mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-01-05 19:59:37 -06:00
Code Issues Packages Projects Releases Wiki Activity
Files
fe65742adb294d3d305a67df5c1fbe63cf309f1c
opencloud/docs/helpers/env_vars.yaml
Martin Mattel ec40b8132f [docs-only] Update env_vars.yaml due to recent changes
2024-11-07 16:19:33 +01:00

16809 lines
563 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
ACTIVITYLOG_CORS_ALLOW_CREDENTIALS:
name: OCIS_CORS_ALLOW_CREDENTIALS;ACTIVITYLOG_CORS_ALLOW_CREDENTIALS
defaultValue: "true"
type: bool
description: 'Allow credentials for CORS.See following chapter for more details:
*Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ACTIVITYLOG_CORS_ALLOW_HEADERS:
name: OCIS_CORS_ALLOW_HEADERS;ACTIVITYLOG_CORS_ALLOW_HEADERS
defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id
Ocs-Apirequest]'
type: '[]string'
description: 'A list of allowed CORS headers. See following chapter for more details:
*Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ACTIVITYLOG_CORS_ALLOW_METHODS:
name: OCIS_CORS_ALLOW_METHODS;ACTIVITYLOG_CORS_ALLOW_METHODS
defaultValue: '[GET]'
type: '[]string'
description: 'A list of allowed CORS methods. See following chapter for more details:
*Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ACTIVITYLOG_CORS_ALLOW_ORIGINS:
name: OCIS_CORS_ALLOW_ORIGINS;ACTIVITYLOG_CORS_ALLOW_ORIGINS
defaultValue: '[*]'
type: '[]string'
description: 'A list of allowed CORS origins. See following chapter for more details:
*Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ACTIVITYLOG_DEBUG_ADDR:
name: ACTIVITYLOG_DEBUG_ADDR
defaultValue: 127.0.0.1:9197
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ACTIVITYLOG_DEBUG_PPROF:
name: ACTIVITYLOG_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ACTIVITYLOG_DEBUG_TOKEN:
name: ACTIVITYLOG_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ACTIVITYLOG_DEBUG_ZPAGES:
name: ACTIVITYLOG_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing in-memory
traces.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ACTIVITYLOG_HTTP_ADDR:
name: ACTIVITYLOG_HTTP_ADDR
defaultValue: 127.0.0.1:9195
type: string
description: The bind address of the HTTP service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ACTIVITYLOG_HTTP_ROOT:
name: ACTIVITYLOG_HTTP_ROOT
defaultValue: /
type: string
description: Subdirectory that serves as the root for this HTTP service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ACTIVITYLOG_JWT_SECRET:
name: OCIS_JWT_SECRET;ACTIVITYLOG_JWT_SECRET
defaultValue: ""
type: string
description: The secret to mint and validate jwt tokens.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ACTIVITYLOG_LOG_COLOR:
name: OCIS_LOG_COLOR;ACTIVITYLOG_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ACTIVITYLOG_LOG_FILE:
name: OCIS_LOG_FILE;ACTIVITYLOG_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ACTIVITYLOG_LOG_LEVEL:
name: OCIS_LOG_LEVEL;ACTIVITYLOG_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ACTIVITYLOG_LOG_PRETTY:
name: OCIS_LOG_PRETTY;ACTIVITYLOG_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ACTIVITYLOG_SERVICE_ACCOUNT_ID:
name: OCIS_SERVICE_ACCOUNT_ID;ACTIVITYLOG_SERVICE_ACCOUNT_ID
defaultValue: ""
type: string
description: The ID of the service account the service should use. See the 'auth-service'
service description for more details.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ACTIVITYLOG_SERVICE_ACCOUNT_SECRET:
name: OCIS_SERVICE_ACCOUNT_SECRET;ACTIVITYLOG_SERVICE_ACCOUNT_SECRET
defaultValue: ""
type: string
description: The service account secret.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ACTIVITYLOG_STORE:
name: OCIS_PERSISTENT_STORE;ACTIVITYLOG_STORE
defaultValue: nats-js-kv
type: string
description: 'The type of the store. Supported values are: ''memory'', ''nats-js-kv'',
''redis-sentinel'', ''noop''. See the text description for details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ACTIVITYLOG_STORE_AUTH_PASSWORD:
name: OCIS_PERSISTENT_STORE_AUTH_PASSWORD;ACTIVITYLOG_STORE_AUTH_PASSWORD
defaultValue: ""
type: string
description: The password to authenticate with the store. Only applies when store
type 'nats-js-kv' is configured.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ACTIVITYLOG_STORE_AUTH_USERNAME:
name: OCIS_PERSISTENT_STORE_AUTH_USERNAME;ACTIVITYLOG_STORE_AUTH_USERNAME
defaultValue: ""
type: string
description: The username to authenticate with the store. Only applies when store
type 'nats-js-kv' is configured.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ACTIVITYLOG_STORE_DATABASE:
name: ACTIVITYLOG_STORE_DATABASE
defaultValue: activitylog
type: string
description: The database name the configured store should use.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ACTIVITYLOG_STORE_NODES:
name: OCIS_PERSISTENT_STORE_NODES;ACTIVITYLOG_STORE_NODES
defaultValue: '[127.0.0.1:9233]'
type: '[]string'
description: A list of nodes to access the configured store. This has no effect
when 'memory' store is configured. Note that the behaviour how nodes are used
is dependent on the library of the configured store. See the Environment Variable
Types description for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ACTIVITYLOG_STORE_SIZE:
name: OCIS_PERSISTENT_STORE_SIZE;ACTIVITYLOG_STORE_SIZE
defaultValue: "0"
type: int
description: The maximum quantity of items in the store. Only applies when store
type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package
though not explicitly set as default.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ACTIVITYLOG_STORE_TABLE:
name: ACTIVITYLOG_STORE_TABLE
defaultValue: ""
type: string
description: The database table the store should use.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ACTIVITYLOG_STORE_TTL:
name: OCIS_PERSISTENT_STORE_TTL;ACTIVITYLOG_STORE_TTL
defaultValue: 0s
type: Duration
description: Time to live for events in the store. See the Environment Variable
Types description for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ACTIVITYLOG_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;ACTIVITYLOG_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ACTIVITYLOG_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;ACTIVITYLOG_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ACTIVITYLOG_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;ACTIVITYLOG_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ACTIVITYLOG_TRACING_TYPE:
name: OCIS_TRACING_TYPE;ACTIVITYLOG_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ACTIVITYLOG_TRANSLATION_PATH:
name: OCIS_TRANSLATION_PATH;ACTIVITYLOG_TRANSLATION_PATH
defaultValue: ""
type: string
description: (optional) Set this to a path with custom translations to overwrite
the builtin translations. Note that file and folder naming rules apply, see the
documentation for more details.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ACTIVITYOG_SERVICE_ACCOUNT_SECRET:
name: OCIS_SERVICE_ACCOUNT_SECRET;ACTIVITYOG_SERVICE_ACCOUNT_SECRET
defaultValue: ""
type: string
description: The service account secret.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ANTIVIRUS_CLAMAV_SOCKET:
name: ANTIVIRUS_CLAMAV_SOCKET
defaultValue: /run/clamav/clamd.ctl
type: string
description: The socket clamav is running on. Note the default value is an example
which needs adaption according your OS.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ANTIVIRUS_DEBUG_ADDR:
name: ANTIVIRUS_DEBUG_ADDR
defaultValue: 127.0.0.1:9277
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ANTIVIRUS_DEBUG_PPROF:
name: ANTIVIRUS_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ANTIVIRUS_DEBUG_SCAN_OUTCOME:
name: ANTIVIRUS_DEBUG_SCAN_OUTCOME
defaultValue: ""
type: string
description: 'A predefined outcome for virus scanning, FOR DEBUG PURPOSES ONLY!
(example values: ''found,infected'')'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ANTIVIRUS_DEBUG_TOKEN:
name: ANTIVIRUS_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ANTIVIRUS_DEBUG_ZPAGES:
name: ANTIVIRUS_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing in-memory
traces.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ANTIVIRUS_EVENTS_AUTH_PASSWORD:
name: OCIS_EVENTS_AUTH_PASSWORD;ANTIVIRUS_EVENTS_AUTH_PASSWORD
defaultValue: ""
type: string
description: The password to authenticate with the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ANTIVIRUS_EVENTS_AUTH_USERNAME:
name: OCIS_EVENTS_AUTH_USERNAME;ANTIVIRUS_EVENTS_AUTH_USERNAME
defaultValue: ""
type: string
description: The username to authenticate with the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ANTIVIRUS_EVENTS_CLUSTER:
name: OCIS_EVENTS_CLUSTER;ANTIVIRUS_EVENTS_CLUSTER
defaultValue: ocis-cluster
type: string
description: The clusterID of the event system. The event system is the message
queuing service. It is used as message broker for the microservice architecture.
Mandatory when using NATS as event system.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ANTIVIRUS_EVENTS_ENABLE_TLS:
name: OCIS_EVENTS_ENABLE_TLS;ANTIVIRUS_EVENTS_ENABLE_TLS
defaultValue: "false"
type: bool
description: Enable TLS for the connection to the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ANTIVIRUS_EVENTS_ENDPOINT:
name: OCIS_EVENTS_ENDPOINT;ANTIVIRUS_EVENTS_ENDPOINT
defaultValue: 127.0.0.1:9233
type: string
description: The address of the event system. The event system is the message queuing
service. It is used as message broker for the microservice architecture.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ANTIVIRUS_EVENTS_TLS_INSECURE:
name: OCIS_INSECURE;ANTIVIRUS_EVENTS_TLS_INSECURE
defaultValue: "false"
type: bool
description: Whether to verify the server TLS certificates.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ANTIVIRUS_EVENTS_TLS_ROOT_CA_CERTIFICATE:
name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;ANTIVIRUS_EVENTS_TLS_ROOT_CA_CERTIFICATE
defaultValue: ""
type: string
description: The root CA certificate used to validate the server's TLS certificate.
If provided ANTIVIRUS_EVENTS_TLS_INSECURE will be seen as false.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ANTIVIRUS_ICAP_SCAN_TIMEOUT:
name: ANTIVIRUS_ICAP_SCAN_TIMEOUT
defaultValue: 5m0s
type: Duration
description: Scan timeout for the ICAP client. Defaults to '5m' (5 minutes). See
the Environment Variable Types description for more details.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ANTIVIRUS_ICAP_SERVICE:
name: ANTIVIRUS_ICAP_SERVICE
defaultValue: avscan
type: string
description: The name of the ICAP service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ANTIVIRUS_ICAP_TIMEOUT:
name: ANTIVIRUS_ICAP_TIMEOUT
defaultValue: "0"
type: int64
description: Timeout for the ICAP client.
introductionVersion: pre5.0
deprecationVersion: "5.0"
removalVersion: '%%NEXT_PRODUCTION_VERSION%%'
deprecationInfo: Changing the envvar type for consistency reasons.
ANTIVIRUS_ICAP_URL:
name: ANTIVIRUS_ICAP_URL
defaultValue: icap://127.0.0.1:1344
type: string
description: URL of the ICAP server.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ANTIVIRUS_INFECTED_FILE_HANDLING:
name: ANTIVIRUS_INFECTED_FILE_HANDLING
defaultValue: delete
type: string
description: 'Defines the behaviour when a virus has been found. Supported options
are: ''delete'', ''continue'' and ''abort ''. Delete will delete the file. Continue
will mark the file as infected but continues further processing. Abort will keep
the file in the uploads folder for further admin inspection and will not move
it to its final destination.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ANTIVIRUS_LOG_COLOR:
name: OCIS_LOG_COLOR;ANTIVIRUS_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ANTIVIRUS_LOG_FILE:
name: OCIS_LOG_FILE;ANTIVIRUS_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ANTIVIRUS_LOG_LEVEL:
name: OCIS_LOG_LEVEL;ANTIVIRUS_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ANTIVIRUS_LOG_PRETTY:
name: OCIS_LOG_PRETTY;ANTIVIRUS_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ANTIVIRUS_MAX_SCAN_SIZE:
name: ANTIVIRUS_MAX_SCAN_SIZE
defaultValue: ""
type: string
description: 'The maximum scan size the virus scanner can handle. Only this many
bytes of a file will be scanned. 0 means unlimited and is the default. Usable
common abbreviations: [KB, KiB, MB, MiB, GB, GiB, TB, TiB, PB, PiB, EB, EiB],
example: 2GB.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ANTIVIRUS_SCANNER_TYPE:
name: ANTIVIRUS_SCANNER_TYPE
defaultValue: clamav
type: string
description: The antivirus scanner to use. Supported values are 'clamav' and 'icap'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ANTIVIRUS_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;ANTIVIRUS_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ANTIVIRUS_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;ANTIVIRUS_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ANTIVIRUS_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;ANTIVIRUS_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ANTIVIRUS_TRACING_TYPE:
name: OCIS_TRACING_TYPE;ANTIVIRUS_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
ANTIVIRUS_WORKERS:
name: ANTIVIRUS_WORKERS
defaultValue: "10"
type: int
description: The number of concurrent go routines that fetch events from the event
queue.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_PROVIDER_DEBUG_ADDR:
name: APP_PROVIDER_DEBUG_ADDR
defaultValue: 127.0.0.1:9165
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_PROVIDER_DEBUG_PPROF:
name: APP_PROVIDER_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_PROVIDER_DEBUG_TOKEN:
name: APP_PROVIDER_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_PROVIDER_DEBUG_ZPAGES:
name: APP_PROVIDER_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing traces
in-memory.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_PROVIDER_DRIVER:
name: APP_PROVIDER_DRIVER
defaultValue: ""
type: string
description: Driver, the APP PROVIDER services uses. Only 'wopi' is supported as
of now.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_PROVIDER_EXTERNAL_ADDR:
name: APP_PROVIDER_EXTERNAL_ADDR
defaultValue: ""
type: string
description: Address of the app provider, where the GATEWAY service can reach it.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_PROVIDER_GRPC_ADDR:
name: APP_PROVIDER_GRPC_ADDR
defaultValue: 127.0.0.1:9164
type: string
description: The bind address of the GRPC service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_PROVIDER_GRPC_PROTOCOL:
name: OCIS_GRPC_PROTOCOL;APP_PROVIDER_GRPC_PROTOCOL
defaultValue: tcp
type: string
description: The transport protocol of the GPRC service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_PROVIDER_JWT_SECRET:
name: OCIS_JWT_SECRET;APP_PROVIDER_JWT_SECRET
defaultValue: ""
type: string
description: The secret to mint and validate jwt tokens.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_PROVIDER_LOG_COLOR:
name: OCIS_LOG_COLOR;APP_PROVIDER_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_PROVIDER_LOG_FILE:
name: OCIS_LOG_FILE;APP_PROVIDER_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_PROVIDER_LOG_LEVEL:
name: OCIS_LOG_LEVEL;APP_PROVIDER_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_PROVIDER_LOG_PRETTY:
name: OCIS_LOG_PRETTY;APP_PROVIDER_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_PROVIDER_SERVICE_NAME:
name: APP_PROVIDER_SERVICE_NAME
defaultValue: app-provider
type: string
description: 'The name of the service. This needs to be changed when using more
than one app provider. Each app provider configured needs to be identified by
a unique service name. Possible examples are: ''app-provider-collabora'', ''app-provider-onlyoffice'',
''app-provider-office365''.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_PROVIDER_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;APP_PROVIDER_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_PROVIDER_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;APP_PROVIDER_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_PROVIDER_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;APP_PROVIDER_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_PROVIDER_TRACING_TYPE:
name: OCIS_TRACING_TYPE;APP_PROVIDER_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_PROVIDER_WOPI_APP_API_KEY:
name: APP_PROVIDER_WOPI_APP_API_KEY
defaultValue: ""
type: string
description: API key for the wopi app.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_PROVIDER_WOPI_APP_DESKTOP_ONLY:
name: APP_PROVIDER_WOPI_APP_DESKTOP_ONLY
defaultValue: "false"
type: bool
description: Offer this app only on desktop.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_PROVIDER_WOPI_APP_ICON_URI:
name: APP_PROVIDER_WOPI_APP_ICON_URI
defaultValue: ""
type: string
description: URI to an app icon to be used by clients.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_PROVIDER_WOPI_APP_INTERNAL_URL:
name: APP_PROVIDER_WOPI_APP_INTERNAL_URL
defaultValue: ""
type: string
description: Internal URL to the app, like in your DMZ.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_PROVIDER_WOPI_APP_NAME:
name: APP_PROVIDER_WOPI_APP_NAME
defaultValue: ""
type: string
description: Human readable app name.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_PROVIDER_WOPI_APP_URL:
name: APP_PROVIDER_WOPI_APP_URL
defaultValue: ""
type: string
description: URL for end users to access the app.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_PROVIDER_WOPI_DISABLE_CHAT:
name: APP_PROVIDER_WOPI_DISABLE_CHAT;OCIS_WOPI_DISABLE_CHAT
defaultValue: "false"
type: bool
description: Disable the chat functionality of the office app.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_PROVIDER_WOPI_FOLDER_URL_BASE_URL:
name: OCIS_URL;APP_PROVIDER_WOPI_FOLDER_URL_BASE_URL
defaultValue: https://localhost:9200/
type: string
description: Base url to navigate back from the app to the containing folder in
the file list.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_PROVIDER_WOPI_FOLDER_URL_PATH_TEMPLATE:
name: APP_PROVIDER_WOPI_FOLDER_URL_PATH_TEMPLATE
defaultValue: /f/{{.ResourceID}}
type: string
description: Path template to navigate back from the app to the containing folder
in the file list. Supported template variables are {{.ResourceInfo.ResourceID}},
{{.ResourceInfo.Mtime.Seconds}}, {{.ResourceInfo.Name}}, {{.ResourceInfo.Path}},
{{.ResourceInfo.Type}}, {{.ResourceInfo.Id.SpaceId}}, {{.ResourceInfo.Id.StorageId}},
{{.ResourceInfo.Id.OpaqueId}}, {{.ResourceInfo.MimeType}}
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_PROVIDER_WOPI_INSECURE:
name: APP_PROVIDER_WOPI_INSECURE
defaultValue: "false"
type: bool
description: Disable TLS certificate validation for requests to the WOPI server
and the web office application. Do not set this in production environments.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_PROVIDER_WOPI_WOPI_SERVER_EXTERNAL_URL:
name: APP_PROVIDER_WOPI_WOPI_SERVER_EXTERNAL_URL
defaultValue: ""
type: string
description: External url of the CS3org WOPI server.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_PROVIDER_WOPI_WOPI_SERVER_IOP_SECRET:
name: APP_PROVIDER_WOPI_WOPI_SERVER_IOP_SECRET
defaultValue: ""
type: string
description: Shared secret of the CS3org WOPI server.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_REGISTRY_DEBUG_ADDR:
name: APP_REGISTRY_DEBUG_ADDR
defaultValue: 127.0.0.1:9243
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_REGISTRY_DEBUG_PPROF:
name: APP_REGISTRY_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_REGISTRY_DEBUG_TOKEN:
name: APP_REGISTRY_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_REGISTRY_DEBUG_ZPAGES:
name: APP_REGISTRY_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing in-memory
traces.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_REGISTRY_GRPC_ADDR:
name: APP_REGISTRY_GRPC_ADDR
defaultValue: 127.0.0.1:9242
type: string
description: The bind address of the GRPC service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_REGISTRY_GRPC_PROTOCOL:
name: OCIS_GRPC_PROTOCOL;APP_REGISTRY_GRPC_PROTOCOL
defaultValue: tcp
type: string
description: The transport protocol of the GRPC service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_REGISTRY_JWT_SECRET:
name: OCIS_JWT_SECRET;APP_REGISTRY_JWT_SECRET
defaultValue: ""
type: string
description: The secret to mint and validate jwt tokens.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_REGISTRY_LOG_COLOR:
name: OCIS_LOG_COLOR;APP_REGISTRY_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_REGISTRY_LOG_FILE:
name: OCIS_LOG_FILE;APP_REGISTRY_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_REGISTRY_LOG_LEVEL:
name: OCIS_LOG_LEVEL;APP_REGISTRY_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_REGISTRY_LOG_PRETTY:
name: OCIS_LOG_PRETTY;APP_REGISTRY_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_REGISTRY_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;APP_REGISTRY_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_REGISTRY_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;APP_REGISTRY_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_REGISTRY_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;APP_REGISTRY_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
APP_REGISTRY_TRACING_TYPE:
name: OCIS_TRACING_TYPE;APP_REGISTRY_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUDIT_DEBUG_ADDR:
name: AUDIT_DEBUG_ADDR
defaultValue: 127.0.0.1:9229
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUDIT_DEBUG_PPROF:
name: AUDIT_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUDIT_DEBUG_TOKEN:
name: AUDIT_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUDIT_DEBUG_ZPAGES:
name: AUDIT_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing in-memory
traces.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUDIT_EVENTS_AUTH_PASSWORD:
name: OCIS_EVENTS_AUTH_PASSWORD;AUDIT_EVENTS_AUTH_PASSWORD
defaultValue: ""
type: string
description: The password to authenticate with the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUDIT_EVENTS_AUTH_USERNAME:
name: OCIS_EVENTS_AUTH_USERNAME;AUDIT_EVENTS_AUTH_USERNAME
defaultValue: ""
type: string
description: The username to authenticate with the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUDIT_EVENTS_CLUSTER:
name: OCIS_EVENTS_CLUSTER;AUDIT_EVENTS_CLUSTER
defaultValue: ocis-cluster
type: string
description: The clusterID of the event system. The event system is the message
queuing service. It is used as message broker for the microservice architecture.
Mandatory when using NATS as event system.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUDIT_EVENTS_ENABLE_TLS:
name: OCIS_EVENTS_ENABLE_TLS;AUDIT_EVENTS_ENABLE_TLS
defaultValue: "false"
type: bool
description: Enable TLS for the connection to the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUDIT_EVENTS_ENDPOINT:
name: OCIS_EVENTS_ENDPOINT;AUDIT_EVENTS_ENDPOINT
defaultValue: 127.0.0.1:9233
type: string
description: The address of the event system. The event system is the message queuing
service. It is used as message broker for the microservice architecture.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUDIT_EVENTS_TLS_INSECURE:
name: OCIS_INSECURE;AUDIT_EVENTS_TLS_INSECURE
defaultValue: "false"
type: bool
description: Whether to verify the server TLS certificates.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUDIT_EVENTS_TLS_ROOT_CA_CERTIFICATE:
name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;AUDIT_EVENTS_TLS_ROOT_CA_CERTIFICATE
defaultValue: ""
type: string
description: The root CA certificate used to validate the server's TLS certificate.
If provided AUDIT_EVENTS_TLS_INSECURE will be seen as false.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUDIT_FILEPATH:
name: AUDIT_FILEPATH
defaultValue: ""
type: string
description: Filepath of the logfile. Mandatory if LOG_TO_FILE is set to 'true'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUDIT_FORMAT:
name: AUDIT_FORMAT
defaultValue: json
type: string
description: Log format. Supported values are '' (empty) and 'json'. Using 'json'
is advised, '' (empty) renders the 'minimal' format. See the text description
for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUDIT_LOG_COLOR:
name: OCIS_LOG_COLOR;AUDIT_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUDIT_LOG_FILE:
name: OCIS_LOG_FILE;AUDIT_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUDIT_LOG_LEVEL:
name: OCIS_LOG_LEVEL;AUDIT_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUDIT_LOG_PRETTY:
name: OCIS_LOG_PRETTY;AUDIT_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUDIT_LOG_TO_CONSOLE:
name: AUDIT_LOG_TO_CONSOLE
defaultValue: "true"
type: bool
description: Logs to stdout if set to 'true'. Independent of the LOG_TO_FILE option.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUDIT_LOG_TO_FILE:
name: AUDIT_LOG_TO_FILE
defaultValue: "false"
type: bool
description: Logs to file if set to 'true'. Independent of the LOG_TO_CONSOLE option.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUDIT_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;AUDIT_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUDIT_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;AUDIT_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUDIT_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;AUDIT_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUDIT_TRACING_TYPE:
name: OCIS_TRACING_TYPE;AUDIT_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_APP_CORS_ALLOW_CREDENTIALS:
name: OCIS_CORS_ALLOW_CREDENTIALS;AUTH_APP_CORS_ALLOW_CREDENTIALS
defaultValue: "true"
type: bool
description: 'Allow credentials for CORS.See following chapter for more details:
*Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_APP_CORS_ALLOW_HEADERS:
name: OCIS_CORS_ALLOW_HEADERS;AUTH_APP_CORS_ALLOW_HEADERS
defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id
Ocs-Apirequest]'
type: '[]string'
description: 'A list of allowed CORS headers. See following chapter for more details:
*Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_APP_CORS_ALLOW_METHODS:
name: OCIS_CORS_ALLOW_METHODS;AUTH_APP_CORS_ALLOW_METHODS
defaultValue: '[GET POST DELETE]'
type: '[]string'
description: 'A list of allowed CORS methods. See following chapter for more details:
*Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_APP_CORS_ALLOW_ORIGINS:
name: OCIS_CORS_ALLOW_ORIGINS;AUTH_APP_CORS_ALLOW_ORIGINS
defaultValue: '[*]'
type: '[]string'
description: 'A list of allowed CORS origins. See following chapter for more details:
*Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_APP_DEBUG_ADDR:
name: AUTH_APP_DEBUG_ADDR
defaultValue: 127.0.0.1:9245
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_APP_DEBUG_PPROF:
name: AUTH_APP_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_APP_DEBUG_TOKEN:
name: AUTH_APP_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_APP_DEBUG_ZPAGES:
name: AUTH_APP_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing traces
in-memory.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_APP_ENABLE_IMPERSONATION:
name: AUTH_APP_ENABLE_IMPERSONATION
defaultValue: "false"
type: bool
description: Allows admins to create app tokens for other users. Used for migration.
Do NOT use in productive deployments.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_APP_GRPC_ADDR:
name: AUTH_APP_GRPC_ADDR
defaultValue: 127.0.0.1:9246
type: string
description: The bind address of the GRPC service.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_APP_GRPC_PROTOCOL:
name: OCIS_GRPC_PROTOCOL;AUTH_APP_GRPC_PROTOCOL
defaultValue: tcp
type: string
description: The transport protocol of the GRPC service.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_APP_HTTP_ADDR:
name: AUTH_APP_HTTP_ADDR
defaultValue: 127.0.0.1:9247
type: string
description: The bind address of the HTTP service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_APP_HTTP_ROOT:
name: AUTH_APP_HTTP_ROOT
defaultValue: /
type: string
description: Subdirectory that serves as the root for this HTTP service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_APP_JWT_SECRET:
name: OCIS_JWT_SECRET;AUTH_APP_JWT_SECRET
defaultValue: ""
type: string
description: The secret to mint and validate jwt tokens.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_APP_LOG_COLOR:
name: OCIS_LOG_COLOR;AUTH_APP_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_APP_LOG_FILE:
name: OCIS_LOG_FILE;AUTH_APP_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_APP_LOG_LEVEL:
name: OCIS_LOG_LEVEL;AUTH_APP_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_APP_LOG_PRETTY:
name: OCIS_LOG_PRETTY;AUTH_APP_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_APP_MACHINE_AUTH_API_KEY:
name: OCIS_MACHINE_AUTH_API_KEY;AUTH_APP_MACHINE_AUTH_API_KEY
defaultValue: ""
type: string
description: The machine auth API key used to validate internal requests necessary
to access resources from other services.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_APP_SKIP_USER_GROUPS_IN_TOKEN:
name: AUTH_APP_SKIP_USER_GROUPS_IN_TOKEN
defaultValue: "false"
type: bool
description: Disables the encoding of the user's group memberships in the access
token. This reduces the token size, especially when users are members of a large
number of groups.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_APP_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;AUTH_APP_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_APP_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;AUTH_APP_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_APP_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;AUTH_APP_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_APP_TRACING_TYPE:
name: OCIS_TRACING_TYPE;AUTH_APP_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_AUTH_MANAGER:
name: AUTH_BASIC_AUTH_MANAGER
defaultValue: ldap
type: string
description: The authentication manager to check if credentials are valid. Supported
value is 'ldap'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_DEBUG_ADDR:
name: AUTH_BASIC_DEBUG_ADDR
defaultValue: 127.0.0.1:9147
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_DEBUG_PPROF:
name: AUTH_BASIC_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_DEBUG_TOKEN:
name: AUTH_BASIC_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_DEBUG_ZPAGES:
name: AUTH_BASIC_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing traces
in-memory.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_DISABLE_USER_MECHANISM:
name: OCIS_LDAP_DISABLE_USER_MECHANISM;AUTH_BASIC_DISABLE_USER_MECHANISM
defaultValue: attribute
type: string
description: An option to control the behavior for disabling users. Valid options
are 'none', 'attribute' and 'group'. If set to 'group', disabling a user via API
will add the user to the configured group for disabled users, if set to 'attribute'
this will be done in the ldap user entry, if set to 'none' the disable request
is not processed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_DISABLED_USERS_GROUP_DN:
name: OCIS_LDAP_DISABLED_USERS_GROUP_DN;AUTH_BASIC_DISABLED_USERS_GROUP_DN
defaultValue: cn=DisabledUsersGroup,ou=groups,o=libregraph-idm
type: string
description: The distinguished name of the group to which added users will be classified
as disabled when 'disable_user_mechanism' is set to 'group'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_GRPC_ADDR:
name: AUTH_BASIC_GRPC_ADDR
defaultValue: 127.0.0.1:9146
type: string
description: The bind address of the GRPC service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_GRPC_PROTOCOL:
name: OCIS_GRPC_PROTOCOL;AUTH_BASIC_GRPC_PROTOCOL
defaultValue: tcp
type: string
description: The transport protocol of the GRPC service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_IDP_URL:
name: OCIS_URL;OCIS_OIDC_ISSUER;AUTH_BASIC_IDP_URL
defaultValue: https://localhost:9200
type: string
description: The identity provider value to set in the userids of the CS3 user objects
for users returned by this user provider.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_JWT_SECRET:
name: OCIS_JWT_SECRET;AUTH_BASIC_JWT_SECRET
defaultValue: ""
type: string
description: The secret to mint and validate jwt tokens.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_LDAP_BIND_DN:
name: OCIS_LDAP_BIND_DN;AUTH_BASIC_LDAP_BIND_DN
defaultValue: uid=reva,ou=sysusers,o=libregraph-idm
type: string
description: LDAP DN to use for simple bind authentication with the target LDAP
server.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_LDAP_BIND_PASSWORD:
name: OCIS_LDAP_BIND_PASSWORD;AUTH_BASIC_LDAP_BIND_PASSWORD
defaultValue: ""
type: string
description: Password to use for authenticating the 'bind_dn'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_LDAP_CACERT:
name: OCIS_LDAP_CACERT;AUTH_BASIC_LDAP_CACERT
defaultValue: /var/lib/ocis/idm/ldap.crt
type: string
description: Path/File name for the root CA certificate (in PEM format) used to
validate TLS server certificates of the LDAP service. If not defined, the root
directory derives from $OCIS_BASE_DATA_PATH/idm.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_LDAP_GROUP_BASE_DN:
name: OCIS_LDAP_GROUP_BASE_DN;AUTH_BASIC_LDAP_GROUP_BASE_DN
defaultValue: ou=groups,o=libregraph-idm
type: string
description: Search base DN for looking up LDAP groups.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_LDAP_GROUP_FILTER:
name: OCIS_LDAP_GROUP_FILTER;AUTH_BASIC_LDAP_GROUP_FILTER
defaultValue: ""
type: string
description: LDAP filter to add to the default filters for group searches.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_LDAP_GROUP_OBJECTCLASS:
name: OCIS_LDAP_GROUP_OBJECTCLASS;AUTH_BASIC_LDAP_GROUP_OBJECTCLASS
defaultValue: groupOfNames
type: string
description: The object class to use for groups in the default group search filter
('groupOfNames').
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_LDAP_GROUP_SCHEMA_DISPLAYNAME:
name: OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME;AUTH_BASIC_LDAP_GROUP_SCHEMA_DISPLAYNAME
defaultValue: cn
type: string
description: LDAP Attribute to use for the displayname of groups (often the same
as groupname attribute).
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_LDAP_GROUP_SCHEMA_GROUPNAME:
name: OCIS_LDAP_GROUP_SCHEMA_GROUPNAME;AUTH_BASIC_LDAP_GROUP_SCHEMA_GROUPNAME
defaultValue: cn
type: string
description: LDAP Attribute to use for the name of groups.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_LDAP_GROUP_SCHEMA_ID:
name: OCIS_LDAP_GROUP_SCHEMA_ID;AUTH_BASIC_LDAP_GROUP_SCHEMA_ID
defaultValue: ownclouduuid
type: string
description: LDAP Attribute to use as the unique id for groups. This should be a
stable globally unique id (e.g. a UUID).
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING:
name: OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;AUTH_BASIC_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING
defaultValue: "false"
type: bool
description: Set this to true if the defined 'id' attribute for groups is of the
'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute
of Active Directory for the group IDs.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_LDAP_GROUP_SCHEMA_MAIL:
name: OCIS_LDAP_GROUP_SCHEMA_MAIL;AUTH_BASIC_LDAP_GROUP_SCHEMA_MAIL
defaultValue: mail
type: string
description: LDAP Attribute to use for the email address of groups (can be empty).
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_LDAP_GROUP_SCHEMA_MEMBER:
name: OCIS_LDAP_GROUP_SCHEMA_MEMBER;AUTH_BASIC_LDAP_GROUP_SCHEMA_MEMBER
defaultValue: member
type: string
description: LDAP Attribute that is used for group members.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_LDAP_GROUP_SCOPE:
name: OCIS_LDAP_GROUP_SCOPE;AUTH_BASIC_LDAP_GROUP_SCOPE
defaultValue: sub
type: string
description: LDAP search scope to use when looking up groups. Supported values are
'base', 'one' and 'sub'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_LDAP_INSECURE:
name: OCIS_LDAP_INSECURE;AUTH_BASIC_LDAP_INSECURE
defaultValue: "false"
type: bool
description: Disable TLS certificate validation for the LDAP connections. Do not
set this in production environments.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_LDAP_LOGIN_ATTRIBUTES:
name: LDAP_LOGIN_ATTRIBUTES;AUTH_BASIC_LDAP_LOGIN_ATTRIBUTES
defaultValue: '[uid]'
type: '[]string'
description: A list of user object attributes that can be used for login. See the
Environment Variable Types description for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_LDAP_URI:
name: OCIS_LDAP_URI;AUTH_BASIC_LDAP_URI
defaultValue: ldaps://localhost:9235
type: string
description: URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://'
and 'ldap://'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_LDAP_USER_BASE_DN:
name: OCIS_LDAP_USER_BASE_DN;AUTH_BASIC_LDAP_USER_BASE_DN
defaultValue: ou=users,o=libregraph-idm
type: string
description: Search base DN for looking up LDAP users.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_LDAP_USER_ENABLED_ATTRIBUTE:
name: OCIS_LDAP_USER_ENABLED_ATTRIBUTE;AUTH_BASIC_LDAP_USER_ENABLED_ATTRIBUTE
defaultValue: ownCloudUserEnabled
type: string
description: LDAP attribute to use as a flag telling if the user is enabled or disabled.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_LDAP_USER_FILTER:
name: OCIS_LDAP_USER_FILTER;AUTH_BASIC_LDAP_USER_FILTER
defaultValue: ""
type: string
description: LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_LDAP_USER_OBJECTCLASS:
name: OCIS_LDAP_USER_OBJECTCLASS;AUTH_BASIC_LDAP_USER_OBJECTCLASS
defaultValue: inetOrgPerson
type: string
description: The object class to use for users in the default user search filter
('inetOrgPerson').
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_LDAP_USER_SCHEMA_DISPLAYNAME:
name: OCIS_LDAP_USER_SCHEMA_DISPLAYNAME;AUTH_BASIC_LDAP_USER_SCHEMA_DISPLAYNAME
defaultValue: displayname
type: string
description: LDAP Attribute to use for the displayname of users.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_LDAP_USER_SCHEMA_ID:
name: OCIS_LDAP_USER_SCHEMA_ID;AUTH_BASIC_LDAP_USER_SCHEMA_ID
defaultValue: ownclouduuid
type: string
description: LDAP Attribute to use as the unique ID for users. This should be a
stable globally unique ID like a UUID.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING:
name: OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;AUTH_BASIC_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING
defaultValue: "false"
type: bool
description: Set this to true if the defined 'ID' attribute for users is of the
'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute
of Active Directory for the user IDs.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_LDAP_USER_SCHEMA_MAIL:
name: OCIS_LDAP_USER_SCHEMA_MAIL;AUTH_BASIC_LDAP_USER_SCHEMA_MAIL
defaultValue: mail
type: string
description: LDAP Attribute to use for the email address of users.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_LDAP_USER_SCHEMA_USERNAME:
name: OCIS_LDAP_USER_SCHEMA_USERNAME;AUTH_BASIC_LDAP_USER_SCHEMA_USERNAME
defaultValue: uid
type: string
description: LDAP Attribute to use for username of users.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_LDAP_USER_SCOPE:
name: OCIS_LDAP_USER_SCOPE;AUTH_BASIC_LDAP_USER_SCOPE
defaultValue: sub
type: string
description: LDAP search scope to use when looking up users. Supported values are
'base', 'one' and 'sub'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_LOG_COLOR:
name: OCIS_LOG_COLOR;AUTH_BASIC_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_LOG_FILE:
name: OCIS_LOG_FILE;AUTH_BASIC_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_LOG_LEVEL:
name: OCIS_LOG_LEVEL;AUTH_BASIC_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_LOG_PRETTY:
name: OCIS_LOG_PRETTY;AUTH_BASIC_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_OWNCLOUDSQL_DB_HOST:
name: AUTH_BASIC_OWNCLOUDSQL_DB_HOST
defaultValue: mysql
type: string
description: Hostname of the database server.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_OWNCLOUDSQL_DB_NAME:
name: AUTH_BASIC_OWNCLOUDSQL_DB_NAME
defaultValue: owncloud
type: string
description: Name of the owncloud database.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_OWNCLOUDSQL_DB_PASSWORD:
name: AUTH_BASIC_OWNCLOUDSQL_DB_PASSWORD
defaultValue: ""
type: string
description: Password for the database user.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_OWNCLOUDSQL_DB_PORT:
name: AUTH_BASIC_OWNCLOUDSQL_DB_PORT
defaultValue: "3306"
type: int
description: Network port to use for the database connection.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_OWNCLOUDSQL_DB_USERNAME:
name: AUTH_BASIC_OWNCLOUDSQL_DB_USERNAME
defaultValue: owncloud
type: string
description: Database user to use for authenticating with the owncloud database.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_OWNCLOUDSQL_IDP:
name: AUTH_BASIC_OWNCLOUDSQL_IDP
defaultValue: https://localhost:9200
type: string
description: The identity provider value to set in the userids of the CS3 user objects
for users returned by this user provider.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_OWNCLOUDSQL_JOIN_OWNCLOUD_UUID:
name: AUTH_BASIC_OWNCLOUDSQL_JOIN_OWNCLOUD_UUID
defaultValue: "false"
type: bool
description: Join the user properties table to read user ID's.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_OWNCLOUDSQL_JOIN_USERNAME:
name: AUTH_BASIC_OWNCLOUDSQL_JOIN_USERNAME
defaultValue: "false"
type: bool
description: Join the user properties table to read usernames
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_OWNCLOUDSQL_NOBODY:
name: AUTH_BASIC_OWNCLOUDSQL_NOBODY
defaultValue: "90"
type: int64
description: Fallback number if no numeric UID and GID properties are provided.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_SKIP_USER_GROUPS_IN_TOKEN:
name: AUTH_BASIC_SKIP_USER_GROUPS_IN_TOKEN
defaultValue: "false"
type: bool
description: Disables the encoding of the user's group memberships in the reva access
token. This reduces the token size, especially when users are members of a large
number of groups.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;AUTH_BASIC_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;AUTH_BASIC_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;AUTH_BASIC_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BASIC_TRACING_TYPE:
name: OCIS_TRACING_TYPE;AUTH_BASIC_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BEARER_DEBUG_ADDR:
name: AUTH_BEARER_DEBUG_ADDR
defaultValue: 127.0.0.1:9149
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BEARER_DEBUG_PPROF:
name: AUTH_BEARER_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BEARER_DEBUG_TOKEN:
name: AUTH_BEARER_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BEARER_DEBUG_ZPAGES:
name: AUTH_BEARER_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing in-memory
traces.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BEARER_GRPC_ADDR:
name: AUTH_BEARER_GRPC_ADDR
defaultValue: 127.0.0.1:9148
type: string
description: The bind address of the GRPC service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BEARER_GRPC_PROTOCOL:
name: OCIS_GRPC_PROTOCOL;AUTH_BEARER_GRPC_PROTOCOL
defaultValue: tcp
type: string
description: The transport protocol of the GRPC service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BEARER_JWT_SECRET:
name: OCIS_JWT_SECRET;AUTH_BEARER_JWT_SECRET
defaultValue: ""
type: string
description: The secret to mint and validate jwt tokens.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BEARER_LOG_COLOR:
name: OCIS_LOG_COLOR;AUTH_BEARER_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BEARER_LOG_FILE:
name: OCIS_LOG_FILE;AUTH_BEARER_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BEARER_LOG_LEVEL:
name: OCIS_LOG_LEVEL;AUTH_BEARER_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BEARER_LOG_PRETTY:
name: OCIS_LOG_PRETTY;AUTH_BEARER_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BEARER_OIDC_GID_CLAIM:
name: AUTH_BEARER_OIDC_GID_CLAIM
defaultValue: ""
type: string
description: Name of the claim, which holds the GID.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BEARER_OIDC_ID_CLAIM:
name: AUTH_BEARER_OIDC_ID_CLAIM
defaultValue: preferred_username
type: string
description: Name of the claim, which holds the user identifier.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BEARER_OIDC_INSECURE:
name: OCIS_INSECURE;AUTH_BEARER_OIDC_INSECURE
defaultValue: "false"
type: bool
description: Allow insecure connections to the OIDC issuer.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BEARER_OIDC_ISSUER:
name: OCIS_URL;OCIS_OIDC_ISSUER;AUTH_BEARER_OIDC_ISSUER
defaultValue: https://localhost:9200
type: string
description: URL of the OIDC issuer. It defaults to URL of the builtin IDP.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BEARER_OIDC_UID_CLAIM:
name: AUTH_BEARER_OIDC_UID_CLAIM
defaultValue: ""
type: string
description: Name of the claim, which holds the UID.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BEARER_SKIP_USER_GROUPS_IN_TOKEN:
name: AUTH_BEARER_SKIP_USER_GROUPS_IN_TOKEN
defaultValue: "false"
type: bool
description: Disables the encoding of the user's group memberships in the reva access
token. This reduces the token size, especially when users are members of a large
number of groups.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BEARER_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;AUTH_BEARER_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BEARER_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;AUTH_BEARER_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BEARER_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;AUTH_BEARER_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_BEARER_TRACING_TYPE:
name: OCIS_TRACING_TYPE;AUTH_BEARER_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_MACHINE_API_KEY:
name: OCIS_MACHINE_AUTH_API_KEY;AUTH_MACHINE_API_KEY
defaultValue: ""
type: string
description: Machine auth API key used to validate internal requests necessary for
the access to resources from other services.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_MACHINE_DEBUG_ADDR:
name: AUTH_MACHINE_DEBUG_ADDR
defaultValue: 127.0.0.1:9167
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_MACHINE_DEBUG_PPROF:
name: AUTH_MACHINE_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_MACHINE_DEBUG_TOKEN:
name: AUTH_MACHINE_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_MACHINE_DEBUG_ZPAGES:
name: AUTH_MACHINE_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing in-memory
traces.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_MACHINE_GRPC_ADDR:
name: AUTH_MACHINE_GRPC_ADDR
defaultValue: 127.0.0.1:9166
type: string
description: The bind address of the GRPC service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_MACHINE_GRPC_PROTOCOL:
name: OCIS_GRPC_PROTOCOL;AUTH_MACHINE_GRPC_PROTOCOL
defaultValue: tcp
type: string
description: The transport protocol of the GRPC service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_MACHINE_JWT_SECRET:
name: OCIS_JWT_SECRET;AUTH_MACHINE_JWT_SECRET
defaultValue: ""
type: string
description: The secret to mint and validate jwt tokens.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_MACHINE_LOG_COLOR:
name: OCIS_LOG_COLOR;AUTH_MACHINE_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_MACHINE_LOG_FILE:
name: OCIS_LOG_FILE;AUTH_MACHINE_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_MACHINE_LOG_LEVEL:
name: OCIS_LOG_LEVEL;AUTH_MACHINE_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_MACHINE_LOG_PRETTY:
name: OCIS_LOG_PRETTY;AUTH_MACHINE_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_MACHINE_SKIP_USER_GROUPS_IN_TOKEN:
name: AUTH_MACHINE_SKIP_USER_GROUPS_IN_TOKEN
defaultValue: "false"
type: bool
description: Disables the encoding of the user's group memberships in the reva access
token. This reduces the token size, especially when users are members of a large
number of groups.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_MACHINE_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;AUTH_MACHINE_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_MACHINE_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;AUTH_MACHINE_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_MACHINE_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;AUTH_MACHINE_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_MACHINE_TRACING_TYPE:
name: OCIS_TRACING_TYPE;AUTH_MACHINE_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_SERVICE_DEBUG_ADDR:
name: AUTH_SERVICE_DEBUG_ADDR
defaultValue: 127.0.0.1:9198
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_SERVICE_DEBUG_PPROF:
name: AUTH_SERVICE_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_SERVICE_DEBUG_TOKEN:
name: AUTH_SERVICE_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_SERVICE_DEBUG_ZPAGES:
name: AUTH_SERVICE_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing in-memory
traces.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_SERVICE_GRPC_ADDR:
name: AUTH_SERVICE_GRPC_ADDR
defaultValue: 127.0.0.1:9199
type: string
description: The bind address of the GRPC service.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_SERVICE_GRPC_PROTOCOL:
name: OCIS_GRPC_PROTOCOL;AUTH_SERVICE_GRPC_PROTOCOL
defaultValue: tcp
type: string
description: The transport protocol of the GRPC service.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_SERVICE_JWT_SECRET:
name: OCIS_JWT_SECRET;AUTH_SERVICE_JWT_SECRET
defaultValue: ""
type: string
description: The secret to mint and validate jwt tokens.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_SERVICE_LOG_COLOR:
name: OCIS_LOG_COLOR;AUTH_SERVICE_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_SERVICE_LOG_FILE:
name: OCIS_LOG_FILE;AUTH_SERVICE_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_SERVICE_LOG_LEVEL:
name: OCIS_LOG_LEVEL;AUTH_SERVICE_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_SERVICE_LOG_PRETTY:
name: OCIS_LOG_PRETTY;AUTH_SERVICE_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_SERVICE_SERVICE_ACCOUNT_ID:
name: OCIS_SERVICE_ACCOUNT_ID;AUTH_SERVICE_SERVICE_ACCOUNT_ID
defaultValue: ""
type: string
description: The ID of the service account the service should use. See the 'auth-service'
service description for more details.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_SERVICE_SERVICE_ACCOUNT_SECRET:
name: OCIS_SERVICE_ACCOUNT_SECRET;AUTH_SERVICE_SERVICE_ACCOUNT_SECRET
defaultValue: ""
type: string
description: The service account secret.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_SERVICE_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;AUTH_SERVICE_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_SERVICE_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;AUTH_SERVICE_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_SERVICE_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;AUTH_SERVICE_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
AUTH_SERVICE_TRACING_TYPE:
name: OCIS_TRACING_TYPE;AUTH_SERVICE_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
CLIENTLOG_DEBUG_ADDR:
name: CLIENTLOG_DEBUG_ADDR
defaultValue: 127.0.0.1:9260
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
CLIENTLOG_DEBUG_PPROF:
name: CLIENTLOG_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
CLIENTLOG_DEBUG_TOKEN:
name: CLIENTLOG_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
CLIENTLOG_DEBUG_ZPAGES:
name: CLIENTLOG_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing in-memory
traces.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
CLIENTLOG_EVENTS_AUTH_PASSWORD:
name: OCIS_EVENTS_AUTH_PASSWORD;CLIENTLOG_EVENTS_AUTH_PASSWORD
defaultValue: ""
type: string
description: The password to authenticate with the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
CLIENTLOG_EVENTS_AUTH_USERNAME:
name: OCIS_EVENTS_AUTH_USERNAME;CLIENTLOG_EVENTS_AUTH_USERNAME
defaultValue: ""
type: string
description: The username to authenticate with the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
CLIENTLOG_EVENTS_CLUSTER:
name: OCIS_EVENTS_CLUSTER;CLIENTLOG_EVENTS_CLUSTER
defaultValue: ocis-cluster
type: string
description: The clusterID of the event system. The event system is the message
queuing service. It is used as message broker for the microservice architecture.
Mandatory when using NATS as event system.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
CLIENTLOG_EVENTS_ENABLE_TLS:
name: OCIS_EVENTS_ENABLE_TLS;CLIENTLOG_EVENTS_ENABLE_TLS
defaultValue: "false"
type: bool
description: Enable TLS for the connection to the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
CLIENTLOG_EVENTS_ENDPOINT:
name: OCIS_EVENTS_ENDPOINT;CLIENTLOG_EVENTS_ENDPOINT
defaultValue: 127.0.0.1:9233
type: string
description: The address of the event system. The event system is the message queuing
service. It is used as message broker for the microservice architecture.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
CLIENTLOG_EVENTS_TLS_INSECURE:
name: OCIS_INSECURE;CLIENTLOG_EVENTS_TLS_INSECURE
defaultValue: "false"
type: bool
description: Whether to verify the server TLS certificates.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
CLIENTLOG_EVENTS_TLS_ROOT_CA_CERTIFICATE:
name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;CLIENTLOG_EVENTS_TLS_ROOT_CA_CERTIFICATE
defaultValue: ""
type: string
description: The root CA certificate used to validate the server's TLS certificate.
If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
CLIENTLOG_JWT_SECRET:
name: OCIS_JWT_SECRET;CLIENTLOG_JWT_SECRET
defaultValue: ""
type: string
description: The secret to mint and validate jwt tokens.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
CLIENTLOG_REVA_GATEWAY:
name: OCIS_REVA_GATEWAY;CLIENTLOG_REVA_GATEWAY
defaultValue: com.owncloud.api.gateway
type: string
description: CS3 gateway used to look up user metadata
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
CLIENTLOG_SERVICE_ACCOUNT_ID:
name: OCIS_SERVICE_ACCOUNT_ID;CLIENTLOG_SERVICE_ACCOUNT_ID
defaultValue: ""
type: string
description: The ID of the service account the service should use. See the 'auth-service'
service description for more details.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
CLIENTLOG_SERVICE_ACCOUNT_SECRET:
name: OCIS_SERVICE_ACCOUNT_SECRET;CLIENTLOG_SERVICE_ACCOUNT_SECRET
defaultValue: ""
type: string
description: The service account secret.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
CLIENTLOG_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;CLIENTLOG_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
CLIENTLOG_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;CLIENTLOG_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
CLIENTLOG_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;CLIENTLOG_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
CLIENTLOG_TRACING_TYPE:
name: OCIS_TRACING_TYPE;CLIENTLOG_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
CLIENTLOG_USERLOG_LOG_COLOR:
name: OCIS_LOG_COLOR;CLIENTLOG_USERLOG_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
CLIENTLOG_USERLOG_LOG_FILE:
name: OCIS_LOG_FILE;CLIENTLOG_USERLOG_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
CLIENTLOG_USERLOG_LOG_LEVEL:
name: OCIS_LOG_LEVEL;CLIENTLOG_USERLOG_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
CLIENTLOG_USERLOG_LOG_PRETTY:
name: OCIS_LOG_PRETTY;CLIENTLOG_USERLOG_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_APP_ADDR:
name: COLLABORATION_APP_ADDR
defaultValue: https://127.0.0.1:9980
type: string
description: The URL where the WOPI app is located, such as https://127.0.0.1:8080.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_APP_DESCRIPTION:
name: COLLABORATION_APP_DESCRIPTION
defaultValue: Open office documents with Collabora
type: string
description: App description
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_APP_ICON:
name: COLLABORATION_APP_ICON
defaultValue: image-edit
type: string
description: Icon for the app
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_APP_INSECURE:
name: COLLABORATION_APP_INSECURE
defaultValue: "false"
type: bool
description: Skip TLS certificate verification when connecting to the WOPI app
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_APP_LICENSE_CHECK_ENABLE:
name: COLLABORATION_APP_LICENSE_CHECK_ENABLE
defaultValue: "false"
type: bool
description: Enable license checking to edit files. Needs to be enabled when using
Microsoft365 with the business flow.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_APP_LOCKNAME:
name: COLLABORATION_APP_LOCKNAME
defaultValue: com.github.owncloud.collaboration
type: string
description: Name for the app lock
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_APP_NAME:
name: COLLABORATION_APP_NAME
defaultValue: Collabora
type: string
description: The name of the app which is shown to the user. You can chose freely
but you are limited to a single word without special characters or whitespaces.
We recommend to use pascalCase like 'CollaboraOnline'.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_APP_PRODUCT:
name: COLLABORATION_APP_PRODUCT
defaultValue: Collabora
type: string
description: The WebOffice app, either Collabora, OnlyOffice, Microsoft365 or MicrosoftOfficeOnline.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_APP_PROOF_DISABLE:
name: COLLABORATION_APP_PROOF_DISABLE
defaultValue: "false"
type: bool
description: Disable the proof keys verification
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_APP_PROOF_DURATION:
name: COLLABORATION_APP_PROOF_DURATION
defaultValue: 12h
type: string
description: Duration for the proof keys to be cached in memory, using time.ParseDuration
format. If the duration can't be parsed, we'll use the default 12h as duration
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_CS3API_DATAGATEWAY_INSECURE:
name: COLLABORATION_CS3API_DATAGATEWAY_INSECURE
defaultValue: "false"
type: bool
description: Connect to the CS3API data gateway insecurely.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_CS3API_GATEWAY_NAME:
name: OCIS_REVA_GATEWAY;COLLABORATION_CS3API_GATEWAY_NAME
defaultValue: com.owncloud.api.gateway
type: string
description: CS3 gateway used to look up user metadata.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_DEBUG_ADDR:
name: COLLABORATION_DEBUG_ADDR
defaultValue: 127.0.0.1:9304
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_DEBUG_PPROF:
name: COLLABORATION_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_DEBUG_TOKEN:
name: COLLABORATION_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_DEBUG_ZPAGES:
name: COLLABORATION_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing in-memory
traces.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_GRPC_ADDR:
name: COLLABORATION_GRPC_ADDR
defaultValue: 127.0.0.1:9301
type: string
description: The bind address of the GRPC service.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_GRPC_PROTOCOL:
name: OCIS_GRPC_PROTOCOL;COLLABORATION_GRPC_PROTOCOL
defaultValue: tcp
type: string
description: The transport protocol of the GRPC service.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_HTTP_ADDR:
name: COLLABORATION_HTTP_ADDR
defaultValue: 127.0.0.1:9300
type: string
description: The bind address of the HTTP service.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_JWT_SECRET:
name: OCIS_JWT_SECRET;COLLABORATION_JWT_SECRET
defaultValue: ""
type: string
description: The secret to mint and validate jwt tokens.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_LOG_COLOR:
name: OCIS_LOG_COLOR;COLLABORATION_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_LOG_FILE:
name: OCIS_LOG_FILE;COLLABORATION_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_LOG_LEVEL:
name: OCIS_LOG_LEVEL;COLLABORATION_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_LOG_PRETTY:
name: OCIS_LOG_PRETTY;COLLABORATION_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_STORE:
name: OCIS_PERSISTENT_STORE;COLLABORATION_STORE
defaultValue: nats-js-kv
type: string
description: 'The type of the store. Supported values are: ''memory'', ''nats-js-kv'',
''redis-sentinel'', ''noop''. See the text description for details.'
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_STORE_AUTH_PASSWORD:
name: OCIS_PERSISTENT_STORE_AUTH_PASSWORD;COLLABORATION_STORE_AUTH_PASSWORD
defaultValue: ""
type: string
description: The password to authenticate with the store. Only applies when store
type 'nats-js-kv' is configured.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_STORE_AUTH_USERNAME:
name: OCIS_PERSISTENT_STORE_AUTH_USERNAME;COLLABORATION_STORE_AUTH_USERNAME
defaultValue: ""
type: string
description: The username to authenticate with the store. Only applies when store
type 'nats-js-kv' is configured.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_STORE_DATABASE:
name: COLLABORATION_STORE_DATABASE
defaultValue: collaboration
type: string
description: The database name the configured store should use.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_STORE_NODES:
name: OCIS_PERSISTENT_STORE_NODES;COLLABORATION_STORE_NODES
defaultValue: '[127.0.0.1:9233]'
type: '[]string'
description: A list of nodes to access the configured store. This has no effect
when 'memory' store is configured. Note that the behaviour how nodes are used
is dependent on the library of the configured store. See the Environment Variable
Types description for more details.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_STORE_TABLE:
name: COLLABORATION_STORE_TABLE
defaultValue: ""
type: string
description: The database table the store should use.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_STORE_TTL:
name: OCIS_PERSISTENT_STORE_TTL;COLLABORATION_STORE_TTL
defaultValue: 30m0s
type: Duration
description: Time to live for events in the store. Defaults to '30m' (30 minutes).
See the Environment Variable Types description for more details.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;COLLABORATION_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;COLLABORATION_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;COLLABORATION_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_TRACING_TYPE:
name: OCIS_TRACING_TYPE;COLLABORATION_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_WOPI_DISABLE_CHAT:
name: COLLABORATION_WOPI_DISABLE_CHAT;OCIS_WOPI_DISABLE_CHAT
defaultValue: "false"
type: bool
description: Disable chat in the office web frontend. This feature applies to OnlyOffice
and Microsoft.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_WOPI_PROXY_SECRET:
name: COLLABORATION_WOPI_PROXY_SECRET
defaultValue: ""
type: string
description: Optional, the secret to authenticate against the ownCloud Office365
WOPI proxy. This secret can be obtained from ownCloud via the office365 proxy
subscription.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_WOPI_PROXY_URL:
name: COLLABORATION_WOPI_PROXY_URL
defaultValue: ""
type: string
description: The URL to the ownCloud Office365 WOPI proxy. Optional. To use this
feature, you need an office365 proxy subscription. If you become part of the Microsoft
CSP program (https://learn.microsoft.com/en-us/partner-center/enroll/csp-overview),
you can use WebOffice without a proxy.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_WOPI_SECRET:
name: COLLABORATION_WOPI_SECRET
defaultValue: ""
type: string
description: Used to mint and verify WOPI JWT tokens and encrypt and decrypt the
REVA JWT token embedded in the WOPI JWT token.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_WOPI_SHORTTOKENS:
name: COLLABORATION_WOPI_SHORTTOKENS
defaultValue: "false"
type: bool
description: Use short access tokens for WOPI access. This is useful for office
packages, like Microsoft Office Online, which have URL length restrictions. If
enabled, a persistent store must be configured.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
COLLABORATION_WOPI_SRC:
name: COLLABORATION_WOPI_SRC
defaultValue: https://localhost:9300
type: string
description: The WOPI source base URL containing schema, host and port. Set this
to the schema and domain where the collaboration service is reachable for the
wopi app, such as https://office.owncloud.test.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
EVENTHISTORY_DEBUG_ADDR:
name: EVENTHISTORY_DEBUG_ADDR
defaultValue: 127.0.0.1:9270
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
EVENTHISTORY_DEBUG_PPROF:
name: EVENTHISTORY_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
EVENTHISTORY_DEBUG_TOKEN:
name: EVENTHISTORY_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
EVENTHISTORY_DEBUG_ZPAGES:
name: EVENTHISTORY_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing in-memory
traces.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
EVENTHISTORY_EVENTS_AUTH_PASSWORD:
name: OCIS_EVENTS_AUTH_PASSWORD;EVENTHISTORY_EVENTS_AUTH_PASSWORD
defaultValue: ""
type: string
description: The password to authenticate with the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
EVENTHISTORY_EVENTS_AUTH_USERNAME:
name: OCIS_EVENTS_AUTH_USERNAME;EVENTHISTORY_EVENTS_AUTH_USERNAME
defaultValue: ""
type: string
description: The username to authenticate with the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
EVENTHISTORY_EVENTS_CLUSTER:
name: OCIS_EVENTS_CLUSTER;EVENTHISTORY_EVENTS_CLUSTER
defaultValue: ocis-cluster
type: string
description: The clusterID of the event system. The event system is the message
queuing service. It is used as message broker for the microservice architecture.
Mandatory when using NATS as event system.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
EVENTHISTORY_EVENTS_ENABLE_TLS:
name: OCIS_EVENTS_ENABLE_TLS;EVENTHISTORY_EVENTS_ENABLE_TLS
defaultValue: "false"
type: bool
description: Enable TLS for the connection to the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
EVENTHISTORY_EVENTS_ENDPOINT:
name: OCIS_EVENTS_ENDPOINT;EVENTHISTORY_EVENTS_ENDPOINT
defaultValue: 127.0.0.1:9233
type: string
description: The address of the event system. The event system is the message queuing
service. It is used as message broker for the microservice architecture.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
EVENTHISTORY_EVENTS_TLS_INSECURE:
name: OCIS_INSECURE;EVENTHISTORY_EVENTS_TLS_INSECURE
defaultValue: "false"
type: bool
description: Whether to verify the server TLS certificates.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
EVENTHISTORY_EVENTS_TLS_ROOT_CA_CERTIFICATE:
name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;EVENTHISTORY_EVENTS_TLS_ROOT_CA_CERTIFICATE
defaultValue: ""
type: string
description: The root CA certificate used to validate the server's TLS certificate.
Will be seen as empty if NOTIFICATIONS_EVENTS_TLS_INSECURE is provided.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
EVENTHISTORY_GRPC_ADDR:
name: EVENTHISTORY_GRPC_ADDR
defaultValue: 127.0.0.1:9274
type: string
description: The bind address of the GRPC service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
EVENTHISTORY_LOG_COLOR:
name: OCIS_LOG_COLOR;EVENTHISTORY_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
EVENTHISTORY_LOG_FILE:
name: OCIS_LOG_FILE;EVENTHISTORY_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
EVENTHISTORY_LOG_LEVEL:
name: OCIS_LOG_LEVEL;EVENTHISTORY_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
EVENTHISTORY_LOG_PRETTY:
name: OCIS_LOG_PRETTY;EVENTHISTORY_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
EVENTHISTORY_STORE:
name: OCIS_PERSISTENT_STORE;EVENTHISTORY_STORE
defaultValue: nats-js-kv
type: string
description: 'The type of the store. Supported values are: ''memory'', ''nats-js-kv'',
''redis-sentinel'', ''noop''. See the text description for details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
EVENTHISTORY_STORE_AUTH_PASSWORD:
name: OCIS_PERSISTENT_STORE_AUTH_PASSWORD;EVENTHISTORY_STORE_AUTH_PASSWORD
defaultValue: ""
type: string
description: The password to authenticate with the store. Only applies when store
type 'nats-js-kv' is configured.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
EVENTHISTORY_STORE_AUTH_USERNAME:
name: OCIS_PERSISTENT_STORE_AUTH_USERNAME;EVENTHISTORY_STORE_AUTH_USERNAME
defaultValue: ""
type: string
description: The username to authenticate with the store. Only applies when store
type 'nats-js-kv' is configured.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
EVENTHISTORY_STORE_DATABASE:
name: EVENTHISTORY_STORE_DATABASE
defaultValue: eventhistory
type: string
description: The database name the configured store should use.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
EVENTHISTORY_STORE_NODES:
name: OCIS_PERSISTENT_STORE_NODES;EVENTHISTORY_STORE_NODES
defaultValue: '[127.0.0.1:9233]'
type: '[]string'
description: A list of nodes to access the configured store. This has no effect
when 'memory' store is configured. Note that the behaviour how nodes are used
is dependent on the library of the configured store. See the Environment Variable
Types description for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
EVENTHISTORY_STORE_SIZE:
name: OCIS_PERSISTENT_STORE_SIZE;EVENTHISTORY_STORE_SIZE
defaultValue: "0"
type: int
description: The maximum quantity of items in the store. Only applies when store
type 'ocmem' is configured. Defaults to 512 which is derived and used from the
ocmem package though no explicit default was set.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
EVENTHISTORY_STORE_TABLE:
name: EVENTHISTORY_STORE_TABLE
defaultValue: ""
type: string
description: The database table the store should use.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
EVENTHISTORY_STORE_TTL:
name: OCIS_PERSISTENT_STORE_TTL;EVENTHISTORY_STORE_TTL
defaultValue: 336h0m0s
type: Duration
description: Time to live for events in the store. Defaults to '336h' (2 weeks).
See the Environment Variable Types description for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
EVENTHISTORY_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;EVENTHISTORY_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
EVENTHISTORY_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;EVENTHISTORY_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
EVENTHISTORY_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;EVENTHISTORY_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
EVENTHISTORY_TRACING_TYPE:
name: OCIS_TRACING_TYPE;EVENTHISTORY_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_APP_HANDLER_INSECURE:
name: OCIS_INSECURE;FRONTEND_APP_HANDLER_INSECURE
defaultValue: "false"
type: bool
description: Allow insecure connections to the frontend.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_APP_HANDLER_SECURE_VIEW_APP_ADDR:
name: FRONTEND_APP_HANDLER_SECURE_VIEW_APP_ADDR
defaultValue: com.owncloud.api.collaboration
type: string
description: Service name or address of the app provider to use for secure view.
Should match the service name or address of the registered CS3 app provider.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_ARCHIVER_INSECURE:
name: OCIS_INSECURE;FRONTEND_ARCHIVER_INSECURE
defaultValue: "false"
type: bool
description: Allow insecure connections to the archiver.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_ARCHIVER_MAX_NUM_FILES:
name: FRONTEND_ARCHIVER_MAX_NUM_FILES
defaultValue: "10000"
type: int64
description: Max number of files that can be packed into an archive.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_ARCHIVER_MAX_SIZE:
name: FRONTEND_ARCHIVER_MAX_SIZE
defaultValue: "1073741824"
type: int64
description: Max size in bytes of the zip archive the archiver can create.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_AUTO_ACCEPT_SHARES:
name: FRONTEND_AUTO_ACCEPT_SHARES
defaultValue: "true"
type: bool
description: Defines if shares should be auto accepted by default. Users can change
this setting individually in their profile.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_CHECKSUMS_PREFERRED_UPLOAD_TYPE:
name: FRONTEND_CHECKSUMS_PREFERRED_UPLOAD_TYPE
defaultValue: sha1
type: string
description: The supported checksum type for uploads that indicates to clients supporting
multiple hash algorithms which one is preferred by the server. Must be one out
of the defined list of SUPPORTED_TYPES.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_CHECKSUMS_SUPPORTED_TYPES:
name: FRONTEND_CHECKSUMS_SUPPORTED_TYPES
defaultValue: '[sha1 md5 adler32]'
type: '[]string'
description: A list of checksum types that indicate to clients which hashes the
server can use to verify upload integrity. Supported types are 'sha1', 'md5' and
'adler32'. See the Environment Variable Types description for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_CORS_ALLOW_CREDENTIALS:
name: OCIS_CORS_ALLOW_CREDENTIALS;FRONTEND_CORS_ALLOW_CREDENTIALS
defaultValue: "false"
type: bool
description: 'Allow credentials for CORS.See following chapter for more details:
*Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_CORS_ALLOW_HEADERS:
name: OCIS_CORS_ALLOW_HEADERS;FRONTEND_CORS_ALLOW_HEADERS
defaultValue: '[Origin Accept Content-Type Depth Authorization Ocs-Apirequest If-None-Match
If-Match Destination Overwrite X-Request-Id X-Requested-With Tus-Resumable Tus-Checksum-Algorithm
Upload-Concat Upload-Length Upload-Metadata Upload-Defer-Length Upload-Expires
Upload-Checksum Upload-Offset X-HTTP-Method-Override Cache-Control]'
type: '[]string'
description: 'A list of allowed CORS headers. See following chapter for more details:
*Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_CORS_ALLOW_METHODS:
name: OCIS_CORS_ALLOW_METHODS;FRONTEND_CORS_ALLOW_METHODS
defaultValue: '[OPTIONS HEAD GET PUT POST PATCH DELETE MKCOL PROPFIND PROPPATCH
MOVE COPY REPORT SEARCH]'
type: '[]string'
description: 'A list of allowed CORS methods. See following chapter for more details:
*Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_CORS_ALLOW_ORIGINS:
name: OCIS_CORS_ALLOW_ORIGINS;FRONTEND_CORS_ALLOW_ORIGINS
defaultValue: '[https://localhost:9200]'
type: '[]string'
description: 'A list of allowed CORS origins. See following chapter for more details:
*Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_DATA_GATEWAY_PREFIX:
name: FRONTEND_DATA_GATEWAY_PREFIX
defaultValue: data
type: string
description: Path prefix for the data gateway.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_DEBUG_ADDR:
name: FRONTEND_DEBUG_ADDR
defaultValue: 127.0.0.1:9141
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_DEBUG_PPROF:
name: FRONTEND_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_DEBUG_TOKEN:
name: FRONTEND_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_DEBUG_ZPAGES:
name: FRONTEND_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing in-memory
traces.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_DEFAULT_LINK_PERMISSIONS:
name: FRONTEND_DEFAULT_LINK_PERMISSIONS
defaultValue: "1"
type: int
description: Defines the default permissions a link is being created with. Possible
values are 0 (= internal link, for instance members only) and 1 (= public link
with viewer permissions). Defaults to 1.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_DEFAULT_UPLOAD_PROTOCOL:
name: FRONTEND_DEFAULT_UPLOAD_PROTOCOL
defaultValue: tus
type: string
description: The default upload protocol to use in clients. Currently only 'tus'
is available. See the developer API documentation for more details about TUS.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_DISABLE_SSE:
name: OCIS_DISABLE_SSE;FRONTEND_DISABLE_SSE
defaultValue: "false"
type: bool
description: When set to true, clients are informed that the Server-Sent Events
endpoint is not accessible.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_EDITION:
name: OCIS_EDITION;FRONTEND_EDITION
defaultValue: Community
type: string
description: Edition of oCIS. