@ -25,14 +25,14 @@ type Config struct { SharesNamespace string `yaml:"shares_namespace" env:"OCDAV_SHARES_NAMESPACE" desc:"The human readable path for the share jail. Relative to a users personal space root. Upcased intentionally." introductionVersion:"pre5.0"` OCMNamespace string `yaml:"ocm_namespace" env:"OCDAV_OCM_NAMESPACE" desc:"The human readable path prefix for the ocm shares." introductionVersion:"5.0"` // PublicURL used to redirect /s/{token} URLs to - PublicURL string `yaml:"public_url" env:"OCIS_URL;OCDAV_PUBLIC_URL" desc:"URL where oCIS is reachable for users." introductionVersion:"pre5.0"` + PublicURL string `yaml:"public_url" env:"OC_URL;OCDAV_PUBLIC_URL" desc:"URL where oCIS is reachable for users." introductionVersion:"pre5.0"` // Insecure certificates allowed when making requests to the gateway - Insecure bool `yaml:"insecure" env:"OCIS_INSECURE;OCDAV_INSECURE" desc:"Allow insecure connections to the GATEWAY service." introductionVersion:"pre5.0"` + Insecure bool `yaml:"insecure" env:"OC_INSECURE;OCDAV_INSECURE" desc:"Allow insecure connections to the GATEWAY service." introductionVersion:"pre5.0"` // Timeout in seconds when making requests to the gateway Timeout int64 `yaml:"gateway_request_timeout" env:"OCDAV_GATEWAY_REQUEST_TIMEOUT" desc:"Request timeout in seconds for requests from the oCDAV service to the GATEWAY service." introductionVersion:"pre5.0"` - MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY;OCDAV_MACHINE_AUTH_API_KEY" desc:"Machine auth API key used to validate internal requests necessary for the access to resources from other services." introductionVersion:"pre5.0"` + MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OC_MACHINE_AUTH_API_KEY;OCDAV_MACHINE_AUTH_API_KEY" desc:"Machine auth API key used to validate internal requests necessary for the access to resources from other services." introductionVersion:"pre5.0"` Context context.Context `yaml:"-"` Status Status `yaml:"-"` @@ -41,10 +41,10 @@ type Config struct { } type Log struct { - Level string `yaml:"level" env:"OCIS_LOG_LEVEL;OCDAV_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` - Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;OCDAV_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` - Color bool `yaml:"color" env:"OCIS_LOG_COLOR;OCDAV_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` - File string `yaml:"file" env:"OCIS_LOG_FILE;OCDAV_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` + Level string `yaml:"level" env:"OC_LOG_LEVEL;OCDAV_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` + Pretty bool `yaml:"pretty" env:"OC_LOG_PRETTY;OCDAV_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` + Color bool `yaml:"color" env:"OC_LOG_COLOR;OCDAV_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` + File string `yaml:"file" env:"OC_LOG_FILE;OCDAV_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` } type Service struct { @@ -68,10 +68,10 @@ type HTTPConfig struct { // CORS defines the available cors configuration. type CORS struct { - AllowedOrigins []string `yaml:"allow_origins" env:"OCIS_CORS_ALLOW_ORIGINS;OCDAV_CORS_ALLOW_ORIGINS" desc:"A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AllowedMethods []string `yaml:"allow_methods" env:"OCIS_CORS_ALLOW_METHODS;OCDAV_CORS_ALLOW_METHODS" desc:"A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AllowedHeaders []string `yaml:"allow_headers" env:"OCIS_CORS_ALLOW_HEADERS;OCDAV_CORS_ALLOW_HEADERS" desc:"A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AllowCredentials bool `yaml:"allow_credentials" env:"OCIS_CORS_ALLOW_CREDENTIALS;OCDAV_CORS_ALLOW_CREDENTIALS" desc:"Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials." introductionVersion:"pre5.0"` + AllowedOrigins []string `yaml:"allow_origins" env:"OC_CORS_ALLOW_ORIGINS;OCDAV_CORS_ALLOW_ORIGINS" desc:"A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowedMethods []string `yaml:"allow_methods" env:"OC_CORS_ALLOW_METHODS;OCDAV_CORS_ALLOW_METHODS" desc:"A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowedHeaders []string `yaml:"allow_headers" env:"OC_CORS_ALLOW_HEADERS;OCDAV_CORS_ALLOW_HEADERS" desc:"A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowCredentials bool `yaml:"allow_credentials" env:"OC_CORS_ALLOW_CREDENTIALS;OCDAV_CORS_ALLOW_CREDENTIALS" desc:"Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials." introductionVersion:"pre5.0"` } // Status holds the configurable values for the status.php @@ -81,5 +81,5 @@ type Status struct { Product string ProductName string ProductVersion string - Edition string `yaml:"edition" env:"OCIS_EDITION;OCDAV_EDITION" desc:"Edition of oCIS. Used for branding purposes." introductionVersion:"pre5.0"` + Edition string `yaml:"edition" env:"OC_EDITION;OCDAV_EDITION" desc:"Edition of oCIS. Used for branding purposes." introductionVersion:"pre5.0"` } diff --git a/services/ocdav/pkg/config/reva.go b/services/ocdav/pkg/config/reva.go index 775f26a58..994aaee8e 100644 --- a/services/ocdav/pkg/config/reva.go +++ b/services/ocdav/pkg/config/reva.go @@ -2,5 +2,5 @@ package config // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCDAV_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` + JWTSecret string `yaml:"jwt_secret" env:"OC_JWT_SECRET;OCDAV_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` } diff --git a/services/ocdav/pkg/config/tracing.go b/services/ocdav/pkg/config/tracing.go index 2c95fb3fd..9f1b5cc7a 100644 --- a/services/ocdav/pkg/config/tracing.go +++ b/services/ocdav/pkg/config/tracing.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/tracing" // Tracing defines the available tracing configuration. type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;OCDAV_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;OCDAV_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;OCDAV_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;OCDAV_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;OCDAV_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;OCDAV_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;OCDAV_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;OCDAV_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` } // Convert Tracing to the tracing package's Config struct. diff --git a/services/ocm/README.md b/services/ocm/README.md index 580a12a87..714a52ac8 100644 --- a/services/ocm/README.md +++ b/services/ocm/README.md @@ -18,7 +18,7 @@ Internal GRPC APIs: To enable OpenCloudMesh, you have to set the following environment variable. ```console -OCIS_ENABLE_OCM=true +OC_ENABLE_OCM=true ``` ## Trust Between Instances diff --git a/services/ocm/pkg/config/config.go b/services/ocm/pkg/config/config.go index d129ba4ce..758c81b98 100644 --- a/services/ocm/pkg/config/config.go +++ b/services/ocm/pkg/config/config.go @@ -62,16 +62,16 @@ type Auth struct { // ServiceAccount is the configuration for the used service account type ServiceAccount struct { - ID string `yaml:"service_account_id" env:"OCIS_SERVICE_ACCOUNT_ID;OCM_SERVICE_ACCOUNT_ID" desc:"The ID of the service account the service should use. See the 'auth-service' service description for more details." introductionVersion:"5.0"` - Secret string `yaml:"service_account_secret" env:"OCIS_SERVICE_ACCOUNT_SECRET;OCM_SERVICE_ACCOUNT_SECRET" desc:"The service account secret." introductionVersion:"5.0"` + ID string `yaml:"service_account_id" env:"OC_SERVICE_ACCOUNT_ID;OCM_SERVICE_ACCOUNT_ID" desc:"The ID of the service account the service should use. See the 'auth-service' service description for more details." introductionVersion:"5.0"` + Secret string `yaml:"service_account_secret" env:"OC_SERVICE_ACCOUNT_SECRET;OCM_SERVICE_ACCOUNT_SECRET" desc:"The service account secret." introductionVersion:"5.0"` } // CORS defines the available cors configuration. type CORS struct { - AllowedOrigins []string `yaml:"allow_origins" env:"OCIS_CORS_ALLOW_ORIGINS;OCM_CORS_ALLOW_ORIGINS" desc:"A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details." introductionVersion:"5.0"` - AllowedMethods []string `yaml:"allow_methods" env:"OCIS_CORS_ALLOW_METHODS;OCM_CORS_ALLOW_METHODS" desc:"A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details." introductionVersion:"5.0"` - AllowedHeaders []string `yaml:"allow_headers" env:"OCIS_CORS_ALLOW_HEADERS;OCM_CORS_ALLOW_HEADERS" desc:"A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details." introductionVersion:"5.0"` - AllowCredentials bool `yaml:"allow_credentials" env:"OCIS_CORS_ALLOW_CREDENTIALS;OCM_CORS_ALLOW_CREDENTIALS" desc:"Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials." introductionVersion:"5.0"` + AllowedOrigins []string `yaml:"allow_origins" env:"OC_CORS_ALLOW_ORIGINS;OCM_CORS_ALLOW_ORIGINS" desc:"A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details." introductionVersion:"5.0"` + AllowedMethods []string `yaml:"allow_methods" env:"OC_CORS_ALLOW_METHODS;OCM_CORS_ALLOW_METHODS" desc:"A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details." introductionVersion:"5.0"` + AllowedHeaders []string `yaml:"allow_headers" env:"OC_CORS_ALLOW_HEADERS;OCM_CORS_ALLOW_HEADERS" desc:"A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details." introductionVersion:"5.0"` + AllowCredentials bool `yaml:"allow_credentials" env:"OC_CORS_ALLOW_CREDENTIALS;OCM_CORS_ALLOW_CREDENTIALS" desc:"Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials." introductionVersion:"5.0"` } // GRPCConfig defines the available grpc configuration. @@ -79,7 +79,7 @@ type GRPCConfig struct { Addr string `ocisConfig:"addr" env:"OCM_GRPC_ADDR" desc:"The bind address of the GRPC service." introductionVersion:"5.0"` Namespace string `ocisConfig:"-" yaml:"-"` TLS *shared.GRPCServiceTLS `yaml:"tls"` - Protocol string `yaml:"protocol" env:"OCIS_GRPC_PROTOCOL;OCM_GRPC_PROTOCOL" desc:"The transport protocol of the GRPC service." introductionVersion:"5.0"` + Protocol string `yaml:"protocol" env:"OC_GRPC_PROTOCOL;OCM_GRPC_PROTOCOL" desc:"The transport protocol of the GRPC service." introductionVersion:"5.0"` } type ScienceMesh struct { @@ -105,7 +105,7 @@ type OCMInviteManagerDrivers struct { } type OCMInviteManagerJSONDriver struct { - File string `yaml:"file" env:"OCM_OCM_INVITE_MANAGER_JSON_FILE" desc:"Path to the JSON file where OCM invite data will be stored. This file is maintained by the instance and must not be changed manually. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/storage/ocm." introductionVersion:"5.0"` + File string `yaml:"file" env:"OCM_OCM_INVITE_MANAGER_JSON_FILE" desc:"Path to the JSON file where OCM invite data will be stored. This file is maintained by the instance and must not be changed manually. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage/ocm." introductionVersion:"5.0"` } type OCMProviderAuthorizerDrivers struct { @@ -113,7 +113,7 @@ type OCMProviderAuthorizerDrivers struct { } type OCMProviderAuthorizerJSONDriver struct { - Providers string `yaml:"providers" env:"OCM_OCM_PROVIDER_AUTHORIZER_PROVIDERS_FILE" desc:"Path to the JSON file where ocm invite data will be stored. Defaults to $OCIS_CONFIG_DIR/ocmproviders.json." introductionVersion:"5.0"` + Providers string `yaml:"providers" env:"OCM_OCM_PROVIDER_AUTHORIZER_PROVIDERS_FILE" desc:"Path to the JSON file where ocm invite data will be stored. Defaults to $OC_CONFIG_DIR/ocmproviders.json." introductionVersion:"5.0"` } type OCMCore struct { @@ -131,7 +131,7 @@ type OCMCoreDrivers struct { } type OCMCoreJSONDriver struct { - File string `yaml:"file" env:"OCM_OCM_CORE_JSON_FILE" desc:"Path to the JSON file where OCM share data will be stored. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/storage." introductionVersion:"5.0"` + File string `yaml:"file" env:"OCM_OCM_CORE_JSON_FILE" desc:"Path to the JSON file where OCM share data will be stored. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage." introductionVersion:"5.0"` } type OCMShareProvider struct { @@ -146,16 +146,16 @@ type OCMShareProviderDrivers struct { } type OCMShareProviderJSONDriver struct { - File string `yaml:"file" env:"OCM_OCM_SHAREPROVIDER_JSON_FILE" desc:"Path to the JSON file where OCM share data will be stored. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/storage." introductionVersion:"5.0"` + File string `yaml:"file" env:"OCM_OCM_SHAREPROVIDER_JSON_FILE" desc:"Path to the JSON file where OCM share data will be stored. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage." introductionVersion:"5.0"` } // Events combine the configuration options for the event bus. type Events struct { - Endpoint string `yaml:"endpoint" env:"OCIS_EVENTS_ENDPOINT;OCM_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"pre5.0"` - Cluster string `yaml:"cluster" env:"OCIS_EVENTS_CLUSTER;OCM_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"pre5.0"` - TLSInsecure bool `yaml:"tls_insecure" env:"OCIS_INSECURE;OCM_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"pre5.0"` - TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;OCM_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided OCM_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"pre5.0"` - EnableTLS bool `yaml:"enable_tls" env:"OCIS_EVENTS_ENABLE_TLS;OCM_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"pre5.0"` - AuthUsername string `yaml:"username" env:"OCIS_EVENTS_AUTH_USERNAME;OCM_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` - AuthPassword string `yaml:"password" env:"OCIS_EVENTS_AUTH_PASSWORD;OCM_EVENTS_AUTH_PASSWORD" desc:"The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` + Endpoint string `yaml:"endpoint" env:"OC_EVENTS_ENDPOINT;OCM_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"pre5.0"` + Cluster string `yaml:"cluster" env:"OC_EVENTS_CLUSTER;OCM_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"pre5.0"` + TLSInsecure bool `yaml:"tls_insecure" env:"OC_INSECURE;OCM_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"pre5.0"` + TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;OCM_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided OCM_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"pre5.0"` + EnableTLS bool `yaml:"enable_tls" env:"OC_EVENTS_ENABLE_TLS;OCM_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"pre5.0"` + AuthUsername string `yaml:"username" env:"OC_EVENTS_AUTH_USERNAME;OCM_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` + AuthPassword string `yaml:"password" env:"OC_EVENTS_AUTH_PASSWORD;OCM_EVENTS_AUTH_PASSWORD" desc:"The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` } diff --git a/services/ocm/pkg/config/log.go b/services/ocm/pkg/config/log.go index aebd3a635..e111a9106 100644 --- a/services/ocm/pkg/config/log.go +++ b/services/ocm/pkg/config/log.go @@ -2,8 +2,8 @@ package config // Log defines the available log configuration. type Log struct { - Level string `mapstructure:"level" env:"OCIS_LOG_LEVEL;OCM_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"5.0"` - Pretty bool `mapstructure:"pretty" env:"OCIS_LOG_PRETTY;OCM_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"5.0"` - Color bool `mapstructure:"color" env:"OCIS_LOG_COLOR;OCM_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"5.0"` - File string `mapstructure:"file" env:"OCIS_LOG_FILE;OCM_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"5.0"` + Level string `mapstructure:"level" env:"OC_LOG_LEVEL;OCM_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"5.0"` + Pretty bool `mapstructure:"pretty" env:"OC_LOG_PRETTY;OCM_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"5.0"` + Color bool `mapstructure:"color" env:"OC_LOG_COLOR;OCM_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"5.0"` + File string `mapstructure:"file" env:"OC_LOG_FILE;OCM_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"5.0"` } diff --git a/services/ocm/pkg/config/reva.go b/services/ocm/pkg/config/reva.go index 0c7396b04..d2e310fe7 100644 --- a/services/ocm/pkg/config/reva.go +++ b/services/ocm/pkg/config/reva.go @@ -2,5 +2,5 @@ package config // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCM_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` + JWTSecret string `yaml:"jwt_secret" env:"OC_JWT_SECRET;OCM_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` } diff --git a/services/ocm/pkg/config/tracing.go b/services/ocm/pkg/config/tracing.go index 874a5129c..d86c9a5c4 100644 --- a/services/ocm/pkg/config/tracing.go +++ b/services/ocm/pkg/config/tracing.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/tracing" // Tracing defines the available tracing configuration. type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;OCM_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;OCM_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;OCM_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;OCM_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;OCM_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;OCM_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;OCM_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;OCM_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"5.0"` } // Convert Tracing to the tracing package's Config struct. diff --git a/services/ocs/pkg/config/config.go b/services/ocs/pkg/config/config.go index 875356094..e0ad54703 100644 --- a/services/ocs/pkg/config/config.go +++ b/services/ocs/pkg/config/config.go @@ -32,9 +32,9 @@ type Config struct { // SigningKeys is a store configuration. type SigningKeys struct { - Store string `yaml:"store" env:"OCIS_CACHE_STORE;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE" desc:"The type of the signing key store. Supported values are: 'redis-sentinel' and 'nats-js-kv'. See the text description for details." introductionVersion:"5.0"` - Nodes []string `yaml:"addresses" env:"OCIS_CACHE_STORE_NODES;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES" desc:"A list of nodes to access the configured store. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details." introductionVersion:"5.0"` - TTL time.Duration `yaml:"ttl" env:"OCIS_CACHE_TTL;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_TTL" desc:"Default time to live for signing keys. See the Environment Variable Types description for more details." introductionVersion:"5.0"` - AuthUsername string `yaml:"username" env:"OCIS_CACHE_AUTH_USERNAME;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_USERNAME" desc:"The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` - AuthPassword string `yaml:"password" env:"OCIS_CACHE_AUTH_PASSWORD;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_PASSWORD" desc:"The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` + Store string `yaml:"store" env:"OC_CACHE_STORE;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE" desc:"The type of the signing key store. Supported values are: 'redis-sentinel' and 'nats-js-kv'. See the text description for details." introductionVersion:"5.0"` + Nodes []string `yaml:"addresses" env:"OC_CACHE_STORE_NODES;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES" desc:"A list of nodes to access the configured store. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details." introductionVersion:"5.0"` + TTL time.Duration `yaml:"ttl" env:"OC_CACHE_TTL;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_TTL" desc:"Default time to live for signing keys. See the Environment Variable Types description for more details." introductionVersion:"5.0"` + AuthUsername string `yaml:"username" env:"OC_CACHE_AUTH_USERNAME;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_USERNAME" desc:"The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` + AuthPassword string `yaml:"password" env:"OC_CACHE_AUTH_PASSWORD;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_PASSWORD" desc:"The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` } diff --git a/services/ocs/pkg/config/http.go b/services/ocs/pkg/config/http.go index 6bb6f321b..d2ca4d3d5 100644 --- a/services/ocs/pkg/config/http.go +++ b/services/ocs/pkg/config/http.go @@ -13,8 +13,8 @@ type HTTP struct { // CORS defines the available cors configuration. type CORS struct { - AllowedOrigins []string `yaml:"allow_origins" env:"OCIS_CORS_ALLOW_ORIGINS;OCS_CORS_ALLOW_ORIGINS" desc:"A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AllowedMethods []string `yaml:"allow_methods" env:"OCIS_CORS_ALLOW_METHODS;OCS_CORS_ALLOW_METHODS" desc:"A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AllowedHeaders []string `yaml:"allow_headers" env:"OCIS_CORS_ALLOW_HEADERS;OCS_CORS_ALLOW_HEADERS" desc:"A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AllowCredentials bool `yaml:"allow_credentials" env:"OCIS_CORS_ALLOW_CREDENTIALS;OCS_CORS_ALLOW_CREDENTIALS" desc:"Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials." introductionVersion:"pre5.0"` + AllowedOrigins []string `yaml:"allow_origins" env:"OC_CORS_ALLOW_ORIGINS;OCS_CORS_ALLOW_ORIGINS" desc:"A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowedMethods []string `yaml:"allow_methods" env:"OC_CORS_ALLOW_METHODS;OCS_CORS_ALLOW_METHODS" desc:"A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowedHeaders []string `yaml:"allow_headers" env:"OC_CORS_ALLOW_HEADERS;OCS_CORS_ALLOW_HEADERS" desc:"A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowCredentials bool `yaml:"allow_credentials" env:"OC_CORS_ALLOW_CREDENTIALS;OCS_CORS_ALLOW_CREDENTIALS" desc:"Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials." introductionVersion:"pre5.0"` } diff --git a/services/ocs/pkg/config/log.go b/services/ocs/pkg/config/log.go index 5335b9917..f05edcd90 100644 --- a/services/ocs/pkg/config/log.go +++ b/services/ocs/pkg/config/log.go @@ -2,8 +2,8 @@ package config // Log defines the available log configuration. type Log struct { - Level string `mapstructure:"level" env:"OCIS_LOG_LEVEL;OCS_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` - Pretty bool `mapstructure:"pretty" env:"OCIS_LOG_PRETTY;OCS_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` - Color bool `mapstructure:"color" env:"OCIS_LOG_COLOR;OCS_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` - File string `mapstructure:"file" env:"OCIS_LOG_FILE;OCS_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` + Level string `mapstructure:"level" env:"OC_LOG_LEVEL;OCS_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` + Pretty bool `mapstructure:"pretty" env:"OC_LOG_PRETTY;OCS_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` + Color bool `mapstructure:"color" env:"OC_LOG_COLOR;OCS_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` + File string `mapstructure:"file" env:"OC_LOG_FILE;OCS_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` } diff --git a/services/ocs/pkg/config/reva.go b/services/ocs/pkg/config/reva.go index 8413904da..982b0e8e0 100644 --- a/services/ocs/pkg/config/reva.go +++ b/services/ocs/pkg/config/reva.go @@ -2,5 +2,5 @@ package config // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;OCS_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` + JWTSecret string `yaml:"jwt_secret" env:"OC_JWT_SECRET;OCS_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` } diff --git a/services/ocs/pkg/config/tracing.go b/services/ocs/pkg/config/tracing.go index 7b5dab991..7bc18db18 100644 --- a/services/ocs/pkg/config/tracing.go +++ b/services/ocs/pkg/config/tracing.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/tracing" // Tracing defines the available tracing configuration. type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;OCS_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;OCS_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;OCS_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;OCS_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;OCS_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;OCS_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;OCS_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;OCS_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` } // Convert Tracing to the tracing package's Config struct. diff --git a/services/policies/README.md b/services/policies/README.md index 50d60850e..ae9171008 100644 --- a/services/policies/README.md +++ b/services/policies/README.md @@ -148,16 +148,16 @@ In order to extend this list, ocis must be provided with the path to a custom `m The location for the file must be accessible by all instances of the policy service. As a rule of thumb, use the directory where the ocis configuration files are stored. Note that existing mappings from the host are extended by the definitions from the mime types file, but not replaced. -The path to that file can be provided via a yaml configuration or an environment variable. Note to replace the `OCIS_CONFIG_DIR` string by an existing path. +The path to that file can be provided via a yaml configuration or an environment variable. Note to replace the `OC_CONFIG_DIR` string by an existing path. ```shell -export POLICIES_ENGINE_MIMES=OCIS_CONFIG_DIR/mime.types +export POLICIES_ENGINE_MIMES=OC_CONFIG_DIR/mime.types ``` ```yaml policies: engine: - mimes: OCIS_CONFIG_DIR/mime.types + mimes: OC_CONFIG_DIR/mime.types ``` A good example of how such a file should be formatted can be found in the [Apache svn repository](https://svn.apache.org/repos/asf/httpd/httpd/trunk/docs/conf/mime.types). diff --git a/services/policies/pkg/config/config.go b/services/policies/pkg/config/config.go index 9fdd3364c..f9e5ca190 100644 --- a/services/policies/pkg/config/config.go +++ b/services/policies/pkg/config/config.go @@ -49,21 +49,21 @@ type Postprocessing struct { // Events combines the configuration options for the event bus. type Events struct { - Endpoint string `yaml:"endpoint" env:"OCIS_EVENTS_ENDPOINT;POLICIES_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"pre5.0"` - Cluster string `yaml:"cluster" env:"OCIS_EVENTS_CLUSTER;POLICIES_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"pre5.0"` - TLSInsecure bool `yaml:"tls_insecure" env:"OCIS_INSECURE;POLICIES_EVENTS_TLS_INSECURE" desc:"Whether the server should skip the client certificate verification during the TLS handshake." introductionVersion:"pre5.0"` - TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;POLICIES_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided POLICIES_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"pre5.0"` - EnableTLS bool `yaml:"enable_tls" env:"OCIS_EVENTS_ENABLE_TLS;POLICIES_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"pre5.0"` - AuthUsername string `yaml:"username" env:"OCIS_EVENTS_AUTH_USERNAME;POLICIES_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` - AuthPassword string `yaml:"password" env:"OCIS_EVENTS_AUTH_PASSWORD;POLICIES_EVENTS_AUTH_PASSWORD" desc:"The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` + Endpoint string `yaml:"endpoint" env:"OC_EVENTS_ENDPOINT;POLICIES_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"pre5.0"` + Cluster string `yaml:"cluster" env:"OC_EVENTS_CLUSTER;POLICIES_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"pre5.0"` + TLSInsecure bool `yaml:"tls_insecure" env:"OC_INSECURE;POLICIES_EVENTS_TLS_INSECURE" desc:"Whether the server should skip the client certificate verification during the TLS handshake." introductionVersion:"pre5.0"` + TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;POLICIES_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided POLICIES_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"pre5.0"` + EnableTLS bool `yaml:"enable_tls" env:"OC_EVENTS_ENABLE_TLS;POLICIES_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"pre5.0"` + AuthUsername string `yaml:"username" env:"OC_EVENTS_AUTH_USERNAME;POLICIES_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` + AuthPassword string `yaml:"password" env:"OC_EVENTS_AUTH_PASSWORD;POLICIES_EVENTS_AUTH_PASSWORD" desc:"The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` } // Log defines the available log configuration. type Log struct { - Level string `mapstructure:"level" env:"OCIS_LOG_LEVEL;POLICIES_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` - Pretty bool `mapstructure:"pretty" env:"OCIS_LOG_PRETTY;POLICIES_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` - Color bool `mapstructure:"color" env:"OCIS_LOG_COLOR;POLICIES_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` - File string `mapstructure:"file" env:"OCIS_LOG_FILE;POLICIES_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` + Level string `mapstructure:"level" env:"OC_LOG_LEVEL;POLICIES_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` + Pretty bool `mapstructure:"pretty" env:"OC_LOG_PRETTY;POLICIES_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` + Color bool `mapstructure:"color" env:"OC_LOG_COLOR;POLICIES_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` + File string `mapstructure:"file" env:"OC_LOG_FILE;POLICIES_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` } // Debug defines the available debug configuration. diff --git a/services/policies/pkg/config/tracing.go b/services/policies/pkg/config/tracing.go index 927f01a8a..7dfe60e06 100644 --- a/services/policies/pkg/config/tracing.go +++ b/services/policies/pkg/config/tracing.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/tracing" // Tracing defines the available tracing configuration. type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;POLICIES_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;POLICIES_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;POLICIES_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;POLICIES_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;POLICIES_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;POLICIES_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;POLICIES_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;POLICIES_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"5.0"` } // Convert Tracing to the tracing package's Config struct. diff --git a/services/postprocessing/README.md b/services/postprocessing/README.md index 1ffc54c63..8ff72e0eb 100644 --- a/services/postprocessing/README.md +++ b/services/postprocessing/README.md @@ -8,7 +8,7 @@ To use the postprocessing service, an event system needs to be configured for al ## Postprocessing Functionality -The storageprovider service (`storage-users`) can be configured to initiate asynchronous postprocessing by setting the `OCIS_ASYNC_UPLOADS` environment variable to `true`. If this is the case, postprocessing will get initiated *after* uploading a file and all bytes have been received. +The storageprovider service (`storage-users`) can be configured to initiate asynchronous postprocessing by setting the `OC_ASYNC_UPLOADS` environment variable to `true`. If this is the case, postprocessing will get initiated *after* uploading a file and all bytes have been received. The `postprocessing` service will then coordinate configured postprocessing steps like scanning the file for viruses. During postprocessing, the file will be in a `processing state` where only a limited set of actions are available. Note that this processing state excludes file accessibility by users. @@ -31,9 +31,9 @@ Note: The service can only be scaled if not using `memory` store and the stores Note that if you have used one of the deprecated stores, you should reconfigure to one of the supported ones as the deprecated stores will be removed in a later version. Store specific notes: - - When using `redis-sentinel`, the Redis master to use is configured via e.g. `OCIS_CACHE_STORE_NODES` in the form of `:/` like `10.10.0.200:26379/mymaster`. - - When using `nats-js-kv` it is recommended to set `OCIS_CACHE_STORE_NODES` to the same value as `OCIS_EVENTS_ENDPOINT`. That way the cache uses the same nats instance as the event bus. - - When using the `nats-js-kv` store, it is possible to set `OCIS_CACHE_DISABLE_PERSISTENCE` to instruct nats to not persist cache data on disc. + - When using `redis-sentinel`, the Redis master to use is configured via e.g. `OC_CACHE_STORE_NODES` in the form of `:/` like `10.10.0.200:26379/mymaster`. + - When using `nats-js-kv` it is recommended to set `OC_CACHE_STORE_NODES` to the same value as `OC_EVENTS_ENDPOINT`. That way the cache uses the same nats instance as the event bus. + - When using the `nats-js-kv` store, it is possible to set `OC_CACHE_DISABLE_PERSISTENCE` to instruct nats to not persist cache data on disc. ## Additional Prerequisites for the Postprocessing Service diff --git a/services/postprocessing/pkg/config/config.go b/services/postprocessing/pkg/config/config.go index ed64f064d..b7ae129d6 100644 --- a/services/postprocessing/pkg/config/config.go +++ b/services/postprocessing/pkg/config/config.go @@ -37,14 +37,14 @@ type Postprocessing struct { // Events combines the configuration options for the event bus. type Events struct { - Endpoint string `yaml:"endpoint" env:"OCIS_EVENTS_ENDPOINT;POSTPROCESSING_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"pre5.0"` - Cluster string `yaml:"cluster" env:"OCIS_EVENTS_CLUSTER;POSTPROCESSING_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"pre5.0"` + Endpoint string `yaml:"endpoint" env:"OC_EVENTS_ENDPOINT;POSTPROCESSING_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"pre5.0"` + Cluster string `yaml:"cluster" env:"OC_EVENTS_CLUSTER;POSTPROCESSING_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"pre5.0"` - TLSInsecure bool `yaml:"tls_insecure" env:"OCIS_INSECURE;POSTPROCESSING_EVENTS_TLS_INSECURE" desc:"Whether the ocis server should skip the client certificate verification during the TLS handshake." introductionVersion:"pre5.0"` - TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;POSTPROCESSING_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided POSTPROCESSING_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"pre5.0"` - EnableTLS bool `yaml:"enable_tls" env:"OCIS_EVENTS_ENABLE_TLS;POSTPROCESSING_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"pre5.0"` - AuthUsername string `yaml:"username" env:"OCIS_EVENTS_AUTH_USERNAME;POSTPROCESSING_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` - AuthPassword string `yaml:"password" env:"OCIS_EVENTS_AUTH_PASSWORD;POSTPROCESSING_EVENTS_AUTH_PASSWORD" desc:"The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` + TLSInsecure bool `yaml:"tls_insecure" env:"OC_INSECURE;POSTPROCESSING_EVENTS_TLS_INSECURE" desc:"Whether the ocis server should skip the client certificate verification during the TLS handshake." introductionVersion:"pre5.0"` + TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;POSTPROCESSING_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided POSTPROCESSING_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"pre5.0"` + EnableTLS bool `yaml:"enable_tls" env:"OC_EVENTS_ENABLE_TLS;POSTPROCESSING_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"pre5.0"` + AuthUsername string `yaml:"username" env:"OC_EVENTS_AUTH_USERNAME;POSTPROCESSING_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` + AuthPassword string `yaml:"password" env:"OC_EVENTS_AUTH_PASSWORD;POSTPROCESSING_EVENTS_AUTH_PASSWORD" desc:"The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` } // Debug defines the available debug configuration. @@ -57,11 +57,11 @@ type Debug struct { // Store configures the store to use type Store struct { - Store string `yaml:"store" env:"OCIS_PERSISTENT_STORE;POSTPROCESSING_STORE" desc:"The type of the store. Supported values are: 'memory', 'redis-sentinel', 'nats-js-kv', 'noop'. See the text description for details." introductionVersion:"pre5.0"` - Nodes []string `yaml:"nodes" env:"OCIS_PERSISTENT_STORE_NODES;POSTPROCESSING_STORE_NODES" desc:"A list of nodes to access the configured store. This has no effect when 'memory' store is configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + Store string `yaml:"store" env:"OC_PERSISTENT_STORE;POSTPROCESSING_STORE" desc:"The type of the store. Supported values are: 'memory', 'redis-sentinel', 'nats-js-kv', 'noop'. See the text description for details." introductionVersion:"pre5.0"` + Nodes []string `yaml:"nodes" env:"OC_PERSISTENT_STORE_NODES;POSTPROCESSING_STORE_NODES" desc:"A list of nodes to access the configured store. This has no effect when 'memory' store is configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` Database string `yaml:"database" env:"POSTPROCESSING_STORE_DATABASE" desc:"The database name the configured store should use." introductionVersion:"pre5.0"` Table string `yaml:"table" env:"POSTPROCESSING_STORE_TABLE" desc:"The database table the store should use." introductionVersion:"pre5.0"` - TTL time.Duration `yaml:"ttl" env:"OCIS_PERSISTENT_STORE_TTL;POSTPROCESSING_STORE_TTL" desc:"Time to live for events in the store. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AuthUsername string `yaml:"username" env:"OCIS_PERSISTENT_STORE_AUTH_USERNAME;POSTPROCESSING_STORE_AUTH_USERNAME" desc:"The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` - AuthPassword string `yaml:"password" env:"OCIS_PERSISTENT_STORE_AUTH_PASSWORD;POSTPROCESSING_STORE_AUTH_PASSWORD" desc:"The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` + TTL time.Duration `yaml:"ttl" env:"OC_PERSISTENT_STORE_TTL;POSTPROCESSING_STORE_TTL" desc:"Time to live for events in the store. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AuthUsername string `yaml:"username" env:"OC_PERSISTENT_STORE_AUTH_USERNAME;POSTPROCESSING_STORE_AUTH_USERNAME" desc:"The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` + AuthPassword string `yaml:"password" env:"OC_PERSISTENT_STORE_AUTH_PASSWORD;POSTPROCESSING_STORE_AUTH_PASSWORD" desc:"The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` } diff --git a/services/postprocessing/pkg/config/log.go b/services/postprocessing/pkg/config/log.go index bb00411ac..c62e979b4 100644 --- a/services/postprocessing/pkg/config/log.go +++ b/services/postprocessing/pkg/config/log.go @@ -2,8 +2,8 @@ package config // Log defines the available log configuration. type Log struct { - Level string `mapstructure:"level" env:"OCIS_LOG_LEVEL;POSTPROCESSING_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` - Pretty bool `mapstructure:"pretty" env:"OCIS_LOG_PRETTY;POSTPROCESSING_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` - Color bool `mapstructure:"color" env:"OCIS_LOG_COLOR;POSTPROCESSING_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` - File string `mapstructure:"file" env:"OCIS_LOG_FILE;POSTPROCESSING_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` + Level string `mapstructure:"level" env:"OC_LOG_LEVEL;POSTPROCESSING_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` + Pretty bool `mapstructure:"pretty" env:"OC_LOG_PRETTY;POSTPROCESSING_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` + Color bool `mapstructure:"color" env:"OC_LOG_COLOR;POSTPROCESSING_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` + File string `mapstructure:"file" env:"OC_LOG_FILE;POSTPROCESSING_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` } diff --git a/services/postprocessing/pkg/config/tracing.go b/services/postprocessing/pkg/config/tracing.go index bca288bc8..af9e83332 100644 --- a/services/postprocessing/pkg/config/tracing.go +++ b/services/postprocessing/pkg/config/tracing.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/tracing" // Tracing defines the available tracing configuration. type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;POSTPROCESSING_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;POSTPROCESSING_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;POSTPROCESSING_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;POSTPROCESSING_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;POSTPROCESSING_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;POSTPROCESSING_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;POSTPROCESSING_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;POSTPROCESSING_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"5.0"` } // Convert Tracing to the tracing package's Config struct. diff --git a/services/proxy/README.md b/services/proxy/README.md index 180f1e3de..8784c0b2c 100644 --- a/services/proxy/README.md +++ b/services/proxy/README.md @@ -256,9 +256,9 @@ Note: The service can only be scaled if not using `memory` store and the stores Note that if you have used one of the deprecated stores, you should reconfigure to one of the supported ones as the deprecated stores will be removed in a later version. Store specific notes: - - When using `redis-sentinel`, the Redis master to use is configured via e.g. `OCIS_CACHE_STORE_NODES` in the form of `:/` like `10.10.0.200:26379/mymaster`. - - When using `nats-js-kv` it is recommended to set `OCIS_CACHE_STORE_NODES` to the same value as `OCIS_EVENTS_ENDPOINT`. That way the cache uses the same nats instance as the event bus. - - When using the `nats-js-kv` store, it is possible to set `OCIS_CACHE_DISABLE_PERSISTENCE` to instruct nats to not persist cache data on disc. + - When using `redis-sentinel`, the Redis master to use is configured via e.g. `OC_CACHE_STORE_NODES` in the form of `:/` like `10.10.0.200:26379/mymaster`. + - When using `nats-js-kv` it is recommended to set `OC_CACHE_STORE_NODES` to the same value as `OC_EVENTS_ENDPOINT`. That way the cache uses the same nats instance as the event bus. + - When using the `nats-js-kv` store, it is possible to set `OC_CACHE_DISABLE_PERSISTENCE` to instruct nats to not persist cache data on disc. ## Presigned Urls @@ -273,7 +273,7 @@ The `memory` store cannot be used as it does not share the memory from the ocs s Make sure to configure the same store in the ocs service. Store specific notes: - - When using `redis-sentinel`, the Redis master to use is configured via e.g. `OCIS_CACHE_STORE_NODES` in the form of `:/` like `10.10.0.200:26379/mymaster`. + - When using `redis-sentinel`, the Redis master to use is configured via e.g. `OC_CACHE_STORE_NODES` in the form of `:/` like `10.10.0.200:26379/mymaster`. - When using `nats-js-kv` it is recommended to set `OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES` to the same value as `PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES`. That way the ocs uses the same nats instance as the proxy service. - When using the `nats-js-kv` store, it is possible to set `PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_DISABLE_PERSISTENCE` to instruct nats to not persist signing key data on disc. - When using `ocisstoreservice` the `PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES` must be set to the service name `com.owncloud.api.store`. It does not support TTL and stores the presigning keys indefinitely. Also, the store service needs to be started. @@ -283,7 +283,7 @@ Store specific notes: When using the ocis IDP service instead of an external IDP: -- Use the environment variable `OCIS_URL` to define how ocis can be accessed, mandatory use `https` as protocol for the URL. +- Use the environment variable `OC_URL` to define how ocis can be accessed, mandatory use `https` as protocol for the URL. - If no reverse proxy is set up, the `PROXY_TLS` environment variable **must** be set to `true` because the embedded `libreConnect` shipped with the IDP service has a hard check if the connection is on TLS and uses the HTTPS protocol. If this mismatches, an error will be logged and no connection from the client can be established. - `PROXY_TLS` **can** be set to `false` if a reverse proxy is used and the https connection is terminated at the reverse proxy. When setting to `false`, the communication between the reverse proxy and ocis is not secured. If set to `true`, you must provide certificates. diff --git a/services/proxy/pkg/config/config.go b/services/proxy/pkg/config/config.go index 047c2bc1f..ac3a9d09c 100644 --- a/services/proxy/pkg/config/config.go +++ b/services/proxy/pkg/config/config.go @@ -35,7 +35,7 @@ type Config struct { AccountBackend string `yaml:"account_backend" env:"PROXY_ACCOUNT_BACKEND_TYPE" desc:"Account backend the PROXY service should use. Currently only 'cs3' is possible here." introductionVersion:"pre5.0"` UserOIDCClaim string `yaml:"user_oidc_claim" env:"PROXY_USER_OIDC_CLAIM" desc:"The name of an OpenID Connect claim that is used for resolving users with the account backend. The value of the claim must hold a per user unique, stable and non re-assignable identifier. The availability of claims depends on your Identity Provider. There are common claims available for most Identity providers like 'email' or 'preferred_username' but you can also add your own claim." introductionVersion:"pre5.0"` UserCS3Claim string `yaml:"user_cs3_claim" env:"PROXY_USER_CS3_CLAIM" desc:"The name of a CS3 user attribute (claim) that should be mapped to the 'user_oidc_claim'. Supported values are 'username', 'mail' and 'userid'." introductionVersion:"pre5.0"` - MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY;PROXY_MACHINE_AUTH_API_KEY" desc:"Machine auth API key used to validate internal requests necessary to access resources from other services." introductionVersion:"pre5.0" mask:"password"` + MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OC_MACHINE_AUTH_API_KEY;PROXY_MACHINE_AUTH_API_KEY" desc:"Machine auth API key used to validate internal requests necessary to access resources from other services." introductionVersion:"pre5.0" mask:"password"` AutoprovisionAccounts bool `yaml:"auto_provision_accounts" env:"PROXY_AUTOPROVISION_ACCOUNTS" desc:"Set this to 'true' to automatically provision users that do not yet exist in the users service on-demand upon first sign-in. To use this a write-enabled libregraph user backend needs to be setup an running." introductionVersion:"pre5.0"` AutoProvisionClaims AutoProvisionClaims `yaml:"auto_provision_claims"` EnableBasicAuth bool `yaml:"enable_basic_auth" env:"PROXY_ENABLE_BASIC_AUTH" desc:"Set this to true to enable 'basic authentication' (username/password)." introductionVersion:"pre5.0"` @@ -109,8 +109,8 @@ const ( // OIDC is the config for the OpenID-Connect middleware. If set the proxy will try to authenticate every request // with the configured oidc-provider type OIDC struct { - Issuer string `yaml:"issuer" env:"OCIS_URL;OCIS_OIDC_ISSUER;PROXY_OIDC_ISSUER" desc:"URL of the OIDC issuer. It defaults to URL of the builtin IDP." introductionVersion:"pre5.0"` - Insecure bool `yaml:"insecure" env:"OCIS_INSECURE;PROXY_OIDC_INSECURE" desc:"Disable TLS certificate validation for connections to the IDP. Note that this is not recommended for production environments." introductionVersion:"pre5.0"` + Issuer string `yaml:"issuer" env:"OC_URL;OC_OIDC_ISSUER;PROXY_OIDC_ISSUER" desc:"URL of the OIDC issuer. It defaults to URL of the builtin IDP." introductionVersion:"pre5.0"` + Insecure bool `yaml:"insecure" env:"OC_INSECURE;PROXY_OIDC_INSECURE" desc:"Disable TLS certificate validation for connections to the IDP. Note that this is not recommended for production environments." introductionVersion:"pre5.0"` AccessTokenVerifyMethod string `yaml:"access_token_verify_method" env:"PROXY_OIDC_ACCESS_TOKEN_VERIFY_METHOD" desc:"Sets how OIDC access tokens should be verified. Possible values are 'none' and 'jwt'. When using 'none', no special validation apart from using it for accessing the IPD's userinfo endpoint will be done. When using 'jwt', it tries to parse the access token as a jwt token and verifies the signature using the keys published on the IDP's 'jwks_uri'." introductionVersion:"pre5.0"` SkipUserInfo bool `yaml:"skip_user_info" env:"PROXY_OIDC_SKIP_USER_INFO" desc:"Do not look up user claims at the userinfo endpoint and directly read them from the access token. Incompatible with 'PROXY_OIDC_ACCESS_TOKEN_VERIFY_METHOD=none'." introductionVersion:"pre5.0"` UserinfoCache *Cache `yaml:"user_info_cache"` @@ -127,14 +127,14 @@ type JWKS struct { // Cache is a TTL cache configuration. type Cache struct { - Store string `yaml:"store" env:"OCIS_CACHE_STORE;PROXY_OIDC_USERINFO_CACHE_STORE" desc:"The type of the cache store. Supported values are: 'memory', 'redis-sentinel', 'nats-js-kv', 'noop'. See the text description for details." introductionVersion:"pre5.0"` - Nodes []string `yaml:"addresses" env:"OCIS_CACHE_STORE_NODES;PROXY_OIDC_USERINFO_CACHE_STORE_NODES" desc:"A list of nodes to access the configured store. This has no effect when 'memory' store is configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - Database string `yaml:"database" env:"OCIS_CACHE_DATABASE" desc:"The database name the configured store should use." introductionVersion:"pre5.0"` + Store string `yaml:"store" env:"OC_CACHE_STORE;PROXY_OIDC_USERINFO_CACHE_STORE" desc:"The type of the cache store. Supported values are: 'memory', 'redis-sentinel', 'nats-js-kv', 'noop'. See the text description for details." introductionVersion:"pre5.0"` + Nodes []string `yaml:"addresses" env:"OC_CACHE_STORE_NODES;PROXY_OIDC_USERINFO_CACHE_STORE_NODES" desc:"A list of nodes to access the configured store. This has no effect when 'memory' store is configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + Database string `yaml:"database" env:"OC_CACHE_DATABASE" desc:"The database name the configured store should use." introductionVersion:"pre5.0"` Table string `yaml:"table" env:"PROXY_OIDC_USERINFO_CACHE_TABLE" desc:"The database table the store should use." introductionVersion:"pre5.0"` - TTL time.Duration `yaml:"ttl" env:"OCIS_CACHE_TTL;PROXY_OIDC_USERINFO_CACHE_TTL" desc:"Default time to live for user info in the user info cache. Only applied when access tokens has no expiration. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - DisablePersistence bool `yaml:"disable_persistence" env:"OCIS_CACHE_DISABLE_PERSISTENCE;PROXY_OIDC_USERINFO_CACHE_DISABLE_PERSISTENCE" desc:"Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false." introductionVersion:"pre5.0"` - AuthUsername string `yaml:"username" env:"OCIS_CACHE_AUTH_USERNAME;PROXY_OIDC_USERINFO_CACHE_AUTH_USERNAME" desc:"The username to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` - AuthPassword string `yaml:"password" env:"OCIS_CACHE_AUTH_PASSWORD;PROXY_OIDC_USERINFO_CACHE_AUTH_PASSWORD" desc:"The password to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` + TTL time.Duration `yaml:"ttl" env:"OC_CACHE_TTL;PROXY_OIDC_USERINFO_CACHE_TTL" desc:"Default time to live for user info in the user info cache. Only applied when access tokens has no expiration. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + DisablePersistence bool `yaml:"disable_persistence" env:"OC_CACHE_DISABLE_PERSISTENCE;PROXY_OIDC_USERINFO_CACHE_DISABLE_PERSISTENCE" desc:"Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false." introductionVersion:"pre5.0"` + AuthUsername string `yaml:"username" env:"OC_CACHE_AUTH_USERNAME;PROXY_OIDC_USERINFO_CACHE_AUTH_USERNAME" desc:"The username to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` + AuthPassword string `yaml:"password" env:"OC_CACHE_AUTH_PASSWORD;PROXY_OIDC_USERINFO_CACHE_AUTH_PASSWORD" desc:"The password to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` } // RoleAssignment contains the configuration for how to assign roles to users during login @@ -184,12 +184,12 @@ type PreSignedURL struct { // SigningKeys is a store configuration. type SigningKeys struct { - Store string `yaml:"store" env:"OCIS_CACHE_STORE;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE" desc:"The type of the signing key store. Supported values are: 'redis-sentinel', 'nats-js-kv' and 'ocisstoreservice' (deprecated). See the text description for details." introductionVersion:"5.0"` - Nodes []string `yaml:"addresses" env:"OCIS_CACHE_STORE_NODES;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES" desc:"A list of nodes to access the configured store. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details." introductionVersion:"5.0"` - TTL time.Duration `yaml:"ttl" env:"OCIS_CACHE_TTL;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_TTL" desc:"Default time to live for signing keys. See the Environment Variable Types description for more details." introductionVersion:"5.0"` - DisablePersistence bool `yaml:"disable_persistence" env:"OCIS_CACHE_DISABLE_PERSISTENCE;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_DISABLE_PERSISTENCE" desc:"Disables persistence of the store. Only applies when store type 'nats-js-kv' is configured. Defaults to true." introductionVersion:"5.0"` - AuthUsername string `yaml:"username" env:"OCIS_CACHE_AUTH_USERNAME;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_USERNAME" desc:"The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` - AuthPassword string `yaml:"password" env:"OCIS_CACHE_AUTH_PASSWORD;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_PASSWORD" desc:"The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` + Store string `yaml:"store" env:"OC_CACHE_STORE;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE" desc:"The type of the signing key store. Supported values are: 'redis-sentinel', 'nats-js-kv' and 'ocisstoreservice' (deprecated). See the text description for details." introductionVersion:"5.0"` + Nodes []string `yaml:"addresses" env:"OC_CACHE_STORE_NODES;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES" desc:"A list of nodes to access the configured store. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details." introductionVersion:"5.0"` + TTL time.Duration `yaml:"ttl" env:"OC_CACHE_TTL;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_TTL" desc:"Default time to live for signing keys. See the Environment Variable Types description for more details." introductionVersion:"5.0"` + DisablePersistence bool `yaml:"disable_persistence" env:"OC_CACHE_DISABLE_PERSISTENCE;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_DISABLE_PERSISTENCE" desc:"Disables persistence of the store. Only applies when store type 'nats-js-kv' is configured. Defaults to true." introductionVersion:"5.0"` + AuthUsername string `yaml:"username" env:"OC_CACHE_AUTH_USERNAME;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_USERNAME" desc:"The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` + AuthPassword string `yaml:"password" env:"OC_CACHE_AUTH_PASSWORD;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_PASSWORD" desc:"The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` } // ClaimsSelectorConf is the config for the claims-selector @@ -216,17 +216,17 @@ type RegexRuleConf struct { // ServiceAccount is the configuration for the used service account type ServiceAccount struct { - ServiceAccountID string `yaml:"service_account_id" env:"OCIS_SERVICE_ACCOUNT_ID;PROXY_SERVICE_ACCOUNT_ID" desc:"The ID of the service account the service should use. See the 'auth-service' service description for more details." introductionVersion:"5.0"` - ServiceAccountSecret string `yaml:"service_account_secret" env:"OCIS_SERVICE_ACCOUNT_SECRET;PROXY_SERVICE_ACCOUNT_SECRET" desc:"The service account secret." introductionVersion:"5.0"` + ServiceAccountID string `yaml:"service_account_id" env:"OC_SERVICE_ACCOUNT_ID;PROXY_SERVICE_ACCOUNT_ID" desc:"The ID of the service account the service should use. See the 'auth-service' service description for more details." introductionVersion:"5.0"` + ServiceAccountSecret string `yaml:"service_account_secret" env:"OC_SERVICE_ACCOUNT_SECRET;PROXY_SERVICE_ACCOUNT_SECRET" desc:"The service account secret." introductionVersion:"5.0"` } // Events combines the configuration options for the event bus. type Events struct { - Endpoint string `yaml:"endpoint" env:"OCIS_EVENTS_ENDPOINT;PROXY_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Set to a empty string to disable emitting events." introductionVersion:"7.0.0"` - Cluster string `yaml:"cluster" env:"OCIS_EVENTS_CLUSTER;PROXY_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"7.0.0"` - TLSInsecure bool `yaml:"tls_insecure" env:"OCIS_INSECURE;PROXY_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"7.0.0"` - TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;PROXY_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided PROXY_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"7.0.0"` - EnableTLS bool `yaml:"enable_tls" env:"OCIS_EVENTS_ENABLE_TLS;PROXY_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"7.0.0"` - AuthUsername string `yaml:"username" env:"OCIS_EVENTS_AUTH_USERNAME;PROXY_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"7.0.0"` - AuthPassword string `yaml:"password" env:"OCIS_EVENTS_AUTH_PASSWORD;PROXY_EVENTS_AUTH_PASSWORD" desc:"The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"7.0.0"` + Endpoint string `yaml:"endpoint" env:"OC_EVENTS_ENDPOINT;PROXY_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Set to a empty string to disable emitting events." introductionVersion:"7.0.0"` + Cluster string `yaml:"cluster" env:"OC_EVENTS_CLUSTER;PROXY_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"7.0.0"` + TLSInsecure bool `yaml:"tls_insecure" env:"OC_INSECURE;PROXY_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"7.0.0"` + TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;PROXY_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided PROXY_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"7.0.0"` + EnableTLS bool `yaml:"enable_tls" env:"OC_EVENTS_ENABLE_TLS;PROXY_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"7.0.0"` + AuthUsername string `yaml:"username" env:"OC_EVENTS_AUTH_USERNAME;PROXY_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"7.0.0"` + AuthPassword string `yaml:"password" env:"OC_EVENTS_AUTH_PASSWORD;PROXY_EVENTS_AUTH_PASSWORD" desc:"The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"7.0.0"` } diff --git a/services/proxy/pkg/config/http.go b/services/proxy/pkg/config/http.go index af831ad69..f52eae68f 100644 --- a/services/proxy/pkg/config/http.go +++ b/services/proxy/pkg/config/http.go @@ -5,7 +5,7 @@ type HTTP struct { Addr string `yaml:"addr" env:"PROXY_HTTP_ADDR" desc:"The bind address of the HTTP service." introductionVersion:"pre5.0"` Root string `yaml:"root" env:"PROXY_HTTP_ROOT" desc:"Subdirectory that serves as the root for this HTTP service." introductionVersion:"pre5.0"` Namespace string `yaml:"-"` - TLSCert string `yaml:"tls_cert" env:"PROXY_TRANSPORT_TLS_CERT" desc:"Path/File name of the TLS server certificate (in PEM format) for the external http services. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/proxy." introductionVersion:"pre5.0"` - TLSKey string `yaml:"tls_key" env:"PROXY_TRANSPORT_TLS_KEY" desc:"Path/File name for the TLS certificate key (in PEM format) for the server certificate to use for the external http services. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/proxy." introductionVersion:"pre5.0"` + TLSCert string `yaml:"tls_cert" env:"PROXY_TRANSPORT_TLS_CERT" desc:"Path/File name of the TLS server certificate (in PEM format) for the external http services. If not defined, the root directory derives from $OC_BASE_DATA_PATH/proxy." introductionVersion:"pre5.0"` + TLSKey string `yaml:"tls_key" env:"PROXY_TRANSPORT_TLS_KEY" desc:"Path/File name for the TLS certificate key (in PEM format) for the server certificate to use for the external http services. If not defined, the root directory derives from $OC_BASE_DATA_PATH/proxy." introductionVersion:"pre5.0"` TLS bool `yaml:"tls" env:"PROXY_TLS" desc:"Enable/Disable HTTPS for external HTTP services. Must be set to 'true' if the built-in IDP service an no reverse proxy is used. See the text description for details." introductionVersion:"pre5.0"` } diff --git a/services/proxy/pkg/config/log.go b/services/proxy/pkg/config/log.go index 93eb98a0f..a742a8d39 100644 --- a/services/proxy/pkg/config/log.go +++ b/services/proxy/pkg/config/log.go @@ -2,8 +2,8 @@ package config // Log defines the available log configuration. type Log struct { - Level string `mapstructure:"level" env:"OCIS_LOG_LEVEL;PROXY_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` - Pretty bool `mapstructure:"pretty" env:"OCIS_LOG_PRETTY;PROXY_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` - Color bool `mapstructure:"color" env:"OCIS_LOG_COLOR;PROXY_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` - File string `mapstructure:"file" env:"OCIS_LOG_FILE;PROXY_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` + Level string `mapstructure:"level" env:"OC_LOG_LEVEL;PROXY_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` + Pretty bool `mapstructure:"pretty" env:"OC_LOG_PRETTY;PROXY_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` + Color bool `mapstructure:"color" env:"OC_LOG_COLOR;PROXY_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` + File string `mapstructure:"file" env:"OC_LOG_FILE;PROXY_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` } diff --git a/services/proxy/pkg/config/tracing.go b/services/proxy/pkg/config/tracing.go index caa66deec..f74529e59 100644 --- a/services/proxy/pkg/config/tracing.go +++ b/services/proxy/pkg/config/tracing.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/tracing" // Tracing defines the available tracing configuration. type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;PROXY_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;PROXY_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;PROXY_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;PROXY_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;PROXY_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;PROXY_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;PROXY_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;PROXY_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` } // Convert Tracing to the tracing package's Config struct. diff --git a/services/search/pkg/config/config.go b/services/search/pkg/config/config.go index f2ed31147..1b6f88e8d 100644 --- a/services/search/pkg/config/config.go +++ b/services/search/pkg/config/config.go @@ -36,6 +36,6 @@ type Config struct { // ServiceAccount is the configuration for the used service account type ServiceAccount struct { - ServiceAccountID string `yaml:"service_account_id" env:"OCIS_SERVICE_ACCOUNT_ID;SEARCH_SERVICE_ACCOUNT_ID" desc:"The ID of the service account the service should use. See the 'auth-service' service description for more details." introductionVersion:"5.0"` - ServiceAccountSecret string `yaml:"service_account_secret" env:"OCIS_SERVICE_ACCOUNT_SECRET;SEARCH_SERVICE_ACCOUNT_SECRET" desc:"The service account secret." introductionVersion:"5.0"` + ServiceAccountID string `yaml:"service_account_id" env:"OC_SERVICE_ACCOUNT_ID;SEARCH_SERVICE_ACCOUNT_ID" desc:"The ID of the service account the service should use. See the 'auth-service' service description for more details." introductionVersion:"5.0"` + ServiceAccountSecret string `yaml:"service_account_secret" env:"OC_SERVICE_ACCOUNT_SECRET;SEARCH_SERVICE_ACCOUNT_SECRET" desc:"The service account secret." introductionVersion:"5.0"` } diff --git a/services/search/pkg/config/content.go b/services/search/pkg/config/content.go index 49caa2037..70551e4ec 100644 --- a/services/search/pkg/config/content.go +++ b/services/search/pkg/config/content.go @@ -3,7 +3,7 @@ package config // Extractor defines which extractor to use type Extractor struct { Type string `yaml:"type" env:"SEARCH_EXTRACTOR_TYPE" desc:"Defines the content extraction engine. Defaults to 'basic'. Supported values are: 'basic' and 'tika'." introductionVersion:"pre5.0"` - CS3AllowInsecure bool `yaml:"cs3_allow_insecure" env:"OCIS_INSECURE;SEARCH_EXTRACTOR_CS3SOURCE_INSECURE" desc:"Ignore untrusted SSL certificates when connecting to the CS3 source." introductionVersion:"pre5.0"` + CS3AllowInsecure bool `yaml:"cs3_allow_insecure" env:"OC_INSECURE;SEARCH_EXTRACTOR_CS3SOURCE_INSECURE" desc:"Ignore untrusted SSL certificates when connecting to the CS3 source." introductionVersion:"pre5.0"` Tika ExtractorTika `yaml:"tika"` } diff --git a/services/search/pkg/config/engine.go b/services/search/pkg/config/engine.go index 15cd29a37..05feba008 100644 --- a/services/search/pkg/config/engine.go +++ b/services/search/pkg/config/engine.go @@ -8,5 +8,5 @@ type Engine struct { // EngineBleve configures the bleve engine type EngineBleve struct { - Datapath string `yaml:"data_path" env:"SEARCH_ENGINE_BLEVE_DATA_PATH" desc:"The directory where the filesystem will store search data. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/search." introductionVersion:"pre5.0"` + Datapath string `yaml:"data_path" env:"SEARCH_ENGINE_BLEVE_DATA_PATH" desc:"The directory where the filesystem will store search data. If not defined, the root directory derives from $OC_BASE_DATA_PATH/search." introductionVersion:"pre5.0"` } diff --git a/services/search/pkg/config/log.go b/services/search/pkg/config/log.go index 0a027a570..5d2d735da 100644 --- a/services/search/pkg/config/log.go +++ b/services/search/pkg/config/log.go @@ -2,8 +2,8 @@ package config // Log defines the available log configuration. type Log struct { - Level string `mapstructure:"level" env:"OCIS_LOG_LEVEL;SEARCH_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` - Pretty bool `mapstructure:"pretty" env:"OCIS_LOG_PRETTY;SEARCH_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` - Color bool `mapstructure:"color" env:"OCIS_LOG_COLOR;SEARCH_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` - File string `mapstructure:"file" env:"OCIS_LOG_FILE;SEARCH_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` + Level string `mapstructure:"level" env:"OC_LOG_LEVEL;SEARCH_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` + Pretty bool `mapstructure:"pretty" env:"OC_LOG_PRETTY;SEARCH_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` + Color bool `mapstructure:"color" env:"OC_LOG_COLOR;SEARCH_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` + File string `mapstructure:"file" env:"OC_LOG_FILE;SEARCH_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` } diff --git a/services/search/pkg/config/reva.go b/services/search/pkg/config/reva.go index fdb1eb148..e4b9d66be 100644 --- a/services/search/pkg/config/reva.go +++ b/services/search/pkg/config/reva.go @@ -2,10 +2,10 @@ package config // Reva defines all available REVA configuration. type Reva struct { - Address string `ocisConfig:"address" env:"OCIS_REVA_GATEWAY" desc:"The CS3 gateway endpoint." introductionVersion:"pre5.0"` + Address string `ocisConfig:"address" env:"OC_REVA_GATEWAY" desc:"The CS3 gateway endpoint." introductionVersion:"pre5.0"` } // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;SEARCH_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` + JWTSecret string `yaml:"jwt_secret" env:"OC_JWT_SECRET;SEARCH_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` } diff --git a/services/search/pkg/config/search.go b/services/search/pkg/config/search.go index c57684e68..8cdc06069 100644 --- a/services/search/pkg/config/search.go +++ b/services/search/pkg/config/search.go @@ -2,15 +2,15 @@ package config // Events combines the configuration options for the event bus. type Events struct { - Endpoint string `yaml:"endpoint" env:"OCIS_EVENTS_ENDPOINT;SEARCH_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"pre5.0"` - Cluster string `yaml:"cluster" env:"OCIS_EVENTS_CLUSTER;SEARCH_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"pre5.0"` - AsyncUploads bool `yaml:"async_uploads" env:"OCIS_ASYNC_UPLOADS;SEARCH_EVENTS_ASYNC_UPLOADS" desc:"Enable asynchronous file uploads." introductionVersion:"pre5.0"` + Endpoint string `yaml:"endpoint" env:"OC_EVENTS_ENDPOINT;SEARCH_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"pre5.0"` + Cluster string `yaml:"cluster" env:"OC_EVENTS_CLUSTER;SEARCH_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"pre5.0"` + AsyncUploads bool `yaml:"async_uploads" env:"OC_ASYNC_UPLOADS;SEARCH_EVENTS_ASYNC_UPLOADS" desc:"Enable asynchronous file uploads." introductionVersion:"pre5.0"` NumConsumers int `yaml:"num_consumers" env:"SEARCH_EVENTS_NUM_CONSUMERS" desc:"The amount of concurrent event consumers to start. Event consumers are used for searching files. Multiple consumers increase parallelisation, but will also increase CPU and memory demands. The default value is 0." introductionVersion:"pre5.0"` DebounceDuration int `yaml:"debounce_duration" env:"SEARCH_EVENTS_REINDEX_DEBOUNCE_DURATION" desc:"The duration in milliseconds the reindex debouncer waits before triggering a reindex of a space that was modified." introductionVersion:"pre5.0"` - TLSInsecure bool `yaml:"tls_insecure" env:"OCIS_INSECURE;SEARCH_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"pre5.0"` - TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;SEARCH_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided SEARCH_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"pre5.0"` - EnableTLS bool `yaml:"enable_tls" env:"OCIS_EVENTS_ENABLE_TLS;SEARCH_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"pre5.0"` - AuthUsername string `yaml:"username" env:"OCIS_EVENTS_AUTH_USERNAME;SEARCH_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` - AuthPassword string `yaml:"password" env:"OCIS_EVENTS_AUTH_PASSWORD;SEARCH_EVENTS_AUTH_PASSWORD" desc:"The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` + TLSInsecure bool `yaml:"tls_insecure" env:"OC_INSECURE;SEARCH_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"pre5.0"` + TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;SEARCH_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided SEARCH_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"pre5.0"` + EnableTLS bool `yaml:"enable_tls" env:"OC_EVENTS_ENABLE_TLS;SEARCH_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"pre5.0"` + AuthUsername string `yaml:"username" env:"OC_EVENTS_AUTH_USERNAME;SEARCH_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` + AuthPassword string `yaml:"password" env:"OC_EVENTS_AUTH_PASSWORD;SEARCH_EVENTS_AUTH_PASSWORD" desc:"The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` } diff --git a/services/search/pkg/config/tracing.go b/services/search/pkg/config/tracing.go index a3dcae44b..8e0acc890 100644 --- a/services/search/pkg/config/tracing.go +++ b/services/search/pkg/config/tracing.