From e1c418971ab07958ca7e33c830b69d73221adf4c Mon Sep 17 00:00:00 2001 From: Martin Mattel Date: Tue, 8 Oct 2024 17:59:42 +0200 Subject: [PATCH] [docs-only[chore] env_vars.yaml update --- docs/helpers/env_vars.yaml | 330 +++++++++++++++++++------------------ 1 file changed, 167 insertions(+), 163 deletions(-) diff --git a/docs/helpers/env_vars.yaml b/docs/helpers/env_vars.yaml index 97f93bb09..575b8da9c 100644 --- a/docs/helpers/env_vars.yaml +++ b/docs/helpers/env_vars.yaml @@ -1589,7 +1589,7 @@ AUTH_BASIC_LDAP_CACERT: type: string description: Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root - directory derives from $OCIS_BASE_DATA_PATH:/idm. + directory derives from $OCIS_BASE_DATA_PATH/idm. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -5079,7 +5079,7 @@ GRAPH_LDAP_CACERT: type: string description: Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root - directory derives from $OCIS_BASE_DATA_PATH:/idm. + directory derives from $OCIS_BASE_DATA_PATH/idm. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -5328,7 +5328,7 @@ GRAPH_LDAP_USER_BASE_DN: removalVersion: "" deprecationInfo: "" GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE: - name: LDAP_USER_SCHEMA_DISPLAY_NAME;GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE + name: OCIS_LDAP_USER_SCHEMA_DISPLAYNAME;LDAP_USER_SCHEMA_DISPLAY_NAME;GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE defaultValue: displayName type: string description: LDAP Attribute to use for the display name of users. @@ -5713,7 +5713,7 @@ GROUPS_LDAP_CACERT: type: string description: Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root - directory derives from $OCIS_BASE_DATA_PATH:/idm. + directory derives from $OCIS_BASE_DATA_PATH/idm. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -6144,7 +6144,7 @@ IDM_DATABASE_PATH: defaultValue: /var/lib/ocis/idm/ocis.boltdb type: string description: Full path to the IDM backend database. If not defined, the root directory - derives from $OCIS_BASE_DATA_PATH:/idm. + derives from $OCIS_BASE_DATA_PATH/idm. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -6211,7 +6211,7 @@ IDM_LDAPS_CERT: defaultValue: /var/lib/ocis/idm/ldap.crt type: string description: File name of the TLS server certificate for the LDAPS listener. If - not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/idm. + not defined, the root directory derives from $OCIS_BASE_DATA_PATH/idm. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -6221,7 +6221,7 @@ IDM_LDAPS_KEY: defaultValue: /var/lib/ocis/idm/ldap.key type: string description: File name for the TLS certificate key for the server certificate. If - not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/idm. + not defined, the root directory derives from $OCIS_BASE_DATA_PATH/idm. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -6412,7 +6412,7 @@ IDP_ENCRYPTION_SECRET_FILE: type: string description: Path to the encryption secret file, if unset, a new certificate will be autogenerated upon each restart, thus invalidating all existing sessions. If - not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/idp. + not defined, the root directory derives from $OCIS_BASE_DATA_PATH/idp. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -6571,7 +6571,7 @@ IDP_LDAP_TLS_CACERT: type: string description: Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root - directory derives from $OCIS_BASE_DATA_PATH:/idp. + directory derives from $OCIS_BASE_DATA_PATH/idp. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -6721,7 +6721,7 @@ IDP_SIGNING_PRIVATE_KEY_FILES: defaultValue: '[/var/lib/ocis/idp/private-key.pem]' type: '[]string' description: A list of private key files for signing IDP requests. If not defined, - the root directory derives from $OCIS_BASE_DATA_PATH:/idp. See the Environment + the root directory derives from $OCIS_BASE_DATA_PATH/idp. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" @@ -6781,7 +6781,7 @@ IDP_TRANSPORT_TLS_CERT: defaultValue: /var/lib/ocis/idp/server.crt type: string description: Path/File name of the TLS server certificate (in PEM format) for the - IDP service. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/idp. + IDP service. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/idp. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -6792,7 +6792,7 @@ IDP_TRANSPORT_TLS_KEY: type: string description: Path/File name for the TLS certificate key (in PEM format) for the server certificate to use for the IDP service. If not defined, the root directory - derives from $OCIS_BASE_DATA_PATH:/idp. + derives from $OCIS_BASE_DATA_PATH/idp. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -7085,7 +7085,7 @@ LDAP_LOGIN_ATTRIBUTES: removalVersion: "" deprecationInfo: "" LDAP_USER_SCHEMA_DISPLAY_NAME: - name: LDAP_USER_SCHEMA_DISPLAY_NAME;GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE + name: OCIS_LDAP_USER_SCHEMA_DISPLAYNAME;LDAP_USER_SCHEMA_DISPLAY_NAME;GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE defaultValue: displayName type: string description: LDAP Attribute to use for the display name of users. @@ -7221,7 +7221,7 @@ NATS_NATS_STORE_DIR: defaultValue: /var/lib/ocis/nats type: string description: The directory where the filesystem storage will store NATS JetStream - data. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/nats. + data. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/nats. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -7231,7 +7231,7 @@ NATS_TLS_CERT: defaultValue: /var/lib/ocis/nats/tls.crt type: string description: Path/File name of the TLS server certificate (in PEM format) for the - NATS listener. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/nats. + NATS listener. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/nats. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -7241,7 +7241,7 @@ NATS_TLS_KEY: defaultValue: /var/lib/ocis/nats/tls.key type: string description: Path/File name for the TLS certificate key (in PEM format) for the - NATS listener. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/nats. + NATS listener. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/nats. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -7921,13 +7921,13 @@ OCIS_ASSET_THEMES_PATH: defaultValue: /var/lib/ocis/web/assets/themes type: string description: Serve ownCloud themes from a path on the filesystem instead of the - builtin assets. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/web/assets/themes + builtin assets. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/web/assets/themes introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_ASYNC_UPLOADS: - name: OCIS_ASYNC_UPLOADS + name: OCIS_ASYNC_UPLOADS;SEARCH_EVENTS_ASYNC_UPLOADS defaultValue: "true" type: bool description: Enable asynchronous file uploads. @@ -7936,28 +7936,28 @@ OCIS_ASYNC_UPLOADS: removalVersion: "" deprecationInfo: "" OCIS_CACHE_AUTH_PASSWORD: - name: OCIS_CACHE_AUTH_PASSWORD;GATEWAY_CREATE_HOME_CACHE_AUTH_PASSWORD + name: OCIS_CACHE_AUTH_PASSWORD;GRAPH_CACHE_AUTH_PASSWORD defaultValue: "" type: string - description: The password to use for authentication. Only applies when store type - 'nats-js-kv' is configured. + description: The password to authenticate with the cache. Only applies when store + type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_CACHE_AUTH_USERNAME: - name: OCIS_CACHE_AUTH_USERNAME;GATEWAY_CREATE_HOME_CACHE_AUTH_USERNAME + name: OCIS_CACHE_AUTH_USERNAME;GRAPH_CACHE_AUTH_USERNAME defaultValue: "" type: string - description: The username to use for authentication. Only applies when store type - 'nats-js-kv' is configured. + description: The username to authenticate with the cache. Only applies when store + type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_CACHE_DATABASE: name: OCIS_CACHE_DATABASE - defaultValue: cache-createhome + defaultValue: storage-system type: string description: The database name the configured store should use. introductionVersion: pre5.0 @@ -7965,20 +7965,20 @@ OCIS_CACHE_DATABASE: removalVersion: "" deprecationInfo: "" OCIS_CACHE_DISABLE_PERSISTENCE: - name: OCIS_CACHE_DISABLE_PERSISTENCE;GATEWAY_CREATE_HOME_CACHE_DISABLE_PERSISTENCE + name: OCIS_CACHE_DISABLE_PERSISTENCE;GRAPH_CACHE_DISABLE_PERSISTENCE defaultValue: "false" type: bool - description: Disables persistence of the create home cache. Only applies when store - type 'nats-js-kv' is configured. Defaults to false. + description: Disables persistence of the cache. Only applies when store type 'nats-js-kv' + is configured. Defaults to false. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_CACHE_SIZE: - name: OCIS_CACHE_SIZE;GATEWAY_CREATE_HOME_CACHE_SIZE + name: OCIS_CACHE_SIZE;GRAPH_CACHE_SIZE defaultValue: "0" type: int - description: The maximum quantity of items in the cache. Only applies when store + description: The maximum quantity of items in the store. Only applies when store type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package though not explicitly set as default. introductionVersion: pre5.0 @@ -7986,7 +7986,7 @@ OCIS_CACHE_SIZE: removalVersion: "" deprecationInfo: "" OCIS_CACHE_STORE: - name: OCIS_CACHE_STORE;GATEWAY_CREATE_HOME_CACHE_STORE + name: OCIS_CACHE_STORE;GRAPH_CACHE_STORE defaultValue: memory type: string description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'', @@ -7996,7 +7996,7 @@ OCIS_CACHE_STORE: removalVersion: "" deprecationInfo: "" OCIS_CACHE_STORE_NODES: - name: OCIS_CACHE_STORE_NODES;GATEWAY_CREATE_HOME_CACHE_STORE_NODES + name: OCIS_CACHE_STORE_NODES;GRAPH_CACHE_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. This has no effect @@ -8008,18 +8008,17 @@ OCIS_CACHE_STORE_NODES: removalVersion: "" deprecationInfo: "" OCIS_CACHE_TTL: - name: OCIS_CACHE_TTL;GATEWAY_CREATE_HOME_CACHE_TTL - defaultValue: 5m0s + name: OCIS_CACHE_TTL;GRAPH_CACHE_TTL + defaultValue: 336h0m0s type: Duration - description: Default time to live for user info in the cache. Only applied when - access tokens has no expiration. See the Environment Variable Types description - for more details. + description: Time to live for cache records in the graph. Defaults to '336h' (2 + weeks). See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_CORS_ALLOW_CREDENTIALS: - name: OCIS_CORS_ALLOW_CREDENTIALS;USERLOG_CORS_ALLOW_CREDENTIALS + name: OCIS_CORS_ALLOW_CREDENTIALS;GRAPH_CORS_ALLOW_CREDENTIALS defaultValue: "true" type: bool description: 'Allow credentials for CORS.See following chapter for more details: @@ -8029,9 +8028,9 @@ OCIS_CORS_ALLOW_CREDENTIALS: removalVersion: "" deprecationInfo: "" OCIS_CORS_ALLOW_HEADERS: - name: OCIS_CORS_ALLOW_HEADERS;USERLOG_CORS_ALLOW_HEADERS + name: OCIS_CORS_ALLOW_HEADERS;GRAPH_CORS_ALLOW_HEADERS defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id - Ocs-Apirequest]' + Purge Restore]' type: '[]string' description: 'A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. @@ -8041,8 +8040,8 @@ OCIS_CORS_ALLOW_HEADERS: removalVersion: "" deprecationInfo: "" OCIS_CORS_ALLOW_METHODS: - name: OCIS_CORS_ALLOW_METHODS;USERLOG_CORS_ALLOW_METHODS - defaultValue: '[GET]' + name: OCIS_CORS_ALLOW_METHODS;GRAPH_CORS_ALLOW_METHODS + defaultValue: '[GET POST PUT PATCH DELETE OPTIONS]' type: '[]string' description: 'A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. @@ -8052,7 +8051,7 @@ OCIS_CORS_ALLOW_METHODS: removalVersion: "" deprecationInfo: "" OCIS_CORS_ALLOW_ORIGINS: - name: OCIS_CORS_ALLOW_ORIGINS;USERLOG_CORS_ALLOW_ORIGINS + name: OCIS_CORS_ALLOW_ORIGINS;GRAPH_CORS_ALLOW_ORIGINS defaultValue: '[*]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: @@ -8196,7 +8195,7 @@ OCIS_ENABLE_RESHARING: removalVersion: "" deprecationInfo: Resharing will be removed in the future. OCIS_EVENTS_AUTH_PASSWORD: - name: OCIS_EVENTS_AUTH_PASSWORD;ANTIVIRUS_EVENTS_AUTH_PASSWORD + name: OCIS_EVENTS_AUTH_PASSWORD;GRAPH_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the events broker. The events broker @@ -8206,7 +8205,7 @@ OCIS_EVENTS_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" OCIS_EVENTS_AUTH_USERNAME: - name: OCIS_EVENTS_AUTH_USERNAME;ANTIVIRUS_EVENTS_AUTH_USERNAME + name: OCIS_EVENTS_AUTH_USERNAME;GRAPH_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the events broker. The events broker @@ -8216,18 +8215,17 @@ OCIS_EVENTS_AUTH_USERNAME: removalVersion: "" deprecationInfo: "" OCIS_EVENTS_CLUSTER: - name: OCIS_EVENTS_CLUSTER;ANTIVIRUS_EVENTS_CLUSTER + name: OCIS_EVENTS_CLUSTER;GRAPH_EVENTS_CLUSTER defaultValue: ocis-cluster type: string description: The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. - Mandatory when using NATS as event system. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_EVENTS_ENABLE_TLS: - name: OCIS_EVENTS_ENABLE_TLS;ANTIVIRUS_EVENTS_ENABLE_TLS + name: OCIS_EVENTS_ENABLE_TLS;GRAPH_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker @@ -8237,31 +8235,32 @@ OCIS_EVENTS_ENABLE_TLS: removalVersion: "" deprecationInfo: "" OCIS_EVENTS_ENDPOINT: - name: OCIS_EVENTS_ENDPOINT;ANTIVIRUS_EVENTS_ENDPOINT + name: OCIS_EVENTS_ENDPOINT;GRAPH_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing - service. It is used as message broker for the microservice architecture. + service. It is used as message broker for the microservice architecture. Set to + a empty string to disable emitting events. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE: - name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;ANTIVIRUS_EVENTS_TLS_ROOT_CA_CERTIFICATE + name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;GRAPH_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. - If provided ANTIVIRUS_EVENTS_TLS_INSECURE will be seen as false. + If provided GRAPH_EVENTS_TLS_INSECURE will be seen as false. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_GATEWAY_GRPC_ADDR: - name: OCIS_GATEWAY_GRPC_ADDR;GATEWAY_GRPC_ADDR + name: OCIS_GATEWAY_GRPC_ADDR;STORAGE_USERS_GATEWAY_GRPC_ADDR defaultValue: 127.0.0.1:9142 type: string - description: The bind address of the GRPC service. - introductionVersion: pre5.0 + description: The bind address of the gateway GRPC address. + introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" @@ -8289,11 +8288,11 @@ OCIS_GRPC_CLIENT_TLS_MODE: removalVersion: "" deprecationInfo: "" OCIS_GRPC_PROTOCOL: - name: OCIS_GRPC_PROTOCOL;COLLABORATION_GRPC_PROTOCOL + name: OCIS_GRPC_PROTOCOL;AUTH_MACHINE_GRPC_PROTOCOL defaultValue: "" type: string description: The transport protocol of the GRPC service. - introductionVersion: '%%NEXT%%' + introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" @@ -8329,16 +8328,16 @@ OCIS_HTTP_TLS_KEY: removalVersion: "" deprecationInfo: "" OCIS_INSECURE: - name: OCIS_INSECURE;AUTH_BEARER_OIDC_INSECURE + name: OCIS_INSECURE;GRAPH_EVENTS_TLS_INSECURE defaultValue: "false" type: bool - description: Allow insecure connections to the OIDC issuer. + description: Whether to verify the server TLS certificates. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_JWT_SECRET: - name: OCIS_JWT_SECRET;COLLABORATION_JWT_SECRET + name: OCIS_JWT_SECRET;GRAPH_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. @@ -8347,7 +8346,7 @@ OCIS_JWT_SECRET: removalVersion: "" deprecationInfo: "" OCIS_KEYCLOAK_BASE_PATH: - name: OCIS_KEYCLOAK_BASE_PATH;INVITATIONS_KEYCLOAK_BASE_PATH + name: OCIS_KEYCLOAK_BASE_PATH;GRAPH_KEYCLOAK_BASE_PATH defaultValue: "" type: string description: The URL to access keycloak. @@ -8356,16 +8355,16 @@ OCIS_KEYCLOAK_BASE_PATH: removalVersion: "" deprecationInfo: "" OCIS_KEYCLOAK_CLIENT_ID: - name: OCIS_KEYCLOAK_CLIENT_ID;INVITATIONS_KEYCLOAK_CLIENT_ID + name: OCIS_KEYCLOAK_CLIENT_ID;GRAPH_KEYCLOAK_CLIENT_ID defaultValue: "" type: string - description: The client ID to authenticate with keycloak. + description: The client id to authenticate with keycloak. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_KEYCLOAK_CLIENT_REALM: - name: OCIS_KEYCLOAK_CLIENT_REALM;INVITATIONS_KEYCLOAK_CLIENT_REALM + name: OCIS_KEYCLOAK_CLIENT_REALM;GRAPH_KEYCLOAK_CLIENT_REALM defaultValue: "" type: string description: The realm the client is defined in. @@ -8374,7 +8373,7 @@ OCIS_KEYCLOAK_CLIENT_REALM: removalVersion: "" deprecationInfo: "" OCIS_KEYCLOAK_CLIENT_SECRET: - name: OCIS_KEYCLOAK_CLIENT_SECRET;INVITATIONS_KEYCLOAK_CLIENT_SECRET + name: OCIS_KEYCLOAK_CLIENT_SECRET;GRAPH_KEYCLOAK_CLIENT_SECRET defaultValue: "" type: string description: The client secret to use in authentication. @@ -8383,7 +8382,7 @@ OCIS_KEYCLOAK_CLIENT_SECRET: removalVersion: "" deprecationInfo: "" OCIS_KEYCLOAK_INSECURE_SKIP_VERIFY: - name: OCIS_KEYCLOAK_INSECURE_SKIP_VERIFY;INVITATIONS_KEYCLOAK_INSECURE_SKIP_VERIFY + name: OCIS_KEYCLOAK_INSECURE_SKIP_VERIFY;GRAPH_KEYCLOAK_INSECURE_SKIP_VERIFY defaultValue: "false" type: bool description: Disable TLS certificate validation for Keycloak connections. Do not @@ -8393,7 +8392,7 @@ OCIS_KEYCLOAK_INSECURE_SKIP_VERIFY: removalVersion: "" deprecationInfo: "" OCIS_KEYCLOAK_USER_REALM: - name: OCIS_KEYCLOAK_USER_REALM;INVITATIONS_KEYCLOAK_USER_REALM + name: OCIS_KEYCLOAK_USER_REALM;GRAPH_KEYCLOAK_USER_REALM defaultValue: "" type: string description: The realm users are defined. @@ -8402,8 +8401,8 @@ OCIS_KEYCLOAK_USER_REALM: removalVersion: "" deprecationInfo: "" OCIS_LDAP_BIND_DN: - name: OCIS_LDAP_BIND_DN;IDP_LDAP_BIND_DN - defaultValue: uid=idp,ou=sysusers,o=libregraph-idm + name: OCIS_LDAP_BIND_DN;GRAPH_LDAP_BIND_DN + defaultValue: uid=libregraph,ou=sysusers,o=libregraph-idm type: string description: LDAP DN to use for simple bind authentication with the target LDAP server. @@ -8412,7 +8411,7 @@ OCIS_LDAP_BIND_DN: removalVersion: "" deprecationInfo: "" OCIS_LDAP_BIND_PASSWORD: - name: OCIS_LDAP_BIND_PASSWORD;IDP_LDAP_BIND_PASSWORD + name: OCIS_LDAP_BIND_PASSWORD;GRAPH_LDAP_BIND_PASSWORD defaultValue: "" type: string description: Password to use for authenticating the 'bind_dn'. @@ -8421,12 +8420,12 @@ OCIS_LDAP_BIND_PASSWORD: removalVersion: "" deprecationInfo: "" OCIS_LDAP_CACERT: - name: OCIS_LDAP_CACERT;IDP_LDAP_TLS_CACERT + name: OCIS_LDAP_CACERT;GRAPH_LDAP_CACERT defaultValue: /var/lib/ocis/idm/ldap.crt type: string description: Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root - directory derives from $OCIS_BASE_DATA_PATH:/idp. + directory derives from $OCIS_BASE_DATA_PATH/idm. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -8455,7 +8454,7 @@ OCIS_LDAP_DISABLED_USERS_GROUP_DN: removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_BASE_DN: - name: OCIS_LDAP_GROUP_BASE_DN;GROUPS_LDAP_GROUP_BASE_DN + name: OCIS_LDAP_GROUP_BASE_DN;GRAPH_LDAP_GROUP_BASE_DN defaultValue: ou=groups,o=libregraph-idm type: string description: Search base DN for looking up LDAP groups. @@ -8464,7 +8463,7 @@ OCIS_LDAP_GROUP_BASE_DN: removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_FILTER: - name: OCIS_LDAP_GROUP_FILTER;GROUPS_LDAP_GROUP_FILTER + name: OCIS_LDAP_GROUP_FILTER;GRAPH_LDAP_GROUP_FILTER defaultValue: "" type: string description: LDAP filter to add to the default filters for group searches. @@ -8473,7 +8472,7 @@ OCIS_LDAP_GROUP_FILTER: removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_OBJECTCLASS: - name: OCIS_LDAP_GROUP_OBJECTCLASS;GROUPS_LDAP_GROUP_OBJECTCLASS + name: OCIS_LDAP_GROUP_OBJECTCLASS;GRAPH_LDAP_GROUP_OBJECTCLASS defaultValue: groupOfNames type: string description: The object class to use for groups in the default group search filter @@ -8483,7 +8482,7 @@ OCIS_LDAP_GROUP_OBJECTCLASS: removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME: - name: OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME;GROUPS_LDAP_GROUP_SCHEMA_DISPLAYNAME + name: OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME;AUTH_BASIC_LDAP_GROUP_SCHEMA_DISPLAYNAME defaultValue: cn type: string description: LDAP Attribute to use for the displayname of groups (often the same @@ -8493,7 +8492,7 @@ OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME: removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_SCHEMA_GROUPNAME: - name: OCIS_LDAP_GROUP_SCHEMA_GROUPNAME;GROUPS_LDAP_GROUP_SCHEMA_GROUPNAME + name: OCIS_LDAP_GROUP_SCHEMA_GROUPNAME;GRAPH_LDAP_GROUP_NAME_ATTRIBUTE defaultValue: cn type: string description: LDAP Attribute to use for the name of groups. @@ -8502,8 +8501,8 @@ OCIS_LDAP_GROUP_SCHEMA_GROUPNAME: removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_SCHEMA_ID: - name: OCIS_LDAP_GROUP_SCHEMA_ID;GROUPS_LDAP_GROUP_SCHEMA_ID - defaultValue: ownclouduuid + name: OCIS_LDAP_GROUP_SCHEMA_ID;GRAPH_LDAP_GROUP_ID_ATTRIBUTE + defaultValue: owncloudUUID type: string description: LDAP Attribute to use as the unique id for groups. This should be a stable globally unique ID like a UUID. @@ -8512,18 +8511,18 @@ OCIS_LDAP_GROUP_SCHEMA_ID: removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING: - name: OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;GROUPS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING + name: OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;GRAPH_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING defaultValue: "false" type: bool - description: Set this to true if the defined 'id' attribute for groups is of the - 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute - of Active Directory for the group ID's. + description: Set this to true if the defined 'ID' attribute for groups is of the + 'OCTETSTRING' syntax. This is required when using the 'objectGUID' attribute of + Active Directory for the group ID's. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_SCHEMA_MAIL: - name: OCIS_LDAP_GROUP_SCHEMA_MAIL;GROUPS_LDAP_GROUP_SCHEMA_MAIL + name: OCIS_LDAP_GROUP_SCHEMA_MAIL;AUTH_BASIC_LDAP_GROUP_SCHEMA_MAIL defaultValue: mail type: string description: LDAP Attribute to use for the email address of groups (can be empty). @@ -8532,7 +8531,7 @@ OCIS_LDAP_GROUP_SCHEMA_MAIL: removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_SCHEMA_MEMBER: - name: OCIS_LDAP_GROUP_SCHEMA_MEMBER;GROUPS_LDAP_GROUP_SCHEMA_MEMBER + name: OCIS_LDAP_GROUP_SCHEMA_MEMBER;GRAPH_LDAP_GROUP_MEMBER_ATTRIBUTE defaultValue: member type: string description: LDAP Attribute that is used for group members. @@ -8541,7 +8540,7 @@ OCIS_LDAP_GROUP_SCHEMA_MEMBER: removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_SCOPE: - name: OCIS_LDAP_GROUP_SCOPE;GROUPS_LDAP_GROUP_SCOPE + name: OCIS_LDAP_GROUP_SCOPE;GRAPH_LDAP_GROUP_SEARCH_SCOPE defaultValue: sub type: string description: LDAP search scope to use