From 6e332fa2aed1bfb87115c9a27a493ca5a8089969 Mon Sep 17 00:00:00 2001 From: Christian Richter Date: Wed, 23 Oct 2024 12:04:42 +0200 Subject: [PATCH] fix docs Signed-off-by: Christian Richter --- docs/helpers/env_vars.yaml | 310 ++++++++++++---------- docs/services/general-info/port-ranges.md | 6 +- 2 files changed, 170 insertions(+), 146 deletions(-) diff --git a/docs/helpers/env_vars.yaml b/docs/helpers/env_vars.yaml index 1a7c63846..a1084a4a0 100644 --- a/docs/helpers/env_vars.yaml +++ b/docs/helpers/env_vars.yaml @@ -82,7 +82,7 @@ ACTIVITYLOG_DEBUG_ZPAGES: deprecationInfo: "" ACTIVITYLOG_HTTP_ADDR: name: ACTIVITYLOG_HTTP_ADDR - defaultValue: 127.0.0.1:0 + defaultValue: 127.0.0.1:9195 type: string description: The bind address of the HTTP service. introductionVersion: pre5.0 @@ -3133,7 +3133,7 @@ EVENTHISTORY_EVENTS_TLS_ROOT_CA_CERTIFICATE: deprecationInfo: "" EVENTHISTORY_GRPC_ADDR: name: EVENTHISTORY_GRPC_ADDR - defaultValue: 127.0.0.1:0 + defaultValue: 127.0.0.1:9274 type: string description: The bind address of the GRPC service. introductionVersion: pre5.0 @@ -6867,7 +6867,7 @@ INVITATIONS_CORS_ALLOW_ORIGINS: deprecationInfo: "" INVITATIONS_DEBUG_ADDR: name: INVITATIONS_DEBUG_ADDR - defaultValue: 127.0.0.1:0 + defaultValue: 127.0.0.1:9269 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. @@ -6905,7 +6905,7 @@ INVITATIONS_DEBUG_ZPAGES: deprecationInfo: "" INVITATIONS_HTTP_ADDR: name: INVITATIONS_HTTP_ADDR - defaultValue: 127.0.0.1:0 + defaultValue: 127.0.0.1:9265 type: string description: The bind address of the HTTP service. introductionVersion: pre5.0 @@ -7486,7 +7486,7 @@ NOTIFICATIONS_SMTP_ENCRYPTION: deprecationVersion: "" removalVersion: "" deprecationInfo: 'The NOTIFICATIONS_SMTP_ENCRYPTION values ''ssl'' and ''tls'' are - deprecated and will be removed in the future. | | | | | ' + deprecated and will be removed in the future. | | | | | | | ' NOTIFICATIONS_SMTP_HOST: name: NOTIFICATIONS_SMTP_HOST defaultValue: "" @@ -7727,7 +7727,7 @@ OCDAV_GATEWAY_REQUEST_TIMEOUT: deprecationInfo: "" OCDAV_HTTP_ADDR: name: OCDAV_HTTP_ADDR - defaultValue: 127.0.0.1:0 + defaultValue: 127.0.0.1:19163 type: string description: The bind address of the HTTP service. introductionVersion: pre5.0 @@ -7934,28 +7934,28 @@ OCIS_ASYNC_UPLOADS: removalVersion: "" deprecationInfo: "" OCIS_CACHE_AUTH_PASSWORD: - name: OCIS_CACHE_AUTH_PASSWORD;STORAGE_SYSTEM_CACHE_AUTH_PASSWORD + name: OCIS_CACHE_AUTH_PASSWORD;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_PASSWORD defaultValue: "" type: string - description: Password for the configured store. Only applies when store type 'nats-js-kv' - is configured. + description: The password to authenticate with the store. Only applies when store + type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_CACHE_AUTH_USERNAME: - name: OCIS_CACHE_AUTH_USERNAME;STORAGE_SYSTEM_CACHE_AUTH_USERNAME + name: OCIS_CACHE_AUTH_USERNAME;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_USERNAME defaultValue: "" type: string - description: Username for the configured store. Only applies when store type 'nats-js-kv' - is configured. + description: The username to authenticate with the store. Only applies when store + type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_CACHE_DATABASE: name: OCIS_CACHE_DATABASE - defaultValue: storage-system + defaultValue: settings-cache type: string description: The database name the configured store should use. introductionVersion: pre5.0 @@ -7963,7 +7963,7 @@ OCIS_CACHE_DATABASE: removalVersion: "" deprecationInfo: "" OCIS_CACHE_DISABLE_PERSISTENCE: - name: OCIS_CACHE_DISABLE_PERSISTENCE;STORAGE_SYSTEM_CACHE_DISABLE_PERSISTENCE + name: OCIS_CACHE_DISABLE_PERSISTENCE;SETTINGS_CACHE_DISABLE_PERSISTENCE defaultValue: "false" type: bool description: Disables persistence of the cache. Only applies when store type 'nats-js-kv' @@ -7984,41 +7984,39 @@ OCIS_CACHE_SIZE: removalVersion: "" deprecationInfo: "" OCIS_CACHE_STORE: - name: OCIS_CACHE_STORE;STORAGE_SYSTEM_CACHE_STORE - defaultValue: memory + name: OCIS_CACHE_STORE;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE + defaultValue: nats-js-kv type: string - description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'', - ''nats-js-kv'', ''noop''. See the text description for details.' - introductionVersion: pre5.0 + description: 'The type of the signing key store. Supported values are: ''redis-sentinel'' + and ''nats-js-kv''. See the text description for details.' + introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_CACHE_STORE_NODES: - name: OCIS_CACHE_STORE_NODES;STORAGE_SYSTEM_CACHE_STORE_NODES + name: OCIS_CACHE_STORE_NODES;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' - description: A list of nodes to access the configured store. This has no effect - when 'memory' store is configured. Note that the behaviour how nodes are used - is dependent on the library of the configured store. See the Environment Variable - Types description for more details. - introductionVersion: pre5.0 + description: A list of nodes to access the configured store. Note that the behaviour + how nodes are used is dependent on the library of the configured store. See the + Environment Variable Types description for more details. + introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_CACHE_TTL: - name: OCIS_CACHE_TTL;STORAGE_SYSTEM_CACHE_TTL - defaultValue: 24m0s + name: OCIS_CACHE_TTL;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_TTL + defaultValue: 12h0m0s type: Duration - description: Default time to live for user info in the user info cache. Only applied - when access tokens has no expiration. See the Environment Variable Types description - for more details. - introductionVersion: pre5.0 + description: Default time to live for signing keys. See the Environment Variable + Types description for more details. + introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_CORS_ALLOW_CREDENTIALS: - name: OCIS_CORS_ALLOW_CREDENTIALS;AUTH_APP_CORS_ALLOW_CREDENTIALS - defaultValue: "true" + name: OCIS_CORS_ALLOW_CREDENTIALS;WEBFINGER_CORS_ALLOW_CREDENTIALS + defaultValue: "false" type: bool description: 'Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.' @@ -8027,9 +8025,8 @@ OCIS_CORS_ALLOW_CREDENTIALS: removalVersion: "" deprecationInfo: "" OCIS_CORS_ALLOW_HEADERS: - name: OCIS_CORS_ALLOW_HEADERS;AUTH_APP_CORS_ALLOW_HEADERS - defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id - Ocs-Apirequest]' + name: OCIS_CORS_ALLOW_HEADERS;WEBFINGER_CORS_ALLOW_HEADERS + defaultValue: '[]' type: '[]string' description: 'A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. @@ -8039,8 +8036,8 @@ OCIS_CORS_ALLOW_HEADERS: removalVersion: "" deprecationInfo: "" OCIS_CORS_ALLOW_METHODS: - name: OCIS_CORS_ALLOW_METHODS;AUTH_APP_CORS_ALLOW_METHODS - defaultValue: '[GET POST DELETE]' + name: OCIS_CORS_ALLOW_METHODS;WEBFINGER_CORS_ALLOW_METHODS + defaultValue: '[]' type: '[]string' description: 'A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. @@ -8050,8 +8047,8 @@ OCIS_CORS_ALLOW_METHODS: removalVersion: "" deprecationInfo: "" OCIS_CORS_ALLOW_ORIGINS: - name: OCIS_CORS_ALLOW_ORIGINS;AUTH_APP_CORS_ALLOW_ORIGINS - defaultValue: '[*]' + name: OCIS_CORS_ALLOW_ORIGINS;WEBFINGER_CORS_ALLOW_ORIGINS + defaultValue: '[https://localhost:9200]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. @@ -8194,7 +8191,7 @@ OCIS_ENABLE_RESHARING: removalVersion: "" deprecationInfo: Resharing will be removed in the future. OCIS_EVENTS_AUTH_PASSWORD: - name: OCIS_EVENTS_AUTH_PASSWORD;NOTIFICATIONS_EVENTS_AUTH_PASSWORD + name: OCIS_EVENTS_AUTH_PASSWORD;USERLOG_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the events broker. The events broker @@ -8204,7 +8201,7 @@ OCIS_EVENTS_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" OCIS_EVENTS_AUTH_USERNAME: - name: OCIS_EVENTS_AUTH_USERNAME;NOTIFICATIONS_EVENTS_AUTH_USERNAME + name: OCIS_EVENTS_AUTH_USERNAME;USERLOG_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the events broker. The events broker @@ -8214,7 +8211,7 @@ OCIS_EVENTS_AUTH_USERNAME: removalVersion: "" deprecationInfo: "" OCIS_EVENTS_CLUSTER: - name: OCIS_EVENTS_CLUSTER;NOTIFICATIONS_EVENTS_CLUSTER + name: OCIS_EVENTS_CLUSTER;USERLOG_EVENTS_CLUSTER defaultValue: ocis-cluster type: string description: The clusterID of the event system. The event system is the