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/tracing" // Tracing defines the available tracing configuration. type Tracing struct { - Enabled bool `ocisConfig:"enabled" env:"OCIS_TRACING_ENABLED;SEARCH_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` - Type string `ocisConfig:"type" env:"OCIS_TRACING_TYPE;SEARCH_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` - Endpoint string `ocisConfig:"endpoint" env:"OCIS_TRACING_ENDPOINT;SEARCH_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` - Collector string `ocisConfig:"collector" env:"OCIS_TRACING_COLLECTOR;SEARCH_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` + Enabled bool `ocisConfig:"enabled" env:"OC_TRACING_ENABLED;SEARCH_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` + Type string `ocisConfig:"type" env:"OC_TRACING_TYPE;SEARCH_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` + Endpoint string `ocisConfig:"endpoint" env:"OC_TRACING_ENDPOINT;SEARCH_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` + Collector string `ocisConfig:"collector" env:"OC_TRACING_COLLECTOR;SEARCH_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` } // Convert Tracing to the tracing package's Config struct. diff --git a/services/settings/README.md b/services/settings/README.md index 621845a9b..9e6da1fe9 100644 --- a/services/settings/README.md +++ b/services/settings/README.md @@ -48,9 +48,9 @@ Note: The service can only be scaled if not using `memory` store and the stores Note that if you have used one of the deprecated stores, you should reconfigure to one of the supported ones as the deprecated stores will be removed in a later version. Store specific notes: - - When using `redis-sentinel`, the Redis master to use is configured via e.g. `OCIS_CACHE_STORE_NODES` in the form of `:/` like `10.10.0.200:26379/mymaster`. - - When using `nats-js-kv` it is recommended to set `OCIS_CACHE_STORE_NODES` to the same value as `OCIS_EVENTS_ENDPOINT`. That way the cache uses the same nats instance as the event bus. - - When using the `nats-js-kv` store, it is possible to set `OCIS_CACHE_DISABLE_PERSISTENCE` to instruct nats to not persist cache data on disc. + - When using `redis-sentinel`, the Redis master to use is configured via e.g. `OC_CACHE_STORE_NODES` in the form of `:/` like `10.10.0.200:26379/mymaster`. + - When using `nats-js-kv` it is recommended to set `OC_CACHE_STORE_NODES` to the same value as `OC_EVENTS_ENDPOINT`. That way the cache uses the same nats instance as the event bus. + - When using the `nats-js-kv` store, it is possible to set `OC_CACHE_DISABLE_PERSISTENCE` to instruct nats to not persist cache data on disc. ## Settings Management @@ -62,7 +62,7 @@ Services can set or query Infinite Scale *setting values* of a user from setting ## Service Accounts -The settings service needs to know the IDs of service accounts but it doesn't need their secrets. They can be configured using the `SETTINGS_SERVICE_ACCOUNTS_IDS` envvar. When only using one service account `OCIS_SERVICE_ACCOUNT_ID` can also be used. All configured service accounts will get a hidden 'service-account' role. This role contains all permissions the service account needs but will not appear calls to the list roles endpoint. It is not possible to assign the 'service-account' role to a normal user. +The settings service needs to know the IDs of service accounts but it doesn't need their secrets. They can be configured using the `SETTINGS_SERVICE_ACCOUNTS_IDS` envvar. When only using one service account `OC_SERVICE_ACCOUNT_ID` can also be used. All configured service accounts will get a hidden 'service-account' role. This role contains all permissions the service account needs but will not appear calls to the list roles endpoint. It is not possible to assign the 'service-account' role to a normal user. ## Translations @@ -88,19 +88,19 @@ which is the source of the texts provided by the code. ## Default Language -The default language can be defined via the `OCIS_DEFAULT_LANGUAGE` environment variable. If this variable is not defined, English will be used as default. The value has the ISO 639-1 format ("de", "en", etc.) and is limited by the list supported languages. This setting can be used to set the default language for notification and invitation emails. +The default language can be defined via the `OC_DEFAULT_LANGUAGE` environment variable. If this variable is not defined, English will be used as default. The value has the ISO 639-1 format ("de", "en", etc.) and is limited by the list supported languages. This setting can be used to set the default language for notification and invitation emails. Important developer note: the list of supported languages is at the moment not easy defineable, as it is the minimum intersection of languages shown in the WebUI and languages defined in the ocis code for the use of notifications and userlog. Even more, not all languages where there are translations available on transifex, are available in the WebUI respectively for ocis notifications, and the translation rate for existing languages is partially not that high. You will see therefore quite often English default strings though a supported language may exist and was selected. -The `OCIS_DEFAULT_LANGUAGE` setting impacts the `notification` and `userlog` services and the WebUI. Note that translations must exist for all named components to be presented correctly. +The `OC_DEFAULT_LANGUAGE` setting impacts the `notification` and `userlog` services and the WebUI. Note that translations must exist for all named components to be presented correctly. -* If `OCIS_DEFAULT_LANGUAGE` **is not set**, the expected behavior is: +* If `OC_DEFAULT_LANGUAGE` **is not set**, the expected behavior is: * The `notification` and `userlog` services and the WebUI use English by default until a user sets another language in the WebUI via _Account -> Language_. * If a user sets another language in the WebUI in _Account -> Language_, then the `notification` and `userlog` services and WebUI use the language defined by the user. If no translation is found, it falls back to English. -* If `OCIS_DEFAULT_LANGUAGE` **is set**, the expected behavior is: - * The `notification` and `userlog` services and the WebUI use `OCIS_DEFAULT_LANGUAGE` by default until a user sets another language in the WebUI via _Account -> Language_. - * If a user sets another language in the WebUI in _Account -> Language_, the `notification` and `userlog` services and WebUI use the language defined by the user. If no translation is found, it falls back to `OCIS_DEFAULT_LANGUAGE` and then to English. +* If `OC_DEFAULT_LANGUAGE` **is set**, the expected behavior is: + * The `notification` and `userlog` services and the WebUI use `OC_DEFAULT_LANGUAGE` by default until a user sets another language in the WebUI via _Account -> Language_. + * If a user sets another language in the WebUI in _Account -> Language_, the `notification` and `userlog` services and WebUI use the language defined by the user. If no translation is found, it falls back to `OC_DEFAULT_LANGUAGE` and then to English. ## Custom Roles diff --git a/services/settings/pkg/config/config.go b/services/settings/pkg/config/config.go index 6e8c6f602..6f40db477 100644 --- a/services/settings/pkg/config/config.go +++ b/services/settings/pkg/config/config.go @@ -29,16 +29,16 @@ type Config struct { BundlesPath string `yaml:"bundles_path" env:"SETTINGS_BUNDLES_PATH" desc:"The path to a JSON file with a list of bundles. If not defined, the default bundles will be loaded." introductionVersion:"pre5.0"` Bundles []*settingsmsg.Bundle `yaml:"-"` - AdminUserID string `yaml:"admin_user_id" env:"OCIS_ADMIN_USER_ID;SETTINGS_ADMIN_USER_ID" desc:"ID of the user that should receive admin privileges. Consider that the UUID can be encoded in some LDAP deployment configurations like in .ldif files. These need to be decoded beforehand." introductionVersion:"pre5.0"` + AdminUserID string `yaml:"admin_user_id" env:"OC_ADMIN_USER_ID;SETTINGS_ADMIN_USER_ID" desc:"ID of the user that should receive admin privileges. Consider that the UUID can be encoded in some LDAP deployment configurations like in .ldif files. These need to be decoded beforehand." introductionVersion:"pre5.0"` TokenManager *TokenManager `yaml:"token_manager"` SetupDefaultAssignments bool `yaml:"set_default_assignments" env:"SETTINGS_SETUP_DEFAULT_ASSIGNMENTS;IDM_CREATE_DEMO_USERS" desc:"The default role assignments the demo users should be setup." introductionVersion:"pre5.0"` - ServiceAccountIDs []string `yaml:"service_account_ids" env:"SETTINGS_SERVICE_ACCOUNT_IDS;OCIS_SERVICE_ACCOUNT_ID" desc:"The list of all service account IDs. These will be assigned the hidden 'service-account' role. Note: When using 'OCIS_SERVICE_ACCOUNT_ID' this will contain only one value while 'SETTINGS_SERVICE_ACCOUNT_IDS' can have multiple. See the 'auth-service' service description for more details about service accounts." introductionVersion:"5.0"` + ServiceAccountIDs []string `yaml:"service_account_ids" env:"SETTINGS_SERVICE_ACCOUNT_IDS;OC_SERVICE_ACCOUNT_ID" desc:"The list of all service account IDs. These will be assigned the hidden 'service-account' role. Note: When using 'OC_SERVICE_ACCOUNT_ID' this will contain only one value while 'SETTINGS_SERVICE_ACCOUNT_IDS' can have multiple. See the 'auth-service' service description for more details about service accounts." introductionVersion:"5.0"` - DefaultLanguage string `yaml:"default_language" env:"OCIS_DEFAULT_LANGUAGE" desc:"The default language used by services and the WebUI. If not defined, English will be used as default. See the documentation for more details." introductionVersion:"5.0"` - TranslationPath string `yaml:"translation_path" env:"OCIS_TRANSLATION_PATH;SETTINGS_TRANSLATION_PATH" desc:"(optional) Set this to a path with custom translations to overwrite the builtin translations. Note that file and folder naming rules apply, see the documentation for more details." introductionVersion:"7.1"` + DefaultLanguage string `yaml:"default_language" env:"OC_DEFAULT_LANGUAGE" desc:"The default language used by services and the WebUI. If not defined, English will be used as default. See the documentation for more details." introductionVersion:"5.0"` + TranslationPath string `yaml:"translation_path" env:"OC_TRANSLATION_PATH;SETTINGS_TRANSLATION_PATH" desc:"(optional) Set this to a path with custom translations to overwrite the builtin translations. Note that file and folder naming rules apply, see the documentation for more details." introductionVersion:"7.1"` Context context.Context `yaml:"-"` } @@ -48,21 +48,21 @@ type Metadata struct { GatewayAddress string `yaml:"gateway_addr" env:"SETTINGS_STORAGE_GATEWAY_GRPC_ADDR;STORAGE_GATEWAY_GRPC_ADDR" desc:"GRPC address of the STORAGE-SYSTEM service." introductionVersion:"pre5.0"` StorageAddress string `yaml:"storage_addr" env:"SETTINGS_STORAGE_GRPC_ADDR;STORAGE_GRPC_ADDR" desc:"GRPC address of the STORAGE-SYSTEM service." introductionVersion:"pre5.0"` - SystemUserID string `yaml:"system_user_id" env:"OCIS_SYSTEM_USER_ID;SETTINGS_SYSTEM_USER_ID" desc:"ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID for the STORAGE-SYSTEM system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format." introductionVersion:"pre5.0"` - SystemUserIDP string `yaml:"system_user_idp" env:"OCIS_SYSTEM_USER_IDP;SETTINGS_SYSTEM_USER_IDP" desc:"IDP of the oCIS STORAGE-SYSTEM system user." introductionVersion:"pre5.0"` - SystemUserAPIKey string `yaml:"system_user_api_key" env:"OCIS_SYSTEM_USER_API_KEY" desc:"API key for the STORAGE-SYSTEM system user." introductionVersion:"pre5.0"` + SystemUserID string `yaml:"system_user_id" env:"OC_SYSTEM_USER_ID;SETTINGS_SYSTEM_USER_ID" desc:"ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID for the STORAGE-SYSTEM system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format." introductionVersion:"pre5.0"` + SystemUserIDP string `yaml:"system_user_idp" env:"OC_SYSTEM_USER_IDP;SETTINGS_SYSTEM_USER_IDP" desc:"IDP of the oCIS STORAGE-SYSTEM system user." introductionVersion:"pre5.0"` + SystemUserAPIKey string `yaml:"system_user_api_key" env:"OC_SYSTEM_USER_API_KEY" desc:"API key for the STORAGE-SYSTEM system user." introductionVersion:"pre5.0"` Cache *Cache `yaml:"cache"` } // Cache configures the cache of the Metadata store type Cache struct { - Store string `yaml:"store" env:"OCIS_CACHE_STORE;SETTINGS_CACHE_STORE" desc:"The type of the cache store. Supported values are: 'memory', 'redis-sentinel', 'nats-js-kv', 'noop'. See the text description for details." introductionVersion:"pre5.0"` - Nodes []string `yaml:"addresses" env:"OCIS_CACHE_STORE_NODES;SETTINGS_CACHE_STORE_NODES" desc:"A list of nodes to access the configured store. This has no effect when 'memory' store is configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - Database string `yaml:"database" env:"OCIS_CACHE_DATABASE" desc:"The database name the configured store should use." introductionVersion:"pre5.0"` + Store string `yaml:"store" env:"OC_CACHE_STORE;SETTINGS_CACHE_STORE" desc:"The type of the cache store. Supported values are: 'memory', 'redis-sentinel', 'nats-js-kv', 'noop'. See the text description for details." introductionVersion:"pre5.0"` + Nodes []string `yaml:"addresses" env:"OC_CACHE_STORE_NODES;SETTINGS_CACHE_STORE_NODES" desc:"A list of nodes to access the configured store. This has no effect when 'memory' store is configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + Database string `yaml:"database" env:"OC_CACHE_DATABASE" desc:"The database name the configured store should use." introductionVersion:"pre5.0"` FileTable string `yaml:"files_table" env:"SETTINGS_FILE_CACHE_TABLE" desc:"The database table the store should use for the file cache." introductionVersion:"pre5.0"` DirectoryTable string `yaml:"directories_table" env:"SETTINGS_DIRECTORY_CACHE_TABLE" desc:"The database table the store should use for the directory cache." introductionVersion:"pre5.0"` - TTL time.Duration `yaml:"ttl" env:"OCIS_CACHE_TTL;SETTINGS_CACHE_TTL" desc:"Default time to live for entries in the cache. Only applied when access tokens has no expiration. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - DisablePersistence bool `yaml:"disable_persistence" env:"OCIS_CACHE_DISABLE_PERSISTENCE;SETTINGS_CACHE_DISABLE_PERSISTENCE" desc:"Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false." introductionVersion:"5.0"` - AuthUsername string `yaml:"username" env:"OCIS_CACHE_AUTH_USERNAME;SETTINGS_CACHE_AUTH_USERNAME" desc:"The username to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` - AuthPassword string `yaml:"password" env:"OCIS_CACHE_AUTH_PASSWORD;SETTINGS_CACHE_AUTH_PASSWORD" desc:"The password to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` + TTL time.Duration `yaml:"ttl" env:"OC_CACHE_TTL;SETTINGS_CACHE_TTL" desc:"Default time to live for entries in the cache. Only applied when access tokens has no expiration. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + DisablePersistence bool `yaml:"disable_persistence" env:"OC_CACHE_DISABLE_PERSISTENCE;SETTINGS_CACHE_DISABLE_PERSISTENCE" desc:"Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false." introductionVersion:"5.0"` + AuthUsername string `yaml:"username" env:"OC_CACHE_AUTH_USERNAME;SETTINGS_CACHE_AUTH_USERNAME" desc:"The username to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` + AuthPassword string `yaml:"password" env:"OC_CACHE_AUTH_PASSWORD;SETTINGS_CACHE_AUTH_PASSWORD" desc:"The password to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` } diff --git a/services/settings/pkg/config/http.go b/services/settings/pkg/config/http.go index 19285d449..92260e94c 100644 --- a/services/settings/pkg/config/http.go +++ b/services/settings/pkg/config/http.go @@ -13,8 +13,8 @@ type HTTP struct { // CORS defines the available cors configuration. type CORS struct { - AllowedOrigins []string `yaml:"allow_origins" env:"OCIS_CORS_ALLOW_ORIGINS;SETTINGS_CORS_ALLOW_ORIGINS" desc:"A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AllowedMethods []string `yaml:"allow_methods" env:"OCIS_CORS_ALLOW_METHODS;SETTINGS_CORS_ALLOW_METHODS" desc:"A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AllowedHeaders []string `yaml:"allow_headers" env:"OCIS_CORS_ALLOW_HEADERS;SETTINGS_CORS_ALLOW_HEADERS" desc:"A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AllowCredentials bool `yaml:"allow_credentials" env:"OCIS_CORS_ALLOW_CREDENTIALS;SETTINGS_CORS_ALLOW_CREDENTIALS" desc:"Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials." introductionVersion:"pre5.0"` + AllowedOrigins []string `yaml:"allow_origins" env:"OC_CORS_ALLOW_ORIGINS;SETTINGS_CORS_ALLOW_ORIGINS" desc:"A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowedMethods []string `yaml:"allow_methods" env:"OC_CORS_ALLOW_METHODS;SETTINGS_CORS_ALLOW_METHODS" desc:"A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowedHeaders []string `yaml:"allow_headers" env:"OC_CORS_ALLOW_HEADERS;SETTINGS_CORS_ALLOW_HEADERS" desc:"A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowCredentials bool `yaml:"allow_credentials" env:"OC_CORS_ALLOW_CREDENTIALS;SETTINGS_CORS_ALLOW_CREDENTIALS" desc:"Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials." introductionVersion:"pre5.0"` } diff --git a/services/settings/pkg/config/log.go b/services/settings/pkg/config/log.go index b0c15fe05..2f7cf0040 100644 --- a/services/settings/pkg/config/log.go +++ b/services/settings/pkg/config/log.go @@ -2,8 +2,8 @@ package config // Log defines the available log configuration. type Log struct { - Level string `mapstructure:"level" env:"OCIS_LOG_LEVEL;SETTINGS_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` - Pretty bool `mapstructure:"pretty" env:"OCIS_LOG_PRETTY;SETTINGS_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` - Color bool `mapstructure:"color" env:"OCIS_LOG_COLOR;SETTINGS_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` - File string `mapstructure:"file" env:"OCIS_LOG_FILE;SETTINGS_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` + Level string `mapstructure:"level" env:"OC_LOG_LEVEL;SETTINGS_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` + Pretty bool `mapstructure:"pretty" env:"OC_LOG_PRETTY;SETTINGS_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` + Color bool `mapstructure:"color" env:"OC_LOG_COLOR;SETTINGS_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` + File string `mapstructure:"file" env:"OC_LOG_FILE;SETTINGS_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` } diff --git a/services/settings/pkg/config/reva.go b/services/settings/pkg/config/reva.go index d2c2b72b9..52fa028ad 100644 --- a/services/settings/pkg/config/reva.go +++ b/services/settings/pkg/config/reva.go @@ -2,5 +2,5 @@ package config // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;SETTINGS_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` + JWTSecret string `yaml:"jwt_secret" env:"OC_JWT_SECRET;SETTINGS_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` } diff --git a/services/settings/pkg/config/tracing.go b/services/settings/pkg/config/tracing.go index cce369cd6..ecda9ded8 100644 --- a/services/settings/pkg/config/tracing.go +++ b/services/settings/pkg/config/tracing.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/tracing" // Tracing defines the available tracing configuration. type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;SETTINGS_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;SETTINGS_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;SETTINGS_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;SETTINGS_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;SETTINGS_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;SETTINGS_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;SETTINGS_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;SETTINGS_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` } // Convert Tracing to the tracing package's Config struct. diff --git a/services/sharing/pkg/config/config.go b/services/sharing/pkg/config/config.go index 16d4b8da9..9819bfbcd 100644 --- a/services/sharing/pkg/config/config.go +++ b/services/sharing/pkg/config/config.go @@ -25,8 +25,8 @@ type Config struct { UserSharingDrivers UserSharingDrivers `yaml:"user_sharing_drivers"` PublicSharingDriver string `yaml:"public_sharing_driver" env:"SHARING_PUBLIC_DRIVER" desc:"Driver to be used to persist public shares. Supported values are 'jsoncs3', 'json' and 'cs3' (deprecated)." introductionVersion:"pre5.0"` PublicSharingDrivers PublicSharingDrivers `yaml:"public_sharing_drivers"` - WriteableShareMustHavePassword bool `yaml:"public_sharing_writeableshare_must_have_password" env:"OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD;SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD" desc:"Set this to true if you want to enforce passwords on Uploader, Editor or Contributor shares. If not using the global OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD, you must define the FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD (deprecated) in the frontend service." introductionVersion:"5.0"` - PublicShareMustHavePassword bool `yaml:"public_sharing_share_must_have_password" env:"OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD;SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" desc:"Set this to true if you want to enforce passwords on all public shares." introductionVersion:"5.0"` + WriteableShareMustHavePassword bool `yaml:"public_sharing_writeableshare_must_have_password" env:"OC_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD;SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD" desc:"Set this to true if you want to enforce passwords on Uploader, Editor or Contributor shares. If not using the global OC_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD, you must define the FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD (deprecated) in the frontend service." introductionVersion:"5.0"` + PublicShareMustHavePassword bool `yaml:"public_sharing_share_must_have_password" env:"OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD;SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" desc:"Set this to true if you want to enforce passwords on all public shares." introductionVersion:"5.0"` EnableExpiredSharesCleanup bool `yaml:"enable_expired_shares_cleanup"` PasswordPolicy PasswordPolicy `yaml:"password_policy"` @@ -34,10 +34,10 @@ type Config struct { } type Log struct { - Level string `yaml:"level" env:"OCIS_LOG_LEVEL;SHARING_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` - Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;SHARING_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` - Color bool `yaml:"color" env:"OCIS_LOG_COLOR;SHARING_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` - File string `yaml:"file" env:"OCIS_LOG_FILE;SHARING_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` + Level string `yaml:"level" env:"OC_LOG_LEVEL;SHARING_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` + Pretty bool `yaml:"pretty" env:"OC_LOG_PRETTY;SHARING_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` + Color bool `yaml:"color" env:"OC_LOG_COLOR;SHARING_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` + File string `yaml:"file" env:"OC_LOG_FILE;SHARING_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` } type Service struct { @@ -55,7 +55,7 @@ type GRPCConfig struct { Addr string `yaml:"addr" env:"SHARING_GRPC_ADDR" desc:"The bind address of the GRPC service." introductionVersion:"pre5.0"` TLS *shared.GRPCServiceTLS `yaml:"tls"` Namespace string `yaml:"-"` - Protocol string `yaml:"protocol" env:"OCIS_GRPC_PROTOCOL;SHARING_GRPC_PROTOCOL" desc:"The transport protocol of the GRPC service." introductionVersion:"pre5.0"` + Protocol string `yaml:"protocol" env:"OC_GRPC_PROTOCOL;SHARING_GRPC_PROTOCOL" desc:"The transport protocol of the GRPC service." introductionVersion:"pre5.0"` } type UserSharingDrivers struct { @@ -68,7 +68,7 @@ type UserSharingDrivers struct { } type UserSharingJSONDriver struct { - File string `yaml:"file" env:"SHARING_USER_JSON_FILE" desc:"Path to the JSON file where shares will be persisted. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/storage." introductionVersion:"pre5.0"` + File string `yaml:"file" env:"SHARING_USER_JSON_FILE" desc:"Path to the JSON file where shares will be persisted. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage." introductionVersion:"pre5.0"` } type UserSharingSQLDriver struct { @@ -94,19 +94,19 @@ type UserSharingOwnCloudSQLDriver struct { type UserSharingCS3Driver struct { ProviderAddr string `yaml:"provider_addr" env:"SHARING_USER_CS3_PROVIDER_ADDR" desc:"GRPC address of the STORAGE-SYSTEM service." introductionVersion:"pre5.0"` - SystemUserID string `yaml:"system_user_id" env:"OCIS_SYSTEM_USER_ID;SHARING_USER_CS3_SYSTEM_USER_ID" desc:"ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID for the STORAGE-SYSTEM system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format." introductionVersion:"pre5.0"` - SystemUserIDP string `yaml:"system_user_idp" env:"OCIS_SYSTEM_USER_IDP;SHARING_USER_CS3_SYSTEM_USER_IDP" desc:"IDP of the oCIS STORAGE-SYSTEM system user." introductionVersion:"pre5.0"` - SystemUserAPIKey string `yaml:"system_user_api_key" env:"OCIS_SYSTEM_USER_API_KEY;SHARING_USER_CS3_SYSTEM_USER_API_KEY" desc:"API key for the STORAGE-SYSTEM system user." introductionVersion:"pre5.0"` + SystemUserID string `yaml:"system_user_id" env:"OC_SYSTEM_USER_ID;SHARING_USER_CS3_SYSTEM_USER_ID" desc:"ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID for the STORAGE-SYSTEM system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format." introductionVersion:"pre5.0"` + SystemUserIDP string `yaml:"system_user_idp" env:"OC_SYSTEM_USER_IDP;SHARING_USER_CS3_SYSTEM_USER_IDP" desc:"IDP of the oCIS STORAGE-SYSTEM system user." introductionVersion:"pre5.0"` + SystemUserAPIKey string `yaml:"system_user_api_key" env:"OC_SYSTEM_USER_API_KEY;SHARING_USER_CS3_SYSTEM_USER_API_KEY" desc:"API key for the STORAGE-SYSTEM system user." introductionVersion:"pre5.0"` } // UserSharingJSONCS3Driver holds the jsoncs3 driver config type UserSharingJSONCS3Driver struct { ProviderAddr string `yaml:"provider_addr" env:"SHARING_USER_JSONCS3_PROVIDER_ADDR" desc:"GRPC address of the STORAGE-SYSTEM service." introductionVersion:"pre5.0"` - SystemUserID string `yaml:"system_user_id" env:"OCIS_SYSTEM_USER_ID;SHARING_USER_JSONCS3_SYSTEM_USER_ID" desc:"ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID for the STORAGE-SYSTEM system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format." introductionVersion:"pre5.0"` - SystemUserIDP string `yaml:"system_user_idp" env:"OCIS_SYSTEM_USER_IDP;SHARING_USER_JSONCS3_SYSTEM_USER_IDP" desc:"IDP of the oCIS STORAGE-SYSTEM system user." introductionVersion:"pre5.0"` - SystemUserAPIKey string `yaml:"system_user_api_key" env:"OCIS_SYSTEM_USER_API_KEY;SHARING_USER_JSONCS3_SYSTEM_USER_API_KEY" desc:"API key for the STORAGE-SYSTEM system user." introductionVersion:"pre5.0"` + SystemUserID string `yaml:"system_user_id" env:"OC_SYSTEM_USER_ID;SHARING_USER_JSONCS3_SYSTEM_USER_ID" desc:"ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID for the STORAGE-SYSTEM system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format." introductionVersion:"pre5.0"` + SystemUserIDP string `yaml:"system_user_idp" env:"OC_SYSTEM_USER_IDP;SHARING_USER_JSONCS3_SYSTEM_USER_IDP" desc:"IDP of the oCIS STORAGE-SYSTEM system user." introductionVersion:"pre5.0"` + SystemUserAPIKey string `yaml:"system_user_api_key" env:"OC_SYSTEM_USER_API_KEY;SHARING_USER_JSONCS3_SYSTEM_USER_API_KEY" desc:"API key for the STORAGE-SYSTEM system user." introductionVersion:"pre5.0"` CacheTTL int `yaml:"cache_ttl" env:"SHARING_USER_JSONCS3_CACHE_TTL" desc:"TTL for the internal caches in seconds." introductionVersion:"pre5.0"` - MaxConcurrency int `yaml:"max_concurrency" env:"OCIS_MAX_CONCURRENCY;SHARING_USER_JSONCS3_MAX_CONCURRENCY" desc:"Maximum number of concurrent go-routines. Higher values can potentially get work done faster but will also cause more load on the system. Values of 0 or below will be ignored and the default value will be used." introductionVersion:"7.0.0"` + MaxConcurrency int `yaml:"max_concurrency" env:"OC_MAX_CONCURRENCY;SHARING_USER_JSONCS3_MAX_CONCURRENCY" desc:"Maximum number of concurrent go-routines. Higher values can potentially get work done faster but will also cause more load on the system. Values of 0 or below will be ignored and the default value will be used." introductionVersion:"7.0.0"` } type PublicSharingDrivers struct { JSON PublicSharingJSONDriver `yaml:"json"` @@ -117,7 +117,7 @@ type PublicSharingDrivers struct { } type PublicSharingJSONDriver struct { - File string `yaml:"file" env:"SHARING_PUBLIC_JSON_FILE" desc:"Path to the JSON file where public share meta-data will be stored. This JSON file contains the information about public shares that have been created. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/storage." introductionVersion:"pre5.0"` + File string `yaml:"file" env:"SHARING_PUBLIC_JSON_FILE" desc:"Path to the JSON file where public share meta-data will be stored. This JSON file contains the information about public shares that have been created. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage." introductionVersion:"pre5.0"` } type PublicSharingSQLDriver struct { @@ -134,36 +134,36 @@ type PublicSharingSQLDriver struct { type PublicSharingCS3Driver struct { ProviderAddr string `yaml:"provider_addr" env:"SHARING_PUBLIC_CS3_PROVIDER_ADDR" desc:"GRPC address of the STORAGE-SYSTEM service." introductionVersion:"pre5.0"` - SystemUserID string `yaml:"system_user_id" env:"OCIS_SYSTEM_USER_ID;SHARING_PUBLIC_CS3_SYSTEM_USER_ID" desc:"ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID for the STORAGE-SYSTEM system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format." introductionVersion:"pre5.0"` - SystemUserIDP string `yaml:"system_user_idp" env:"OCIS_SYSTEM_USER_IDP;SHARING_PUBLIC_CS3_SYSTEM_USER_IDP" desc:"IDP of the oCIS STORAGE-SYSTEM system user." introductionVersion:"pre5.0"` - SystemUserAPIKey string `yaml:"system_user_api_key" env:"OCIS_SYSTEM_USER_API_KEY;SHARING_PUBLIC_CS3_SYSTEM_USER_API_KEY" desc:"API key for the STORAGE-SYSTEM system user." introductionVersion:"pre5.0"` + SystemUserID string `yaml:"system_user_id" env:"OC_SYSTEM_USER_ID;SHARING_PUBLIC_CS3_SYSTEM_USER_ID" desc:"ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID for the STORAGE-SYSTEM system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format." introductionVersion:"pre5.0"` + SystemUserIDP string `yaml:"system_user_idp" env:"OC_SYSTEM_USER_IDP;SHARING_PUBLIC_CS3_SYSTEM_USER_IDP" desc:"IDP of the oCIS STORAGE-SYSTEM system user." introductionVersion:"pre5.0"` + SystemUserAPIKey string `yaml:"system_user_api_key" env:"OC_SYSTEM_USER_API_KEY;SHARING_PUBLIC_CS3_SYSTEM_USER_API_KEY" desc:"API key for the STORAGE-SYSTEM system user." introductionVersion:"pre5.0"` } // PublicSharingJSONCS3Driver holds the jsoncs3 driver config type PublicSharingJSONCS3Driver struct { ProviderAddr string `yaml:"provider_addr" env:"SHARING_PUBLIC_JSONCS3_PROVIDER_ADDR" desc:"GRPC address of the STORAGE-SYSTEM service." introductionVersion:"pre5.0"` - SystemUserID string `yaml:"system_user_id" env:"OCIS_SYSTEM_USER_ID;SHARING_PUBLIC_JSONCS3_SYSTEM_USER_ID" desc:"ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID for the STORAGE-SYSTEM system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format." introductionVersion:"pre5.0"` - SystemUserIDP string `yaml:"system_user_idp" env:"OCIS_SYSTEM_USER_IDP;SHARING_PUBLIC_JSONCS3_SYSTEM_USER_IDP" desc:"IDP of the oCIS STORAGE-SYSTEM system user." introductionVersion:"pre5.0"` - SystemUserAPIKey string `yaml:"system_user_api_key" env:"OCIS_SYSTEM_USER_API_KEY;SHARING_PUBLIC_JSONCS3_SYSTEM_USER_API_KEY" desc:"API key for the STORAGE-SYSTEM system user." introductionVersion:"pre5.0"` + SystemUserID string `yaml:"system_user_id" env:"OC_SYSTEM_USER_ID;SHARING_PUBLIC_JSONCS3_SYSTEM_USER_ID" desc:"ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID for the STORAGE-SYSTEM system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format." introductionVersion:"pre5.0"` + SystemUserIDP string `yaml:"system_user_idp" env:"OC_SYSTEM_USER_IDP;SHARING_PUBLIC_JSONCS3_SYSTEM_USER_IDP" desc:"IDP of the oCIS STORAGE-SYSTEM system user." introductionVersion:"pre5.0"` + SystemUserAPIKey string `yaml:"system_user_api_key" env:"OC_SYSTEM_USER_API_KEY;SHARING_PUBLIC_JSONCS3_SYSTEM_USER_API_KEY" desc:"API key for the STORAGE-SYSTEM system user." introductionVersion:"pre5.0"` } type Events struct { - Addr string `yaml:"endpoint" env:"OCIS_EVENTS_ENDPOINT;SHARING_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"pre5.0"` - ClusterID string `yaml:"cluster" env:"OCIS_EVENTS_CLUSTER;SHARING_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"pre5.0"` - TLSInsecure bool `yaml:"tls_insecure" env:"OCIS_INSECURE;SHARING_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"pre5.0"` - TLSRootCaCertPath string `yaml:"tls_root_ca_cert_path" env:"OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;SHARING_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided SHARING_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"pre5.0"` - EnableTLS bool `yaml:"enable_tls" env:"OCIS_EVENTS_ENABLE_TLS;SHARING_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"pre5.0"` - AuthUsername string `yaml:"auth_username" env:"OCIS_EVENTS_AUTH_USERNAME;SHARING_EVENTS_AUTH_USERNAME" desc:"Username for the events broker." introductionVersion:"5.0"` - AuthPassword string `yaml:"auth_password" env:"OCIS_EVENTS_AUTH_PASSWORD;SHARING_EVENTS_AUTH_PASSWORD" desc:"Password for the events broker." introductionVersion:"5.0"` + Addr string `yaml:"endpoint" env:"OC_EVENTS_ENDPOINT;SHARING_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"pre5.0"` + ClusterID string `yaml:"cluster" env:"OC_EVENTS_CLUSTER;SHARING_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"pre5.0"` + TLSInsecure bool `yaml:"tls_insecure" env:"OC_INSECURE;SHARING_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"pre5.0"` + TLSRootCaCertPath string `yaml:"tls_root_ca_cert_path" env:"OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;SHARING_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided SHARING_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"pre5.0"` + EnableTLS bool `yaml:"enable_tls" env:"OC_EVENTS_ENABLE_TLS;SHARING_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"pre5.0"` + AuthUsername string `yaml:"auth_username" env:"OC_EVENTS_AUTH_USERNAME;SHARING_EVENTS_AUTH_USERNAME" desc:"Username for the events broker." introductionVersion:"5.0"` + AuthPassword string `yaml:"auth_password" env:"OC_EVENTS_AUTH_PASSWORD;SHARING_EVENTS_AUTH_PASSWORD" desc:"Password for the events broker." introductionVersion:"5.0"` } // PasswordPolicy configures reva password policy type PasswordPolicy struct { - Disabled bool `yaml:"disabled,omitempty" env:"OCIS_PASSWORD_POLICY_DISABLED;SHARING_PASSWORD_POLICY_DISABLED" desc:"Disable the password policy. Defaults to false if not set." introductionVersion:"5.0"` - MinCharacters int `yaml:"min_characters,omitempty" env:"OCIS_PASSWORD_POLICY_MIN_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_CHARACTERS" desc:"Define the minimum password length. Defaults to 8 if not set." introductionVersion:"5.0"` - MinLowerCaseCharacters int `yaml:"min_lowercase_characters" env:"OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS" desc:"Define the minimum number of uppercase letters. Defaults to 1 if not set." introductionVersion:"5.0"` - MinUpperCaseCharacters int `yaml:"min_uppercase_characters" env:"OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS" desc:"Define the minimum number of lowercase letters. Defaults to 1 if not set." introductionVersion:"5.0"` - MinDigits int `yaml:"min_digits" env:"OCIS_PASSWORD_POLICY_MIN_DIGITS;SHARING_PASSWORD_POLICY_MIN_DIGITS" desc:"Define the minimum number of digits. Defaults to 1 if not set." introductionVersion:"5.0"` - MinSpecialCharacters int `yaml:"min_special_characters" env:"OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS" desc:"Define the minimum number of characters from the special characters list to be present. Defaults to 1 if not set." introductionVersion:"5.0"` - BannedPasswordsList string `yaml:"banned_passwords_list" env:"OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST;SHARING_PASSWORD_POLICY_BANNED_PASSWORDS_LIST" desc:"Path to the 'banned passwords list' file. This only impacts public link password validation. See the documentation for more details." introductionVersion:"5.0"` + Disabled bool `yaml:"disabled,omitempty" env:"OC_PASSWORD_POLICY_DISABLED;SHARING_PASSWORD_POLICY_DISABLED" desc:"Disable the password policy. Defaults to false if not set." introductionVersion:"5.0"` + MinCharacters int `yaml:"min_characters,omitempty" env:"OC_PASSWORD_POLICY_MIN_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_CHARACTERS" desc:"Define the minimum password length. Defaults to 8 if not set." introductionVersion:"5.0"` + MinLowerCaseCharacters int `yaml:"min_lowercase_characters" env:"OC_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS" desc:"Define the minimum number of uppercase letters. Defaults to 1 if not set." introductionVersion:"5.0"` + MinUpperCaseCharacters int `yaml:"min_uppercase_characters" env:"OC_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS" desc:"Define the minimum number of lowercase letters. Defaults to 1 if not set." introductionVersion:"5.0"` + MinDigits int `yaml:"min_digits" env:"OC_PASSWORD_POLICY_MIN_DIGITS;SHARING_PASSWORD_POLICY_MIN_DIGITS" desc:"Define the minimum number of digits. Defaults to 1 if not set." introductionVersion:"5.0"` + MinSpecialCharacters int `yaml:"min_special_characters" env:"OC_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS" desc:"Define the minimum number of characters from the special characters list to be present. Defaults to 1 if not set." introductionVersion:"5.0"` + BannedPasswordsList string `yaml:"banned_passwords_list" env:"OC_PASSWORD_POLICY_BANNED_PASSWORDS_LIST;SHARING_PASSWORD_POLICY_BANNED_PASSWORDS_LIST" desc:"Path to the 'banned passwords list' file. This only impacts public link password validation. See the documentation for more details." introductionVersion:"5.0"` } diff --git a/services/sharing/pkg/config/reva.go b/services/sharing/pkg/config/reva.go index b0e9b7bba..31019d390 100644 --- a/services/sharing/pkg/config/reva.go +++ b/services/sharing/pkg/config/reva.go @@ -2,5 +2,5 @@ package config // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;SHARING_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` + JWTSecret string `yaml:"jwt_secret" env:"OC_JWT_SECRET;SHARING_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` } diff --git a/services/sharing/pkg/config/tracing.go b/services/sharing/pkg/config/tracing.go index 33e6d1a04..24c327f96 100644 --- a/services/sharing/pkg/config/tracing.go +++ b/services/sharing/pkg/config/tracing.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/tracing" // Tracing defines the available tracing configuration. type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;SHARING_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;SHARING_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;SHARING_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;SHARING_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;SHARING_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;SHARING_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;SHARING_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;SHARING_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` } // Convert Tracing to the tracing package's Config struct. diff --git a/services/sse/pkg/config/config.go b/services/sse/pkg/config/config.go index bf394b36a..28d504ec8 100644 --- a/services/sse/pkg/config/config.go +++ b/services/sse/pkg/config/config.go @@ -32,10 +32,10 @@ type Service struct { // Log defines the available log configuration. type Log struct { - Level string `mapstructure:"level" env:"OCIS_LOG_LEVEL;SSE_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"5.0"` - Pretty bool `mapstructure:"pretty" env:"OCIS_LOG_PRETTY;SSE_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"5.0"` - Color bool `mapstructure:"color" env:"OCIS_LOG_COLOR;SSE_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"5.0"` - File string `mapstructure:"file" env:"OCIS_LOG_FILE;SSE_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"5.0"` + Level string `mapstructure:"level" env:"OC_LOG_LEVEL;SSE_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"5.0"` + Pretty bool `mapstructure:"pretty" env:"OC_LOG_PRETTY;SSE_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"5.0"` + Color bool `mapstructure:"color" env:"OC_LOG_COLOR;SSE_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"5.0"` + File string `mapstructure:"file" env:"OC_LOG_FILE;SSE_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"5.0"` } // Debug defines the available debug configuration. @@ -48,21 +48,21 @@ type Debug struct { // Events combines the configuration options for the event bus. type Events struct { - Endpoint string `yaml:"endpoint" env:"OCIS_EVENTS_ENDPOINT;SSE_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"5.0"` - Cluster string `yaml:"cluster" env:"OCIS_EVENTS_CLUSTER;SSE_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"5.0"` - TLSInsecure bool `yaml:"tls_insecure" env:"OCIS_INSECURE;SSE_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"5.0"` - TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;SSE_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided SSE_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"5.0"` - EnableTLS bool `yaml:"enable_tls" env:"OCIS_EVENTS_ENABLE_TLS;SSE_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` - AuthUsername string `yaml:"username" env:"OCIS_EVENTS_AUTH_USERNAME;SSE_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` - AuthPassword string `yaml:"password" env:"OCIS_EVENTS_AUTH_PASSWORD;SSE_EVENTS_AUTH_PASSWORD" desc:"The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` + Endpoint string `yaml:"endpoint" env:"OC_EVENTS_ENDPOINT;SSE_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"5.0"` + Cluster string `yaml:"cluster" env:"OC_EVENTS_CLUSTER;SSE_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"5.0"` + TLSInsecure bool `yaml:"tls_insecure" env:"OC_INSECURE;SSE_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"5.0"` + TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;SSE_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided SSE_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"5.0"` + EnableTLS bool `yaml:"enable_tls" env:"OC_EVENTS_ENABLE_TLS;SSE_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` + AuthUsername string `yaml:"username" env:"OC_EVENTS_AUTH_USERNAME;SSE_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` + AuthPassword string `yaml:"password" env:"OC_EVENTS_AUTH_PASSWORD;SSE_EVENTS_AUTH_PASSWORD" desc:"The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` } // CORS defines the available cors configuration. type CORS struct { - AllowedOrigins []string `yaml:"allow_origins" env:"OCIS_CORS_ALLOW_ORIGINS;SSE_CORS_ALLOW_ORIGINS" desc:"A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details." introductionVersion:"5.0"` - AllowedMethods []string `yaml:"allow_methods" env:"OCIS_CORS_ALLOW_METHODS;SSE_CORS_ALLOW_METHODS" desc:"A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details." introductionVersion:"5.0"` - AllowedHeaders []string `yaml:"allow_headers" env:"OCIS_CORS_ALLOW_HEADERS;SSE_CORS_ALLOW_HEADERS" desc:"A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details." introductionVersion:"5.0"` - AllowCredentials bool `yaml:"allow_credentials" env:"OCIS_CORS_ALLOW_CREDENTIALS;SSE_CORS_ALLOW_CREDENTIALS" desc:"Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials." introductionVersion:"5.0"` + AllowedOrigins []string `yaml:"allow_origins" env:"OC_CORS_ALLOW_ORIGINS;SSE_CORS_ALLOW_ORIGINS" desc:"A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details." introductionVersion:"5.0"` + AllowedMethods []string `yaml:"allow_methods" env:"OC_CORS_ALLOW_METHODS;SSE_CORS_ALLOW_METHODS" desc:"A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details." introductionVersion:"5.0"` + AllowedHeaders []string `yaml:"allow_headers" env:"OC_CORS_ALLOW_HEADERS;SSE_CORS_ALLOW_HEADERS" desc:"A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details." introductionVersion:"5.0"` + AllowCredentials bool `yaml:"allow_credentials" env:"OC_CORS_ALLOW_CREDENTIALS;SSE_CORS_ALLOW_CREDENTIALS" desc:"Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials." introductionVersion:"5.0"` } // HTTP defines the available http configuration. @@ -76,5 +76,5 @@ type HTTP struct { // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;SSE_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"5.0"` + JWTSecret string `yaml:"jwt_secret" env:"OC_JWT_SECRET;SSE_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"5.0"` } diff --git a/services/sse/pkg/config/tracing.go b/services/sse/pkg/config/tracing.go index 56ee1f6b5..820ac9be9 100644 --- a/services/sse/pkg/config/tracing.go +++ b/services/sse/pkg/config/tracing.