when looking up groups. Supported scopes are @@ -8551,7 +8550,7 @@ OCIS_LDAP_GROUP_SCOPE: removalVersion: "" deprecationInfo: "" OCIS_LDAP_INSECURE: - name: OCIS_LDAP_INSECURE;IDP_INSECURE + name: OCIS_LDAP_INSECURE;GRAPH_LDAP_INSECURE defaultValue: "false" type: bool description: Disable TLS certificate validation for the LDAP connections. Do not @@ -8573,16 +8572,17 @@ OCIS_LDAP_SERVER_WRITE_ENABLED: removalVersion: "" deprecationInfo: "" OCIS_LDAP_URI: - name: OCIS_LDAP_URI;IDP_LDAP_URI + name: OCIS_LDAP_URI;GRAPH_LDAP_URI defaultValue: ldaps://localhost:9235 type: string - description: Url of the LDAP service to use as IDP. + description: URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' + and 'ldap://' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_BASE_DN: - name: OCIS_LDAP_USER_BASE_DN;IDP_LDAP_BASE_DN + name: OCIS_LDAP_USER_BASE_DN;GRAPH_LDAP_USER_BASE_DN defaultValue: ou=users,o=libregraph-idm type: string description: Search base DN for looking up LDAP users. @@ -8591,7 +8591,7 @@ OCIS_LDAP_USER_BASE_DN: removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_ENABLED_ATTRIBUTE: - name: OCIS_LDAP_USER_ENABLED_ATTRIBUTE;IDP_USER_ENABLED_ATTRIBUTE + name: OCIS_LDAP_USER_ENABLED_ATTRIBUTE;GRAPH_USER_ENABLED_ATTRIBUTE defaultValue: ownCloudUserEnabled type: string description: LDAP Attribute to use as a flag telling if the user is enabled or disabled. @@ -8600,7 +8600,7 @@ OCIS_LDAP_USER_ENABLED_ATTRIBUTE: removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_FILTER: - name: OCIS_LDAP_USER_FILTER;IDP_LDAP_FILTER + name: OCIS_LDAP_USER_FILTER;GRAPH_LDAP_USER_FILTER defaultValue: "" type: string description: LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'. @@ -8609,48 +8609,50 @@ OCIS_LDAP_USER_FILTER: removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_OBJECTCLASS: - name: OCIS_LDAP_USER_OBJECTCLASS;IDP_LDAP_OBJECTCLASS + name: OCIS_LDAP_USER_OBJECTCLASS;GRAPH_LDAP_USER_OBJECTCLASS defaultValue: inetOrgPerson type: string - description: LDAP User ObjectClass like 'inetOrgPerson'. + description: The object class to use for users in the default user search filter + ('inetOrgPerson'). introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_SCHEMA_DISPLAYNAME: - name: OCIS_LDAP_USER_SCHEMA_DISPLAYNAME;GROUPS_LDAP_USER_SCHEMA_DISPLAYNAME - defaultValue: displayname + name: OCIS_LDAP_USER_SCHEMA_DISPLAYNAME;LDAP_USER_SCHEMA_DISPLAY_NAME;GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE + defaultValue: displayName type: string - description: LDAP Attribute to use for the displayname of users. + description: LDAP Attribute to use for the display name of users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_SCHEMA_ID: - name: OCIS_LDAP_USER_SCHEMA_ID;IDP_LDAP_UUID_ATTRIBUTE - defaultValue: ownCloudUUID + name: OCIS_LDAP_USER_SCHEMA_ID;GRAPH_LDAP_USER_UID_ATTRIBUTE + defaultValue: owncloudUUID type: string - description: LDAP User UUID attribute like 'uid'. + description: LDAP Attribute to use as the unique ID for users. This should be a + stable globally unique ID like a UUID. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING: - name: OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;GROUPS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING + name: OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;GRAPH_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING defaultValue: "false" type: bool description: Set this to true if the defined 'ID' attribute for users is of the - 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute - of Active Directory for the user ID's. + 'OCTETSTRING' syntax. This is required when using the 'objectGUID' attribute of + Active Directory for the user ID's. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_SCHEMA_MAIL: - name: OCIS_LDAP_USER_SCHEMA_MAIL;IDP_LDAP_EMAIL_ATTRIBUTE + name: OCIS_LDAP_USER_SCHEMA_MAIL;GRAPH_LDAP_USER_EMAIL_ATTRIBUTE defaultValue: mail type: string - description: LDAP User email attribute like 'mail'. + description: LDAP Attribute to use for the email address of users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -8666,16 +8668,16 @@ OCIS_LDAP_USER_SCHEMA_USER_TYPE: removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_SCHEMA_USERNAME: - name: OCIS_LDAP_USER_SCHEMA_USERNAME;IDP_LDAP_NAME_ATTRIBUTE - defaultValue: displayName + name: OCIS_LDAP_USER_SCHEMA_USERNAME;GRAPH_LDAP_USER_NAME_ATTRIBUTE + defaultValue: uid type: string - description: LDAP User name attribute like 'displayName'. + description: LDAP Attribute to use for username of users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_SCOPE: - name: OCIS_LDAP_USER_SCOPE;IDP_LDAP_SCOPE + name: OCIS_LDAP_USER_SCOPE;GRAPH_LDAP_USER_SCOPE defaultValue: sub type: string description: LDAP search scope to use when looking up users. Supported scopes are @@ -8722,7 +8724,7 @@ OCIS_LOG_PRETTY: removalVersion: "" deprecationInfo: "" OCIS_MACHINE_AUTH_API_KEY: - name: OCIS_MACHINE_AUTH_API_KEY;OCDAV_MACHINE_AUTH_API_KEY + name: OCIS_MACHINE_AUTH_API_KEY;AUTH_MACHINE_API_KEY defaultValue: "" type: string description: Machine auth API key used to validate internal requests necessary for @@ -8752,7 +8754,7 @@ OCIS_OIDC_ISSUER: removalVersion: "" deprecationInfo: "" OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST: - name: OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST;FRONTEND_PASSWORD_POLICY_BANNED_PASSWORDS_LIST + name: OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST;SHARING_PASSWORD_POLICY_BANNED_PASSWORDS_LIST defaultValue: "" type: string description: Path to the 'banned passwords