message @@ -8225,7 +8222,7 @@ OCIS_EVENTS_CLUSTER: removalVersion: "" deprecationInfo: "" OCIS_EVENTS_ENABLE_TLS: - name: OCIS_EVENTS_ENABLE_TLS;NOTIFICATIONS_EVENTS_ENABLE_TLS + name: OCIS_EVENTS_ENABLE_TLS;USERLOG_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker @@ -8235,7 +8232,7 @@ OCIS_EVENTS_ENABLE_TLS: removalVersion: "" deprecationInfo: "" OCIS_EVENTS_ENDPOINT: - name: OCIS_EVENTS_ENDPOINT;NOTIFICATIONS_EVENTS_ENDPOINT + name: OCIS_EVENTS_ENDPOINT;USERLOG_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing @@ -8245,7 +8242,7 @@ OCIS_EVENTS_ENDPOINT: removalVersion: "" deprecationInfo: "" OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE: - name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;NOTIFICATIONS_EVENTS_TLS_ROOT_CA_CERTIFICATE + name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;USERLOG_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. @@ -8255,11 +8252,11 @@ OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE: removalVersion: "" deprecationInfo: "" OCIS_GATEWAY_GRPC_ADDR: - name: OCIS_GATEWAY_GRPC_ADDR;GATEWAY_GRPC_ADDR + name: OCIS_GATEWAY_GRPC_ADDR;STORAGE_USERS_GATEWAY_GRPC_ADDR defaultValue: 127.0.0.1:9142 type: string - description: The bind address of the GRPC service. - introductionVersion: pre5.0 + description: The bind address of the gateway GRPC address. + introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" @@ -8287,11 +8284,11 @@ OCIS_GRPC_CLIENT_TLS_MODE: removalVersion: "" deprecationInfo: "" OCIS_GRPC_PROTOCOL: - name: OCIS_GRPC_PROTOCOL;AUTH_APP_GRPC_PROTOCOL + name: OCIS_GRPC_PROTOCOL;APP_REGISTRY_GRPC_PROTOCOL defaultValue: "" type: string description: The transport protocol of the GRPC service. - introductionVersion: '%%NEXT%%' + introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" @@ -8327,20 +8324,20 @@ OCIS_HTTP_TLS_KEY: removalVersion: "" deprecationInfo: "" OCIS_INSECURE: - name: OCIS_INSECURE;NOTIFICATIONS_EVENTS_TLS_INSECURE + name: OCIS_INSECURE;WEBFINGER_INSECURE defaultValue: "false" type: bool - description: Whether to verify the server TLS certificates. + description: Allow insecure connections to the WEBFINGER service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_JWT_SECRET: - name: OCIS_JWT_SECRET;AUTH_APP_JWT_SECRET + name: OCIS_JWT_SECRET;APP_REGISTRY_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. - introductionVersion: '%%NEXT%%' + introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" @@ -8400,8 +8397,8 @@ OCIS_KEYCLOAK_USER_REALM: removalVersion: "" deprecationInfo: "" OCIS_LDAP_BIND_DN: - name: OCIS_LDAP_BIND_DN;USERS_LDAP_BIND_DN - defaultValue: uid=reva,ou=sysusers,o=libregraph-idm + name: OCIS_LDAP_BIND_DN;IDP_LDAP_BIND_DN + defaultValue: uid=idp,ou=sysusers,o=libregraph-idm type: string description: LDAP DN to use for simple bind authentication with the target LDAP server. @@ -8410,7 +8407,7 @@ OCIS_LDAP_BIND_DN: removalVersion: "" deprecationInfo: "" OCIS_LDAP_BIND_PASSWORD: - name: OCIS_LDAP_BIND_PASSWORD;USERS_LDAP_BIND_PASSWORD + name: OCIS_LDAP_BIND_PASSWORD;IDP_LDAP_BIND_PASSWORD defaultValue: "" type: string description: Password to use for authenticating the 'bind_dn'. @@ -8419,31 +8416,31 @@ OCIS_LDAP_BIND_PASSWORD: removalVersion: "" deprecationInfo: "" OCIS_LDAP_CACERT: - name: OCIS_LDAP_CACERT;USERS_LDAP_CACERT + name: OCIS_LDAP_CACERT;IDP_LDAP_TLS_CACERT defaultValue: /var/lib/ocis/idm/ldap.crt type: string description: Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root - directory derives from $OCIS_BASE_DATA_PATH/idm. + directory derives from $OCIS_BASE_DATA_PATH/idp. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_DISABLE_USER_MECHANISM: - name: OCIS_LDAP_DISABLE_USER_MECHANISM;USERS_LDAP_DISABLE_USER_MECHANISM + name: OCIS_LDAP_DISABLE_USER_MECHANISM;GRAPH_DISABLE_USER_MECHANISM defaultValue: attribute type: string - description: An option to control the behavior for disabling users. Valid options + description: An option to control the behavior for disabling users. Supported options are 'none', 'attribute' and 'group'. If set to 'group', disabling a user via API will add the user to the configured group for disabled users, if set to 'attribute' this will be done in the ldap user entry, if set to 'none' the disable request - is not processed. + is not processed. Default is 'attribute'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_DISABLED_USERS_GROUP_DN: - name: OCIS_LDAP_DISABLED_USERS_GROUP_DN;USERS_LDAP_DISABLED_USERS_GROUP_DN + name: OCIS_LDAP_DISABLED_USERS_GROUP_DN;GRAPH_DISABLED_USERS_GROUP_DN defaultValue: cn=DisabledUsersGroup,ou=groups,o=libregraph-idm type: string description: The distinguished name of the group to which added users will be classified @@ -8453,7 +8450,7 @@ OCIS_LDAP_DISABLED_USERS_GROUP_DN: removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_BASE_DN: - name: OCIS_LDAP_GROUP_BASE_DN;USERS_LDAP_GROUP_BASE_DN + name: OCIS_LDAP_GROUP_BASE_DN;GRAPH_LDAP_GROUP_BASE_DN defaultValue: ou=groups,o=libregraph-idm type: string description: Search base DN for looking up LDAP groups. @@ -8462,7 +8459,7 @@ OCIS_LDAP_GROUP_BASE_DN: removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_FILTER: - name: OCIS_LDAP_GROUP_FILTER;USERS_LDAP_GROUP_FILTER + name: OCIS_LDAP_GROUP_FILTER;GRAPH_LDAP_GROUP_FILTER defaultValue: "" type: string description: LDAP filter to add to the default filters for group searches. @@ -8471,17 +8468,17 @@ OCIS_LDAP_GROUP_FILTER: removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_OBJECTCLASS: - name: OCIS_LDAP_GROUP_OBJECTCLASS;USERS_LDAP_GROUP_OBJECTCLASS + name: OCIS_LDAP_GROUP_OBJECTCLASS;GRAPH_LDAP_GROUP_OBJECTCLASS defaultValue: groupOfNames type: string description: The object class to use for groups in the default group search filter - like 'groupOfNames'. + ('groupOfNames'). introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME: - name: OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME;USERS_LDAP_GROUP_SCHEMA_DISPLAYNAME + name: OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME;GROUPS_LDAP_GROUP_SCHEMA_DISPLAYNAME defaultValue: cn type: string description: LDAP Attribute to use for the displayname of groups (often the same @@ -8491,7 +8488,7 @@ OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME: removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_SCHEMA_GROUPNAME: - name: OCIS_LDAP_GROUP_SCHEMA_GROUPNAME;USERS_LDAP_GROUP_SCHEMA_GROUPNAME + name: OCIS_LDAP_GROUP_SCHEMA_GROUPNAME;GRAPH_LDAP_GROUP_NAME_ATTRIBUTE defaultValue: cn type: string description: LDAP Attribute to use for the name of groups. @@ -8500,28 +8497,28 @@ OCIS_LDAP_GROUP_SCHEMA_GROUPNAME: removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_SCHEMA_ID: - name: OCIS_LDAP_GROUP_SCHEMA_ID;USERS_LDAP_GROUP_SCHEMA_ID - defaultValue: ownclouduuid + name: OCIS_LDAP_GROUP_SCHEMA_ID;GRAPH_LDAP_GROUP_ID_ATTRIBUTE + defaultValue: owncloudUUID type: string - description: LDAP Attribute to use as the unique ID for groups. This should be a + description: LDAP Attribute to use as the unique id for groups. This should be a stable globally unique ID like a UUID. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING: - name: OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;USERS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING + name: OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;GRAPH_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING defaultValue: "false" type: bool - description: Set this to true if the defined 'id' attribute for groups is of the - 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute - of Active Directory for the group ID's. + description: Set this to true if the defined 'ID' attribute for groups is of the + 'OCTETSTRING' syntax. This is required when using the 'objectGUID' attribute of + Active Directory for the group ID's. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_SCHEMA_MAIL: - name: OCIS_LDAP_GROUP_SCHEMA_MAIL;USERS_LDAP_GROUP_SCHEMA_MAIL + name: OCIS_LDAP_GROUP_SCHEMA_MAIL;GROUPS_LDAP_GROUP_SCHEMA_MAIL defaultValue: mail type: string description: LDAP Attribute to use for the email address of groups (can be empty). @@ -8530,7 +8527,7 @@ OCIS_LDAP_GROUP_SCHEMA_MAIL: removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_SCHEMA_MEMBER: - name: OCIS_LDAP_GROUP_SCHEMA_MEMBER;USERS_LDAP_GROUP_SCHEMA_MEMBER + name: OCIS_LDAP_GROUP_SCHEMA_MEMBER;GRAPH_LDAP_GROUP_MEMBER_ATTRIBUTE defaultValue: member type: string description: LDAP Attribute that is used for group members. @@ -8539,17 +8536,17 @@ OCIS_LDAP_GROUP_SCHEMA_MEMBER: removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_SCOPE: - name: OCIS_LDAP_GROUP_SCOPE;USERS_LDAP_GROUP_SCOPE + name: OCIS_LDAP_GROUP_SCOPE;GRAPH_LDAP_GROUP_SEARCH_SCOPE defaultValue: sub type: string - description: LDAP search scope to use when looking up groups. Supported values are + description: LDAP search scope to use when looking up groups. Supported scopes are 'base', 'one' and 'sub'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_INSECURE: - name: OCIS_LDAP_INSECURE;USERS_LDAP_INSECURE + name: OCIS_LDAP_INSECURE;IDP_INSECURE defaultValue: "false" type: bool description: Disable TLS certificate validation for the LDAP connections. Do not @@ -8571,17 +8568,16 @@ OCIS_LDAP_SERVER_WRITE_ENABLED: removalVersion: "" deprecationInfo: "" OCIS_LDAP_URI: - name: OCIS_LDAP_URI;USERS_LDAP_URI + name: OCIS_LDAP_URI;IDP_LDAP_URI defaultValue: ldaps://localhost:9235 type: string - description: URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' - and 'ldap://' + description: Url of the LDAP service to use as IDP. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_BASE_DN: - name: OCIS_LDAP_USER_BASE_DN;USERS_LDAP_USER_BASE_DN + name: OCIS_LDAP_USER_BASE_DN;IDP_LDAP_BASE_DN defaultValue: ou=users,o=libregraph-idm type: string description: Search base DN for looking up LDAP users. @@ -8590,16 +8586,16 @@ OCIS_LDAP_USER_BASE_DN: removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_ENABLED_ATTRIBUTE: - name: OCIS_LDAP_USER_ENABLED_ATTRIBUTE;USERS_LDAP_USER_ENABLED_ATTRIBUTE + name: OCIS_LDAP_USER_ENABLED_ATTRIBUTE;IDP_USER_ENABLED_ATTRIBUTE defaultValue: ownCloudUserEnabled type: string - description: LDAP attribute to use as a flag telling if the user is enabled or disabled. + description: LDAP Attribute to use as a flag telling if the user is enabled or disabled. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_FILTER: - name: OCIS_LDAP_USER_FILTER;USERS_LDAP_USER_FILTER + name: OCIS_LDAP_USER_FILTER;IDP_LDAP_FILTER defaultValue: "" type: string description: LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'. @@ -8608,56 +8604,54 @@ OCIS_LDAP_USER_FILTER: removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_OBJECTCLASS: - name: OCIS_LDAP_USER_OBJECTCLASS;USERS_LDAP_USER_OBJECTCLASS + name: OCIS_LDAP_USER_OBJECTCLASS;IDP_LDAP_OBJECTCLASS defaultValue: inetOrgPerson type: string - description: The object class to use for users in the default user search filter - like 'inetOrgPerson'. + description: LDAP User ObjectClass like 'inetOrgPerson'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_SCHEMA_DISPLAYNAME: - name: OCIS_LDAP_USER_SCHEMA_DISPLAYNAME;USERS_LDAP_USER_SCHEMA_DISPLAYNAME - defaultValue: displayname + name: OCIS_LDAP_USER_SCHEMA_DISPLAYNAME;LDAP_USER_SCHEMA_DISPLAY_NAME;GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE + defaultValue: displayName type: string - description: LDAP Attribute to use for the displayname of users. + description: LDAP Attribute to use for the display name of users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_SCHEMA_ID: - name: OCIS_LDAP_USER_SCHEMA_ID;USERS_LDAP_USER_SCHEMA_ID - defaultValue: ownclouduuid + name: OCIS_LDAP_USER_SCHEMA_ID;IDP_LDAP_UUID_ATTRIBUTE + defaultValue: ownCloudUUID type: string - description: LDAP Attribute to use as the unique ID for users. This should be a - stable globally unique ID like a UUID. + description: LDAP User UUID attribute like 'uid'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING: - name: OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;USERS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING + name: OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;GRAPH_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING defaultValue: "false" type: bool description: Set this to true if the defined 'ID' attribute for users is of the - 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute - of Active Directory for the user ID's. + 'OCTETSTRING' syntax. This is required when using the 'objectGUID' attribute of + Active Directory for the user ID's. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_SCHEMA_MAIL: - name: OCIS_LDAP_USER_SCHEMA_MAIL;USERS_LDAP_USER_SCHEMA_MAIL + name: OCIS_LDAP_USER_SCHEMA_MAIL;IDP_LDAP_EMAIL_ATTRIBUTE defaultValue: mail type: string - description: LDAP Attribute to use for the email address of users. + description: LDAP User email attribute like 'mail'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_SCHEMA_USER_TYPE: - name: OCIS_LDAP_USER_SCHEMA_USER_TYPE;USERS_LDAP_USER_TYPE_ATTRIBUTE + name: OCIS_LDAP_USER_SCHEMA_USER_TYPE;GRAPH_LDAP_USER_TYPE_ATTRIBUTE defaultValue: ownCloudUserType type: string description: LDAP Attribute to distinguish between 'Member' and 'Guest' users. Default @@ -8667,26 +8661,26 @@ OCIS_LDAP_USER_SCHEMA_USER_TYPE: removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_SCHEMA_USERNAME: - name: OCIS_LDAP_USER_SCHEMA_USERNAME;USERS_LDAP_USER_SCHEMA_USERNAME - defaultValue: uid + name: OCIS_LDAP_USER_SCHEMA_USERNAME;IDP_LDAP_NAME_ATTRIBUTE + defaultValue: displayName type: string - description: LDAP Attribute to use for username of users. + description: LDAP User name attribute like 'displayName'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_SCOPE: - name: OCIS_LDAP_USER_SCOPE;USERS_LDAP_USER_SCOPE + name: OCIS_LDAP_USER_SCOPE;IDP_LDAP_SCOPE defaultValue: sub type: string - description: LDAP search scope to use when looking up users. Supported values are + description: LDAP search scope to use when looking up users. Supported scopes are 'base', 'one' and 'sub'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LOG_COLOR: - name: OCIS_LOG_COLOR;NOTIFICATIONS_LOG_COLOR + name: OCIS_LOG_COLOR;APP_REGISTRY_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -8695,7 +8689,7 @@ OCIS_LOG_COLOR: removalVersion: "" deprecationInfo: "" OCIS_LOG_FILE: - name: OCIS_LOG_FILE;NOTIFICATIONS_LOG_FILE + name: OCIS_LOG_FILE;APP_REGISTRY_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -8704,7 +8698,7 @@ OCIS_LOG_FILE: removalVersion: "" deprecationInfo: "" OCIS_LOG_LEVEL: - name: OCIS_LOG_LEVEL;NOTIFICATIONS_LOG_LEVEL + name: OCIS_LOG_LEVEL;APP_REGISTRY_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -8714,7 +8708,7 @@ OCIS_LOG_LEVEL: removalVersion: "" deprecationInfo: "" OCIS_LOG_PRETTY: - name: OCIS_LOG_PRETTY;NOTIFICATIONS_LOG_PRETTY + name: OCIS_LOG_PRETTY;APP_REGISTRY_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -8723,12 +8717,12 @@ OCIS_LOG_PRETTY: removalVersion: "" deprecationInfo: "" OCIS_MACHINE_AUTH_API_KEY: - name: OCIS_MACHINE_AUTH_API_KEY;AUTH_APP_MACHINE_AUTH_API_KEY + name: OCIS_MACHINE_AUTH_API_KEY;OCDAV_MACHINE_AUTH_API_KEY defaultValue: "" type: string - description: The machine auth API key used to validate internal requests necessary - to access resources from other services. - introductionVersion: '%%NEXT%%' + description: Machine auth API key used to validate internal requests necessary for + the access to resources from other services. + introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" @@ -8744,10 +8738,10 @@ OCIS_OIDC_CLIENT_ID: removalVersion: "" deprecationInfo: "" OCIS_OIDC_ISSUER: - name: OCIS_URL;OCIS_OIDC_ISSUER;WEB_OIDC_AUTHORITY + name: OCIS_URL;OCIS_OIDC_ISSUER;WEBFINGER_OIDC_ISSUER defaultValue: https://localhost:9200 type: string - description: URL of the OIDC issuer. It defaults to URL of the builtin IDP. + description: The identity provider href for the openid-discovery relation. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -8895,7 +8889,7 @@ OCIS_REVA_GATEWAY: name: OCIS_REVA_GATEWAY defaultValue: com.owncloud.api.gateway type: string - description: CS3 gateway used to look up user metadata + description: The CS3 gateway endpoint. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -8923,7 +8917,7 @@ OCIS_REVA_GATEWAY_TLS_MODE: removalVersion: "" deprecationInfo: "" OCIS_SERVICE_ACCOUNT_ID: - name: OCIS_SERVICE_ACCOUNT_ID;NOTIFICATIONS_SERVICE_ACCOUNT_ID + name: OCIS_SERVICE_ACCOUNT_ID;USERLOG_SERVICE_ACCOUNT_ID defaultValue: "" type: string description: The ID of the service account the service should use. See the 'auth-service' @@ -8933,7 +8927,7 @@ OCIS_SERVICE_ACCOUNT_ID: removalVersion: "" deprecationInfo: "" OCIS_SERVICE_ACCOUNT_SECRET: - name: OCIS_SERVICE_ACCOUNT_SECRET;NOTIFICATIONS_SERVICE_ACCOUNT_SECRET + name: OCIS_SERVICE_ACCOUNT_SECRET;USERLOG_SERVICE_ACCOUNT_SECRET defaultValue: "" type: string description: The service account secret. @@ -8984,7 +8978,7 @@ OCIS_SPACES_MAX_QUOTA: removalVersion: "" deprecationInfo: "" OCIS_SYSTEM_USER_API_KEY: - name: OCIS_SYSTEM_USER_API_KEY + name: OCIS_SYSTEM_USER_API_KEY;SHARING_PUBLIC_CS3_SYSTEM_USER_API_KEY defaultValue: "" type: string description: API key for the STORAGE-SYSTEM system user. @@ -8993,10 +8987,10 @@ OCIS_SYSTEM_USER_API_KEY: removalVersion: "" deprecationInfo: "" OCIS_SYSTEM_USER_ID: - name: OCIS_SYSTEM_USER_ID + name: OCIS_SYSTEM_USER_ID;SHARING_PUBLIC_CS3_SYSTEM_USER_ID defaultValue: "" type: string - description: ID of the oCIS storage-system system user. Admins need to set the ID + description: ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID for the STORAGE-SYSTEM system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format. @@ -9014,7 +9008,7 @@ OCIS_SYSTEM_USER_IDP: removalVersion: "" deprecationInfo: "" OCIS_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;NOTIFICATIONS_TRACING_COLLECTOR + name: OCIS_TRACING_COLLECTOR;APP_REGISTRY_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -9024,7 +9018,7 @@ OCIS_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" OCIS_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;NOTIFICATIONS_TRACING_ENABLED + name: OCIS_TRACING_ENABLED;APP_REGISTRY_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -9033,7 +9027,7 @@ OCIS_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" OCIS_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;NOTIFICATIONS_TRACING_ENDPOINT + name: OCIS_TRACING_ENDPOINT;APP_REGISTRY_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -9042,7 +9036,7 @@ OCIS_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" OCIS_TRACING_TYPE: - name: OCIS_TRACING_TYPE;NOTIFICATIONS_TRACING_TYPE + name: OCIS_TRACING_TYPE;APP_REGISTRY_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -9055,13 +9049,13 @@ OCIS_TRANSFER_SECRET: name: OCIS_TRANSFER_SECRET defaultValue: "" type: string - description: The storage transfer secret. + description: Transfer secret for signing file up- and download requests. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_TRANSLATION_PATH: - name: OCIS_TRANSLATION_PATH;NOTIFICATIONS_TRANSLATION_PATH + name: OCIS_TRANSLATION_PATH;USERLOG_TRANSLATION_PATH defaultValue: "" type: string description: (optional) Set this to a path with custom translations to overwrite @@ -9072,11 +9066,13 @@ OCIS_TRANSLATION_PATH: removalVersion: "" deprecationInfo: "" OCIS_URL: - name: OCIS_URL;NOTIFICATIONS_WEB_UI_URL + name: OCIS_URL;WEBFINGER_OWNCLOUD_SERVER_INSTANCE_URL defaultValue: https://localhost:9200 type: string - description: The public facing URL of the oCIS Web UI, used e.g. when sending notification - eMails + description: The URL for the legacy ownCloud server instance relation (not to be + confused with the product ownCloud Server). It defaults to the OCIS_URL but can + be overridden to support some reverse proxy corner cases. To shard the deployment, + multiple instances can be configured in the configuration file. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -10356,6 +10352,16 @@ POSTPROCESSING_TRACING_TYPE: deprecationVersion: "" removalVersion: "" deprecationInfo: "" +POSTPROCESSING_WORKERS: + name: POSTPROCESSING_WORKERS + defaultValue: "3" + type: int + description: The number of concurrent go routines that fetch events from the event + queue. + introductionVersion: "6.7" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" PROXY_ACCOUNT_BACKEND_TYPE: name: PROXY_ACCOUNT_BACKEND_TYPE defaultValue: cs3 @@ -11640,6 +11646,24 @@ SETTINGS_SETUP_DEFAULT_ASSIGNMENTS: deprecationVersion: "" removalVersion: "" deprecationInfo: "" +SETTINGS_STORAGE_GATEWAY_GRPC_ADDR: + name: SETTINGS_STORAGE_GATEWAY_GRPC_ADDR;STORAGE_GATEWAY_GRPC_ADDR + defaultValue: com.owncloud.api.storage-system + type: string + description: GRPC address of the STORAGE-SYSTEM service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +SETTINGS_STORAGE_GRPC_ADDR: + name: SETTINGS_STORAGE_GRPC_ADDR;STORAGE_GRPC_ADDR + defaultValue: com.owncloud.api.storage-system + type: string + description: GRPC address of the STORAGE-SYSTEM service. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" SETTINGS_STORE_TYPE: name: SETTINGS_STORE_TYPE defaultValue: metadata @@ -12339,7 +12363,7 @@ SSE_CORS_ALLOW_ORIGINS: deprecationInfo: "" SSE_DEBUG_ADDR: name: SSE_DEBUG_ADDR - defaultValue: 127.0.0.1:9135 + defaultValue: 127.0.0.1:9139 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. @@ -12447,7 +12471,7 @@ SSE_EVENTS_TLS_ROOT_CA_CERTIFICATE: deprecationInfo: "" SSE_HTTP_ADDR: name: SSE_HTTP_ADDR - defaultValue: 127.0.0.1:0 + defaultValue: 127.0.0.1:9135 type: string description: The bind address of the HTTP service. introductionVersion: "5.0" @@ -12548,7 +12572,7 @@ SSE_TRACING_TYPE: removalVersion: "" deprecationInfo: "" STORAGE_GATEWAY_GRPC_ADDR: - name: STORAGE_GATEWAY_GRPC_ADDR + name: SETTINGS_STORAGE_GATEWAY_GRPC_ADDR;STORAGE_GATEWAY_GRPC_ADDR defaultValue: com.owncloud.api.storage-system type: string description: GRPC address of the STORAGE-SYSTEM service. @@ -12557,7 +12581,7 @@ STORAGE_GATEWAY_GRPC_ADDR: removalVersion: "" deprecationInfo: "" STORAGE_GRPC_ADDR: - name: STORAGE_GRPC_ADDR + name: SETTINGS_STORAGE_GRPC_ADDR;STORAGE_GRPC_ADDR defaultValue: com.owncloud.api.storage-system type: string description: GRPC address of the STORAGE-SYSTEM service. @@ -14892,7 +14916,7 @@ USERLOG_CORS_ALLOW_ORIGINS: deprecationInfo: "" USERLOG_DEBUG_ADDR: name: USERLOG_DEBUG_ADDR - defaultValue: 127.0.0.1:9210 + defaultValue: 127.0.0.1:9214 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. @@ -15011,7 +15035,7 @@ USERLOG_GLOBAL_NOTIFICATIONS_SECRET: deprecationInfo: "" USERLOG_HTTP_ADDR: name: USERLOG_HTTP_ADDR - defaultValue: 127.0.0.1:0 + defaultValue: 127.0.0.1:9210 type: string description: The bind address of the HTTP service. introductionVersion: pre5.0 @@ -16647,7 +16671,7 @@ WEBFINGER_CORS_ALLOW_ORIGINS: deprecationInfo: "" WEBFINGER_DEBUG_ADDR: name: WEBFINGER_DEBUG_ADDR - defaultValue: 127.0.0.1:0 + defaultValue: 127.0.0.1:9279 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. @@ -16685,7 +16709,7 @@ WEBFINGER_DEBUG_ZPAGES: deprecationInfo: "" WEBFINGER_HTTP_ADDR: name: WEBFINGER_HTTP_ADDR - defaultValue: 127.0.0.1:0 + defaultValue: 127.0.0.1:9275 type: string description: The bind address of the HTTP service. introductionVersion: pre5.0 diff --git a/docs/services/general-info/port-ranges.md b/docs/services/general-info/port-ranges.md index 08ce2eace..9f2b3fa8a 100644 --- a/docs/services/general-info/port-ranges.md +++ b/docs/services/general-info/port-ranges.md @@ -40,7 +40,7 @@ We also suggest using the last port in your extensions' range as a debug/metrics | 9154-9156 | [storage-shares]({{< ref "../storage-shares/_index.md" >}}) | | 9157-9159 | [storage-users]({{< ref "../storage-users/_index.md" >}}) | | 9160-9162 | [groups]({{< ref "../groups/_index.md" >}}) | -| 9163 | [ocdav]({{< ref "../ocdav/_index.md" >}}) | +| 9163,19163 | [ocdav]({{< ref "../ocdav/_index.md" >}}) | | 9164 | [groups]({{< ref "../groups/_index.md" >}}) | | 9165 | [app-provider]({{< ref "../app-provider/_index.md" >}}) | | 9166-9169 | [auth-machine]({{< ref "../auth-machine/_index.md" >}}) | @@ -64,9 +64,9 @@ We also suggest using the last port in your extensions' range as a debug/metrics | 9250-9254 | [ocis server (runtime)](https://github.com/owncloud/ocis/tree/master/ocis/pkg/runtime) | | 9255-9259 | [postprocessing]({{< ref "../postprocessing/_index.md" >}}) | | 9260-9264 | [clientlog]({{< ref "../clientlog/_index.md" >}}) | -| 9265-9269 | [clientlog]({{< ref "../clientlog/_index.md" >}}) | +| 9265-9269 | [clientlog]({{< ref "../clientlog/_index.md" >}}) | | 9270-9274 | [eventhistory]({{< ref "../eventhistory/_index.md" >}}) | -| 9275-9279 | [webfinger]({{< ref "../webfinger/_index.md" >}} | +| 9275-9279 | [webfinger]({{< ref "../webfinger/_index.md" >}}) | | 9280-9284 | [ocm]({{< ref "../ocm/_index.md" >}}) | | 9285-9289 | FREE | | 9290-9294 | FREE |