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/tracing" // Tracing defines the available tracing configuration. type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;SSE_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;SSE_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;SSE_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;SSE_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;SSE_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;SSE_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;SSE_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;SSE_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"5.0"` } // Convert Tracing to the tracing package's Config struct. diff --git a/services/storage-publiclink/pkg/config/config.go b/services/storage-publiclink/pkg/config/config.go index e067aa45a..208233ccb 100644 --- a/services/storage-publiclink/pkg/config/config.go +++ b/services/storage-publiclink/pkg/config/config.go @@ -26,10 +26,10 @@ type Config struct { } type Log struct { - Level string `yaml:"level" env:"OCIS_LOG_LEVEL;STORAGE_PUBLICLINK_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` - Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;STORAGE_PUBLICLINK_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` - Color bool `yaml:"color" env:"OCIS_LOG_COLOR;STORAGE_PUBLICLINK_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` - File string `yaml:"file" env:"OCIS_LOG_FILE;STORAGE_PUBLICLINK_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` + Level string `yaml:"level" env:"OC_LOG_LEVEL;STORAGE_PUBLICLINK_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` + Pretty bool `yaml:"pretty" env:"OC_LOG_PRETTY;STORAGE_PUBLICLINK_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` + Color bool `yaml:"color" env:"OC_LOG_COLOR;STORAGE_PUBLICLINK_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` + File string `yaml:"file" env:"OC_LOG_FILE;STORAGE_PUBLICLINK_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` } type Service struct { @@ -47,7 +47,7 @@ type GRPCConfig struct { Addr string `yaml:"addr" env:"STORAGE_PUBLICLINK_GRPC_ADDR" desc:"The bind address of the GRPC service." introductionVersion:"pre5.0"` TLS *shared.GRPCServiceTLS `yaml:"tls"` Namespace string `yaml:"-"` - Protocol string `yaml:"protocol" env:"OCIS_GRPC_PROTOCOL;STORAGE_PUBLICLINK_GRPC_PROTOCOL" desc:"The transport protocol of the GRPC service." introductionVersion:"pre5.0"` + Protocol string `yaml:"protocol" env:"OC_GRPC_PROTOCOL;STORAGE_PUBLICLINK_GRPC_PROTOCOL" desc:"The transport protocol of the GRPC service." introductionVersion:"pre5.0"` } type StorageProvider struct { diff --git a/services/storage-publiclink/pkg/config/reva.go b/services/storage-publiclink/pkg/config/reva.go index 1b7946498..eb3520f2c 100644 --- a/services/storage-publiclink/pkg/config/reva.go +++ b/services/storage-publiclink/pkg/config/reva.go @@ -2,5 +2,5 @@ package config // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;STORAGE_PUBLICLINK_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` + JWTSecret string `yaml:"jwt_secret" env:"OC_JWT_SECRET;STORAGE_PUBLICLINK_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` } diff --git a/services/storage-publiclink/pkg/config/tracing.go b/services/storage-publiclink/pkg/config/tracing.go index 153ea6c50..de16433e1 100644 --- a/services/storage-publiclink/pkg/config/tracing.go +++ b/services/storage-publiclink/pkg/config/tracing.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/tracing" // Tracing defines the tracing config. type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;STORAGE_PUBLICLINK_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;STORAGE_PUBLICLINK_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;STORAGE_PUBLICLINK_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;STORAGE_PUBLICLINK_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;STORAGE_PUBLICLINK_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;STORAGE_PUBLICLINK_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;STORAGE_PUBLICLINK_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;STORAGE_PUBLICLINK_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` } // Convert Tracing to the tracing package's Config struct. diff --git a/services/storage-shares/pkg/config/config.go b/services/storage-shares/pkg/config/config.go index 81d3406a6..b42be2371 100644 --- a/services/storage-shares/pkg/config/config.go +++ b/services/storage-shares/pkg/config/config.go @@ -27,10 +27,10 @@ type Config struct { Context context.Context `yaml:"-"` } type Log struct { - Level string `yaml:"level" env:"OCIS_LOG_LEVEL;STORAGE_SHARES_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` - Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;STORAGE_SHARES_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` - Color bool `yaml:"color" env:"OCIS_LOG_COLOR;STORAGE_SHARES_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` - File string `yaml:"file" env:"OCIS_LOG_FILE;STORAGE_SHARES_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` + Level string `yaml:"level" env:"OC_LOG_LEVEL;STORAGE_SHARES_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` + Pretty bool `yaml:"pretty" env:"OC_LOG_PRETTY;STORAGE_SHARES_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` + Color bool `yaml:"color" env:"OC_LOG_COLOR;STORAGE_SHARES_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` + File string `yaml:"file" env:"OC_LOG_FILE;STORAGE_SHARES_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` } type Service struct { @@ -48,5 +48,5 @@ type GRPCConfig struct { Addr string `yaml:"addr" env:"STORAGE_SHARES_GRPC_ADDR" desc:"The bind address of the GRPC service." introductionVersion:"pre5.0"` TLS *shared.GRPCServiceTLS `yaml:"tls"` Namespace string `yaml:"-"` - Protocol string `yaml:"protocol" env:"OCIS_GRPC_PROTOCOL;STORAGE_SHARES_GRPC_PROTOCOL" desc:"The transport protocol of the GRPC service." introductionVersion:"pre5.0"` + Protocol string `yaml:"protocol" env:"OC_GRPC_PROTOCOL;STORAGE_SHARES_GRPC_PROTOCOL" desc:"The transport protocol of the GRPC service." introductionVersion:"pre5.0"` } diff --git a/services/storage-shares/pkg/config/reva.go b/services/storage-shares/pkg/config/reva.go index 8f1baf91b..388ce8778 100644 --- a/services/storage-shares/pkg/config/reva.go +++ b/services/storage-shares/pkg/config/reva.go @@ -2,5 +2,5 @@ package config // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;STORAGE_SHARES_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` + JWTSecret string `yaml:"jwt_secret" env:"OC_JWT_SECRET;STORAGE_SHARES_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` } diff --git a/services/storage-shares/pkg/config/tracing.go b/services/storage-shares/pkg/config/tracing.go index e1c46dffb..e7a1da44b 100644 --- a/services/storage-shares/pkg/config/tracing.go +++ b/services/storage-shares/pkg/config/tracing.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/tracing" // Tracing defines configuration options for tracing. type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;STORAGE_SHARES_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;STORAGE_SHARES_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;STORAGE_SHARES_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;STORAGE_SHARES_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;STORAGE_SHARES_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;STORAGE_SHARES_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;STORAGE_SHARES_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;STORAGE_SHARES_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` } // Convert Tracing to the tracing package's Config struct. diff --git a/services/storage-system/README.md b/services/storage-system/README.md index b0734449b..1ab9c0103 100644 --- a/services/storage-system/README.md +++ b/services/storage-system/README.md @@ -17,6 +17,6 @@ Note: The service can only be scaled if not using `memory` store and the stores Note that if you have used one of the deprecated stores, you should reconfigure to one of the supported ones as the deprecated stores will be removed in a later version. Store specific notes: - - When using `redis-sentinel`, the Redis master to use is configured via e.g. `OCIS_CACHE_STORE_NODES` in the form of `:/` like `10.10.0.200:26379/mymaster`. - - When using `nats-js-kv` it is recommended to set `OCIS_CACHE_STORE_NODES` to the same value as `OCIS_EVENTS_ENDPOINT`. That way the cache uses the same nats instance as the event bus. - - When using the `nats-js-kv` store, it is possible to set `OCIS_CACHE_DISABLE_PERSISTENCE` to instruct nats to not persist cache data on disc. + - When using `redis-sentinel`, the Redis master to use is configured via e.g. `OC_CACHE_STORE_NODES` in the form of `:/` like `10.10.0.200:26379/mymaster`. + - When using `nats-js-kv` it is recommended to set `OC_CACHE_STORE_NODES` to the same value as `OC_EVENTS_ENDPOINT`. That way the cache uses the same nats instance as the event bus. + - When using the `nats-js-kv` store, it is possible to set `OC_CACHE_DISABLE_PERSISTENCE` to instruct nats to not persist cache data on disc. diff --git a/services/storage-system/pkg/config/config.go b/services/storage-system/pkg/config/config.go index 9ef9feec6..033c29dd4 100644 --- a/services/storage-system/pkg/config/config.go +++ b/services/storage-system/pkg/config/config.go @@ -21,8 +21,8 @@ type Config struct { TokenManager *TokenManager `yaml:"token_manager"` Reva *shared.Reva `yaml:"reva"` - SystemUserID string `yaml:"system_user_id" env:"OCIS_SYSTEM_USER_ID" desc:"ID of the oCIS storage-system system user. Admins need to set the ID for the STORAGE-SYSTEM system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format." introductionVersion:"pre5.0"` - SystemUserAPIKey string `yaml:"system_user_api_key" env:"OCIS_SYSTEM_USER_API_KEY" desc:"API key for the STORAGE-SYSTEM system user." introductionVersion:"pre5.0"` + SystemUserID string `yaml:"system_user_id" env:"OC_SYSTEM_USER_ID" desc:"ID of the oCIS storage-system system user. Admins need to set the ID for the STORAGE-SYSTEM system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format." introductionVersion:"pre5.0"` + SystemUserAPIKey string `yaml:"system_user_api_key" env:"OC_SYSTEM_USER_API_KEY" desc:"API key for the STORAGE-SYSTEM system user." introductionVersion:"pre5.0"` SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token" env:"STORAGE_SYSTEM_SKIP_USER_GROUPS_IN_TOKEN" desc:"Disables the loading of user's group memberships from the reva access token." introductionVersion:"pre5.0"` @@ -36,10 +36,10 @@ type Config struct { // Log holds Log config type Log struct { - Level string `yaml:"level" env:"OCIS_LOG_LEVEL;STORAGE_SYSTEM_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` - Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;STORAGE_SYSTEM_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` - Color bool `yaml:"color" env:"OCIS_LOG_COLOR;STORAGE_SYSTEM_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` - File string `yaml:"file" env:"OCIS_LOG_FILE;STORAGE_SYSTEM_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` + Level string `yaml:"level" env:"OC_LOG_LEVEL;STORAGE_SYSTEM_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` + Pretty bool `yaml:"pretty" env:"OC_LOG_PRETTY;STORAGE_SYSTEM_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` + Color bool `yaml:"color" env:"OC_LOG_COLOR;STORAGE_SYSTEM_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` + File string `yaml:"file" env:"OC_LOG_FILE;STORAGE_SYSTEM_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` } // Service holds Service config @@ -60,7 +60,7 @@ type GRPCConfig struct { Addr string `yaml:"addr" env:"STORAGE_SYSTEM_GRPC_ADDR" desc:"The bind address of the GRPC service." introductionVersion:"pre5.0"` TLS *shared.GRPCServiceTLS `yaml:"tls"` Namespace string `yaml:"-"` - Protocol string `yaml:"protocol" env:"OCIS_GRPC_PROTOCOL;STORAGE_SYSTEM_GRPC_PROTOCOL" desc:"The transport protocol of the GPRC service." introductionVersion:"pre5.0"` + Protocol string `yaml:"protocol" env:"OC_GRPC_PROTOCOL;STORAGE_SYSTEM_GRPC_PROTOCOL" desc:"The transport protocol of the GPRC service." introductionVersion:"pre5.0"` } // HTTPConfig holds HTTPConfig config @@ -78,19 +78,19 @@ type Drivers struct { // OCISDriver holds ocis Driver config type OCISDriver struct { // Root is the absolute path to the location of the data - Root string `yaml:"root" env:"STORAGE_SYSTEM_OCIS_ROOT" desc:"Path for the directory where the STORAGE-SYSTEM service stores it's persistent data. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/storage." introductionVersion:"pre5.0"` + Root string `yaml:"root" env:"STORAGE_SYSTEM_OC_ROOT" desc:"Path for the directory where the STORAGE-SYSTEM service stores it's persistent data. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage." introductionVersion:"pre5.0"` - MaxAcquireLockCycles int `yaml:"max_acquire_lock_cycles" env:"STORAGE_SYSTEM_OCIS_MAX_ACQUIRE_LOCK_CYCLES" desc:"When trying to lock files, ocis will try this amount of times to acquire the lock before failing. After each try it will wait for an increasing amount of time. Values of 0 or below will be ignored and the default value of 20 will be used." introductionVersion:"pre5.0"` - LockCycleDurationFactor int `yaml:"lock_cycle_duration_factor" env:"STORAGE_SYSTEM_OCIS_LOCK_CYCLE_DURATION_FACTOR" desc:"When trying to lock files, ocis will multiply the cycle with this factor and use it as a millisecond timeout. Values of 0 or below will be ignored and the default value of 30 will be used." introductionVersion:"pre5.0"` + MaxAcquireLockCycles int `yaml:"max_acquire_lock_cycles" env:"STORAGE_SYSTEM_OC_MAX_ACQUIRE_LOCK_CYCLES" desc:"When trying to lock files, ocis will try this amount of times to acquire the lock before failing. After each try it will wait for an increasing amount of time. Values of 0 or below will be ignored and the default value of 20 will be used." introductionVersion:"pre5.0"` + LockCycleDurationFactor int `yaml:"lock_cycle_duration_factor" env:"STORAGE_SYSTEM_OC_LOCK_CYCLE_DURATION_FACTOR" desc:"When trying to lock files, ocis will multiply the cycle with this factor and use it as a millisecond timeout. Values of 0 or below will be ignored and the default value of 30 will be used." introductionVersion:"pre5.0"` } // Cache holds cache config type Cache struct { - Store string `yaml:"store" env:"OCIS_CACHE_STORE;STORAGE_SYSTEM_CACHE_STORE" desc:"The type of the cache store. Supported values are: 'memory', 'redis-sentinel', 'nats-js-kv', 'noop'. See the text description for details." introductionVersion:"pre5.0"` - Nodes []string `yaml:"nodes" env:"OCIS_CACHE_STORE_NODES;STORAGE_SYSTEM_CACHE_STORE_NODES" desc:"A list of nodes to access the configured store. This has no effect when 'memory' store is configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - Database string `yaml:"database" env:"OCIS_CACHE_DATABASE" desc:"The database name the configured store should use." introductionVersion:"pre5.0"` - TTL time.Duration `yaml:"ttl" env:"OCIS_CACHE_TTL;STORAGE_SYSTEM_CACHE_TTL" desc:"Default time to live for user info in the user info cache. Only applied when access tokens has no expiration. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - DisablePersistence bool `yaml:"disable_persistence" env:"OCIS_CACHE_DISABLE_PERSISTENCE;STORAGE_SYSTEM_CACHE_DISABLE_PERSISTENCE" desc:"Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false." introductionVersion:"5.0"` - AuthUsername string `yaml:"auth_username" env:"OCIS_CACHE_AUTH_USERNAME;STORAGE_SYSTEM_CACHE_AUTH_USERNAME" desc:"Username for the configured store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` - AuthPassword string `yaml:"auth_password" env:"OCIS_CACHE_AUTH_PASSWORD;STORAGE_SYSTEM_CACHE_AUTH_PASSWORD" desc:"Password for the configured store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` + Store string `yaml:"store" env:"OC_CACHE_STORE;STORAGE_SYSTEM_CACHE_STORE" desc:"The type of the cache store. Supported values are: 'memory', 'redis-sentinel', 'nats-js-kv', 'noop'. See the text description for details." introductionVersion:"pre5.0"` + Nodes []string `yaml:"nodes" env:"OC_CACHE_STORE_NODES;STORAGE_SYSTEM_CACHE_STORE_NODES" desc:"A list of nodes to access the configured store. This has no effect when 'memory' store is configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + Database string `yaml:"database" env:"OC_CACHE_DATABASE" desc:"The database name the configured store should use." introductionVersion:"pre5.0"` + TTL time.Duration `yaml:"ttl" env:"OC_CACHE_TTL;STORAGE_SYSTEM_CACHE_TTL" desc:"Default time to live for user info in the user info cache. Only applied when access tokens has no expiration. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + DisablePersistence bool `yaml:"disable_persistence" env:"OC_CACHE_DISABLE_PERSISTENCE;STORAGE_SYSTEM_CACHE_DISABLE_PERSISTENCE" desc:"Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false." introductionVersion:"5.0"` + AuthUsername string `yaml:"auth_username" env:"OC_CACHE_AUTH_USERNAME;STORAGE_SYSTEM_CACHE_AUTH_USERNAME" desc:"Username for the configured store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` + AuthPassword string `yaml:"auth_password" env:"OC_CACHE_AUTH_PASSWORD;STORAGE_SYSTEM_CACHE_AUTH_PASSWORD" desc:"Password for the configured store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` } diff --git a/services/storage-system/pkg/config/reva.go b/services/storage-system/pkg/config/reva.go index 2ac33938f..b63978daf 100644 --- a/services/storage-system/pkg/config/reva.go +++ b/services/storage-system/pkg/config/reva.go @@ -2,5 +2,5 @@ package config // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;STORAGE_SYSTEM_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` + JWTSecret string `yaml:"jwt_secret" env:"OC_JWT_SECRET;STORAGE_SYSTEM_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` } diff --git a/services/storage-system/pkg/config/tracing.go b/services/storage-system/pkg/config/tracing.go index 68f8bb9de..acc5b64f8 100644 --- a/services/storage-system/pkg/config/tracing.go +++ b/services/storage-system/pkg/config/tracing.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/tracing" // Tracing holds Tracing config type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;STORAGE_SYSTEM_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;STORAGE_SYSTEM_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;STORAGE_SYSTEM_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;STORAGE_SYSTEM_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;STORAGE_SYSTEM_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;STORAGE_SYSTEM_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;STORAGE_SYSTEM_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;STORAGE_SYSTEM_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` } // Convert Tracing to the tracing package's Config struct. diff --git a/services/storage-users/README.md b/services/storage-users/README.md index fc26b0e56..b1b8236a0 100644 --- a/services/storage-users/README.md +++ b/services/storage-users/README.md @@ -20,10 +20,10 @@ For any command listed, use `--help` to get more details and possible options an To authenticate CLI commands use: -* `OCIS_SERVICE_ACCOUNT_SECRET=` and -* `OCIS_SERVICE_ACCOUNT_ID=`. +* `OC_SERVICE_ACCOUNT_SECRET=` and +* `OC_SERVICE_ACCOUNT_ID=`. -The `storage-users` CLI tool uses the default address to establish the connection to the `gateway` service. If the connection fails, check your custom `gateway` service `GATEWAY_GRPC_ADDR` configuration and set the same address in `storage-users` `OCIS_GATEWAY_GRPC_ADDR` or `STORAGE_USERS_GATEWAY_GRPC_ADDR`. +The `storage-users` CLI tool uses the default address to establish the connection to the `gateway` service. If the connection fails, check your custom `gateway` service `GATEWAY_GRPC_ADDR` configuration and set the same address in `storage-users` `OC_GATEWAY_GRPC_ADDR` or `STORAGE_USERS_GATEWAY_GRPC_ADDR`. ### Manage Unfinished Uploads @@ -167,7 +167,7 @@ COMMANDS: The behaviour of the `purge-expired` command can be configured by using the following environment variables. * `STORAGE_USERS_PURGE_TRASH_BIN_USER_ID`\ -Used to obtain space trash-bin information and takes the system admin user as the default which is the `OCIS_ADMIN_USER_ID` but can be set individually. It should be noted, that the `OCIS_ADMIN_USER_ID` is only assigned automatically when using the single binary deployment and must be manually assigned in all other deployments. The command only considers spaces to which the assigned user has access and delete permission. +Used to obtain space trash-bin information and takes the system admin user as the default which is the `OC_ADMIN_USER_ID` but can be set individually. It should be noted, that the `OC_ADMIN_USER_ID` is only assigned automatically when using the single binary deployment and must be manually assigned in all other deployments. The command only considers spaces to which the assigned user has access and delete permission. * `STORAGE_USERS_PURGE_TRASH_BIN_PERSONAL_DELETE_BEFORE`\ Has a default value of `720h` which equals `30 days`. This means, the command will delete all files older than `30 days`. The value is human-readable, for valid values see the duration type described in the [Environment Variable Types](https://doc.owncloud.com/ocis/latest/deployment/services/envvar-types-description.html). A value of `0` is equivalent to disable and prevents the deletion of `personal space` trash-bin files. @@ -180,11 +180,11 @@ Has a default value of `720h` which equals `30 days`. This means, the command wi Restoring is possible only to the original location. The personal or project `spaceID` is required for the items to be restored. To authenticate the CLI tool use: ```bash -OCIS_SERVICE_ACCOUNT_SECRET= -OCIS_SERVICE_ACCOUNT_ID= +OC_SERVICE_ACCOUNT_SECRET= +OC_SERVICE_ACCOUNT_ID= ``` -The `storage-users` CLI tool uses the default address to establish the connection to the `gateway` service. If the connection fails, check the `GATEWAY_GRPC_ADDR` configuration from your `gateway` service and set the same address to the `storage-users` variable `STORAGE_USERS_GATEWAY_GRPC_ADDR` or globally with `OCIS_GATEWAY_GRPC_ADDR`. +The `storage-users` CLI tool uses the default address to establish the connection to the `gateway` service. If the connection fails, check the `GATEWAY_GRPC_ADDR` configuration from your `gateway` service and set the same address to the `storage-users` variable `STORAGE_USERS_GATEWAY_GRPC_ADDR` or globally with `OC_GATEWAY_GRPC_ADDR`. * Export the gateway address if your configuration differs from the default ```bash @@ -225,6 +225,6 @@ Note: The service can only be scaled if not using `memory` store and the stores Note that if you have used one of the deprecated stores, you should reconfigure to one of the supported ones as the deprecated stores will be removed in a later version. Store specific notes: - - When using `redis-sentinel`, the Redis master to use is configured via e.g. `OCIS_CACHE_STORE_NODES` in the form of `:/` like `10.10.0.200:26379/mymaster`. - - When using `nats-js-kv` it is recommended to set `OCIS_CACHE_STORE_NODES` to the same value as `OCIS_EVENTS_ENDPOINT`. That way the cache uses the same nats instance as the event bus. - - When using the `nats-js-kv` store, it is possible to set `OCIS_CACHE_DISABLE_PERSISTENCE` to instruct nats to not persist cache data on disc. + - When using `redis-sentinel`, the Redis master to use is configured via e.g. `OC_CACHE_STORE_NODES` in the form of `:/` like `10.10.0.200:26379/mymaster`. + - When using `nats-js-kv` it is recommended to set `OC_CACHE_STORE_NODES` to the same value as `OC_EVENTS_ENDPOINT`. That way the cache uses the same nats instance as the event bus. + - When using the `nats-js-kv` store, it is possible to set `OC_CACHE_DISABLE_PERSISTENCE` to instruct nats to not persist cache data on disc. diff --git a/services/storage-users/pkg/config/config.go b/services/storage-users/pkg/config/config.go index 2099074c4..f1eebe1c2 100644 --- a/services/storage-users/pkg/config/config.go +++ b/services/storage-users/pkg/config/config.go @@ -41,8 +41,8 @@ type Config struct { ServiceAccount ServiceAccount `yaml:"service_account"` // CLI - RevaGatewayGRPCAddr string `yaml:"gateway_addr" env:"OCIS_GATEWAY_GRPC_ADDR;STORAGE_USERS_GATEWAY_GRPC_ADDR" desc:"The bind address of the gateway GRPC address." introductionVersion:"5.0"` - MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY;STORAGE_USERS_MACHINE_AUTH_API_KEY" desc:"Machine auth API key used to validate internal requests necessary for the access to resources from other services." introductionVersion:"5.0"` + RevaGatewayGRPCAddr string `yaml:"gateway_addr" env:"OC_GATEWAY_GRPC_ADDR;STORAGE_USERS_GATEWAY_GRPC_ADDR" desc:"The bind address of the gateway GRPC address." introductionVersion:"5.0"` + MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OC_MACHINE_AUTH_API_KEY;STORAGE_USERS_MACHINE_AUTH_API_KEY" desc:"Machine auth API key used to validate internal requests necessary for the access to resources from other services." introductionVersion:"5.0"` CliMaxAttemptsRenameFile int `yaml:"max_attempts_rename_file" env:"STORAGE_USERS_CLI_MAX_ATTEMPTS_RENAME_FILE" desc:"The maximum number of attempts to rename a file when a user restores a file to an existing destination with the same name. The minimum value is 100." introductionVersion:"5.0"` Context context.Context `yaml:"-"` @@ -50,10 +50,10 @@ type Config struct { // Log configures the logging type Log struct { - Level string `yaml:"level" env:"OCIS_LOG_LEVEL;STORAGE_USERS_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` - Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;STORAGE_USERS_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` - Color bool `yaml:"color" env:"OCIS_LOG_COLOR;STORAGE_USERS_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` - File string `yaml:"file" env:"OCIS_LOG_FILE;STORAGE_USERS_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` + Level string `yaml:"level" env:"OC_LOG_LEVEL;STORAGE_USERS_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` + Pretty bool `yaml:"pretty" env:"OC_LOG_PRETTY;STORAGE_USERS_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` + Color bool `yaml:"color" env:"OC_LOG_COLOR;STORAGE_USERS_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` + File string `yaml:"file" env:"OC_LOG_FILE;STORAGE_USERS_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` } // Service holds general service configuration @@ -74,7 +74,7 @@ type GRPCConfig struct { Addr string `yaml:"addr" env:"STORAGE_USERS_GRPC_ADDR" desc:"The bind address of the GRPC service." introductionVersion:"pre5.0"` TLS *shared.GRPCServiceTLS `yaml:"tls"` Namespace string `yaml:"-"` - Protocol string `yaml:"protocol" env:"OCIS_GRPC_PROTOCOL;STORAGE_USERS_GRPC_PROTOCOL" desc:"The transport protocol of the GPRC service." introductionVersion:"pre5.0"` + Protocol string `yaml:"protocol" env:"OC_GRPC_PROTOCOL;STORAGE_USERS_GRPC_PROTOCOL" desc:"The transport protocol of the GPRC service." introductionVersion:"pre5.0"` } // HTTPConfig is the configuration for the http server @@ -88,12 +88,12 @@ type HTTPConfig struct { // CORS defines the available cors configuration. type CORS struct { - AllowedOrigins []string `yaml:"allow_origins" env:"OCIS_CORS_ALLOW_ORIGINS;STORAGE_USERS_CORS_ALLOW_ORIGINS" desc:"A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AllowedMethods []string `yaml:"allow_methods" env:"OCIS_CORS_ALLOW_METHODS;STORAGE_USERS_CORS_ALLOW_METHODS" desc:"A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AllowedHeaders []string `yaml:"allow_headers" env:"OCIS_CORS_ALLOW_HEADERS;STORAGE_USERS_CORS_ALLOW_HEADERS" desc:"A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AllowCredentials bool `yaml:"allow_credentials" env:"OCIS_CORS_ALLOW_CREDENTIALS;STORAGE_USERS_CORS_ALLOW_CREDENTIALS" desc:"Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials." introductionVersion:"pre5.0"` - ExposedHeaders []string `yaml:"expose_headers" env:"OCIS_CORS_EXPOSE_HEADERS;STORAGE_USERS_CORS_EXPOSE_HEADERS" desc:"A list of exposed CORS headers. See following chapter for more details: *Access-Control-Expose-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - MaxAge uint `yaml:"max_age" env:"OCIS_CORS_MAX_AGE;STORAGE_USERS_CORS_MAX_AGE" desc:"The max cache duration of preflight headers. See following chapter for more details: *Access-Control-Max-Age* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowedOrigins []string `yaml:"allow_origins" env:"OC_CORS_ALLOW_ORIGINS;STORAGE_USERS_CORS_ALLOW_ORIGINS" desc:"A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowedMethods []string `yaml:"allow_methods" env:"OC_CORS_ALLOW_METHODS;STORAGE_USERS_CORS_ALLOW_METHODS" desc:"A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowedHeaders []string `yaml:"allow_headers" env:"OC_CORS_ALLOW_HEADERS;STORAGE_USERS_CORS_ALLOW_HEADERS" desc:"A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowCredentials bool `yaml:"allow_credentials" env:"OC_CORS_ALLOW_CREDENTIALS;STORAGE_USERS_CORS_ALLOW_CREDENTIALS" desc:"Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials." introductionVersion:"pre5.0"` + ExposedHeaders []string `yaml:"expose_headers" env:"OC_CORS_EXPOSE_HEADERS;STORAGE_USERS_CORS_EXPOSE_HEADERS" desc:"A list of exposed CORS headers. See following chapter for more details: *Access-Control-Expose-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + MaxAge uint `yaml:"max_age" env:"OC_CORS_MAX_AGE;STORAGE_USERS_CORS_MAX_AGE" desc:"The max cache duration of preflight headers. See following chapter for more details: *Access-Control-Max-Age* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` } // Drivers combine all storage driver configurations @@ -115,10 +115,10 @@ type AsyncPropagatorOptions struct { // OCISDriver is the storage driver configuration when using 'ocis' storage driver type OCISDriver struct { - Propagator string `yaml:"propagator" env:"OCIS_DECOMPOSEDFS_PROPAGATOR;STORAGE_USERS_OCIS_PROPAGATOR" desc:"The propagator used for decomposedfs. At the moment, only 'sync' is fully supported, 'async' is available as an experimental option." introductionVersion:"pre5.0"` + Propagator string `yaml:"propagator" env:"OC_DECOMPOSEDFS_PROPAGATOR;STORAGE_USERS_OCIS_PROPAGATOR" desc:"The propagator used for decomposedfs. At the moment, only 'sync' is fully supported, 'async' is available as an experimental option." introductionVersion:"pre5.0"` AsyncPropagatorOptions AsyncPropagatorOptions `yaml:"async_propagator_options"` // Root is the absolute path to the location of the data - Root string `yaml:"root" env:"STORAGE_USERS_OCIS_ROOT" desc:"The directory where the filesystem storage will store blobs and metadata. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/storage/users." introductionVersion:"pre5.0"` + Root string `yaml:"root" env:"STORAGE_USERS_OCIS_ROOT" desc:"The directory where the filesystem storage will store blobs and metadata. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage/users." introductionVersion:"pre5.0"` UserLayout string `yaml:"user_layout" env:"STORAGE_USERS_OCIS_USER_LAYOUT" desc:"Template string for the user storage layout in the user directory." introductionVersion:"pre5.0"` PermissionsEndpoint string `yaml:"permissions_endpoint" env:"STORAGE_USERS_PERMISSION_ENDPOINT;STORAGE_USERS_OCIS_PERMISSIONS_ENDPOINT" desc:"Endpoint of the permissions service. The endpoints can differ for 'ocis' and 's3ng'." introductionVersion:"pre5.0"` // PersonalSpaceAliasTemplate contains the template used to construct @@ -133,18 +133,18 @@ type OCISDriver struct { ShareFolder string `yaml:"share_folder" env:"STORAGE_USERS_OCIS_SHARE_FOLDER" desc:"Name of the folder jailing all shares." introductionVersion:"pre5.0"` MaxAcquireLockCycles int `yaml:"max_acquire_lock_cycles" env:"STORAGE_USERS_OCIS_MAX_ACQUIRE_LOCK_CYCLES" desc:"When trying to lock files, ocis will try this amount of times to acquire the lock before failing. After each try it will wait for an increasing amount of time. Values of 0 or below will be ignored and the default value will be used." introductionVersion:"pre5.0"` LockCycleDurationFactor int `yaml:"lock_cycle_duration_factor" env:"STORAGE_USERS_OCIS_LOCK_CYCLE_DURATION_FACTOR" desc:"When trying to lock files, ocis will multiply the cycle with this factor and use it as a millisecond timeout. Values of 0 or below will be ignored and the default value will be used." introductionVersion:"pre5.0"` - MaxConcurrency int `yaml:"max_concurrency" env:"OCIS_MAX_CONCURRENCY;STORAGE_USERS_OCIS_MAX_CONCURRENCY" desc:"Maximum number of concurrent go-routines. Higher values can potentially get work done faster but will also cause more load on the system. Values of 0 or below will be ignored and the default value will be used." introductionVersion:"pre5.0"` - AsyncUploads bool `yaml:"async_uploads" env:"OCIS_ASYNC_UPLOADS" desc:"Enable asynchronous file uploads." introductionVersion:"pre5.0"` - MaxQuota uint64 `yaml:"max_quota" env:"OCIS_SPACES_MAX_QUOTA;STORAGE_USERS_OCIS_MAX_QUOTA" desc:"Set a global max quota for spaces in bytes. A value of 0 equals unlimited. If not using the global OCIS_SPACES_MAX_QUOTA, you must define the FRONTEND_MAX_QUOTA in the frontend service." introductionVersion:"pre5.0"` - DisableVersioning bool `yaml:"disable_versioning" env:"OCIS_DISABLE_VERSIONING" desc:"Disables versioning of files. When set to true, new uploads with the same filename will overwrite existing files instead of creating a new version." introductionVersion:"7.0.0"` + MaxConcurrency int `yaml:"max_concurrency" env:"OC_MAX_CONCURRENCY;STORAGE_USERS_OCIS_MAX_CONCURRENCY" desc:"Maximum number of concurrent go-routines. Higher values can potentially get work done faster but will also cause more load on the system. Values of 0 or below will be ignored and the default value will be used." introductionVersion:"pre5.0"` + AsyncUploads bool `yaml:"async_uploads" env:"OC_ASYNC_UPLOADS" desc:"Enable asynchronous file uploads." introductionVersion:"pre5.0"` + MaxQuota uint64 `yaml:"max_quota" env:"OC_SPACES_MAX_QUOTA;STORAGE_USERS_OCIS_MAX_QUOTA" desc:"Set a global max quota for spaces in bytes. A value of 0 equals unlimited. If not using the global OC_SPACES_MAX_QUOTA, you must define the FRONTEND_MAX_QUOTA in the frontend service." introductionVersion:"pre5.0"` + DisableVersioning bool `yaml:"disable_versioning" env:"OC_DISABLE_VERSIONING" desc:"Disables versioning of files. When set to true, new uploads with the same filename will overwrite existing files instead of creating a new version." introductionVersion:"7.0.0"` } // S3NGDriver is the storage driver configuration when using 's3ng' storage driver type S3NGDriver struct { - Propagator string `yaml:"propagator" env:"OCIS_DECOMPOSEDFS_PROPAGATOR;STORAGE_USERS_S3NG_PROPAGATOR" desc:"The propagator used for decomposedfs. At the moment, only 'sync' is fully supported, 'async' is available as an experimental option." introductionVersion:"pre5.0"` + Propagator string `yaml:"propagator" env:"OC_DECOMPOSEDFS_PROPAGATOR;STORAGE_USERS_S3NG_PROPAGATOR" desc:"The propagator used for decomposedfs. At the moment, only 'sync' is fully supported, 'async' is available as an experimental option." introductionVersion:"pre5.0"` AsyncPropagatorOptions AsyncPropagatorOptions `yaml:"async_propagator_options"` // Root is the absolute path to the location of the data - Root string `yaml:"root" env:"STORAGE_USERS_S3NG_ROOT" desc:"The directory where the filesystem storage will store metadata for blobs. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/storage/users." introductionVersion:"pre5.0"` + Root string `yaml:"root" env:"STORAGE_USERS_S3NG_ROOT" desc:"The directory where the filesystem storage will store metadata for blobs. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage/users." introductionVersion:"pre5.0"` UserLayout string `yaml:"user_layout" env:"STORAGE_USERS_S3NG_USER_LAYOUT" desc:"Template string for the user storage layout in the user directory." introductionVersion:"pre5.0"` PermissionsEndpoint string `yaml:"permissions_endpoint" env:"STORAGE_USERS_PERMISSION_ENDPOINT;STORAGE_USERS_S3NG_PERMISSIONS_ENDPOINT" desc:"Endpoint of the permissions service. The endpoints can differ for 'ocis' and 's3ng'." introductionVersion:"pre5.0"` Region string `yaml:"region" env:"STORAGE_USERS_S3NG_REGION" desc:"Region of the S3 bucket." introductionVersion:"pre5.0"` @@ -170,18 +170,18 @@ type S3NGDriver struct { ShareFolder string `yaml:"share_folder" env:"STORAGE_USERS_S3NG_SHARE_FOLDER" desc:"Name of the folder jailing all shares." introductionVersion:"pre5.0"` MaxAcquireLockCycles int `yaml:"max_acquire_lock_cycles" env:"STORAGE_USERS_S3NG_MAX_ACQUIRE_LOCK_CYCLES" desc:"When trying to lock files, ocis will try this amount of times to acquire the lock before failing. After each try it will wait for an increasing amount of time. Values of 0 or below will be ignored and the default value of 20 will be used." introductionVersion:"pre5.0"` LockCycleDurationFactor int `yaml:"lock_cycle_duration_factor" env:"STORAGE_USERS_S3NG_LOCK_CYCLE_DURATION_FACTOR" desc:"When trying to lock files, ocis will multiply the cycle with this factor and use it as a millisecond timeout. Values of 0 or below will be ignored and the default value of 30 will be used." introductionVersion:"pre5.0"` - MaxConcurrency int `yaml:"max_concurrency" env:"OCIS_MAX_CONCURRENCY;STORAGE_USERS_S3NG_MAX_CONCURRENCY" desc:"Maximum number of concurrent go-routines. Higher values can potentially get work done faster but will also cause more load on the system. Values of 0 or below will be ignored and the default value of 100 will be used." introductionVersion:"pre5.0"` - DisableVersioning bool `yaml:"disable_versioning" env:"OCIS_DISABLE_VERSIONING" desc:"Disables versioning of files. When set to true, new uploads with the same filename will overwrite existing files instead of creating a new version." introductionVersion:"7.0.0"` + MaxConcurrency int `yaml:"max_concurrency" env:"OC_MAX_CONCURRENCY;STORAGE_USERS_S3NG_MAX_CONCURRENCY" desc:"Maximum number of concurrent go-routines. Higher values can potentially get work done faster but will also cause more load on the system. Values of 0 or below will be ignored and the default value of 100 will be used." introductionVersion:"pre5.0"` + DisableVersioning bool `yaml:"disable_versioning" env:"OC_DISABLE_VERSIONING" desc:"Disables versioning of files. When set to true, new uploads with the same filename will overwrite existing files instead of creating a new version." introductionVersion:"7.0.0"` } // OwnCloudSQLDriver is the storage driver configuration when using 'owncloudsql' storage driver type OwnCloudSQLDriver struct { // Root is the absolute path to the location of the data - Root string `yaml:"root" env:"STORAGE_USERS_OWNCLOUDSQL_DATADIR" desc:"The directory where the filesystem storage will store SQL migration data. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/storage/owncloud." introductionVersion:"pre5.0"` + Root string `yaml:"root" env:"STORAGE_USERS_OWNCLOUDSQL_DATADIR" desc:"The directory where the filesystem storage will store SQL migration data. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage/owncloud." introductionVersion:"pre5.0"` // ShareFolder defines the name of the folder jailing all shares ShareFolder string `yaml:"share_folder" env:"STORAGE_USERS_OWNCLOUDSQL_SHARE_FOLDER" desc:"Name of the folder jailing all shares." introductionVersion:"pre5.0"` UserLayout string `yaml:"user_layout" env:"STORAGE_USERS_OWNCLOUDSQL_LAYOUT" desc:"Path layout to use to navigate into a users folder in an owncloud data directory" introductionVersion:"pre5.0"` - UploadInfoDir string `yaml:"upload_info_dir" env:"STORAGE_USERS_OWNCLOUDSQL_UPLOADINFO_DIR" desc:"The directory where the filesystem will store uploads temporarily. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/storage/uploadinfo." introductionVersion:"pre5.0"` + UploadInfoDir string `yaml:"upload_info_dir" env:"STORAGE_USERS_OWNCLOUDSQL_UPLOADINFO_DIR" desc:"The directory where the filesystem will store uploads temporarily. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage/uploadinfo." introductionVersion:"pre5.0"` DBUsername string `yaml:"db_username" env:"STORAGE_USERS_OWNCLOUDSQL_DB_USERNAME" desc:"Username for the database." introductionVersion:"pre5.0"` DBPassword string `yaml:"db_password" env:"STORAGE_USERS_OWNCLOUDSQL_DB_PASSWORD" desc:"Password for the database." introductionVersion:"pre5.0"` DBHost string `yaml:"db_host" env:"STORAGE_USERS_OWNCLOUDSQL_DB_HOST" desc:"Hostname or IP of the database server." introductionVersion:"pre5.0"` @@ -193,11 +193,11 @@ type OwnCloudSQLDriver struct { // PosixDriver is the storage driver configuration when using 'posix' storage driver type PosixDriver struct { // Root is the absolute path to the location of the data - Root string `yaml:"root" env:"STORAGE_USERS_POSIX_ROOT" desc:"The directory where the filesystem storage will store its data. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/storage/users." introductionVersion:"6.0.0"` + Root string `yaml:"root" env:"STORAGE_USERS_POSIX_ROOT" desc:"The directory where the filesystem storage will store its data. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage/users." introductionVersion:"6.0.0"` PersonalSpacePathTemplate string `yaml:"personalspacepath_template" env:"STORAGE_USERS_POSIX_PERSONAL_SPACE_PATH_TEMPLATE" desc:"Template string to construct the paths of the personal space roots." introductionVersion:"6.0.0"` GeneralSpacePathTemplate string `yaml:"generalspacepath_template" env:"STORAGE_USERS_POSIX_GENERAL_SPACE_PATH_TEMPLATE" desc:"Template string to construct the paths of the projects space roots." introductionVersion:"6.0.0"` PermissionsEndpoint string `yaml:"permissions_endpoint" env:"STORAGE_USERS_PERMISSION_ENDPOINT;STORAGE_USERS_POSIX_PERMISSIONS_ENDPOINT" desc:"Endpoint of the permissions service. The endpoints can differ for 'ocis', 'posix' and 's3ng'." introductionVersion:"6.0.0"` - AsyncUploads bool `yaml:"async_uploads" env:"OCIS_ASYNC_UPLOADS" desc:"Enable asynchronous file uploads." introductionVersion:"pre5.0"` + AsyncUploads bool `yaml:"async_uploads" env:"OC_ASYNC_UPLOADS" desc:"Enable asynchronous file uploads." introductionVersion:"pre5.0"` ScanDebounceDelay time.Duration `yaml:"scan_debounce_delay" env:"STORAGE_USERS_POSIX_SCAN_DEBOUNCE_DELAY" desc:"The time in milliseconds to wait before scanning the filesystem for changes after a change has been detected." introductionVersion:"6.0.0"` UseSpaceGroups bool `yaml:"use_space_groups" env:"STORAGE_USERS_POSIX_USE_SPACE_GROUPS" desc:"Use space groups to manage permissions on spaces." introductionVersion:"6.0.0"` @@ -209,36 +209,36 @@ type PosixDriver struct { // Events combines the configuration options for the event bus. type Events struct { - Addr string `yaml:"endpoint" env:"OCIS_EVENTS_ENDPOINT;STORAGE_USERS_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"pre5.0"` - ClusterID string `yaml:"cluster" env:"OCIS_EVENTS_CLUSTER;STORAGE_USERS_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"pre5.0"` - TLSInsecure bool `yaml:"tls_insecure" env:"OCIS_INSECURE;STORAGE_USERS_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"pre5.0"` - TLSRootCaCertPath string `yaml:"tls_root_ca_cert_path" env:"OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;STORAGE_USERS_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided STORAGE_USERS_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"pre5.0"` - EnableTLS bool `yaml:"enable_tls" env:"OCIS_EVENTS_ENABLE_TLS;STORAGE_USERS_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"pre5.0"` - NumConsumers int `yaml:"num_consumers" env:"STORAGE_USERS_EVENTS_NUM_CONSUMERS" desc:"The amount of concurrent event consumers to start. Event consumers are used for post-processing files. Multiple consumers increase parallelisation, but will also increase CPU and memory demands. The setting has no effect when the OCIS_ASYNC_UPLOADS is set to false. The default and minimum value is 1." introductionVersion:"pre5.0"` - AuthUsername string `yaml:"username" env:"OCIS_EVENTS_AUTH_USERNAME;STORAGE_USERS_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` - AuthPassword string `yaml:"password" env:"OCIS_EVENTS_AUTH_PASSWORD;STORAGE_USERS_EVENTS_AUTH_PASSWORD" desc:"The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` + Addr string `yaml:"endpoint" env:"OC_EVENTS_ENDPOINT;STORAGE_USERS_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"pre5.0"` + ClusterID string `yaml:"cluster" env:"OC_EVENTS_CLUSTER;STORAGE_USERS_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"pre5.0"` + TLSInsecure bool `yaml:"tls_insecure" env:"OC_INSECURE;STORAGE_USERS_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"pre5.0"` + TLSRootCaCertPath string `yaml:"tls_root_ca_cert_path" env:"OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;STORAGE_USERS_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided STORAGE_USERS_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"pre5.0"` + EnableTLS bool `yaml:"enable_tls" env:"OC_EVENTS_ENABLE_TLS;STORAGE_USERS_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"pre5.0"` + NumConsumers int `yaml:"num_consumers" env:"STORAGE_USERS_EVENTS_NUM_CONSUMERS" desc:"The amount of concurrent event consumers to start. Event consumers are used for post-processing files. Multiple consumers increase parallelisation, but will also increase CPU and memory demands. The setting has no effect when the OC_ASYNC_UPLOADS is set to false. The default and minimum value is 1." introductionVersion:"pre5.0"` + AuthUsername string `yaml:"username" env:"OC_EVENTS_AUTH_USERNAME;STORAGE_USERS_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` + AuthPassword string `yaml:"password" env:"OC_EVENTS_AUTH_PASSWORD;STORAGE_USERS_EVENTS_AUTH_PASSWORD" desc:"The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` } // FilemetadataCache holds cache config type FilemetadataCache struct { - Store string `yaml:"store" env:"OCIS_CACHE_STORE;STORAGE_USERS_FILEMETADATA_CACHE_STORE" desc:"The type of the cache store. Supported values are: 'memory', 'redis-sentinel', 'nats-js-kv', 'noop'. See the text description for details." introductionVersion:"pre5.0"` - Nodes []string `yaml:"nodes" env:"OCIS_CACHE_STORE_NODES;STORAGE_USERS_FILEMETADATA_CACHE_STORE_NODES" desc:"A list of nodes to access the configured store. This has no effect when 'memory' store is configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - Database string `yaml:"database" env:"OCIS_CACHE_DATABASE" desc:"The database name the configured store should use." introductionVersion:"pre5.0"` - TTL time.Duration `yaml:"ttl" env:"OCIS_CACHE_TTL;STORAGE_USERS_FILEMETADATA_CACHE_TTL" desc:"Default time to live for user info in the user info cache. Only applied when access tokens has no expiration. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - DisablePersistence bool `yaml:"disable_persistence" env:"OCIS_CACHE_DISABLE_PERSISTENCE;STORAGE_USERS_FILEMETADATA_CACHE_DISABLE_PERSISTENCE" desc:"Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false." introductionVersion:"5.0"` - AuthUsername string `yaml:"username" env:"OCIS_CACHE_AUTH_USERNAME;STORAGE_USERS_FILEMETADATA_CACHE_AUTH_USERNAME" desc:"The username to authenticate with the cache store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` - AuthPassword string `yaml:"password" env:"OCIS_CACHE_AUTH_PASSWORD;STORAGE_USERS_FILEMETADATA_CACHE_AUTH_PASSWORD" desc:"The password to authenticate with the cache store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` + Store string `yaml:"store" env:"OC_CACHE_STORE;STORAGE_USERS_FILEMETADATA_CACHE_STORE" desc:"The type of the cache store. Supported values are: 'memory', 'redis-sentinel', 'nats-js-kv', 'noop'. See the text description for details." introductionVersion:"pre5.0"` + Nodes []string `yaml:"nodes" env:"OC_CACHE_STORE_NODES;STORAGE_USERS_FILEMETADATA_CACHE_STORE_NODES" desc:"A list of nodes to access the configured store. This has no effect when 'memory' store is configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + Database string `yaml:"database" env:"OC_CACHE_DATABASE" desc:"The database name the configured store should use." introductionVersion:"pre5.0"` + TTL time.Duration `yaml:"ttl" env:"OC_CACHE_TTL;STORAGE_USERS_FILEMETADATA_CACHE_TTL" desc:"Default time to live for user info in the user info cache. Only applied when access tokens has no expiration. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + DisablePersistence bool `yaml:"disable_persistence" env:"OC_CACHE_DISABLE_PERSISTENCE;STORAGE_USERS_FILEMETADATA_CACHE_DISABLE_PERSISTENCE" desc:"Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false." introductionVersion:"5.0"` + AuthUsername string `yaml:"username" env:"OC_CACHE_AUTH_USERNAME;STORAGE_USERS_FILEMETADATA_CACHE_AUTH_USERNAME" desc:"The username to authenticate with the cache store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` + AuthPassword string `yaml:"password" env:"OC_CACHE_AUTH_PASSWORD;STORAGE_USERS_FILEMETADATA_CACHE_AUTH_PASSWORD" desc:"The password to authenticate with the cache store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` } // IDCache holds cache config type IDCache struct { - Store string `yaml:"store" env:"OCIS_CACHE_STORE;STORAGE_USERS_ID_CACHE_STORE" desc:"The type of the cache store. Supported values are: 'memory', 'redis-sentinel', 'nats-js-kv', 'noop'. See the text description for details." introductionVersion:"pre5.0"` - Nodes []string `yaml:"nodes" env:"OCIS_CACHE_STORE_NODES;STORAGE_USERS_ID_CACHE_STORE_NODES" desc:"A list of nodes to access the configured store. This has no effect when 'memory' store is configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - Database string `yaml:"database" env:"OCIS_CACHE_DATABASE" desc:"The database name the configured store should use." introductionVersion:"pre5.0"` - TTL time.Duration `yaml:"ttl" env:"OCIS_CACHE_TTL;STORAGE_USERS_ID_CACHE_TTL" desc:"Default time to live for user info in the user info cache. Only applied when access tokens have no expiration. Defaults to 300s which is derived from the underlaying package though not explicitly set as default. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - DisablePersistence bool `yaml:"disable_persistence" env:"OCIS_CACHE_DISABLE_PERSISTENCE;STORAGE_USERS_ID_CACHE_DISABLE_PERSISTENCE" desc:"Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false." introductionVersion:"5.0"` - AuthUsername string `yaml:"username" env:"OCIS_CACHE_AUTH_USERNAME;STORAGE_USERS_ID_CACHE_AUTH_USERNAME" desc:"The username to authenticate with the cache store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` - AuthPassword string `yaml:"password" env:"OCIS_CACHE_AUTH_PASSWORD;STORAGE_USERS_ID_CACHE_AUTH_PASSWORD" desc:"The password to authenticate with the cache store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` + Store string `yaml:"store" env:"OC_CACHE_STORE;STORAGE_USERS_ID_CACHE_STORE" desc:"The type of the cache store. Supported values are: 'memory', 'redis-sentinel', 'nats-js-kv', 'noop'. See the text description for details." introductionVersion:"pre5.0"` + Nodes []string `yaml:"nodes" env:"OC_CACHE_STORE_NODES;STORAGE_USERS_ID_CACHE_STORE_NODES" desc:"A list of nodes to access the configured store. This has no effect when 'memory' store is configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + Database string `yaml:"database" env:"OC_CACHE_DATABASE" desc:"The database name the configured store should use." introductionVersion:"pre5.0"` + TTL time.Duration `yaml:"ttl" env:"OC_CACHE_TTL;STORAGE_USERS_ID_CACHE_TTL" desc:"Default time to live for user info in the user info cache. Only applied when access tokens have no expiration. Defaults to 300s which is derived from the underlaying package though not explicitly set as default. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + DisablePersistence bool `yaml:"disable_persistence" env:"OC_CACHE_DISABLE_PERSISTENCE;STORAGE_USERS_ID_CACHE_DISABLE_PERSISTENCE" desc:"Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false." introductionVersion:"5.0"` + AuthUsername string `yaml:"username" env:"OC_CACHE_AUTH_USERNAME;STORAGE_USERS_ID_CACHE_AUTH_USERNAME" desc:"The username to authenticate with the cache store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` + AuthPassword string `yaml:"password" env:"OC_CACHE_AUTH_PASSWORD;STORAGE_USERS_ID_CACHE_AUTH_PASSWORD" desc:"The password to authenticate with the cache store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` } // S3Driver is the storage driver configuration when using 's3' storage driver @@ -315,13 +315,13 @@ type Tasks struct { // PurgeTrashBin contains all necessary configurations to clean up the respective trash cans type PurgeTrashBin struct { - UserID string `yaml:"user_id" env:"OCIS_ADMIN_USER_ID;STORAGE_USERS_PURGE_TRASH_BIN_USER_ID" desc:"ID of the user who collects all necessary information for deletion. Consider that the UUID can be encoded in some LDAP deployment configurations like in .ldif files. These need to be decoded beforehand." introductionVersion:"pre5.0"` + UserID string `yaml:"user_id" env:"OC_ADMIN_USER_ID;STORAGE_USERS_PURGE_TRASH_BIN_USER_ID" desc:"ID of the user who collects all necessary information for deletion. Consider that the UUID can be encoded in some LDAP deployment configurations like in .ldif files. These need to be decoded beforehand." introductionVersion:"pre5.0"` PersonalDeleteBefore time.Duration `yaml:"personal_delete_before" env:"STORAGE_USERS_PURGE_TRASH_BIN_PERSONAL_DELETE_BEFORE" desc:"Specifies the period of time in which items that have been in the personal trash-bin for longer than this value should be deleted. A value of 0 means no automatic deletion. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` ProjectDeleteBefore time.Duration `yaml:"project_delete_before" env:"STORAGE_USERS_PURGE_TRASH_BIN_PROJECT_DELETE_BEFORE" desc:"Specifies the period of time in which items that have been in the project trash-bin for longer than this value should be deleted. A value of 0 means no automatic deletion. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` } // ServiceAccount is the configuration for the used service account type ServiceAccount struct { - ServiceAccountID string `yaml:"service_account_id" env:"OCIS_SERVICE_ACCOUNT_ID;STORAGE_USERS_SERVICE_ACCOUNT_ID" desc:"The ID of the service account the service should use. See the 'auth-service' service description for more details." introductionVersion:"5.0"` - ServiceAccountSecret string `yaml:"service_account_secret" env:"OCIS_SERVICE_ACCOUNT_SECRET;STORAGE_USERS_SERVICE_ACCOUNT_SECRET" desc:"The service account secret." introductionVersion:"5.0"` + ServiceAccountID string `yaml:"service_account_id" env:"OC_SERVICE_ACCOUNT_ID;STORAGE_USERS_SERVICE_ACCOUNT_ID" desc:"The ID of the service account the service should use. See the 'auth-service' service description for more details." introductionVersion:"5.0"` + ServiceAccountSecret string `yaml:"service_account_secret" env:"OC_SERVICE_ACCOUNT_SECRET;STORAGE_USERS_SERVICE_ACCOUNT_SECRET" desc:"The service account secret." introductionVersion:"5.0"` } diff --git a/services/storage-users/pkg/config/reva.go b/services/storage-users/pkg/config/reva.go index 4e4ab7d33..436efc69b 100644 --- a/services/storage-users/pkg/config/reva.go +++ b/services/storage-users/pkg/config/reva.go @@ -2,5 +2,5 @@ package config // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;STORAGE_USERS_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` + JWTSecret string `yaml:"jwt_secret" env:"OC_JWT_SECRET;STORAGE_USERS_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` } diff --git a/services/storage-users/pkg/config/tracing.go b/services/storage-users/pkg/config/tracing.go index 26e638bf4..5f368c0b3 100644 --- a/services/storage-users/pkg/config/tracing.go +++ b/services/storage-users/pkg/config/tracing.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/tracing" // Tracing configures the tracing type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;STORAGE_USERS_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;STORAGE_USERS_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;STORAGE_USERS_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;STORAGE_USERS_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;STORAGE_USERS_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;STORAGE_USERS_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;STORAGE_USERS_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;STORAGE_USERS_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` } // Convert Tracing to the tracing package's Config struct. diff --git a/services/thumbnails/README.md b/services/thumbnails/README.md index 684368183..ecc403f49 100644 --- a/services/thumbnails/README.md +++ b/services/thumbnails/README.md @@ -6,7 +6,7 @@ The thumbnails service provides methods to generate thumbnails for various files The relevant environment variables defining file locations are: -- (1) `OCIS_BASE_DATA_PATH` +- (1) `OC_BASE_DATA_PATH` - (2) `STORAGE_USERS_OCIS_ROOT` - (3) `THUMBNAILS_FILESYSTEMSTORAGE_ROOT` diff --git a/services/thumbnails/pkg/config/config.go b/services/thumbnails/pkg/config/config.go index 3e866cdb7..0f1ba9248 100644 --- a/services/thumbnails/pkg/config/config.go +++ b/services/thumbnails/pkg/config/config.go @@ -31,16 +31,16 @@ type Config struct { // FileSystemStorage defines the available filesystem storage configuration. type FileSystemStorage struct { - RootDirectory string `yaml:"root_directory" env:"THUMBNAILS_FILESYSTEMSTORAGE_ROOT" desc:"The directory where the filesystem storage will store the thumbnails. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/thumbnails." introductionVersion:"pre5.0"` + RootDirectory string `yaml:"root_directory" env:"THUMBNAILS_FILESYSTEMSTORAGE_ROOT" desc:"The directory where the filesystem storage will store the thumbnails. If not defined, the root directory derives from $OC_BASE_DATA_PATH/thumbnails." introductionVersion:"pre5.0"` } // Thumbnail defines the available thumbnail related configuration. type Thumbnail struct { Resolutions []string `yaml:"resolutions" env:"THUMBNAILS_RESOLUTIONS" desc:"The supported list of target resolutions in the format WidthxHeight like 32x32. You can define any resolution as required. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` FileSystemStorage FileSystemStorage `yaml:"filesystem_storage"` - WebdavAllowInsecure bool `yaml:"webdav_allow_insecure" env:"OCIS_INSECURE;THUMBNAILS_WEBDAVSOURCE_INSECURE" desc:"Ignore untrusted SSL certificates when connecting to the webdav source." introductionVersion:"pre5.0"` - CS3AllowInsecure bool `yaml:"cs3_allow_insecure" env:"OCIS_INSECURE;THUMBNAILS_CS3SOURCE_INSECURE" desc:"Ignore untrusted SSL certificates when connecting to the CS3 source." introductionVersion:"pre5.0"` - RevaGateway string `yaml:"reva_gateway" env:"OCIS_REVA_GATEWAY" desc:"CS3 gateway used to look up user metadata" introductionVersion:"pre5.0"` + WebdavAllowInsecure bool `yaml:"webdav_allow_insecure" env:"OC_INSECURE;THUMBNAILS_WEBDAVSOURCE_INSECURE" desc:"Ignore untrusted SSL certificates when connecting to the webdav source." introductionVersion:"pre5.0"` + CS3AllowInsecure bool `yaml:"cs3_allow_insecure" env:"OC_INSECURE;THUMBNAILS_CS3SOURCE_INSECURE" desc:"Ignore untrusted SSL certificates when connecting to the CS3 source." introductionVersion:"pre5.0"` + RevaGateway string `yaml:"reva_gateway" env:"OC_REVA_GATEWAY" desc:"CS3 gateway used to look up user metadata" introductionVersion:"pre5.0"` FontMapFile string `yaml:"font_map_file" env:"THUMBNAILS_TXT_FONTMAP_FILE" desc:"The path to a font file for txt thumbnails." introductionVersion:"pre5.0"` TransferSecret string `yaml:"transfer_secret" env:"THUMBNAILS_TRANSFER_TOKEN" desc:"The secret to sign JWT to download the actual thumbnail file." introductionVersion:"pre5.0"` DataEndpoint string `yaml:"data_endpoint" env:"THUMBNAILS_DATA_ENDPOINT" desc:"The HTTP endpoint where the actual thumbnail file can be downloaded." introductionVersion:"pre5.0"` diff --git a/services/thumbnails/pkg/config/http.go b/services/thumbnails/pkg/config/http.go index a9fdf2622..c5b9e6caa 100644 --- a/services/thumbnails/pkg/config/http.go +++ b/services/thumbnails/pkg/config/http.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/shared" // CORS defines the available cors configuration. type CORS struct { - AllowedOrigins []string `yaml:"allow_origins" env:"OCIS_CORS_ALLOW_ORIGINS;THUMBNAILS_CORS_ALLOW_ORIGINS" desc:"A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details." introductionVersion:"6.0"` - AllowedMethods []string `yaml:"allow_methods" env:"OCIS_CORS_ALLOW_METHODS;THUMBNAILS_CORS_ALLOW_METHODS" desc:"A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details." introductionVersion:"6.0"` - AllowedHeaders []string `yaml:"allow_headers" env:"OCIS_CORS_ALLOW_HEADERS;THUMBNAILS_CORS_ALLOW_HEADERS" desc:"A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details." introductionVersion:"6.0"` - AllowCredentials bool `yaml:"allow_credentials" env:"OCIS_CORS_ALLOW_CREDENTIALS;THUMBNAILS_CORS_ALLOW_CREDENTIALS" desc:"Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials." introductionVersion:"6.0"` + AllowedOrigins []string `yaml:"allow_origins" env:"OC_CORS_ALLOW_ORIGINS;THUMBNAILS_CORS_ALLOW_ORIGINS" desc:"A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details." introductionVersion:"6.0"` + AllowedMethods []string `yaml:"allow_methods" env:"OC_CORS_ALLOW_METHODS;THUMBNAILS_CORS_ALLOW_METHODS" desc:"A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details." introductionVersion:"6.0"` + AllowedHeaders []string `yaml:"allow_headers" env:"OC_CORS_ALLOW_HEADERS;THUMBNAILS_CORS_ALLOW_HEADERS" desc:"A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details." introductionVersion:"6.0"` + AllowCredentials bool `yaml:"allow_credentials" env:"OC_CORS_ALLOW_CREDENTIALS;THUMBNAILS_CORS_ALLOW_CREDENTIALS" desc:"Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials." introductionVersion:"6.0"` } // HTTP defines the available http configuration. diff --git a/services/thumbnails/pkg/config/log.go b/services/thumbnails/pkg/config/log.go index 8edaee587..623065c1a 100644 --- a/services/thumbnails/pkg/config/log.go +++ b/services/thumbnails/pkg/config/log.go @@ -2,8 +2,8 @@ package config // Log defines the available log configuration. type Log struct { - Level string `mapstructure:"level" env:"OCIS_LOG_LEVEL;THUMBNAILS_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` - Pretty bool `mapstructure:"pretty" env:"OCIS_LOG_PRETTY;THUMBNAILS_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` - Color bool `mapstructure:"color" env:"OCIS_LOG_COLOR;THUMBNAILS_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` - File string `mapstructure:"file" env:"OCIS_LOG_FILE;THUMBNAILS_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` + Level string `mapstructure:"level" env:"OC_LOG_LEVEL;THUMBNAILS_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` + Pretty bool `mapstructure:"pretty" env:"OC_LOG_PRETTY;THUMBNAILS_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` + Color bool `mapstructure:"color" env:"OC_LOG_COLOR;THUMBNAILS_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` + File string `mapstructure:"file" env:"OC_LOG_FILE;THUMBNAILS_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` } diff --git a/services/thumbnails/pkg/config/tracing.go b/services/thumbnails/pkg/config/tracing.go index 834b323a1..803f06b4d 100644 --- a/services/thumbnails/pkg/config/tracing.go +++ b/services/thumbnails/pkg/config/tracing.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/tracing" // Tracing defines the available tracing configuration. type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;THUMBNAILS_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;THUMBNAILS_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;THUMBNAILS_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;THUMBNAILS_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;THUMBNAILS_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;THUMBNAILS_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;THUMBNAILS_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;THUMBNAILS_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` } // Convert Tracing to the tracing package's Config struct. diff --git a/services/userlog/README.md b/services/userlog/README.md index 15d9c4d28..5105e59de 100644 --- a/services/userlog/README.md +++ b/services/userlog/README.md @@ -28,9 +28,9 @@ Note: The service can only be scaled if not using `memory` store and the stores Note that if you have used one of the deprecated stores, you should reconfigure to one of the supported ones as the deprecated stores will be removed in a later version. Store specific notes: - - When using `redis-sentinel`, the Redis master to use is configured via e.g. `OCIS_CACHE_STORE_NODES` in the form of `:/` like `10.10.0.200:26379/mymaster`. - - When using `nats-js-kv` it is recommended to set `OCIS_CACHE_STORE_NODES` to the same value as `OCIS_EVENTS_ENDPOINT`. That way the cache uses the same nats instance as the event bus. - - When using the `nats-js-kv` store, it is possible to set `OCIS_CACHE_DISABLE_PERSISTENCE` to instruct nats to not persist cache data on disc. + - When using `redis-sentinel`, the Redis master to use is configured via e.g. `OC_CACHE_STORE_NODES` in the form of `:/` like `10.10.0.200:26379/mymaster`. + - When using `nats-js-kv` it is recommended to set `OC_CACHE_STORE_NODES` to the same value as `OC_EVENTS_ENDPOINT`. That way the cache uses the same nats instance as the event bus. + - When using the `nats-js-kv` store, it is possible to set `OC_CACHE_DISABLE_PERSISTENCE` to instruct nats to not persist cache data on disc. ## Configuring @@ -82,4 +82,4 @@ which is the source of the texts provided by the code. ## Default Language -The default language can be defined via the `OCIS_DEFAULT_LANGUAGE` environment variable. See the `settings` service for a detailed description. +The default language can be defined via the `OC_DEFAULT_LANGUAGE` environment variable. See the `settings` service for a detailed description. diff --git a/services/userlog/pkg/config/config.go b/services/userlog/pkg/config/config.go index 4fad0a484..b3bd35842 100644 --- a/services/userlog/pkg/config/config.go +++ b/services/userlog/pkg/config/config.go @@ -22,14 +22,14 @@ type Config struct { TokenManager *TokenManager `yaml:"token_manager"` - RevaGateway string `yaml:"reva_gateway" env:"OCIS_REVA_GATEWAY" desc:"CS3 gateway used to look up user metadata" introductionVersion:"pre5.0"` - TranslationPath string `yaml:"translation_path" env:"OCIS_TRANSLATION_PATH;USERLOG_TRANSLATION_PATH" desc:"(optional) Set this to a path with custom translations to overwrite the builtin translations. Note that file and folder naming rules apply, see the documentation for more details." introductionVersion:"pre5.0"` - DefaultLanguage string `yaml:"default_language" env:"OCIS_DEFAULT_LANGUAGE" desc:"The default language used by services and the WebUI. If not defined, English will be used as default. See the documentation for more details." introductionVersion:"5.0"` + RevaGateway string `yaml:"reva_gateway" env:"OC_REVA_GATEWAY" desc:"CS3 gateway used to look up user metadata" introductionVersion:"pre5.0"` + TranslationPath string `yaml:"translation_path" env:"OC_TRANSLATION_PATH;USERLOG_TRANSLATION_PATH" desc:"(optional) Set this to a path with custom translations to overwrite the builtin translations. Note that file and folder naming rules apply, see the documentation for more details." introductionVersion:"pre5.0"` + DefaultLanguage string `yaml:"default_language" env:"OC_DEFAULT_LANGUAGE" desc:"The default language used by services and the WebUI. If not defined, English will be used as default. See the documentation for more details." introductionVersion:"5.0"` Events Events `yaml:"events"` - MaxConcurrency int `yaml:"max_concurrency" env:"OCIS_MAX_CONCURRENCY;USERLOG_MAX_CONCURRENCY" desc:"Maximum number of concurrent go-routines. Higher values can potentially get work done faster but will also cause more load on the system. Values of 0 or below will be ignored and the default value will be used." introductionVersion:"7.0.0"` + MaxConcurrency int `yaml:"max_concurrency" env:"OC_MAX_CONCURRENCY;USERLOG_MAX_CONCURRENCY" desc:"Maximum number of concurrent go-routines. Higher values can potentially get work done faster but will also cause more load on the system. Values of 0 or below will be ignored and the default value will be used." introductionVersion:"7.0.0"` Persistence Persistence `yaml:"persistence"` - DisableSSE bool `yaml:"disable_sse" env:"OCIS_DISABLE_SSE,USERLOG_DISABLE_SSE" desc:"Disables server-sent events (sse). When disabled, clients will no longer receive sse notifications." introductionVersion:"pre5.0"` + DisableSSE bool `yaml:"disable_sse" env:"OC_DISABLE_SSE,USERLOG_DISABLE_SSE" desc:"Disables server-sent events (sse). When disabled, clients will no longer receive sse notifications." introductionVersion:"pre5.0"` GlobalNotificationsSecret string `yaml:"global_notifications_secret" env:"USERLOG_GLOBAL_NOTIFICATIONS_SECRET" desc:"The secret to secure the global notifications endpoint. Only system admins and users knowing that secret can call the global notifications POST/DELETE endpoints." introductionVersion:"pre5.0"` @@ -40,32 +40,32 @@ type Config struct { // Persistence configures the store to use type Persistence struct { - Store string `yaml:"store" env:"OCIS_PERSISTENT_STORE;USERLOG_STORE" desc:"The type of the store. Supported values are: 'memory', 'nats-js-kv', 'redis-sentinel', 'noop'. See the text description for details." introductionVersion:"pre5.0"` - Nodes []string `yaml:"nodes" env:"OCIS_PERSISTENT_STORE_NODES;USERLOG_STORE_NODES" desc:"A list of nodes to access the configured store. This has no effect when 'memory' store is configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + Store string `yaml:"store" env:"OC_PERSISTENT_STORE;USERLOG_STORE" desc:"The type of the store. Supported values are: 'memory', 'nats-js-kv', 'redis-sentinel', 'noop'. See the text description for details." introductionVersion:"pre5.0"` + Nodes []string `yaml:"nodes" env:"OC_PERSISTENT_STORE_NODES;USERLOG_STORE_NODES" desc:"A list of nodes to access the configured store. This has no effect when 'memory' store is configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` Database string `yaml:"database" env:"USERLOG_STORE_DATABASE" desc:"The database name the configured store should use." introductionVersion:"pre5.0"` Table string `yaml:"table" env:"USERLOG_STORE_TABLE" desc:"The database table the store should use." introductionVersion:"pre5.0"` - TTL time.Duration `yaml:"ttl" env:"OCIS_PERSISTENT_STORE_TTL;USERLOG_STORE_TTL" desc:"Time to live for events in the store. Defaults to '336h' (2 weeks). See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AuthUsername string `yaml:"username" env:"OCIS_PERSISTENT_STORE_AUTH_USERNAME;USERLOG_STORE_AUTH_USERNAME" desc:"The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` - AuthPassword string `yaml:"password" env:"OCIS_PERSISTENT_STORE_AUTH_PASSWORD;USERLOG_STORE_AUTH_PASSWORD" desc:"The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` + TTL time.Duration `yaml:"ttl" env:"OC_PERSISTENT_STORE_TTL;USERLOG_STORE_TTL" desc:"Time to live for events in the store. Defaults to '336h' (2 weeks). See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AuthUsername string `yaml:"username" env:"OC_PERSISTENT_STORE_AUTH_USERNAME;USERLOG_STORE_AUTH_USERNAME" desc:"The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` + AuthPassword string `yaml:"password" env:"OC_PERSISTENT_STORE_AUTH_PASSWORD;USERLOG_STORE_AUTH_PASSWORD" desc:"The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"5.0"` } // Events combines the configuration options for the event bus. type Events struct { - Endpoint string `yaml:"endpoint" env:"OCIS_EVENTS_ENDPOINT;USERLOG_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"pre5.0"` - Cluster string `yaml:"cluster" env:"OCIS_EVENTS_CLUSTER;USERLOG_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"pre5.0"` - TLSInsecure bool `yaml:"tls_insecure" env:"OCIS_INSECURE;USERLOG_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"pre5.0"` - TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;USERLOG_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"pre5.0"` - EnableTLS bool `yaml:"enable_tls" env:"OCIS_EVENTS_ENABLE_TLS;USERLOG_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"pre5.0"` - AuthUsername string `yaml:"username" env:"OCIS_EVENTS_AUTH_USERNAME;USERLOG_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` - AuthPassword string `yaml:"password" env:"OCIS_EVENTS_AUTH_PASSWORD;USERLOG_EVENTS_AUTH_PASSWORD" desc:"The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` + Endpoint string `yaml:"endpoint" env:"OC_EVENTS_ENDPOINT;USERLOG_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"pre5.0"` + Cluster string `yaml:"cluster" env:"OC_EVENTS_CLUSTER;USERLOG_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"pre5.0"` + TLSInsecure bool `yaml:"tls_insecure" env:"OC_INSECURE;USERLOG_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"pre5.0"` + TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;USERLOG_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"pre5.0"` + EnableTLS bool `yaml:"enable_tls" env:"OC_EVENTS_ENABLE_TLS;USERLOG_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"pre5.0"` + AuthUsername string `yaml:"username" env:"OC_EVENTS_AUTH_USERNAME;USERLOG_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` + AuthPassword string `yaml:"password" env:"OC_EVENTS_AUTH_PASSWORD;USERLOG_EVENTS_AUTH_PASSWORD" desc:"The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services." introductionVersion:"5.0"` } // CORS defines the available cors configuration. type CORS struct { - AllowedOrigins []string `yaml:"allow_origins" env:"OCIS_CORS_ALLOW_ORIGINS;USERLOG_CORS_ALLOW_ORIGINS" desc:"A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AllowedMethods []string `yaml:"allow_methods" env:"OCIS_CORS_ALLOW_METHODS;USERLOG_CORS_ALLOW_METHODS" desc:"A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AllowedHeaders []string `yaml:"allow_headers" env:"OCIS_CORS_ALLOW_HEADERS;USERLOG_CORS_ALLOW_HEADERS" desc:"A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AllowCredentials bool `yaml:"allow_credentials" env:"OCIS_CORS_ALLOW_CREDENTIALS;USERLOG_CORS_ALLOW_CREDENTIALS" desc:"Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials." introductionVersion:"pre5.0"` + AllowedOrigins []string `yaml:"allow_origins" env:"OC_CORS_ALLOW_ORIGINS;USERLOG_CORS_ALLOW_ORIGINS" desc:"A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowedMethods []string `yaml:"allow_methods" env:"OC_CORS_ALLOW_METHODS;USERLOG_CORS_ALLOW_METHODS" desc:"A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowedHeaders []string `yaml:"allow_headers" env:"OC_CORS_ALLOW_HEADERS;USERLOG_CORS_ALLOW_HEADERS" desc:"A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowCredentials bool `yaml:"allow_credentials" env:"OC_CORS_ALLOW_CREDENTIALS;USERLOG_CORS_ALLOW_CREDENTIALS" desc:"Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials." introductionVersion:"pre5.0"` } // HTTP defines the available http configuration. @@ -79,11 +79,11 @@ type HTTP struct { // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;USERLOG_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` + JWTSecret string `yaml:"jwt_secret" env:"OC_JWT_SECRET;USERLOG_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` } // ServiceAccount is the configuration for the used service account type ServiceAccount struct { - ServiceAccountID string `yaml:"service_account_id" env:"OCIS_SERVICE_ACCOUNT_ID;USERLOG_SERVICE_ACCOUNT_ID" desc:"The ID of the service account the service should use. See the 'auth-service' service description for more details." introductionVersion:"5.0"` - ServiceAccountSecret string `yaml:"service_account_secret" env:"OCIS_SERVICE_ACCOUNT_SECRET;USERLOG_SERVICE_ACCOUNT_SECRET" desc:"The service account secret." introductionVersion:"5.0"` + ServiceAccountID string `yaml:"service_account_id" env:"OC_SERVICE_ACCOUNT_ID;USERLOG_SERVICE_ACCOUNT_ID" desc:"The ID of the service account the service should use. See the 'auth-service' service description for more details." introductionVersion:"5.0"` + ServiceAccountSecret string `yaml:"service_account_secret" env:"OC_SERVICE_ACCOUNT_SECRET;USERLOG_SERVICE_ACCOUNT_SECRET" desc:"The service account secret." introductionVersion:"5.0"` } diff --git a/services/userlog/pkg/config/log.go b/services/userlog/pkg/config/log.go index edf795ef7..fbfb1a049 100644 --- a/services/userlog/pkg/config/log.go +++ b/services/userlog/pkg/config/log.go @@ -2,8 +2,8 @@ package config // Log defines the available log configuration. type Log struct { - Level string `mapstructure:"level" env:"OCIS_LOG_LEVEL;USERLOG_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` - Pretty bool `mapstructure:"pretty" env:"OCIS_LOG_PRETTY;USERLOG_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` - Color bool `mapstructure:"color" env:"OCIS_LOG_COLOR;USERLOG_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` - File string `mapstructure:"file" env:"OCIS_LOG_FILE;USERLOG_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` + Level string `mapstructure:"level" env:"OC_LOG_LEVEL;USERLOG_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` + Pretty bool `mapstructure:"pretty" env:"OC_LOG_PRETTY;USERLOG_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` + Color bool `mapstructure:"color" env:"OC_LOG_COLOR;USERLOG_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` + File string `mapstructure:"file" env:"OC_LOG_FILE;USERLOG_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` } diff --git a/services/userlog/pkg/config/tracing.go b/services/userlog/pkg/config/tracing.go index 7a2f9ed1e..e1fb2c05d 100644 --- a/services/userlog/pkg/config/tracing.go +++ b/services/userlog/pkg/config/tracing.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/tracing" // Tracing defines the available tracing configuration. type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;USERLOG_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;USERLOG_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;USERLOG_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;USERLOG_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;USERLOG_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;USERLOG_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;USERLOG_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;USERLOG_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` } // Convert Tracing to the tracing package's Config struct. diff --git a/services/users/pkg/config/config.go b/services/users/pkg/config/config.go index 39e59d50b..470d49b52 100644 --- a/services/users/pkg/config/config.go +++ b/services/users/pkg/config/config.go @@ -26,10 +26,10 @@ type Config struct { Context context.Context `yaml:"-"` } type Log struct { - Level string `yaml:"level" env:"OCIS_LOG_LEVEL;USERS_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` - Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;USERS_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` - Color bool `yaml:"color" env:"OCIS_LOG_COLOR;USERS_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` - File string `yaml:"file" env:"OCIS_LOG_FILE;USERS_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` + Level string `yaml:"level" env:"OC_LOG_LEVEL;USERS_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` + Pretty bool `yaml:"pretty" env:"OC_LOG_PRETTY;USERS_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` + Color bool `yaml:"color" env:"OC_LOG_COLOR;USERS_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` + File string `yaml:"file" env:"OC_LOG_FILE;USERS_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` } type Service struct { @@ -47,7 +47,7 @@ type GRPCConfig struct { Addr string `yaml:"addr" env:"USERS_GRPC_ADDR" desc:"The bind address of the GRPC service." introductionVersion:"pre5.0"` TLS *shared.GRPCServiceTLS `yaml:"tls"` Namespace string `yaml:"-"` - Protocol string `yaml:"protocol" env:"OCIS_GRPC_PROTOCOL;USERS_GRPC_PROTOCOL" desc:"The transport protocol of the GPRC service." introductionVersion:"pre5.0"` + Protocol string `yaml:"protocol" env:"OC_GRPC_PROTOCOL;USERS_GRPC_PROTOCOL" desc:"The transport protocol of the GPRC service." introductionVersion:"pre5.0"` } type Drivers struct { @@ -62,44 +62,44 @@ type JSONDriver struct { File string `yaml:"file"` } type LDAPDriver struct { - URI string `yaml:"uri" env:"OCIS_LDAP_URI;USERS_LDAP_URI" desc:"URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' and 'ldap://'" introductionVersion:"pre5.0"` - CACert string `yaml:"ca_cert" env:"OCIS_LDAP_CACERT;USERS_LDAP_CACERT" desc:"Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/idm." introductionVersion:"pre5.0"` - Insecure bool `yaml:"insecure" env:"OCIS_LDAP_INSECURE;USERS_LDAP_INSECURE" desc:"Disable TLS certificate validation for the LDAP connections. Do not set this in production environments." introductionVersion:"pre5.0"` - BindDN string `yaml:"bind_dn" env:"OCIS_LDAP_BIND_DN;USERS_LDAP_BIND_DN" desc:"LDAP DN to use for simple bind authentication with the target LDAP server." introductionVersion:"pre5.0"` - BindPassword string `yaml:"bind_password" env:"OCIS_LDAP_BIND_PASSWORD;USERS_LDAP_BIND_PASSWORD" desc:"Password to use for authenticating the 'bind_dn'." introductionVersion:"pre5.0"` - UserBaseDN string `yaml:"user_base_dn" env:"OCIS_LDAP_USER_BASE_DN;USERS_LDAP_USER_BASE_DN" desc:"Search base DN for looking up LDAP users." introductionVersion:"pre5.0"` - GroupBaseDN string `yaml:"group_base_dn" env:"OCIS_LDAP_GROUP_BASE_DN;USERS_LDAP_GROUP_BASE_DN" desc:"Search base DN for looking up LDAP groups." introductionVersion:"pre5.0"` - UserScope string `yaml:"user_scope" env:"OCIS_LDAP_USER_SCOPE;USERS_LDAP_USER_SCOPE" desc:"LDAP search scope to use when looking up users. Supported values are 'base', 'one' and 'sub'." introductionVersion:"pre5.0"` - GroupScope string `yaml:"group_scope" env:"OCIS_LDAP_GROUP_SCOPE;USERS_LDAP_GROUP_SCOPE" desc:"LDAP search scope to use when looking up groups. Supported values are 'base', 'one' and 'sub'." introductionVersion:"pre5.0"` + URI string `yaml:"uri" env:"OC_LDAP_URI;USERS_LDAP_URI" desc:"URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' and 'ldap://'" introductionVersion:"pre5.0"` + CACert string `yaml:"ca_cert" env:"OC_LDAP_CACERT;USERS_LDAP_CACERT" desc:"Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idm." introductionVersion:"pre5.0"` + Insecure bool `yaml:"insecure" env:"OC_LDAP_INSECURE;USERS_LDAP_INSECURE" desc:"Disable TLS certificate validation for the LDAP connections. Do not set this in production environments." introductionVersion:"pre5.0"` + BindDN string `yaml:"bind_dn" env:"OC_LDAP_BIND_DN;USERS_LDAP_BIND_DN" desc:"LDAP DN to use for simple bind authentication with the target LDAP server." introductionVersion:"pre5.0"` + BindPassword string `yaml:"bind_password" env:"OC_LDAP_BIND_PASSWORD;USERS_LDAP_BIND_PASSWORD" desc:"Password to use for authenticating the 'bind_dn'." introductionVersion:"pre5.0"` + UserBaseDN string `yaml:"user_base_dn" env:"OC_LDAP_USER_BASE_DN;USERS_LDAP_USER_BASE_DN" desc:"Search base DN for looking up LDAP users." introductionVersion:"pre5.0"` + GroupBaseDN string `yaml:"group_base_dn" env:"OC_LDAP_GROUP_BASE_DN;USERS_LDAP_GROUP_BASE_DN" desc:"Search base DN for looking up LDAP groups." introductionVersion:"pre5.0"` + UserScope string `yaml:"user_scope" env:"OC_LDAP_USER_SCOPE;USERS_LDAP_USER_SCOPE" desc:"LDAP search scope to use when looking up users. Supported values are 'base', 'one' and 'sub'." introductionVersion:"pre5.0"` + GroupScope string `yaml:"group_scope" env:"OC_LDAP_GROUP_SCOPE;USERS_LDAP_GROUP_SCOPE" desc:"LDAP search scope to use when looking up groups. Supported values are 'base', 'one' and 'sub'." introductionVersion:"pre5.0"` UserSubstringFilterType string `yaml:"user_substring_filter_type" env:"LDAP_USER_SUBSTRING_FILTER_TYPE;USERS_LDAP_USER_SUBSTRING_FILTER_TYPE" desc:"Type of substring search filter to use for substring searches for users. Possible values: 'initial' for doing prefix only searches, 'final' for doing suffix only searches or 'any' for doing full substring searches" introductionVersion:"pre5.0"` - UserFilter string `yaml:"user_filter" env:"OCIS_LDAP_USER_FILTER;USERS_LDAP_USER_FILTER" desc:"LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'." introductionVersion:"pre5.0"` - GroupFilter string `yaml:"group_filter" env:"OCIS_LDAP_GROUP_FILTER;USERS_LDAP_GROUP_FILTER" desc:"LDAP filter to add to the default filters for group searches." introductionVersion:"pre5.0"` - UserObjectClass string `yaml:"user_object_class" env:"OCIS_LDAP_USER_OBJECTCLASS;USERS_LDAP_USER_OBJECTCLASS" desc:"The object class to use for users in the default user search filter like 'inetOrgPerson'." introductionVersion:"pre5.0"` - GroupObjectClass string `yaml:"group_object_class" env:"OCIS_LDAP_GROUP_OBJECTCLASS;USERS_LDAP_GROUP_OBJECTCLASS" desc:"The object class to use for groups in the default group search filter like 'groupOfNames'." introductionVersion:"pre5.0"` - IDP string `yaml:"idp" env:"OCIS_URL;OCIS_OIDC_ISSUER;USERS_IDP_URL" desc:"The identity provider value to set in the userids of the CS3 user objects for users returned by this user provider." introductionVersion:"pre5.0"` - DisableUserMechanism string `yaml:"disable_user_mechanism" env:"OCIS_LDAP_DISABLE_USER_MECHANISM;USERS_LDAP_DISABLE_USER_MECHANISM" desc:"An option to control the behavior for disabling users. Valid options are 'none', 'attribute' and 'group'. If set to 'group', disabling a user via API will add the user to the configured group for disabled users, if set to 'attribute' this will be done in the ldap user entry, if set to 'none' the disable request is not processed." introductionVersion:"pre5.0"` - UserTypeAttribute string `yaml:"user_type_attribute" env:"OCIS_LDAP_USER_SCHEMA_USER_TYPE;USERS_LDAP_USER_TYPE_ATTRIBUTE" desc:"LDAP Attribute to distinguish between 'Member' and 'Guest' users. Default is 'ownCloudUserType'." introductionVersion:"pre5.0"` - LdapDisabledUsersGroupDN string `yaml:"ldap_disabled_users_group_dn" env:"OCIS_LDAP_DISABLED_USERS_GROUP_DN;USERS_LDAP_DISABLED_USERS_GROUP_DN" desc:"The distinguished name of the group to which added users will be classified as disabled when 'disable_user_mechanism' is set to 'group'." introductionVersion:"pre5.0"` + UserFilter string `yaml:"user_filter" env:"OC_LDAP_USER_FILTER;USERS_LDAP_USER_FILTER" desc:"LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'." introductionVersion:"pre5.0"` + GroupFilter string `yaml:"group_filter" env:"OC_LDAP_GROUP_FILTER;USERS_LDAP_GROUP_FILTER" desc:"LDAP filter to add to the default filters for group searches." introductionVersion:"pre5.0"` + UserObjectClass string `yaml:"user_object_class" env:"OC_LDAP_USER_OBJECTCLASS;USERS_LDAP_USER_OBJECTCLASS" desc:"The object class to use for users in the default user search filter like 'inetOrgPerson'." introductionVersion:"pre5.0"` + GroupObjectClass string `yaml:"group_object_class" env:"OC_LDAP_GROUP_OBJECTCLASS;USERS_LDAP_GROUP_OBJECTCLASS" desc:"The object class to use for groups in the default group search filter like 'groupOfNames'." introductionVersion:"pre5.0"` + IDP string `yaml:"idp" env:"OC_URL;OC_OIDC_ISSUER;USERS_IDP_URL" desc:"The identity provider value to set in the userids of the CS3 user objects for users returned by this user provider." introductionVersion:"pre5.0"` + DisableUserMechanism string `yaml:"disable_user_mechanism" env:"OC_LDAP_DISABLE_USER_MECHANISM;USERS_LDAP_DISABLE_USER_MECHANISM" desc:"An option to control the behavior for disabling users. Valid options are 'none', 'attribute' and 'group'. If set to 'group', disabling a user via API will add the user to the configured group for disabled users, if set to 'attribute' this will be done in the ldap user entry, if set to 'none' the disable request is not processed." introductionVersion:"pre5.0"` + UserTypeAttribute string `yaml:"user_type_attribute" env:"OC_LDAP_USER_SCHEMA_USER_TYPE;USERS_LDAP_USER_TYPE_ATTRIBUTE" desc:"LDAP Attribute to distinguish between 'Member' and 'Guest' users. Default is 'ownCloudUserType'." introductionVersion:"pre5.0"` + LdapDisabledUsersGroupDN string `yaml:"ldap_disabled_users_group_dn" env:"OC_LDAP_DISABLED_USERS_GROUP_DN;USERS_LDAP_DISABLED_USERS_GROUP_DN" desc:"The distinguished name of the group to which added users will be classified as disabled when 'disable_user_mechanism' is set to 'group'." introductionVersion:"pre5.0"` UserSchema LDAPUserSchema `yaml:"user_schema"` GroupSchema LDAPGroupSchema `yaml:"group_schema"` } type LDAPUserSchema struct { - ID string `yaml:"id" env:"OCIS_LDAP_USER_SCHEMA_ID;USERS_LDAP_USER_SCHEMA_ID" desc:"LDAP Attribute to use as the unique ID for users. This should be a stable globally unique ID like a UUID." introductionVersion:"pre5.0"` - IDIsOctetString bool `yaml:"id_is_octet_string" env:"OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;USERS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING" desc:"Set this to true if the defined 'ID' attribute for users is of the 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute of Active Directory for the user ID's." introductionVersion:"pre5.0"` - Mail string `yaml:"mail" env:"OCIS_LDAP_USER_SCHEMA_MAIL;USERS_LDAP_USER_SCHEMA_MAIL" desc:"LDAP Attribute to use for the email address of users." introductionVersion:"pre5.0"` - DisplayName string `yaml:"display_name" env:"OCIS_LDAP_USER_SCHEMA_DISPLAYNAME;USERS_LDAP_USER_SCHEMA_DISPLAYNAME" desc:"LDAP Attribute to use for the displayname of users." introductionVersion:"pre5.0"` - Username string `yaml:"user_name" env:"OCIS_LDAP_USER_SCHEMA_USERNAME;USERS_LDAP_USER_SCHEMA_USERNAME" desc:"LDAP Attribute to use for username of users." introductionVersion:"pre5.0"` - Enabled string `yaml:"user_enabled" env:"OCIS_LDAP_USER_ENABLED_ATTRIBUTE;USERS_LDAP_USER_ENABLED_ATTRIBUTE" desc:"LDAP attribute to use as a flag telling if the user is enabled or disabled." introductionVersion:"pre5.0"` + ID string `yaml:"id" env:"OC_LDAP_USER_SCHEMA_ID;USERS_LDAP_USER_SCHEMA_ID" desc:"LDAP Attribute to use as the unique ID for users. This should be a stable globally unique ID like a UUID." introductionVersion:"pre5.0"` + IDIsOctetString bool `yaml:"id_is_octet_string" env:"OC_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;USERS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING" desc:"Set this to true if the defined 'ID' attribute for users is of the 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute of Active Directory for the user ID's." introductionVersion:"pre5.0"` + Mail string `yaml:"mail" env:"OC_LDAP_USER_SCHEMA_MAIL;USERS_LDAP_USER_SCHEMA_MAIL" desc:"LDAP Attribute to use for the email address of users." introductionVersion:"pre5.0"` + DisplayName string `yaml:"display_name" env:"OC_LDAP_USER_SCHEMA_DISPLAYNAME;USERS_LDAP_USER_SCHEMA_DISPLAYNAME" desc:"LDAP Attribute to use for the displayname of users." introductionVersion:"pre5.0"` + Username string `yaml:"user_name" env:"OC_LDAP_USER_SCHEMA_USERNAME;USERS_LDAP_USER_SCHEMA_USERNAME" desc:"LDAP Attribute to use for username of users." introductionVersion:"pre5.0"` + Enabled string `yaml:"user_enabled" env:"OC_LDAP_USER_ENABLED_ATTRIBUTE;USERS_LDAP_USER_ENABLED_ATTRIBUTE" desc:"LDAP attribute to use as a flag telling if the user is enabled or disabled." introductionVersion:"pre5.0"` } type LDAPGroupSchema struct { - ID string `yaml:"id" env:"OCIS_LDAP_GROUP_SCHEMA_ID;USERS_LDAP_GROUP_SCHEMA_ID" desc:"LDAP Attribute to use as the unique ID for groups. This should be a stable globally unique ID like a UUID." introductionVersion:"pre5.0"` - IDIsOctetString bool `yaml:"id_is_octet_string" env:"OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;USERS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING" desc:"Set this to true if the defined 'id' attribute for groups is of the 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute of Active Directory for the group ID's." introductionVersion:"pre5.0"` - Mail string `yaml:"mail" env:"OCIS_LDAP_GROUP_SCHEMA_MAIL;USERS_LDAP_GROUP_SCHEMA_MAIL" desc:"LDAP Attribute to use for the email address of groups (can be empty)." introductionVersion:"pre5.0"` - DisplayName string `yaml:"display_name" env:"OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME;USERS_LDAP_GROUP_SCHEMA_DISPLAYNAME" desc:"LDAP Attribute to use for the displayname of groups (often the same as groupname attribute)." introductionVersion:"pre5.0"` - Groupname string `yaml:"group_name" env:"OCIS_LDAP_GROUP_SCHEMA_GROUPNAME;USERS_LDAP_GROUP_SCHEMA_GROUPNAME" desc:"LDAP Attribute to use for the name of groups." introductionVersion:"pre5.0"` - Member string `yaml:"member" env:"OCIS_LDAP_GROUP_SCHEMA_MEMBER;USERS_LDAP_GROUP_SCHEMA_MEMBER" desc:"LDAP Attribute that is used for group members." introductionVersion:"pre5.0"` + ID string `yaml:"id" env:"OC_LDAP_GROUP_SCHEMA_ID;USERS_LDAP_GROUP_SCHEMA_ID" desc:"LDAP Attribute to use as the unique ID for groups. This should be a stable globally unique ID like a UUID." introductionVersion:"pre5.0"` + IDIsOctetString bool `yaml:"id_is_octet_string" env:"OC_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;USERS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING" desc:"Set this to true if the defined 'id' attribute for groups is of the 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute of Active Directory for the group ID's." introductionVersion:"pre5.0"` + Mail string `yaml:"mail" env:"OC_LDAP_GROUP_SCHEMA_MAIL;USERS_LDAP_GROUP_SCHEMA_MAIL" desc:"LDAP Attribute to use for the email address of groups (can be empty)." introductionVersion:"pre5.0"` + DisplayName string `yaml:"display_name" env:"OC_LDAP_GROUP_SCHEMA_DISPLAYNAME;USERS_LDAP_GROUP_SCHEMA_DISPLAYNAME" desc:"LDAP Attribute to use for the displayname of groups (often the same as groupname attribute)." introductionVersion:"pre5.0"` + Groupname string `yaml:"group_name" env:"OC_LDAP_GROUP_SCHEMA_GROUPNAME;USERS_LDAP_GROUP_SCHEMA_GROUPNAME" desc:"LDAP Attribute to use for the name of groups." introductionVersion:"pre5.0"` + Member string `yaml:"member" env:"OC_LDAP_GROUP_SCHEMA_MEMBER;USERS_LDAP_GROUP_SCHEMA_MEMBER" desc:"LDAP Attribute that is used for group members." introductionVersion:"pre5.0"` } type OwnCloudSQLDriver struct { diff --git a/services/users/pkg/config/reva.go b/services/users/pkg/config/reva.go index 3b652cd8c..3c117dd6a 100644 --- a/services/users/pkg/config/reva.go +++ b/services/users/pkg/config/reva.go @@ -2,5 +2,5 @@ package config // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;USERS_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` + JWTSecret string `yaml:"jwt_secret" env:"OC_JWT_SECRET;USERS_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` } diff --git a/services/users/pkg/config/tracing.go b/services/users/pkg/config/tracing.go index 3fe89435c..9e2df2f1e 100644 --- a/services/users/pkg/config/tracing.go +++ b/services/users/pkg/config/tracing.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/tracing" // Tracing defines the configuration options for tracing. type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;USERS_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;USERS_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;USERS_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;USERS_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;USERS_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;USERS_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;USERS_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;USERS_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` } // Convert Tracing to the tracing package's Config struct. diff --git a/services/web/README.md b/services/web/README.md index 80aa8fc49..c31ccb7e6 100644 --- a/services/web/README.md +++ b/services/web/README.md @@ -73,7 +73,7 @@ Web applications are loaded, if added in the Infinite Scale source code, at buil Additionally, the administrator can provide custom applications by storing them in the path defined by the environment variable `WEB_ASSET_APPS_PATH`. -This environment variable defaults to the Infinite Scale base data directory `$OCIS_BASE_DATA_PATH/web/assets/apps`, +This environment variable defaults to the Infinite Scale base data directory `$OC_BASE_DATA_PATH/web/assets/apps`, but can be redefined with any path set manually. The final list of available applications is composed of the built-in and the custom applications provided by the @@ -98,7 +98,7 @@ Everything else is skipped and not considered as an application. ### Application Configuration -If a custom configuration is needed, the administrator must provide the required configuration inside the `$OCIS_BASE_DATA_PATH/config/apps.yaml` file. +If a custom configuration is needed, the administrator must provide the required configuration inside the `$OC_BASE_DATA_PATH/config/apps.yaml` file. NOTE: An application manifest should _never_ be changed manually, see [Using Custom Assets](#using-custom-assets) for customisation. diff --git a/services/web/pkg/config/config.go b/services/web/pkg/config/config.go index 6f0c654cc..956894511 100644 --- a/services/web/pkg/config/config.go +++ b/services/web/pkg/config/config.go @@ -31,9 +31,9 @@ type Config struct { // Asset defines the available asset configuration. type Asset struct { - CorePath string `yaml:"core_path" env:"WEB_ASSET_CORE_PATH" desc:"Serve ownCloud Web assets from a path on the filesystem instead of the builtin assets. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/web/assets/core" introductionVersion:"6.0.0"` - ThemesPath string `yaml:"themes_path" env:"OCIS_ASSET_THEMES_PATH;WEB_ASSET_THEMES_PATH" desc:"Serve ownCloud themes from a path on the filesystem instead of the builtin assets. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/web/assets/themes" introductionVersion:"6.0.0"` - AppsPath string `yaml:"apps_path" env:"WEB_ASSET_APPS_PATH" desc:"Serve ownCloud Web apps assets from a path on the filesystem instead of the builtin assets. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/web/assets/apps" introductionVersion:"6.0.0"` + CorePath string `yaml:"core_path" env:"WEB_ASSET_CORE_PATH" desc:"Serve ownCloud Web assets from a path on the filesystem instead of the builtin assets. If not defined, the root directory derives from $OC_BASE_DATA_PATH/web/assets/core" introductionVersion:"6.0.0"` + ThemesPath string `yaml:"themes_path" env:"OC_ASSET_THEMES_PATH;WEB_ASSET_THEMES_PATH" desc:"Serve ownCloud themes from a path on the filesystem instead of the builtin assets. If not defined, the root directory derives from $OC_BASE_DATA_PATH/web/assets/themes" introductionVersion:"6.0.0"` + AppsPath string `yaml:"apps_path" env:"WEB_ASSET_APPS_PATH" desc:"Serve ownCloud Web apps assets from a path on the filesystem instead of the builtin assets. If not defined, the root directory derives from $OC_BASE_DATA_PATH/web/assets/apps" introductionVersion:"6.0.0"` } // CustomStyle references additional css to be loaded into ownCloud Web. @@ -54,7 +54,7 @@ type CustomTranslation struct { // WebConfig defines the available web configuration for a dynamically rendered config.json. type WebConfig struct { - Server string `json:"server,omitempty" yaml:"server" env:"OCIS_URL;WEB_UI_CONFIG_SERVER" desc:"URL, where the oCIS APIs are reachable for ownCloud Web." introductionVersion:"pre5.0"` + Server string `json:"server,omitempty" yaml:"server" env:"OC_URL;WEB_UI_CONFIG_SERVER" desc:"URL, where the oCIS APIs are reachable for ownCloud Web." introductionVersion:"pre5.0"` Theme string `json:"theme,omitempty" yaml:"-"` OpenIDConnect OIDC `json:"openIdConnect,omitempty" yaml:"oidc"` Apps []string `json:"apps" yaml:"apps"` @@ -69,8 +69,8 @@ type WebConfig struct { // OIDC defines the available oidc configuration type OIDC struct { MetadataURL string `json:"metadata_url,omitempty" yaml:"metadata_url" env:"WEB_OIDC_METADATA_URL" desc:"URL for the OIDC well-known configuration endpoint. Defaults to the oCIS API URL + '/.well-known/openid-configuration'." introductionVersion:"pre5.0"` - Authority string `json:"authority,omitempty" yaml:"authority" env:"OCIS_URL;OCIS_OIDC_ISSUER;WEB_OIDC_AUTHORITY" desc:"URL of the OIDC issuer. It defaults to URL of the builtin IDP." introductionVersion:"pre5.0"` - ClientID string `json:"client_id,omitempty" yaml:"client_id" env:"OCIS_OIDC_CLIENT_ID;WEB_OIDC_CLIENT_ID" desc:"The OIDC client ID which ownCloud Web uses. This client needs to be set up in your IDP. Note that this setting has no effect when using the builtin IDP." introductionVersion:"pre5.0"` + Authority string `json:"authority,omitempty" yaml:"authority" env:"OC_URL;OC_OIDC_ISSUER;WEB_OIDC_AUTHORITY" desc:"URL of the OIDC issuer. It defaults to URL of the builtin IDP." introductionVersion:"pre5.0"` + ClientID string `json:"client_id,omitempty" yaml:"client_id" env:"OC_OIDC_CLIENT_ID;WEB_OIDC_CLIENT_ID" desc:"The OIDC client ID which ownCloud Web uses. This client needs to be set up in your IDP. Note that this setting has no effect when using the builtin IDP." introductionVersion:"pre5.0"` ResponseType string `json:"response_type,omitempty" yaml:"response_type" env:"WEB_OIDC_RESPONSE_TYPE" desc:"The OIDC response type to use for authentication." introductionVersion:"pre5.0"` Scope string `json:"scope,omitempty" yaml:"scope" env:"WEB_OIDC_SCOPE" desc:"OIDC scopes to request during authentication to authorize access to user details. Defaults to 'openid profile email'. Values are separated by blank. More example values but not limited to are 'address' or 'phone' etc." introductionVersion:"pre5.0"` PostLogoutRedirectURI string `json:"post_logout_redirect_uri,omitempty" yaml:"post_logout_redirect_uri" env:"WEB_OIDC_POST_LOGOUT_REDIRECT_URI" desc:"This value needs to point to a valid and reachable web page. The web client will trigger a redirect to that page directly after the logout action. The default value is empty and redirects to the login page." introductionVersion:"pre5.0"` @@ -108,8 +108,8 @@ type ExternalAppConfig struct { // Web defines the available web configuration. type Web struct { - ThemeServer string `yaml:"theme_server" env:"OCIS_URL;WEB_UI_THEME_SERVER" desc:"Base URL to load themes from. Will be prepended to the theme path." introductionVersion:"pre5.0"` // used to build Theme in WebConfig - ThemePath string `yaml:"theme_path" env:"WEB_UI_THEME_PATH" desc:"Path to the theme json file. Will be appended to the URL of the theme server." introductionVersion:"pre5.0"` // used to build Theme in WebConfig + ThemeServer string `yaml:"theme_server" env:"OC_URL;WEB_UI_THEME_SERVER" desc:"Base URL to load themes from. Will be prepended to the theme path." introductionVersion:"pre5.0"` // used to build Theme in WebConfig + ThemePath string `yaml:"theme_path" env:"WEB_UI_THEME_PATH" desc:"Path to the theme json file. Will be appended to the URL of the theme server." introductionVersion:"pre5.0"` // used to build Theme in WebConfig Config WebConfig `yaml:"config"` } @@ -121,5 +121,5 @@ type App struct { // TokenManager is the config for using the reva token manager type TokenManager struct { - JWTSecret string `yaml:"jwt_secret" env:"OCIS_JWT_SECRET;WEB_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` + JWTSecret string `yaml:"jwt_secret" env:"OC_JWT_SECRET;WEB_JWT_SECRET" desc:"The secret to mint and validate jwt tokens." introductionVersion:"pre5.0"` } diff --git a/services/web/pkg/config/http.go b/services/web/pkg/config/http.go index 7e1b2f1f3..f82ed0225 100644 --- a/services/web/pkg/config/http.go +++ b/services/web/pkg/config/http.go @@ -14,8 +14,8 @@ type HTTP struct { // CORS defines the available cors configuration. type CORS struct { - AllowedOrigins []string `yaml:"allow_origins" env:"OCIS_CORS_ALLOW_ORIGINS;WEB_CORS_ALLOW_ORIGINS" desc:"A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AllowedMethods []string `yaml:"allow_methods" env:"OCIS_CORS_ALLOW_METHODS;WEB_CORS_ALLOW_METHODS" desc:"A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AllowedHeaders []string `yaml:"allow_headers" env:"OCIS_CORS_ALLOW_HEADERS;WEB_CORS_ALLOW_HEADERS" desc:"A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AllowCredentials bool `yaml:"allow_credentials" env:"OCIS_CORS_ALLOW_CREDENTIALS;WEB_CORS_ALLOW_CREDENTIALS" desc:"Allow credentials for CORS. See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials." introductionVersion:"pre5.0"` + AllowedOrigins []string `yaml:"allow_origins" env:"OC_CORS_ALLOW_ORIGINS;WEB_CORS_ALLOW_ORIGINS" desc:"A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowedMethods []string `yaml:"allow_methods" env:"OC_CORS_ALLOW_METHODS;WEB_CORS_ALLOW_METHODS" desc:"A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowedHeaders []string `yaml:"allow_headers" env:"OC_CORS_ALLOW_HEADERS;WEB_CORS_ALLOW_HEADERS" desc:"A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowCredentials bool `yaml:"allow_credentials" env:"OC_CORS_ALLOW_CREDENTIALS;WEB_CORS_ALLOW_CREDENTIALS" desc:"Allow credentials for CORS. See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials." introductionVersion:"pre5.0"` } diff --git a/services/web/pkg/config/log.go b/services/web/pkg/config/log.go index 52036a2ef..a5213deb6 100644 --- a/services/web/pkg/config/log.go +++ b/services/web/pkg/config/log.go @@ -2,8 +2,8 @@ package config // Log defines the available log configuration. type Log struct { - Level string `mapstructure:"level" env:"OCIS_LOG_LEVEL;WEB_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` - Pretty bool `mapstructure:"pretty" env:"OCIS_LOG_PRETTY;WEB_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` - Color bool `mapstructure:"color" env:"OCIS_LOG_COLOR;WEB_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` - File string `mapstructure:"file" env:"OCIS_LOG_FILE;WEB_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` + Level string `mapstructure:"level" env:"OC_LOG_LEVEL;WEB_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` + Pretty bool `mapstructure:"pretty" env:"OC_LOG_PRETTY;WEB_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` + Color bool `mapstructure:"color" env:"OC_LOG_COLOR;WEB_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` + File string `mapstructure:"file" env:"OC_LOG_FILE;WEB_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` } diff --git a/services/web/pkg/config/tracing.go b/services/web/pkg/config/tracing.go index 0a899d2ba..473073888 100644 --- a/services/web/pkg/config/tracing.go +++ b/services/web/pkg/config/tracing.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/tracing" // Tracing defines the available tracing configuration. type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;WEB_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;WEB_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;WEB_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;WEB_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;WEB_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;WEB_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;WEB_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;WEB_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` } // Convert Tracing to the tracing package's Config struct. diff --git a/services/webdav/pkg/config/config.go b/services/webdav/pkg/config/config.go index fb7f56122..b4a6f4c17 100644 --- a/services/webdav/pkg/config/config.go +++ b/services/webdav/pkg/config/config.go @@ -22,11 +22,11 @@ type Config struct { HTTP HTTP `yaml:"http"` - DisablePreviews bool `yaml:"disablePreviews" env:"OCIS_DISABLE_PREVIEWS;WEBDAV_DISABLE_PREVIEWS" desc:"Set this option to 'true' to disable rendering of thumbnails triggered via webdav access. Note that when disabled, all access to preview related webdav paths will return a 404." introductionVersion:"pre5.0"` - OcisPublicURL string `yaml:"ocis_public_url" env:"OCIS_URL;OCIS_PUBLIC_URL" desc:"URL, where oCIS is reachable for users." introductionVersion:"pre5.0"` + DisablePreviews bool `yaml:"disablePreviews" env:"OC_DISABLE_PREVIEWS;WEBDAV_DISABLE_PREVIEWS" desc:"Set this option to 'true' to disable rendering of thumbnails triggered via webdav access. Note that when disabled, all access to preview related webdav paths will return a 404." introductionVersion:"pre5.0"` + OcisPublicURL string `yaml:"ocis_public_url" env:"OC_URL;OC_PUBLIC_URL" desc:"URL, where oCIS is reachable for users." introductionVersion:"pre5.0"` WebdavNamespace string `yaml:"webdav_namespace" env:"WEBDAV_WEBDAV_NAMESPACE" desc:"CS3 path layout to use when forwarding /webdav requests" introductionVersion:"pre5.0"` - RevaGateway string `yaml:"reva_gateway" env:"OCIS_REVA_GATEWAY" desc:"CS3 gateway used to look up user metadata" introductionVersion:"pre5.0"` - RevaGatewayTLSMode string `yaml:"reva_gateway_tls_mode" env:"OCIS_REVA_GATEWAY_TLS_MODE" desc:"TLS mode for grpc connection to the CS3 gateway endpoint. Possible values are 'off', 'insecure' and 'on'. 'off': disables transport security for the clients. 'insecure' allows using transport security, but disables certificate verification (to be used with the autogenerated self-signed certificates). 'on' enables transport security, including server certificate verification." introductionVersion:"pre5.0"` - RevaGatewayTLSCACert string `yaml:"reva_gateway_tls_cacert" env:"OCIS_REVA_GATEWAY_TLS_CACERT" desc:"The root CA certificate used to validate the gateway's TLS certificate." introductionVersion:"pre5.0"` + RevaGateway string `yaml:"reva_gateway" env:"OC_REVA_GATEWAY" desc:"CS3 gateway used to look up user metadata" introductionVersion:"pre5.0"` + RevaGatewayTLSMode string `yaml:"reva_gateway_tls_mode" env:"OC_REVA_GATEWAY_TLS_MODE" desc:"TLS mode for grpc connection to the CS3 gateway endpoint. Possible values are 'off', 'insecure' and 'on'. 'off': disables transport security for the clients. 'insecure' allows using transport security, but disables certificate verification (to be used with the autogenerated self-signed certificates). 'on' enables transport security, including server certificate verification." introductionVersion:"pre5.0"` + RevaGatewayTLSCACert string `yaml:"reva_gateway_tls_cacert" env:"OC_REVA_GATEWAY_TLS_CACERT" desc:"The root CA certificate used to validate the gateway's TLS certificate." introductionVersion:"pre5.0"` Context context.Context `yaml:"-"` } diff --git a/services/webdav/pkg/config/http.go b/services/webdav/pkg/config/http.go index d24adcbe0..79f3876b6 100644 --- a/services/webdav/pkg/config/http.go +++ b/services/webdav/pkg/config/http.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/shared" // CORS defines the available cors configuration. type CORS struct { - AllowedOrigins []string `yaml:"allow_origins" env:"OCIS_CORS_ALLOW_ORIGINS;WEBDAV_CORS_ALLOW_ORIGINS" desc:"A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AllowedMethods []string `yaml:"allow_methods" env:"OCIS_CORS_ALLOW_METHODS;WEBDAV_CORS_ALLOW_METHODS" desc:"A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AllowedHeaders []string `yaml:"allow_headers" env:"OCIS_CORS_ALLOW_HEADERS;WEBDAV_CORS_ALLOW_HEADERS" desc:"A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AllowCredentials bool `yaml:"allow_credentials" env:"OCIS_CORS_ALLOW_CREDENTIALS;WEBDAV_CORS_ALLOW_CREDENTIALS" desc:"Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials." introductionVersion:"pre5.0"` + AllowedOrigins []string `yaml:"allow_origins" env:"OC_CORS_ALLOW_ORIGINS;WEBDAV_CORS_ALLOW_ORIGINS" desc:"A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowedMethods []string `yaml:"allow_methods" env:"OC_CORS_ALLOW_METHODS;WEBDAV_CORS_ALLOW_METHODS" desc:"A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowedHeaders []string `yaml:"allow_headers" env:"OC_CORS_ALLOW_HEADERS;WEBDAV_CORS_ALLOW_HEADERS" desc:"A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowCredentials bool `yaml:"allow_credentials" env:"OC_CORS_ALLOW_CREDENTIALS;WEBDAV_CORS_ALLOW_CREDENTIALS" desc:"Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials." introductionVersion:"pre5.0"` } // HTTP defines the available http configuration. diff --git a/services/webdav/pkg/config/log.go b/services/webdav/pkg/config/log.go index 3e3ea8eb7..1eacb778d 100644 --- a/services/webdav/pkg/config/log.go +++ b/services/webdav/pkg/config/log.go @@ -2,8 +2,8 @@ package config // Log defines the available log configuration. type Log struct { - Level string `mapstructure:"level" env:"OCIS_LOG_LEVEL;WEBDAV_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` - Pretty bool `mapstructure:"pretty" env:"OCIS_LOG_PRETTY;WEBDAV_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` - Color bool `mapstructure:"color" env:"OCIS_LOG_COLOR;WEBDAV_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` - File string `mapstructure:"file" env:"OCIS_LOG_FILE;WEBDAV_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` + Level string `mapstructure:"level" env:"OC_LOG_LEVEL;WEBDAV_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` + Pretty bool `mapstructure:"pretty" env:"OC_LOG_PRETTY;WEBDAV_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` + Color bool `mapstructure:"color" env:"OC_LOG_COLOR;WEBDAV_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` + File string `mapstructure:"file" env:"OC_LOG_FILE;WEBDAV_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` } diff --git a/services/webdav/pkg/config/tracing.go b/services/webdav/pkg/config/tracing.go index 58cb0cd56..75812a258 100644 --- a/services/webdav/pkg/config/tracing.go +++ b/services/webdav/pkg/config/tracing.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/tracing" // Tracing defines the available tracing configuration. type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;WEBDAV_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;WEBDAV_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;WEBDAV_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;WEBDAV_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;WEBDAV_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;WEBDAV_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;WEBDAV_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;WEBDAV_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` } // Convert Tracing to the tracing package's Config struct. diff --git a/services/webfinger/README.md b/services/webfinger/README.md index 241cd6c6a..82e38eb6f 100644 --- a/services/webfinger/README.md +++ b/services/webfinger/README.md @@ -29,7 +29,7 @@ When using OpenID connect to authenticate requests, clients can look up the ownc * Authentication is necessary to prevent leaking information about existing users. * Basic auth is not supported. -The default configuration will simply return the `OCIS_URL` and direct clients to that domain: +The default configuration will simply return the `OC_URL` and direct clients to that domain: ```json { diff --git a/services/webfinger/pkg/config/config.go b/services/webfinger/pkg/config/config.go index 27fc09af1..4c3971763 100644 --- a/services/webfinger/pkg/config/config.go +++ b/services/webfinger/pkg/config/config.go @@ -20,9 +20,9 @@ type Config struct { Instances []Instance `yaml:"instances"` Relations []string `yaml:"relations" env:"WEBFINGER_RELATIONS" desc:"A list of relation URIs or registered relation types to add to webfinger responses. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - IDP string `yaml:"idp" env:"OCIS_URL;OCIS_OIDC_ISSUER;WEBFINGER_OIDC_ISSUER" desc:"The identity provider href for the openid-discovery relation." introductionVersion:"pre5.0"` - OcisURL string `yaml:"ocis_url" env:"OCIS_URL;WEBFINGER_OWNCLOUD_SERVER_INSTANCE_URL" desc:"The URL for the legacy ownCloud server instance relation (not to be confused with the product ownCloud Server). It defaults to the OCIS_URL but can be overridden to support some reverse proxy corner cases. To shard the deployment, multiple instances can be configured in the configuration file." introductionVersion:"pre5.0"` - Insecure bool `yaml:"insecure" env:"OCIS_INSECURE;WEBFINGER_INSECURE" desc:"Allow insecure connections to the WEBFINGER service." introductionVersion:"pre5.0"` + IDP string `yaml:"idp" env:"OC_URL;OC_OIDC_ISSUER;WEBFINGER_OIDC_ISSUER" desc:"The identity provider href for the openid-discovery relation." introductionVersion:"pre5.0"` + OcisURL string `yaml:"ocis_url" env:"OC_URL;WEBFINGER_OWNCLOUD_SERVER_INSTANCE_URL" desc:"The URL for the legacy ownCloud server instance relation (not to be confused with the product ownCloud Server). It defaults to the OC_URL but can be overridden to support some reverse proxy corner cases. To shard the deployment, multiple instances can be configured in the configuration file." introductionVersion:"pre5.0"` + Insecure bool `yaml:"insecure" env:"OC_INSECURE;WEBFINGER_INSECURE" desc:"Allow insecure connections to the WEBFINGER service." introductionVersion:"pre5.0"` Context context.Context `yaml:"-"` } diff --git a/services/webfinger/pkg/config/defaults/defaultconfig.go b/services/webfinger/pkg/config/defaults/defaultconfig.go index 7e11701c3..8dfedb0d6 100644 --- a/services/webfinger/pkg/config/defaults/defaultconfig.go +++ b/services/webfinger/pkg/config/defaults/defaultconfig.go @@ -43,7 +43,7 @@ func DefaultConfig() *config.Config { { Claim: "sub", Regex: ".+", - Href: "{{.OCIS_URL}}", + Href: "{{.OC_URL}}", Titles: map[string]string{ "en": "oCIS Instance", }, diff --git a/services/webfinger/pkg/config/http.go b/services/webfinger/pkg/config/http.go index ac8de34cc..737710e1a 100644 --- a/services/webfinger/pkg/config/http.go +++ b/services/webfinger/pkg/config/http.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/shared" // CORS defines the available cors configuration. type CORS struct { - AllowedOrigins []string `yaml:"allow_origins" env:"OCIS_CORS_ALLOW_ORIGINS;WEBFINGER_CORS_ALLOW_ORIGINS" desc:"A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AllowedMethods []string `yaml:"allow_methods" env:"OCIS_CORS_ALLOW_METHODS;WEBFINGER_CORS_ALLOW_METHODS" desc:"A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AllowedHeaders []string `yaml:"allow_headers" env:"OCIS_CORS_ALLOW_HEADERS;WEBFINGER_CORS_ALLOW_HEADERS" desc:"A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` - AllowCredentials bool `yaml:"allow_credentials" env:"OCIS_CORS_ALLOW_CREDENTIALS;WEBFINGER_CORS_ALLOW_CREDENTIALS" desc:"Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials." introductionVersion:"pre5.0"` + AllowedOrigins []string `yaml:"allow_origins" env:"OC_CORS_ALLOW_ORIGINS;WEBFINGER_CORS_ALLOW_ORIGINS" desc:"A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowedMethods []string `yaml:"allow_methods" env:"OC_CORS_ALLOW_METHODS;WEBFINGER_CORS_ALLOW_METHODS" desc:"A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowedHeaders []string `yaml:"allow_headers" env:"OC_CORS_ALLOW_HEADERS;WEBFINGER_CORS_ALLOW_HEADERS" desc:"A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details." introductionVersion:"pre5.0"` + AllowCredentials bool `yaml:"allow_credentials" env:"OC_CORS_ALLOW_CREDENTIALS;WEBFINGER_CORS_ALLOW_CREDENTIALS" desc:"Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials." introductionVersion:"pre5.0"` } // HTTP defines the available http configuration. diff --git a/services/webfinger/pkg/config/log.go b/services/webfinger/pkg/config/log.go index 85f95f4e1..fd549f81b 100644 --- a/services/webfinger/pkg/config/log.go +++ b/services/webfinger/pkg/config/log.go @@ -2,8 +2,8 @@ package config // Log defines the available log configuration. type Log struct { - Level string `mapstructure:"level" env:"OCIS_LOG_LEVEL;WEBFINGER_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` - Pretty bool `mapstructure:"pretty" env:"OCIS_LOG_PRETTY;WEBFINGER_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` - Color bool `mapstructure:"color" env:"OCIS_LOG_COLOR;WEBFINGER_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` - File string `mapstructure:"file" env:"OCIS_LOG_FILE;WEBFINGER_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` + Level string `mapstructure:"level" env:"OC_LOG_LEVEL;WEBFINGER_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"pre5.0"` + Pretty bool `mapstructure:"pretty" env:"OC_LOG_PRETTY;WEBFINGER_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"pre5.0"` + Color bool `mapstructure:"color" env:"OC_LOG_COLOR;WEBFINGER_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"pre5.0"` + File string `mapstructure:"file" env:"OC_LOG_FILE;WEBFINGER_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"pre5.0"` } diff --git a/services/webfinger/pkg/config/tracing.go b/services/webfinger/pkg/config/tracing.go index b9c74d764..944584448 100644 --- a/services/webfinger/pkg/config/tracing.go +++ b/services/webfinger/pkg/config/tracing.go @@ -4,10 +4,10 @@ import "github.com/opencloud-eu/opencloud/ocis-pkg/tracing" // Tracing defines the available tracing configuration. type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;WEBFINGER_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;WEBFINGER_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;WEBFINGER_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;WEBFINGER_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` + Enabled bool `yaml:"enabled" env:"OC_TRACING_ENABLED;WEBFINGER_TRACING_ENABLED" desc:"Activates tracing." introductionVersion:"pre5.0"` + Type string `yaml:"type" env:"OC_TRACING_TYPE;WEBFINGER_TRACING_TYPE" desc:"The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now." introductionVersion:"pre5.0"` + Endpoint string `yaml:"endpoint" env:"OC_TRACING_ENDPOINT;WEBFINGER_TRACING_ENDPOINT" desc:"The endpoint of the tracing agent." introductionVersion:"pre5.0"` + Collector string `yaml:"collector" env:"OC_TRACING_COLLECTOR;WEBFINGER_TRACING_COLLECTOR" desc:"The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset." introductionVersion:"pre5.0"` } // Convert Tracing to the tracing package's Config struct. diff --git a/services/webfinger/pkg/relations/owncloud_instance.go b/services/webfinger/pkg/relations/owncloud_instance.go index f0ebf8beb..5cf047612 100644 --- a/services/webfinger/pkg/relations/owncloud_instance.go +++ b/services/webfinger/pkg/relations/owncloud_instance.go @@ -67,8 +67,8 @@ func (l *ownCloudInstance) Add(ctx context.Context, jrd *webfinger.JSONResourceD } else if value, ok := claims[oidc.Email].(string); ok { jrd.Subject = "mailto:" + value } - // allow referencing OCIS_URL in the template - claims["OCIS_URL"] = l.ocisURL + // allow referencing OC_URL in the template + claims["OC_URL"] = l.ocisURL for _, instance := range l.instances { if value, ok := claims[instance.Claim].(string); ok && instance.compiledRegex.MatchString(value) { var tmplWriter strings.Builder diff --git a/tests/acceptance/TestHelpers/OcisConfigHelper.php b/tests/acceptance/TestHelpers/OcisConfigHelper.php index 5d3ac479a..6f6b38b1b 100644 --- a/tests/acceptance/TestHelpers/OcisConfigHelper.php +++ b/tests/acceptance/TestHelpers/OcisConfigHelper.php @@ -76,7 +76,7 @@ class OcisConfigHelper { * @return string */ public static function getWrapperUrl(): string { - $url = \getenv("OCIS_WRAPPER_URL"); + $url = \getenv("OC_WRAPPER_URL"); if ($url === false) { $url = "http://localhost:5200"; } diff --git a/tests/acceptance/TestHelpers/OcisHelper.php b/tests/acceptance/TestHelpers/OcisHelper.php index ff75a2c97..4b829ab6f 100644 --- a/tests/acceptance/TestHelpers/OcisHelper.php +++ b/tests/acceptance/TestHelpers/OcisHelper.php @@ -260,7 +260,7 @@ class OcisHelper { * @return string */ private static function getOcisRevaDataRoot(): string { - $root = \getenv("OCIS_REVA_DATA_ROOT"); + $root = \getenv("OC_REVA_DATA_ROOT"); if ($root === false || $root === "") { $root = "/var/tmp/ocis/owncloud/"; } diff --git a/tests/acceptance/bootstrap/FeatureContext.php b/tests/acceptance/bootstrap/FeatureContext.php index 505080f5f..1999608f3 100644 --- a/tests/acceptance/bootstrap/FeatureContext.php +++ b/tests/acceptance/bootstrap/FeatureContext.php @@ -751,7 +751,7 @@ class FeatureContext extends BehatVariablesContext { * @return string */ public function getStorageUsersRoot(): string { - $ocisDataPath = getenv("OCIS_BASE_DATA_PATH") ? getenv("OCIS_BASE_DATA_PATH") : getenv("HOME") . '/.ocis'; + $ocisDataPath = getenv("OC_BASE_DATA_PATH") ? getenv("OC_BASE_DATA_PATH") : getenv("HOME") . '/.ocis'; return getenv("STORAGE_USERS_OCIS_ROOT") ? getenv("STORAGE_USERS_OCIS_ROOT") : $ocisDataPath . "/storage/users"; } diff --git a/tests/acceptance/bootstrap/OcisConfigContext.php b/tests/acceptance/bootstrap/OcisConfigContext.php index 85f20c871..5cc311250 100644 --- a/tests/acceptance/bootstrap/OcisConfigContext.php +++ b/tests/acceptance/bootstrap/OcisConfigContext.php @@ -59,8 +59,8 @@ class OcisConfigContext implements Context { */ public function asyncUploadHasBeenEnabledWithDelayedPostProcessing(string $delayTime): void { $envs = [ - "OCIS_ASYNC_UPLOADS" => true, - "OCIS_EVENTS_ENABLE_TLS" => false, + "OC_ASYNC_UPLOADS" => true, + "OC_EVENTS_ENABLE_TLS" => false, "POSTPROCESSING_DELAY" => $delayTime . "s", ]; diff --git a/tests/acceptance/docker/Makefile b/tests/acceptance/docker/Makefile index 8fa0430aa..357b84a0b 100644 --- a/tests/acceptance/docker/Makefile +++ b/tests/acceptance/docker/Makefile @@ -19,16 +19,16 @@ COMPOSE_FILE ?= src/redis.yml:src/ocis-base.yml:src/acceptance.yml BEHAT_FEATURE ?= -ifdef OCIS_IMAGE_TAG +ifdef OC_IMAGE_TAG BUILD_DEV_IMAGE := 0 else BUILD_DEV_IMAGE := 1 endif -OCIS_IMAGE_TAG ?= dev +OC_IMAGE_TAG ?= dev # run tests with ociswrapper by default WITH_WRAPPER ?= true -OCIS_WRAPPER := ../../ociswrapper/bin/ociswrapper +OC_WRAPPER := ../../ociswrapper/bin/ociswrapper ifdef START_TIKA ifeq ($(START_TIKA),true) @@ -63,7 +63,7 @@ help: @echo @echo -e "The oCIS to be tested will be build from your current working state." @echo -e "You also can select the oCIS Docker image for all tests by setting" - @echo -e "\tmake ... ${YELLOW}OCIS_IMAGE_TAG=latest${RESET}" + @echo -e "\tmake ... ${YELLOW}OC_IMAGE_TAG=latest${RESET}" @echo -e "where ${YELLOW}latest${RESET} is an example for any valid Docker image tag from" @echo -e "https://hub.docker.com/r/owncloud/ocis." @echo @@ -186,7 +186,7 @@ $(targets): $(MAKE) --no-print-directory testSuite .PHONY: testSuite -testSuite: $(OCIS_WRAPPER) build-dev-image clean-docker-container +testSuite: $(OC_WRAPPER) build-dev-image clean-docker-container @if [ -n "${START_CEPH}" ]; then \ COMPOSE_PROJECT_NAME=$(COMPOSE_PROJECT_NAME) \ COMPOSE_FILE=src/ceph.yml \ @@ -212,11 +212,11 @@ testSuite: $(OCIS_WRAPPER) build-dev-image clean-docker-container STORAGE_DRIVER=$(STORAGE_DRIVER) \ TEST_SOURCE=$(TEST_SOURCE) \ WITH_WRAPPER=$(WITH_WRAPPER) \ - OCIS_ASYNC_UPLOADS=$(OCIS_ASYNC_UPLOADS) \ - OCIS_ADD_RUN_SERVICES=$(OCIS_ADD_RUN_SERVICES) \ + OC_ASYNC_UPLOADS=$(OC_ASYNC_UPLOADS) \ + OC_ADD_RUN_SERVICES=$(OC_ADD_RUN_SERVICES) \ POSTPROCESSING_STEPS=$(POSTPROCESSING_STEPS) \ SEARCH_EXTRACTOR_TYPE=$(SEARCH_EXTRACTOR_TYPE) \ - OCIS_IMAGE_TAG=$(OCIS_IMAGE_TAG) \ + OC_IMAGE_TAG=$(OC_IMAGE_TAG) \ BEHAT_SUITE=$(BEHAT_SUITE) \ BEHAT_FEATURE=$(BEHAT_FEATURE) \ DIVIDE_INTO_NUM_PARTS=$(DIVIDE_INTO_NUM_PARTS) \ @@ -229,7 +229,7 @@ show-test-logs: ## show logs of test COMPOSE_FILE=$(COMPOSE_FILE) \ docker-compose logs --no-log-prefix -f acceptance-tests | less -$(OCIS_WRAPPER): +$(OC_WRAPPER): @if [ "$(WITH_WRAPPER)" == "true" ]; then \ $(MAKE) --no-print-directory -C ../../ociswrapper build \ ; fi; @@ -250,7 +250,7 @@ clean-docker-container: ## clean docker containers created during acceptance tes COMPOSE_FILE=$(COMPOSE_FILE) \ BEHAT_SUITE="" \ DIVIDE_INTO_NUM_PARTS="" \ - OCIS_IMAGE_TAG="" \ + OC_IMAGE_TAG="" \ RUN_PART="" \ STORAGE_DRIVER="" \ TEST_SOURCE="" \ @@ -262,7 +262,7 @@ clean-docker-volumes: ## clean docker volumes created during acceptance tests COMPOSE_FILE=$(COMPOSE_FILE) \ BEHAT_SUITE="" \ DIVIDE_INTO_NUM_PARTS="" \ - OCIS_IMAGE_TAG="" \ + OC_IMAGE_TAG="" \ RUN_PART="" \ STORAGE_DRIVER="" \ TEST_SOURCE="" \ diff --git a/tests/acceptance/docker/src/acceptance.yml b/tests/acceptance/docker/src/acceptance.yml index fe380a958..73919efea 100644 --- a/tests/acceptance/docker/src/acceptance.yml +++ b/tests/acceptance/docker/src/acceptance.yml @@ -4,9 +4,9 @@ services: working_dir: /drone/src command: /bin/bash /test/run-tests.sh environment: - OCIS_ROOT: /drone/src + OC_ROOT: /drone/src TEST_SERVER_URL: https://ocis-server:9200 - OCIS_WRAPPER_URL: http://ocis-server:5200 + OC_WRAPPER_URL: http://ocis-server:5200 STORAGE_DRIVER: $STORAGE_DRIVER TEST_SOURCE: $TEST_SOURCE BEHAT_SUITE: ${BEHAT_SUITE:-} diff --git a/tests/acceptance/docker/src/ocis-base.yml b/tests/acceptance/docker/src/ocis-base.yml index 4da6b626b..521a4559b 100644 --- a/tests/acceptance/docker/src/ocis-base.yml +++ b/tests/acceptance/docker/src/ocis-base.yml @@ -4,25 +4,25 @@ services: dockerfile: ocis.Dockerfile context: ./ args: - OCIS_IMAGE_TAG: $OCIS_IMAGE_TAG + OC_IMAGE_TAG: $OC_IMAGE_TAG user: root environment: WITH_WRAPPER: $WITH_WRAPPER - OCIS_URL: "https://ocis-server:9200" + OC_URL: "https://ocis-server:9200" STORAGE_USERS_DRIVER: $STORAGE_DRIVER STORAGE_USERS_DRIVER_LOCAL_ROOT: /srv/app/tmp/ocis/local/root - STORAGE_USERS_DRIVER_OCIS_ROOT: /srv/app/tmp/ocis/storage/users - STORAGE_SYSTEM_DRIVER_OCIS_ROOT: /srv/app/tmp/ocis/storage/metadata + STORAGE_USERS_DRIVER_OC_ROOT: /srv/app/tmp/ocis/storage/users + STORAGE_SYSTEM_DRIVER_OC_ROOT: /srv/app/tmp/ocis/storage/metadata SHARING_USER_JSON_FILE: /srv/app/tmp/ocis/shares.json PROXY_ENABLE_BASIC_AUTH: "true" WEB_UI_CONFIG_FILE: /drone/src/tests/config/drone/ocis-config.json ACCOUNTS_HASH_DIFFICULTY: 4 - OCIS_INSECURE: "true" + OC_INSECURE: "true" IDM_CREATE_DEMO_USERS: "true" IDM_ADMIN_PASSWORD: "admin" FRONTEND_SEARCH_MIN_LENGTH: "2" - OCIS_ASYNC_UPLOADS: $OCIS_ASYNC_UPLOADS - OCIS_ADD_RUN_SERVICES: $OCIS_ADD_RUN_SERVICES + OC_ASYNC_UPLOADS: $OC_ASYNC_UPLOADS + OC_ADD_RUN_SERVICES: $OC_ADD_RUN_SERVICES # s3ng specific settings STORAGE_USERS_S3NG_ENDPOINT: http://ceph:8080 diff --git a/tests/acceptance/docker/src/ocis.Dockerfile b/tests/acceptance/docker/src/ocis.Dockerfile index 66d034ab2..2c5fec74d 100644 --- a/tests/acceptance/docker/src/ocis.Dockerfile +++ b/tests/acceptance/docker/src/ocis.Dockerfile @@ -1,8 +1,8 @@ # custom Dockerfile required to run ociswrapper command # mounting 'ociswrapper' binary doesn't work with image 'amd64/alpine:3.17' (busybox based) -ARG OCIS_IMAGE_TAG -FROM owncloud/ocis:${OCIS_IMAGE_TAG} as ocis +ARG OC_IMAGE_TAG +FROM owncloud/ocis:${OC_IMAGE_TAG} as ocis FROM ubuntu:22.04 COPY --from=ocis /usr/bin/ocis /usr/bin/ocis diff --git a/tests/acceptance/docker/src/run-tests.sh b/tests/acceptance/docker/src/run-tests.sh index 5465c9bc8..eccac3fb5 100644 --- a/tests/acceptance/docker/src/run-tests.sh +++ b/tests/acceptance/docker/src/run-tests.sh @@ -10,12 +10,12 @@ git config --global advice.detachedHead false if [ "$TEST_SOURCE" = "oc10" ]; then export ACCEPTANCE_TEST_TYPE='core-api' if [ "$STORAGE_DRIVER" = "ocis" ]; then - export OCIS_REVA_DATA_ROOT='' + export OC_REVA_DATA_ROOT='' export BEHAT_FILTER_TAGS='~@skipOnOcis-OCIS-Storage' export EXPECTED_FAILURES_FILE='/drone/src/tests/acceptance/expected-failures-API-on-OCIS-storage.md' elif [ "$STORAGE_DRIVER" = "s3ng" ]; then export BEHAT_FILTER_TAGS='~@skip&&~@skipOnOcis-S3NG-Storage' - export OCIS_REVA_DATA_ROOT='' + export OC_REVA_DATA_ROOT='' else echo "non existing STORAGE selected" exit 1 @@ -26,10 +26,10 @@ if [ "$TEST_SOURCE" = "oc10" ]; then elif [ "$TEST_SOURCE" = "ocis" ]; then if [ "$STORAGE_DRIVER" = "ocis" ]; then export BEHAT_FILTER_TAGS='~@skip&&~@skipOnOcis-OCIS-Storage' - export OCIS_REVA_DATA_ROOT='' + export OC_REVA_DATA_ROOT='' elif [ "$STORAGE_DRIVER" = "s3ng" ]; then export BEHAT_FILTER_TAGS='~@skip&&~@skipOnOcis-S3NG-Storage' - export OCIS_REVA_DATA_ROOT='' + export OC_REVA_DATA_ROOT='' else echo "non existing storage selected" exit 1 @@ -61,7 +61,7 @@ if [[ -z "$TEST_SOURCE" ]]; then exit 1 else sleep 10 - make -C $OCIS_ROOT test-acceptance-api + make -C $OC_ROOT test-acceptance-api fi chmod -R 777 vendor-bin/**/vendor vendor-bin/**/composer.lock tests/acceptance/output diff --git a/tests/acceptance/features/apiAntivirus/antivirus.feature b/tests/acceptance/features/apiAntivirus/antivirus.feature index 93bda5f6a..325195f46 100644 --- a/tests/acceptance/features/apiAntivirus/antivirus.feature +++ b/tests/acceptance/features/apiAntivirus/antivirus.feature @@ -95,7 +95,7 @@ Feature: antivirus @issue-10331 Scenario Outline: public uploads a file with the virus to a public share Given using DAV path - And the config "OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" has been set to "false" + And the config "OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" has been set to "false" And using SharingNG And user "Alice" has created folder "/uploadFolder" And user "Alice" has created the following resource link share: @@ -337,7 +337,7 @@ Feature: antivirus @env-config @issue-10331 Scenario Outline: try to overwrite a file with the virus content in a public link share - Given the config "OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" has been set to "false" + Given the config "OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" has been set to "false" And using DAV path And using SharingNG And user "Alice" has uploaded file with content "hello" to "test.txt" diff --git a/tests/acceptance/features/apiCors/cors.feature b/tests/acceptance/features/apiCors/cors.feature index f242cfe58..a0302538f 100644 --- a/tests/acceptance/features/apiCors/cors.feature +++ b/tests/acceptance/features/apiCors/cors.feature @@ -1,4 +1,4 @@ -# NOTE: set env OCIS_CORS_ALLOW_ORIGINS=https://aphno.badal while running ocis server +# NOTE: set env OC_CORS_ALLOW_ORIGINS=https://aphno.badal while running ocis server @env-config Feature: CORS headers As a user @@ -7,7 +7,7 @@ Feature: CORS headers Background: Given user "Alice" has been created with default attributes - And the config "OCIS_CORS_ALLOW_ORIGINS" has been set to "https://aphno.badal" + And the config "OC_CORS_ALLOW_ORIGINS" has been set to "https://aphno.badal" @issue-5195 Scenario Outline: CORS headers should be returned when setting CORS domain sending origin header diff --git a/tests/acceptance/features/apiDepthInfinity/propfind.feature b/tests/acceptance/features/apiDepthInfinity/propfind.feature index a6e217e9b..c5f0e4911 100644 --- a/tests/acceptance/features/apiDepthInfinity/propfind.feature +++ b/tests/acceptance/features/apiDepthInfinity/propfind.feature @@ -76,7 +76,7 @@ Feature: PROPFIND with depth:infinity And the following configs have been set: | config | value | | OCDAV_ALLOW_PROPFIND_DEPTH_INFINITY | true | - | OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD | false | + | OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD | false | And user "Alice" has created the following resource link share: | resource | simple-folder | | space | Personal | @@ -125,7 +125,7 @@ Feature: PROPFIND with depth:infinity Given the following configs have been set: | config | value | | OCDAV_ALLOW_PROPFIND_DEPTH_INFINITY | false | - | OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD | false | + | OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD | false | And using SharingNG And user "Alice" has created the following resource link share: | resource | simple-folder | diff --git a/tests/acceptance/features/apiGraph/enforcePasswordPublicLink.feature b/tests/acceptance/features/apiGraph/enforcePasswordPublicLink.feature index 54e6bcb8d..93d27a01c 100644 --- a/tests/acceptance/features/apiGraph/enforcePasswordPublicLink.feature +++ b/tests/acceptance/features/apiGraph/enforcePasswordPublicLink.feature @@ -5,19 +5,19 @@ Feature: enforce password on public link So that the password is required to access the contents of the link Password requirements. set by default: - | OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD | true | - | OCIS_PASSWORD_POLICY_MIN_CHARACTERS | 8 | - | OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS | 1 | - | OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS | 1 | - | OCIS_PASSWORD_POLICY_MIN_DIGITS | 1 | - | OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS | 1 | + | OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD | true | + | OC_PASSWORD_POLICY_MIN_CHARACTERS | 8 | + | OC_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS | 1 | + | OC_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS | 1 | + | OC_PASSWORD_POLICY_MIN_DIGITS | 1 | + | OC_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS | 1 | Scenario Outline: create a public link with edit permission without a password when enforce-password is enabled Given the following configs have been set: | config | value | - | OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD | false | - | OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD | true | + | OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD | false | + | OC_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD | true | And user "Alice" has been created with default attributes And user "Alice" has uploaded file with content "test file" to "/testfile.txt" And using OCS API version "" @@ -36,8 +36,8 @@ Feature: enforce password on public link Scenario Outline: create a public link with viewer permission without a password when enforce-password is enabled Given the following configs have been set: | config | value | - | OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD | false | - | OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD | true | + | OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD | false | + | OC_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD | true | And user "Alice" has been created with default attributes And user "Alice" has uploaded file with content "test file" to "/testfile.txt" And using OCS API version "" @@ -55,8 +55,8 @@ Feature: enforce password on public link Scenario Outline: updates a public link to edit permission with a password Given the following configs have been set: | config | value | - | OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD | false | - | OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD | true | + | OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD | false | + | OC_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD | true | And user "Alice" has been created with default attributes And user "Alice" has uploaded file with content "test file" to "/testfile.txt" And using OCS API version "" @@ -83,12 +83,12 @@ Feature: enforce password on public link Scenario Outline: create a public link with a password in accordance with the password policy Given the following configs have been set: | config | value | - | OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD | true | - | OCIS_PASSWORD_POLICY_MIN_CHARACTERS | 13 | - | OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS | 3 | - | OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS | 2 | - | OCIS_PASSWORD_POLICY_MIN_DIGITS | 2 | - | OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS | 2 | + | OC_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD | true | + | OC_PASSWORD_POLICY_MIN_CHARACTERS | 13 | + | OC_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS | 3 | + | OC_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS | 2 | + | OC_PASSWORD_POLICY_MIN_DIGITS | 2 | + | OC_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS | 2 | And user "Alice" has been created with default attributes And user "Alice" has uploaded file with content "test file" to "/testfile.txt" And using OCS API version "" @@ -111,11 +111,11 @@ Feature: enforce password on public link Scenario Outline: try to create a public link with a password that does not comply with the password policy Given the following configs have been set: | config | value | - | OCIS_PASSWORD_POLICY_MIN_CHARACTERS | 13 | - | OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS | 3 | - | OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS | 2 | - | OCIS_PASSWORD_POLICY_MIN_DIGITS | 2 | - | OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS | 2 | + | OC_PASSWORD_POLICY_MIN_CHARACTERS | 13 | + | OC_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS | 3 | + | OC_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS | 2 | + | OC_PASSWORD_POLICY_MIN_DIGITS | 2 | + | OC_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS | 2 | And user "Alice" has been created with default attributes And user "Alice" has uploaded file with content "test file" to "/testfile.txt" And using OCS API version "" @@ -142,13 +142,13 @@ Feature: enforce password on public link Scenario Outline: update a public link with a password in accordance with the password policy Given the following configs have been set: | config | value | - | OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD | false | - | OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD | true | - | OCIS_PASSWORD_POLICY_MIN_CHARACTERS | 13 | - | OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS | 3 | - | OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS | 2 | - | OCIS_PASSWORD_POLICY_MIN_DIGITS | 1 | - | OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS | 2 | + | OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD | false | + | OC_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD | true | + | OC_PASSWORD_POLICY_MIN_CHARACTERS | 13 | + | OC_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS | 3 | + | OC_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS | 2 | + | OC_PASSWORD_POLICY_MIN_DIGITS | 1 | + | OC_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS | 2 | And user "Alice" has been created with default attributes And user "Alice" has uploaded file with content "test file" to "/testfile.txt" And using OCS API version "" @@ -175,13 +175,13 @@ Feature: enforce password on public link Scenario Outline: try to update a public link with a password that does not comply with the password policy Given the following configs have been set: | config | value | - | OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD | false | - | OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD | true | - | OCIS_PASSWORD_POLICY_MIN_CHARACTERS | 13 | - | OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS | 3 | - | OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS | 2 | - | OCIS_PASSWORD_POLICY_MIN_DIGITS | 1 | - | OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS | 2 | + | OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD | false | + | OC_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD | true | + | OC_PASSWORD_POLICY_MIN_CHARACTERS | 13 | + | OC_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS | 3 | + | OC_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS | 2 | + | OC_PASSWORD_POLICY_MIN_DIGITS | 1 | + | OC_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS | 2 | And user "Alice" has been created with default attributes And user "Alice" has uploaded file with content "test file" to "/testfile.txt" And using OCS API version "" @@ -226,14 +226,14 @@ Feature: enforce password on public link But the public should be able to download file "/testfile.txt" from inside the last public link shared folder using the public WebDAV API with password "" Examples: | config | config-value | password | - | OCIS_PASSWORD_POLICY_MIN_CHARACTERS | 4 | Ps-1 | - | OCIS_PASSWORD_POLICY_MIN_CHARACTERS | 14 | Ps1:with space | - | OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS | 4 | PS1:test | - | OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS | 3 | PS1:TeƒsT | - | OCIS_PASSWORD_POLICY_MIN_DIGITS | 2 | PS1:test2 | - | OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS | 2 | PS1:test pass | - | OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS | 33 | pS1! #$%&'()*+,-./:;<=>?@[\]^_`{ }~ | - | OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS | 5 | 1sameCharacterShouldWork!!!!! | + | OC_PASSWORD_POLICY_MIN_CHARACTERS | 4 | Ps-1 | + | OC_PASSWORD_POLICY_MIN_CHARACTERS | 14 | Ps1:with space | + | OC_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS | 4 | PS1:test | + | OC_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS | 3 | PS1:TeƒsT | + | OC_PASSWORD_POLICY_MIN_DIGITS | 2 | PS1:test2 | + | OC_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS | 2 | PS1:test pass | + | OC_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS | 33 | pS1! #$%&'()*+,-./:;<=>?@[\]^_`{ }~ | + | OC_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS | 5 | 1sameCharacterShouldWork!!!!! | Scenario Outline: try to create a public link with a password that does not comply with the password policy (invalid cases) @@ -256,7 +256,7 @@ Feature: enforce password on public link Scenario Outline: update a public link with a password that is listed in the Banned-Password-List - Given the config "OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST" has been set to path "config/drone/banned-password-list.txt" + Given the config "OC_PASSWORD_POLICY_BANNED_PASSWORDS_LIST" has been set to path "config/drone/banned-password-list.txt" And using OCS API version "2" And user "Alice" has been created with default attributes And user "Alice" has uploaded file with content "test file" to "/testfile.txt" @@ -279,7 +279,7 @@ Feature: enforce password on public link Scenario Outline: create a public link with a password that is listed in the Banned-Password-List - Given the config "OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST" has been set to path "config/drone/banned-password-list.txt" + Given the config "OC_PASSWORD_POLICY_BANNED_PASSWORDS_LIST" has been set to path "config/drone/banned-password-list.txt" And using OCS API version "2" And user "Alice" has been created with default attributes And user "Alice" has uploaded file with content "test file" to "/testfile.txt" diff --git a/tests/acceptance/features/apiGraphUserGroup/searchUserIncludingEmail.feature b/tests/acceptance/features/apiGraphUserGroup/searchUserIncludingEmail.feature index a53cc0f7a..01c2b244a 100644 --- a/tests/acceptance/features/apiGraphUserGroup/searchUserIncludingEmail.feature +++ b/tests/acceptance/features/apiGraphUserGroup/searchUserIncludingEmail.feature @@ -9,7 +9,7 @@ Feature: edit/search user including email | displayName | Brian Murphy | | email | brian@example.com | | password | 1234 | - And the config "OCIS_SHOW_USER_EMAIL_IN_RESULTS" has been set to "true" + And the config "OC_SHOW_USER_EMAIL_IN_RESULTS" has been set to "true" Scenario Outline: admin user can edit another user's email @@ -468,8 +468,8 @@ Feature: edit/search user including email """ - Scenario Outline: search other users when OCIS_SHOW_USER_EMAIL_IN_RESULTS config is disabled - Given the config "OCIS_SHOW_USER_EMAIL_IN_RESULTS" has been set to "false" + Scenario Outline: search other users when OC_SHOW_USER_EMAIL_IN_RESULTS config is disabled + Given the config "OC_SHOW_USER_EMAIL_IN_RESULTS" has been set to "false" And the administrator has assigned the role "" to user "Alice" using the Graph API When user "Alice" searches for user "Brian" using Graph API Then the HTTP status code should be "200" diff --git a/tests/acceptance/features/apiNotification/emailNotification.feature b/tests/acceptance/features/apiNotification/emailNotification.feature index 98ef0a8aa..43b14dcf7 100644 --- a/tests/acceptance/features/apiNotification/emailNotification.feature +++ b/tests/acceptance/features/apiNotification/emailNotification.feature @@ -185,7 +185,7 @@ Feature: Email notification @env-config Scenario: group members get an email notification in default language when someone shares a file with the group - Given the config "OCIS_DEFAULT_LANGUAGE" has been set to "de" + Given the config "OC_DEFAULT_LANGUAGE" has been set to "de" And user "Carol" has been created with default attributes And group "group1" has been created And user "Brian" has been added to group "group1" diff --git a/tests/acceptance/features/apiNotification/notification.feature b/tests/acceptance/features/apiNotification/notification.feature index 1d1feaad8..e23b14f48 100644 --- a/tests/acceptance/features/apiNotification/notification.feature +++ b/tests/acceptance/features/apiNotification/notification.feature @@ -286,7 +286,7 @@ Feature: Notification @env-config Scenario: get a notification about a file share in default languages - Given the config "OCIS_DEFAULT_LANGUAGE" has been set to "de" + Given the config "OC_DEFAULT_LANGUAGE" has been set to "de" And user "Alice" has sent the following resource share invitation: | resource | textfile1.txt | | space | Personal | diff --git a/tests/acceptance/features/apiServiceAvailability/serviceAvailabilityCheck.feature b/tests/acceptance/features/apiServiceAvailability/serviceAvailabilityCheck.feature index 6fffb3e81..a7cfd71b0 100644 --- a/tests/acceptance/features/apiServiceAvailability/serviceAvailabilityCheck.feature +++ b/tests/acceptance/features/apiServiceAvailability/serviceAvailabilityCheck.feature @@ -44,7 +44,7 @@ Feature: service health check Scenario: check extra services health Given the following configs have been set: | config | value | - | OCIS_ADD_RUN_SERVICES | audit,auth-app,auth-bearer,policies,invitations | + | OC_ADD_RUN_SERVICES | audit,auth-app,auth-bearer,policies,invitations | | AUDIT_DEBUG_ADDR | 0.0.0.0:9229 | | AUTH_APP_DEBUG_ADDR | 0.0.0.0:9245 | | POLICIES_DEBUG_ADDR | 0.0.0.0:9129 | @@ -98,7 +98,7 @@ Feature: service health check Scenario: check extra services readiness Given the following configs have been set: | config | value | - | OCIS_ADD_RUN_SERVICES | audit,auth-app,auth-bearer,policies,invitations | + | OC_ADD_RUN_SERVICES | audit,auth-app,auth-bearer,policies,invitations | | AUDIT_DEBUG_ADDR | 0.0.0.0:9229 | | AUTH_APP_DEBUG_ADDR | 0.0.0.0:9245 | | AUTH_BEARER_DEBUG_ADDR | 0.0.0.0:9149 | @@ -125,7 +125,7 @@ Feature: service health check Scenario: check extra services readiness Given the following configs have been set: | config | value | - | OCIS_ADD_RUN_SERVICES | auth-bearer | + | OC_ADD_RUN_SERVICES | auth-bearer | | AUTH_BEARER_DEBUG_ADDR | 0.0.0.0:9149 | When a user requests these URLs with "GET" and no authentication | endpoint | service | diff --git a/tests/acceptance/features/apiSharingNgLinkSharePermission/createLinkShare.feature b/tests/acceptance/features/apiSharingNgLinkSharePermission/createLinkShare.feature index 09fb07f6f..242b6cd04 100644 --- a/tests/acceptance/features/apiSharingNgLinkSharePermission/createLinkShare.feature +++ b/tests/acceptance/features/apiSharingNgLinkSharePermission/createLinkShare.feature @@ -412,7 +412,7 @@ Feature: Create a link share for a resource Scenario Outline: create a link share of a file without password using permissions endpoint Given the following configs have been set: | config | value | - | OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD | false | + | OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD | false | And user "Alice" has uploaded file with content "other data" to "textfile1.txt" When user "Alice" creates the following resource link share using the Graph API: | resource | textfile1.txt | @@ -478,7 +478,7 @@ Feature: Create a link share for a resource Scenario: set password on a file's link share using permissions endpoint Given the following configs have been set: | config | value | - | OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD | false | + | OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD | false | And user "Alice" has uploaded file with content "other data" to "textfile1.txt" And user "Alice" has created the following resource link share: | resource | textfile1.txt | @@ -507,7 +507,7 @@ Feature: Create a link share for a resource Scenario Outline: create a file's link share with a password that is listed in the Banned-Password-List using permissions endpoint - Given the config "OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST" has been set to path "config/drone/banned-password-list.txt" + Given the config "OC_PASSWORD_POLICY_BANNED_PASSWORDS_LIST" has been set to path "config/drone/banned-password-list.txt" And user "Alice" has uploaded file with content "other data" to "text.txt" When user "Alice" creates the following resource link share using the Graph API: | resource | text.txt | @@ -764,7 +764,7 @@ Feature: Create a link share for a resource Scenario Outline: create a link share of a folder inside project-space with a password that is listed in the Banned-Password-List using permissions endpoint - Given the config "OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST" has been set to path "config/drone/banned-password-list.txt" + Given the config "OC_PASSWORD_POLICY_BANNED_PASSWORDS_LIST" has been set to path "config/drone/banned-password-list.txt" And using spaces DAV path And the administrator has assigned the role "Space Admin" to user "Alice" using the Graph API And user "Alice" has created a space "projectSpace" with the default quota using the Graph API @@ -824,7 +824,7 @@ Feature: Create a link share for a resource Scenario Outline: create a link share of a file inside project-space without password using permissions endpoint Given the following configs have been set: | config | value | - | OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD | false | + | OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD | false | And using spaces DAV path And the administrator has assigned the role "Space Admin" to user "Alice" using the Graph API And user "Alice" has created a space "projectSpace" with the default quota using the Graph API @@ -1104,7 +1104,7 @@ Feature: Create a link share for a resource Scenario Outline: create a link share of a file inside project-space without password using permissions endpoint Given the following configs have been set: | config | value | - | OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD | false | + | OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD | false | And using spaces DAV path And the administrator has assigned the role "Space Admin" to user "Alice" using the Graph API And user "Alice" has created a space "projectSpace" with the default quota using the Graph API @@ -1171,7 +1171,7 @@ Feature: Create a link share for a resource Scenario Outline: create a link share of a file inside project-space with a password that is listed in the Banned-Password-List using permissions endpoint - Given the config "OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST" has been set to path "config/drone/banned-password-list.txt" + Given the config "OC_PASSWORD_POLICY_BANNED_PASSWORDS_LIST" has been set to path "config/drone/banned-password-list.txt" And using spaces DAV path And the administrator has assigned the role "Space Admin" to user "Alice" using the Graph API And user "Alice" has created a space "projectSpace" with the default quota using the Graph API @@ -1225,7 +1225,7 @@ Feature: Create a link share for a resource Scenario: set password on a existing link share of a file inside project-space using permissions endpoint Given the following configs have been set: | config | value | - | OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD | false | + | OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD | false | And using spaces DAV path And the administrator has assigned the role "Space Admin" to user "Alice" using the Graph API And user "Alice" has created a space "projectSpace" with the default quota using the Graph API @@ -1633,7 +1633,7 @@ Feature: Create a link share for a resource Scenario Outline: try to create a link share of a project-space with a password that is listed in the Banned-Password-List using permissions endpoint - Given the config "OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST" has been set to path "config/drone/banned-password-list.txt" + Given the config "OC_PASSWORD_POLICY_BANNED_PASSWORDS_LIST" has been set to path "config/drone/banned-password-list.txt" And using spaces DAV path And the administrator has assigned the role "Space Admin" to user "Alice" using the Graph API And user "Alice" has created a space "projectSpace" with the default quota using the Graph API @@ -1691,7 +1691,7 @@ Feature: Create a link share for a resource Scenario Outline: create a link share of a project-space without password using permissions endpoint Given the following configs have been set: | config | value | - | OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD | false | + | OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD | false | And using spaces DAV path And the administrator has assigned the role "Space Admin" to user "Alice" using the Graph API And user "Alice" has created a space "projectSpace" with the default quota using the Graph API diff --git a/tests/acceptance/features/apiSharingNgLinkSharePermission/updateLinkShare.feature b/tests/acceptance/features/apiSharingNgLinkSharePermission/updateLinkShare.feature index 37a27dd01..544e75782 100644 --- a/tests/acceptance/features/apiSharingNgLinkSharePermission/updateLinkShare.feature +++ b/tests/acceptance/features/apiSharingNgLinkSharePermission/updateLinkShare.feature @@ -237,7 +237,7 @@ Feature: Update a link share for a resource Scenario Outline: update a file's link share with a password that is listed in the Banned-Password-List using permissions endpoint - Given the config "OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST" has been set to path "config/drone/banned-password-list.txt" + Given the config "OC_PASSWORD_POLICY_BANNED_PASSWORDS_LIST" has been set to path "config/drone/banned-password-list.txt" And user "Alice" has uploaded file with content "other data" to "text.txt" And user "Alice" has created the following resource link share: | resource | text.txt | @@ -287,7 +287,7 @@ Feature: Update a link share for a resource Scenario: set password on a existing link share of a folder inside project-space using permissions endpoint Given the following configs have been set: | config | value | - | OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD | false | + | OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD | false | And using spaces DAV path And the administrator has assigned the role "Space Admin" to user "Alice" using the Graph API And user "Alice" has created a space "projectSpace" with the default quota using the Graph API diff --git a/tests/acceptance/features/apiSharingNgLinkShareRoot/createLinkShare.feature b/tests/acceptance/features/apiSharingNgLinkShareRoot/createLinkShare.feature index 4ce9685b5..fd6b15f6e 100644 --- a/tests/acceptance/features/apiSharingNgLinkShareRoot/createLinkShare.feature +++ b/tests/acceptance/features/apiSharingNgLinkShareRoot/createLinkShare.feature @@ -353,7 +353,7 @@ Feature: Create a link share for a resource @issue-7879 Scenario Outline: try to create a link share of a project-space drive with a password that is listed in the Banned-Password-List using root endpoint - Given the config "OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST" has been set to path "config/drone/banned-password-list.txt" + Given the config "OC_PASSWORD_POLICY_BANNED_PASSWORDS_LIST" has been set to path "config/drone/banned-password-list.txt" And using spaces DAV path And the administrator has assigned the role "Space Admin" to user "Alice" using the Graph API And user "Alice" has created a space "projectSpace" with the default quota using the Graph API @@ -411,7 +411,7 @@ Feature: Create a link share for a resource Scenario Outline: create a link share of a project-space drive without password using root endpoint Given the following configs have been set: | config | value | - | OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD | false | + | OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD | false | And using spaces DAV path And the administrator has assigned the role "Space Admin" to user "Alice" using the Graph API And user "Alice" has created a space "projectSpace" with the default quota using the Graph API diff --git a/tests/acceptance/features/apiSharingNgLinkShareRoot/updateLinkShare.feature b/tests/acceptance/features/apiSharingNgLinkShareRoot/updateLinkShare.feature index b86d8d425..7e9679847 100644 --- a/tests/acceptance/features/apiSharingNgLinkShareRoot/updateLinkShare.feature +++ b/tests/acceptance/features/apiSharingNgLinkShareRoot/updateLinkShare.feature @@ -10,7 +10,7 @@ Feature: Update a link share for a resource Scenario: set password on a existing link share of a project-space drive using root endpoint Given the following configs have been set: | config | value | - | OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD | false | + | OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD | false | And using spaces DAV path And the administrator has assigned the role "Space Admin" to user "Alice" using the Graph API And user "Alice" has created a space "projectSpace" with the default quota using the Graph API diff --git a/tests/acceptance/features/apiSpaces/publicLink.feature b/tests/acceptance/features/apiSpaces/publicLink.feature index 5ecc8392e..5c6fea414 100644 --- a/tests/acceptance/features/apiSpaces/publicLink.feature +++ b/tests/acceptance/features/apiSpaces/publicLink.feature @@ -2,7 +2,7 @@ Feature: public link for a space Background: - Given the config "OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" has been set to "false" + Given the config "OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" has been set to "false" And these users have been created with default attributes: | username | | Alice | diff --git a/tests/acceptance/features/apiSpaces/quota.feature b/tests/acceptance/features/apiSpaces/quota.feature index d7e61755d..cdc2d58f4 100644 --- a/tests/acceptance/features/apiSpaces/quota.feature +++ b/tests/acceptance/features/apiSpaces/quota.feature @@ -125,14 +125,14 @@ Feature: State of the quota @env-config Scenario: upload a file by setting OCIS spaces max quota - Given the config "OCIS_SPACES_MAX_QUOTA" has been set to "10" + Given the config "OC_SPACES_MAX_QUOTA" has been set to "10" And user "Brian" has been created with default attributes When user "Brian" uploads file with content "more than 10 bytes content" to "lorem.txt" using the WebDAV API Then the HTTP status code should be "507" @env-config Scenario: try to create a space with quota greater than OCIS spaces max quota - Given the config "OCIS_SPACES_MAX_QUOTA" has been set to "50" + Given the config "OC_SPACES_MAX_QUOTA" has been set to "50" And user "Brian" has been created with default attributes And the administrator has assigned the role "Space Admin" to user "Brian" using the Graph API When user "Brian" tries to create a space "new space" of type "project" with quota "51" using the Graph API diff --git a/tests/acceptance/features/apiSpacesShares/publicLinkDownload.feature b/tests/acceptance/features/apiSpacesShares/publicLinkDownload.feature index a4e1d9d23..4178ae6b8 100644 --- a/tests/acceptance/features/apiSpacesShares/publicLinkDownload.feature +++ b/tests/acceptance/features/apiSpacesShares/publicLinkDownload.feature @@ -14,7 +14,7 @@ Feature: Public can download folders from project space public link @env-config @issue-9724 @issue-10331 Scenario: download a folder from public link of a space - Given the config "OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" has been set to "false" + Given the config "OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" has been set to "false" And using SharingNG And user "Alice" has created a folder "NewFolder" in space "new-space" And user "Alice" has uploaded a file inside space "new-space" with content "some content" to "NewFolder/test.txt" @@ -30,7 +30,7 @@ Feature: Public can download folders from project space public link @env-config @issue-5229 @issue-9724 @issue-10331 Scenario: download a folder from public link of a folder inside a space - Given the config "OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" has been set to "false" + Given the config "OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" has been set to "false" And using SharingNG And user "Alice" has created a folder "NewFolder" in space "new-space" And user "Alice" has created a folder "NewFolder/folder" in space "new-space" diff --git a/tests/acceptance/features/cliCommands/authAppToken.feature b/tests/acceptance/features/cliCommands/authAppToken.feature index 5e4c8037a..063c62d99 100644 --- a/tests/acceptance/features/cliCommands/authAppToken.feature +++ b/tests/acceptance/features/cliCommands/authAppToken.feature @@ -8,7 +8,7 @@ Feature: create auth-app token Scenario: creates auth-app token via CLI Given the following configs have been set: | config | value | - | OCIS_ADD_RUN_SERVICES | auth-app | + | OC_ADD_RUN_SERVICES | auth-app | | PROXY_ENABLE_APP_AUTH | true | And user "Alice" has been created with default attributes When the administrator creates app token for user "Alice" with expiration time "72h" using the auth-app CLI diff --git a/tests/acceptance/features/coreApiSharePublicLink1/createPublicLinkShare.feature b/tests/acceptance/features/coreApiSharePublicLink1/createPublicLinkShare.feature index c69ef6788..71c1a62ec 100644 --- a/tests/acceptance/features/coreApiSharePublicLink1/createPublicLinkShare.feature +++ b/tests/acceptance/features/coreApiSharePublicLink1/createPublicLinkShare.feature @@ -147,7 +147,7 @@ Feature: create a public link share @env-config Scenario Outline: getting the share information of password less public-links hides credential placeholders - Given the config "OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" has been set to "false" + Given the config "OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" has been set to "false" And using OCS API version "" And user "Alice" has uploaded file with content "Random data" to "/randomfile.txt" When user "Alice" creates a public link share using the sharing API with settings @@ -302,7 +302,7 @@ Feature: create a public link share @env-config @skipOnReva @issue-10331 @issue-10071 Scenario: get the size of a file shared by public link - Given the config "OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" has been set to "false" + Given the config "OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" has been set to "false" And user "Alice" has uploaded file with content "This is a test file" to "test-file.txt" And using SharingNG And user "Alice" has created the following resource link share: @@ -315,7 +315,7 @@ Feature: create a public link share @env-config @issue-10331 @issue-10071 Scenario Outline: get the mtime of a file shared by public link - Given the config "OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" has been set to "false" + Given the config "OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" has been set to "false" And using DAV path And user "Alice" has uploaded file "filesForUpload/textfile.txt" to "file.txt" with mtime "Thu, 08 Aug 2019 04:18:13 GMT" When user "Alice" creates a public link share using the sharing API with settings @@ -330,7 +330,7 @@ Feature: create a public link share @env-config @issue-10331 @issue-10071 Scenario Outline: get the mtime of a file inside a folder shared by public link - Given the config "OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" has been set to "false" + Given the config "OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" has been set to "false" And using DAV path And user "Alice" has created folder "testFolder" And user "Alice" has uploaded file "filesForUpload/textfile.txt" to "testFolder/file.txt" with mtime "Thu, 08 Aug 2019 04:18:13 GMT" @@ -346,7 +346,7 @@ Feature: create a public link share @env-config @skipOnReva @issue-10331 @issue-10071 Scenario: get the mtime of a file inside a folder shared by public link using new webDAV version - Given the config "OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" has been set to "false" + Given the config "OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" has been set to "false" And user "Alice" has created folder "testFolder" And using SharingNG And user "Alice" has created the following resource link share: @@ -361,7 +361,7 @@ Feature: create a public link share @env-config @issue-10331 @issue-10071 Scenario: overwriting a file changes its mtime (public webDAV API) - Given the config "OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" has been set to "false" + Given the config "OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" has been set to "false" And user "Alice" has created folder "testFolder" When user "Alice" uploads file with content "uploaded content for file name ending with a dot" to "testFolder/file.txt" using the WebDAV API And user "Alice" creates a public link share using the sharing API with settings @@ -375,7 +375,7 @@ Feature: create a public link share @env-config @skipOnReva @issue-10331 @issue-10071 Scenario: check the href of a public link file - Given the config "OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" has been set to "false" + Given the config "OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" has been set to "false" And using new DAV path And user "Alice" has uploaded file with content "Random data" to "/file.txt" And using SharingNG diff --git a/tests/acceptance/features/coreApiSharePublicLink2/copyFromPublicLink.feature b/tests/acceptance/features/coreApiSharePublicLink2/copyFromPublicLink.feature index 77d17d4d1..0eaf3c3eb 100644 --- a/tests/acceptance/features/coreApiSharePublicLink2/copyFromPublicLink.feature +++ b/tests/acceptance/features/coreApiSharePublicLink2/copyFromPublicLink.feature @@ -7,7 +7,7 @@ Feature: copying from public link share Background: Given user "Alice" has been created with default attributes And user "Alice" has created folder "/PARENT" - And the config "OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" has been set to "false" + And the config "OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" has been set to "false" @issue-10331 Scenario: copy file within a public link folder diff --git a/tests/acceptance/features/coreApiSharees/sharees.feature b/tests/acceptance/features/coreApiSharees/sharees.feature index 4c7e5c5a9..2122e1846 100644 --- a/tests/acceptance/features/coreApiSharees/sharees.feature +++ b/tests/acceptance/features/coreApiSharees/sharees.feature @@ -208,9 +208,9 @@ Feature: search sharees | 2 | 200 | @env-config - Scenario Outline: search other users when OCIS_SHOW_USER_EMAIL_IN_RESULTS config is enabled + Scenario Outline: search other users when OC_SHOW_USER_EMAIL_IN_RESULTS config is enabled Given user "Brian" has been created with default attributes - And the config "OCIS_SHOW_USER_EMAIL_IN_RESULTS" has been set to "true" + And the config "OC_SHOW_USER_EMAIL_IN_RESULTS" has been set to "true" And using OCS API version "" When user "Alice" gets the sharees using the sharing API with parameters | search | Brian | @@ -225,9 +225,9 @@ Feature: search sharees | 2 | 200 | @env-config - Scenario Outline: search other users when OCIS_SHOW_USER_EMAIL_IN_RESULTS config is disabled + Scenario Outline: search other users when OC_SHOW_USER_EMAIL_IN_RESULTS config is disabled Given user "Brian" has been created with default attributes - And the config "OCIS_SHOW_USER_EMAIL_IN_RESULTS" has been set to "false" + And the config "OC_SHOW_USER_EMAIL_IN_RESULTS" has been set to "false" And using OCS API version "" When user "Alice" gets the sharees using the sharing API with parameters | search | Brian | diff --git a/tests/acceptance/features/coreApiVersions/disableFileVersioning.feature b/tests/acceptance/features/coreApiVersions/disableFileVersioning.feature index b1dbd01c8..367ffee5f 100644 --- a/tests/acceptance/features/coreApiVersions/disableFileVersioning.feature +++ b/tests/acceptance/features/coreApiVersions/disableFileVersioning.feature @@ -13,7 +13,7 @@ Feature: checking file versions Scenario: check version number of a file when versioning is disabled - Given the config "OCIS_DISABLE_VERSIONING" has been set to "true" + Given the config "OC_DISABLE_VERSIONING" has been set to "true" And user "Alice" has uploaded file with content "test file version 1" to "/testfile.txt" And user "Alice" has uploaded file with content "test file version 2" to "/testfile.txt" When user "Alice" gets the number of versions of file "/testfile.txt" @@ -24,7 +24,7 @@ Feature: checking file versions Scenario: file version number should not be added after disabling versioning Given user "Alice" has uploaded file with content "test file version 1" to "/testfile.txt" And user "Alice" has uploaded file with content "test file version 2" to "/testfile.txt" - And the config "OCIS_DISABLE_VERSIONING" has been set to "true" + And the config "OC_DISABLE_VERSIONING" has been set to "true" And user "Alice" has uploaded file with content "test file version 3" to "/testfile.txt" And user "Alice" has uploaded file with content "test file version 4" to "/testfile.txt" When user "Alice" gets the number of versions of file "/testfile.txt" @@ -33,7 +33,7 @@ Feature: checking file versions Scenario Outline: sharee tries to check version number of a file shared from project space when versioning is disabled - Given the config "OCIS_DISABLE_VERSIONING" has been set to "true" + Given the config "OC_DISABLE_VERSIONING" has been set to "true" And the administrator has assigned the role "Space Admin" to user "Alice" using the Graph API And user "Alice" has created a space "Project1" with the default quota using the Graph API And user "Alice" has uploaded a file inside space "Project1" with content "hello world version 1" to "text.txt" @@ -54,7 +54,7 @@ Feature: checking file versions Scenario Outline: sharee tries to check version number of a file shared from personal space when versioning is disabled - Given the config "OCIS_DISABLE_VERSIONING" has been set to "true" + Given the config "OC_DISABLE_VERSIONING" has been set to "true" And user "Alice" has uploaded file with content "test file version 2" to "/text.txt" And user "Alice" has sent the following resource share invitation: | resource | text.txt | @@ -72,10 +72,10 @@ Feature: checking file versions Scenario: check file version number after disabling versioning, creating versions and then enabling versioning - Given the config "OCIS_DISABLE_VERSIONING" has been set to "true" + Given the config "OC_DISABLE_VERSIONING" has been set to "true" And user "Alice" has uploaded file with content "test file version 1" to "/testfile.txt" And user "Alice" has uploaded file with content "test file version 2" to "/testfile.txt" - And the config "OCIS_DISABLE_VERSIONING" has been set to "false" + And the config "OC_DISABLE_VERSIONING" has been set to "false" And user "Alice" has uploaded file with content "test file version 3" to "/testfile.txt" And user "Alice" has uploaded file with content "test file version 4" to "/testfile.txt" When user "Alice" gets the number of versions of file "/testfile.txt" diff --git a/tests/acceptance/features/coreApiWebdavEtagPropagation2/copyFileFolder.feature b/tests/acceptance/features/coreApiWebdavEtagPropagation2/copyFileFolder.feature index 5cd6160d0..5a91c481e 100644 --- a/tests/acceptance/features/coreApiWebdavEtagPropagation2/copyFileFolder.feature +++ b/tests/acceptance/features/coreApiWebdavEtagPropagation2/copyFileFolder.feature @@ -106,7 +106,7 @@ Feature: propagation of etags when copying files or folders @env-config @issue-4251 @issue-10331 Scenario Outline: copying a file inside a publicly shared folder by public changes etag for the sharer - Given the config "OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" has been set to "false" + Given the config "OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" has been set to "false" And using DAV path And user "Alice" has created folder "/upload" And user "Alice" has uploaded file with content "uploaded content" to "/upload/file.txt" diff --git a/tests/acceptance/features/coreApiWebdavEtagPropagation2/createFolder.feature b/tests/acceptance/features/coreApiWebdavEtagPropagation2/createFolder.feature index a4c2d317f..3c92cf0e8 100644 --- a/tests/acceptance/features/coreApiWebdavEtagPropagation2/createFolder.feature +++ b/tests/acceptance/features/coreApiWebdavEtagPropagation2/createFolder.feature @@ -109,7 +109,7 @@ Feature: propagation of etags when creating folders @env-config @issue-4251 @issue-10331 Scenario: creating a folder in a publicly shared folder changes its etag for the sharer - Given the config "OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" has been set to "false" + Given the config "OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" has been set to "false" And user "Alice" has created folder "/folder" And using SharingNG And user "Alice" has created the following resource link share: diff --git a/tests/acceptance/features/coreApiWebdavOperations/listFiles.feature b/tests/acceptance/features/coreApiWebdavOperations/listFiles.feature index 6ceb6daa5..89b2900c0 100644 --- a/tests/acceptance/features/coreApiWebdavOperations/listFiles.feature +++ b/tests/acceptance/features/coreApiWebdavOperations/listFiles.feature @@ -111,7 +111,7 @@ Feature: list files @env-config @issue-10071 @issue-10331 Scenario: get the list of resources in a folder shared through public link with depth 0 Given using new DAV path - And the config "OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" has been set to "false" + And the config "OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" has been set to "false" And user "Alice" has created the following folders | path | | /simple-folder/simple-folder1/simple-folder2/simple-folder3 | @@ -139,7 +139,7 @@ Feature: list files @env-config @issue-10071 @issue-10331 Scenario: get the list of resources in a folder shared through public link with depth 1 Given using new DAV path - And the config "OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" has been set to "false" + And the config "OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" has been set to "false" And user "Alice" has created the following folders | path | | /simple-folder/simple-folder1/simple-folder2/simple-folder3 | diff --git a/tests/acceptance/features/coreApiWebdavPreviews/linkSharePreviews.feature b/tests/acceptance/features/coreApiWebdavPreviews/linkSharePreviews.feature index 59a3e2a21..118092095 100644 --- a/tests/acceptance/features/coreApiWebdavPreviews/linkSharePreviews.feature +++ b/tests/acceptance/features/coreApiWebdavPreviews/linkSharePreviews.feature @@ -23,7 +23,7 @@ Feature: accessing a public link share @env-config @issue-10341 Scenario: access to the preview of public shared file without password - Given the config "OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" has been set to "false" + Given the config "OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" has been set to "false" And user "Alice" has uploaded file "filesForUpload/testavatar.jpg" to "testavatar.jpg" And using SharingNG And user "Alice" has created the following resource link share: @@ -52,7 +52,7 @@ Feature: accessing a public link share @env-config @issue-10341 Scenario: access to the preview of public shared file inside a folder without password - Given the config "OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" has been set to "false" + Given the config "OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD" has been set to "false" And user "Alice" has created folder "FOLDER" And user "Alice" has uploaded file "filesForUpload/testavatar.jpg" to "FOLDER/testavatar.jpg" And user "Alice" has uploaded file "filesForUpload/textfile.txt" to "FOLDER/textfile0.txt" diff --git a/tests/config/drone/run_k6_tests.sh b/tests/config/drone/run_k6_tests.sh index 8887c3f58..da23ec55d 100644 --- a/tests/config/drone/run_k6_tests.sh +++ b/tests/config/drone/run_k6_tests.sh @@ -3,14 +3,14 @@ set -e if [ "$1" = "--ocis-log" ]; then - sshpass -p "$SSH_OCIS_PASSWORD" ssh -o StrictHostKeyChecking=no "$SSH_OCIS_USERNAME@$SSH_OCIS_REMOTE" "bash ~/scripts/ocis.sh log" + sshpass -p "$SSH_OC_PASSWORD" ssh -o StrictHostKeyChecking=no "$SSH_OC_USERNAME@$SSH_OC_REMOTE" "bash ~/scripts/ocis.sh log" exit 0 fi # start ocis server -sshpass -p "$SSH_OCIS_PASSWORD" ssh -o StrictHostKeyChecking=no "$SSH_OCIS_USERNAME@$SSH_OCIS_REMOTE" \ - "OCIS_URL=${TEST_SERVER_URL} \ - OCIS_COMMIT_ID=${DRONE_COMMIT} \ +sshpass -p "$SSH_OC_PASSWORD" ssh -o StrictHostKeyChecking=no "$SSH_OC_USERNAME@$SSH_OC_REMOTE" \ + "OC_URL=${TEST_SERVER_URL} \ + OC_COMMIT_ID=${DRONE_COMMIT} \ bash ~/scripts/ocis.sh start" # start k6 tests @@ -19,4 +19,4 @@ sshpass -p "$SSH_K6_PASSWORD" ssh -o StrictHostKeyChecking=no "$SSH_K6_USERNAME@ bash ~/scripts/k6-tests.sh" # stop ocis server -sshpass -p "$SSH_OCIS_PASSWORD" ssh -o StrictHostKeyChecking=no "$SSH_OCIS_USERNAME@$SSH_OCIS_REMOTE" "bash ~/scripts/ocis.sh stop" +sshpass -p "$SSH_OC_PASSWORD" ssh -o StrictHostKeyChecking=no "$SSH_OC_USERNAME@$SSH_OC_REMOTE" "bash ~/scripts/ocis.sh stop" diff --git a/tests/config/local/.env-federation b/tests/config/local/.env-federation index fbdb7c2e6..593891876 100644 --- a/tests/config/local/.env-federation +++ b/tests/config/local/.env-federation @@ -5,14 +5,14 @@ export OCM_OCM_PROVIDER_AUTHORIZER_PROVIDERS_FILE=tests/config/local/providers.j export OCM_OCM_INVITE_MANAGER_INSECURE=true export OCM_OCM_SHARE_PROVIDER_INSECURE=true export OCM_OCM_STORAGE_PROVIDER_INSECURE=true -export OCIS_BASE_DATA_PATH=${HOME}/.ocis-10200 -export OCIS_CONFIG_DIR=${HOME}/.ocis-10200/config -export OCIS_EVENTS_ENDPOINT=127.0.0.1:10233 -export OCIS_LDAP_URI=ldaps://localhost:10235 -export OCIS_RUNTIME_PORT=10250 -export OCIS_URL=https://localhost:10200 -export OCIS_ADD_RUN_SERVICES=ocm -export OCIS_ENABLE_OCM=true +export OC_BASE_DATA_PATH=${HOME}/.ocis-10200 +export OC_CONFIG_DIR=${HOME}/.ocis-10200/config +export OC_EVENTS_ENDPOINT=127.0.0.1:10233 +export OC_LDAP_URI=ldaps://localhost:10235 +export OC_RUNTIME_PORT=10250 +export OC_URL=https://localhost:10200 +export OC_ADD_RUN_SERVICES=ocm +export OC_ENABLE_OCM=true export APP_PROVIDER_DEBUG_ADDR=127.0.0.1:10165 export APP_PROVIDER_GRPC_ADDR=127.0.0.1:10164 export APP_REGISTRY_DEBUG_ADDR=127.0.0.1:10243 @@ -91,30 +91,30 @@ export WEBDAV_DEBUG_ADDR=127.0.0.1:10119 export WEBDAV_HTTP_ADDR=127.0.0.1:10115 export WEBFINGER_DEBUG_ADDR=127.0.0.1:10279 export WEBFINGER_HTTP_ADDR=127.0.0.1:10275 -export OCIS_SERVICE_ACCOUNT_ID=serviceaccount -export OCIS_SERVICE_ACCOUNT_SECRET=serviceaccountsecret -export OCIS_DECOMPOSEDFS_PROPAGATOR=async +export OC_SERVICE_ACCOUNT_ID=serviceaccount +export OC_SERVICE_ACCOUNT_SECRET=serviceaccountsecret +export OC_DECOMPOSEDFS_PROPAGATOR=async export STORAGE_USERS_ASYNC_PROPAGATOR_PROPAGATION_DELAY=10s export TLS_INSECURE=true -export OCIS_INSECURE=true +export OC_INSECURE=true export IDP_ACCESS_TOKEN_EXPIRATION=9000 export GATEWAY_STORAGE_USERS_MOUNT_ID=storage-users-1 export STORAGE_USERS_MOUNT_ID=storage-users-1 export MICRO_REGISTRY=memory export SHARING_PUBLIC_DRIVER=jsoncs3 export FRONTEND_OCS_RESOURCE_INFO_CACHE_TTL=0 -export OCIS_LOG_LEVEL=info -export OCIS_LOG_PRETTY=true -export OCIS_LOG_COLOR=true +export OC_LOG_LEVEL=info +export OC_LOG_PRETTY=true +export OC_LOG_COLOR=true export PROXY_ENABLE_BASIC_AUTH=true export IDM_CREATE_DEMO_USERS=true -export OCIS_ADMIN_USER_ID=some-admin-user-id-0000-000000000000 +export OC_ADMIN_USER_ID=some-admin-user-id-0000-000000000000 export IDM_ADMIN_PASSWORD=admin -export OCIS_SYSTEM_USER_ID=some-system-user-id-000-000000000000 -export OCIS_SYSTEM_USER_API_KEY=some-system-user-machine-auth-api-key -export OCIS_JWT_SECRET=some-ocis-jwt-secret -export OCIS_MACHINE_AUTH_API_KEY=some-ocis-machine-auth-api-key -export OCIS_TRANSFER_SECRET=some-ocis-transfer-secret +export OC_SYSTEM_USER_ID=some-system-user-id-000-000000000000 +export OC_SYSTEM_USER_API_KEY=some-system-user-machine-auth-api-key +export OC_JWT_SECRET=some-ocis-jwt-secret +export OC_MACHINE_AUTH_API_KEY=some-ocis-machine-auth-api-key +export OC_TRANSFER_SECRET=some-ocis-transfer-secret export IDM_SVC_PASSWORD=some-ldap-idm-password export GRAPH_LDAP_BIND_PASSWORD=some-ldap-idm-password export IDM_REVASVC_PASSWORD=some-ldap-reva-password diff --git a/vendor/github.com/cs3org/reva/v2/pkg/rgrpc/todo/pool/connection.go b/vendor/github.com/cs3org/reva/v2/pkg/rgrpc/todo/pool/connection.go index cc454f8c0..ab73c456b 100644 --- a/vendor/github.com/cs3org/reva/v2/pkg/rgrpc/todo/pool/connection.go +++ b/vendor/github.com/cs3org/reva/v2/pkg/rgrpc/todo/pool/connection.go @@ -76,7 +76,7 @@ func NewConn(target string, opts ...Option) (*grpc.ClientConn, error) { // To avoid inconsistencies and race conditions we get the configuration here. // Please do NOT follow the pattern of calling `os.Getenv` in the wild without consulting docu team first. maxRcvMsgSize := _defaultMaxCallRecvMsgSize - if e := os.Getenv("OCIS_GRPC_MAX_RECEIVED_MESSAGE_SIZE"); e != "" { + if e := os.Getenv("OC_GRPC_MAX_RECEIVED_MESSAGE_SIZE"); e != "" { s, err := strconv.Atoi(e) if err != nil || s <= 0 { return nil, errors.Wrap(err, "grpc max message size is not a valid int")