list' file. This only impacts public @@ -8762,7 +8764,7 @@ OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST: removalVersion: "" deprecationInfo: "" OCIS_PASSWORD_POLICY_DISABLED: - name: OCIS_PASSWORD_POLICY_DISABLED;FRONTEND_PASSWORD_POLICY_DISABLED + name: OCIS_PASSWORD_POLICY_DISABLED;SHARING_PASSWORD_POLICY_DISABLED defaultValue: "false" type: bool description: Disable the password policy. Defaults to false if not set. @@ -8771,7 +8773,7 @@ OCIS_PASSWORD_POLICY_DISABLED: removalVersion: "" deprecationInfo: "" OCIS_PASSWORD_POLICY_MIN_CHARACTERS: - name: OCIS_PASSWORD_POLICY_MIN_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_CHARACTERS + name: OCIS_PASSWORD_POLICY_MIN_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_CHARACTERS defaultValue: "8" type: int description: Define the minimum password length. Defaults to 8 if not set. @@ -8780,7 +8782,7 @@ OCIS_PASSWORD_POLICY_MIN_CHARACTERS: removalVersion: "" deprecationInfo: "" OCIS_PASSWORD_POLICY_MIN_DIGITS: - name: OCIS_PASSWORD_POLICY_MIN_DIGITS;FRONTEND_PASSWORD_POLICY_MIN_DIGITS + name: OCIS_PASSWORD_POLICY_MIN_DIGITS;SHARING_PASSWORD_POLICY_MIN_DIGITS defaultValue: "1" type: int description: Define the minimum number of digits. Defaults to 1 if not set. @@ -8789,7 +8791,7 @@ OCIS_PASSWORD_POLICY_MIN_DIGITS: removalVersion: "" deprecationInfo: "" OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS: - name: OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS + name: OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS defaultValue: "1" type: int description: Define the minimum number of uppercase letters. Defaults to 1 if not @@ -8799,7 +8801,7 @@ OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS: removalVersion: "" deprecationInfo: "" OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS: - name: OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS + name: OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS defaultValue: "1" type: int description: Define the minimum number of characters from the special characters @@ -8809,7 +8811,7 @@ OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS: removalVersion: "" deprecationInfo: "" OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS: - name: OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS + name: OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS defaultValue: "1" type: int description: Define the minimum number of lowercase letters. Defaults to 1 if not @@ -8819,8 +8821,8 @@ OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS: removalVersion: "" deprecationInfo: "" OCIS_PERSISTENT_STORE: - name: OCIS_PERSISTENT_STORE;USERLOG_STORE - defaultValue: memory + name: OCIS_PERSISTENT_STORE;ACTIVITYLOG_STORE + defaultValue: nats-js-kv type: string description: 'The type of the store. Supported values are: ''memory'', ''ocmem'', ''etcd'', ''redis'', ''redis-sentinel'', ''nats-js'', ''noop''. See the text description @@ -8830,7 +8832,7 @@ OCIS_PERSISTENT_STORE: removalVersion: "" deprecationInfo: "" OCIS_PERSISTENT_STORE_AUTH_PASSWORD: - name: OCIS_PERSISTENT_STORE_AUTH_PASSWORD;USERLOG_STORE_AUTH_PASSWORD + name: OCIS_PERSISTENT_STORE_AUTH_PASSWORD;ACTIVITYLOG_STORE_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the store. Only applies when store @@ -8840,7 +8842,7 @@ OCIS_PERSISTENT_STORE_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" OCIS_PERSISTENT_STORE_AUTH_USERNAME: - name: OCIS_PERSISTENT_STORE_AUTH_USERNAME;USERLOG_STORE_AUTH_USERNAME + name: OCIS_PERSISTENT_STORE_AUTH_USERNAME;ACTIVITYLOG_STORE_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the store. Only applies when store @@ -8850,8 +8852,8 @@ OCIS_PERSISTENT_STORE_AUTH_USERNAME: removalVersion: "" deprecationInfo: "" OCIS_PERSISTENT_STORE_NODES: - name: OCIS_PERSISTENT_STORE_NODES;USERLOG_STORE_NODES - defaultValue: '[]' + name: OCIS_PERSISTENT_STORE_NODES;ACTIVITYLOG_STORE_NODES + defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. This has no effect when 'memory' or 'ocmem' stores are configured. Note that the behaviour how nodes @@ -8862,22 +8864,22 @@ OCIS_PERSISTENT_STORE_NODES: removalVersion: "" deprecationInfo: "" OCIS_PERSISTENT_STORE_SIZE: - name: OCIS_PERSISTENT_STORE_SIZE;USERLOG_STORE_SIZE + name: OCIS_PERSISTENT_STORE_SIZE;ACTIVITYLOG_STORE_SIZE defaultValue: "0" type: int description: The maximum quantity of items in the store. Only applies when store type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package - though not exclicitly set as default. + though not explicitly set as default. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_PERSISTENT_STORE_TTL: - name: OCIS_PERSISTENT_STORE_TTL;USERLOG_STORE_TTL - defaultValue: 336h0m0s + name: OCIS_PERSISTENT_STORE_TTL;ACTIVITYLOG_STORE_TTL + defaultValue: 0s type: Duration - description: Time to live for events in the store. Defaults to '336h' (2 weeks). - See the Environment Variable Types description for more details. + description: Time to live for events in the store. See the Environment Variable + Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -8892,11 +8894,11 @@ OCIS_PUBLIC_URL: removalVersion: "" deprecationInfo: "" OCIS_REVA_GATEWAY: - name: OCIS_REVA_GATEWAY;COLLABORATION_CS3API_GATEWAY_NAME + name: OCIS_REVA_GATEWAY defaultValue: com.owncloud.api.gateway type: string - description: CS3 gateway used to look up user metadata. - introductionVersion: 6.0.0 + description: The CS3 gateway endpoint. + introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" @@ -8923,7 +8925,7 @@ OCIS_REVA_GATEWAY_TLS_MODE: removalVersion: "" deprecationInfo: "" OCIS_SERVICE_ACCOUNT_ID: - name: OCIS_SERVICE_ACCOUNT_ID;USERLOG_SERVICE_ACCOUNT_ID + name: OCIS_SERVICE_ACCOUNT_ID;GRAPH_SERVICE_ACCOUNT_ID defaultValue: "" type: string description: The ID of the service account the service should use. See the 'auth-service' @@ -8933,7 +8935,7 @@ OCIS_SERVICE_ACCOUNT_ID: removalVersion: "" deprecationInfo: "" OCIS_SERVICE_ACCOUNT_SECRET: - name: OCIS_SERVICE_ACCOUNT_SECRET;USERLOG_SERVICE_ACCOUNT_SECRET + name: OCIS_SERVICE_ACCOUNT_SECRET;GRAPH_SERVICE_ACCOUNT_SECRET defaultValue: "" type: string description: The service account secret. @@ -8942,7 +8944,7 @@ OCIS_SERVICE_ACCOUNT_SECRET: removalVersion: "" deprecationInfo: "" OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD: - name: OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD + name: OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD;SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD defaultValue: "true" type: bool description: Set this to true if you want to enforce passwords on all public shares. @@ -8951,11 +8953,13 @@ OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD: removalVersion: "" deprecationInfo: "" OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD: - name: OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD + name: OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD;SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD defaultValue: "false" type: bool - description: Set this to true if you want to enforce passwords for writable shares. - Only effective if the setting for 'passwords on all public shares' is set to false. + description: Set this to true if you want to enforce passwords on Uploader, Editor + or Contributor shares. If not using the global OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD, + you must define the FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD in + the frontend service. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" @@ -8983,7 +8987,7 @@ OCIS_SPACES_MAX_QUOTA: removalVersion: "" deprecationInfo: "" OCIS_SYSTEM_USER_API_KEY: - name: OCIS_SYSTEM_USER_API_KEY + name: OCIS_SYSTEM_USER_API_KEY;SHARING_PUBLIC_CS3_SYSTEM_USER_API_KEY defaultValue: "" type: string description: API key for the STORAGE-SYSTEM system user. @@ -8992,7 +8996,7 @@ OCIS_SYSTEM_USER_API_KEY: removalVersion: "" deprecationInfo: "" OCIS_SYSTEM_USER_ID: - name: OCIS_SYSTEM_USER_ID;SETTINGS_SYSTEM_USER_ID + name: OCIS_SYSTEM_USER_ID;SHARING_PUBLIC_CS3_SYSTEM_USER_ID defaultValue: "" type: string description: ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID @@ -9004,7 +9008,7 @@ OCIS_SYSTEM_USER_ID: removalVersion: "" deprecationInfo: "" OCIS_SYSTEM_USER_IDP: - name: OCIS_SYSTEM_USER_IDP;SETTINGS_SYSTEM_USER_IDP + name: OCIS_SYSTEM_USER_IDP;SHARING_PUBLIC_CS3_SYSTEM_USER_IDP defaultValue: internal type: string description: IDP of the oCIS STORAGE-SYSTEM system user. @@ -9060,13 +9064,13 @@ OCIS_TRANSFER_SECRET: removalVersion: "" deprecationInfo: "" OCIS_TRANSLATION_PATH: - name: OCIS_TRANSLATION_PATH;USERLOG_TRANSLATION_PATH + name: OCIS_TRANSLATION_PATH;GRAPH_TRANSLATION_PATH defaultValue: "" type: string description: (optional) Set this to a path with custom translations to overwrite the builtin translations. Note that file and folder naming rules apply, see the documentation for more details. - introductionVersion: pre5.0 + introductionVersion: '%%NEXT%%' deprecationVersion: "" removalVersion: "" deprecationInfo: "" @@ -9358,7 +9362,7 @@ OCM_OCM_CORE_JSON_FILE: defaultValue: /var/lib/ocis/storage/ocm/ocmshares.json type: string description: Path to the JSON file where OCM share data will be stored. If not defined, - the root directory derives from $OCIS_BASE_DATA_PATH:/storage. + the root directory derives from $OCIS_BASE_DATA_PATH/storage. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" @@ -9388,7 +9392,7 @@ OCM_OCM_INVITE_MANAGER_JSON_FILE: type: string description: Path to the JSON file where OCM invite data will be stored. This file is maintained by the instance and must not be changed manually. If not defined, - the root directory derives from $OCIS_BASE_DATA_PATH:/storage/ocm. + the root directory derives from $OCIS_BASE_DATA_PATH/storage/ocm. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" @@ -9416,7 +9420,7 @@ OCM_OCM_PROVIDER_AUTHORIZER_PROVIDERS_FILE: defaultValue: /etc/ocis/ocmproviders.json type: string description: Path to the JSON file where ocm invite data will be stored. Defaults - to $OCIS_CONFIG_DIR:/ocmproviders.json. + to $OCIS_CONFIG_DIR/ocmproviders.json. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" @@ -9456,7 +9460,7 @@ OCM_OCM_SHAREPROVIDER_JSON_FILE: defaultValue: /var/lib/ocis/storage/ocm/ocmshares.json type: string description: Path to the JSON file where OCM share data will be stored. If not defined, - the root directory derives from $OCIS_BASE_DATA_PATH:/storage. + the root directory derives from $OCIS_BASE_DATA_PATH/storage. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" @@ -10986,7 +10990,7 @@ PROXY_TRANSPORT_TLS_CERT: defaultValue: /var/lib/ocis/proxy/server.crt type: string description: Path/File name of the TLS server certificate (in PEM format) for the - external http services. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/proxy. + external http services. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/proxy. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -10997,7 +11001,7 @@ PROXY_TRANSPORT_TLS_KEY: type: string description: Path/File name for the TLS certificate key (in PEM format) for the server certificate to use for the external http services. If not defined, the - root directory derives from $OCIS_BASE_DATA_PATH:/proxy. + root directory derives from $OCIS_BASE_DATA_PATH/proxy. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -11077,7 +11081,7 @@ SEARCH_ENGINE_BLEVE_DATA_PATH: defaultValue: /var/lib/ocis/search type: string description: The directory where the filesystem will store search data. If not defined, - the root directory derives from $OCIS_BASE_DATA_PATH:/search. + the root directory derives from $OCIS_BASE_DATA_PATH/search. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -12019,7 +12023,7 @@ SHARING_PUBLIC_JSON_FILE: type: string description: Path to the JSON file where public share meta-data will be stored. This JSON file contains the information about public shares that have been created. - If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage. + If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/storage. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -12186,7 +12190,7 @@ SHARING_USER_JSON_FILE: defaultValue: /var/lib/ocis/storage/shares.json type: string description: Path to the JSON file where shares will be persisted. If not defined, - the root directory derives from $OCIS_BASE_DATA_PATH:/storage. + the root directory derives from $OCIS_BASE_DATA_PATH/storage. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -13157,7 +13161,7 @@ STORAGE_SYSTEM_OCIS_ROOT: defaultValue: /var/lib/ocis/storage/metadata type: string description: Path for the directory where the STORAGE-SYSTEM service stores it's - persistent data. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage. + persistent data. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/storage. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -13839,7 +13843,7 @@ STORAGE_USERS_OCIS_ROOT: defaultValue: /var/lib/ocis/storage/users type: string description: The directory where the filesystem storage will store blobs and metadata. - If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage/users. + If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/storage/users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -13867,7 +13871,7 @@ STORAGE_USERS_OWNCLOUDSQL_DATADIR: defaultValue: /var/lib/ocis/storage/owncloud type: string description: The directory where the filesystem storage will store SQL migration - data. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage/owncloud. + data. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/storage/owncloud. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -13941,7 +13945,7 @@ STORAGE_USERS_OWNCLOUDSQL_UPLOADINFO_DIR: defaultValue: /var/lib/ocis/storage/uploadinfo type: string description: The directory where the filesystem will store uploads temporarily. - If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage/uploadinfo. + If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/storage/uploadinfo. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -13998,7 +14002,7 @@ STORAGE_USERS_POSIX_ROOT: defaultValue: "" type: string description: The directory where the filesystem storage will store its data. If - not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage/users. + not defined, the root directory derives from $OCIS_BASE_DATA_PATH/storage/users. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" @@ -14294,7 +14298,7 @@ STORAGE_USERS_S3NG_ROOT: defaultValue: /var/lib/ocis/storage/users type: string description: The directory where the filesystem storage will store metadata for - blobs. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage/users. + blobs. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/storage/users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -14661,7 +14665,7 @@ THUMBNAILS_FILESYSTEMSTORAGE_ROOT: defaultValue: /var/lib/ocis/thumbnails type: string description: The directory where the filesystem storage will store the thumbnails. - If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/thumbnails. + If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/thumbnails. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -15333,7 +15337,7 @@ USERS_LDAP_CACERT: type: string description: Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root - directory derives from $OCIS_BASE_DATA_PATH:/idm. + directory derives from $OCIS_BASE_DATA_PATH/idm. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -15775,7 +15779,7 @@ WEB_ASSET_APPS_PATH: defaultValue: /var/lib/ocis/web/assets/apps type: string description: Serve ownCloud Web apps assets from a path on the filesystem instead - of the builtin assets. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/web/assets/apps + of the builtin assets. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/web/assets/apps introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" @@ -15785,7 +15789,7 @@ WEB_ASSET_CORE_PATH: defaultValue: /var/lib/ocis/web/assets/core type: string description: Serve ownCloud Web assets from a path on the filesystem instead of - the builtin assets. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/web/assets/core + the builtin assets. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/web/assets/core introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" @@ -15805,7 +15809,7 @@ WEB_ASSET_THEMES_PATH: defaultValue: /var/lib/ocis/web/assets/themes type: string description: Serve ownCloud themes from a path on the filesystem instead of the - builtin assets. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/web/assets/themes + builtin assets. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/web/assets/themes introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: ""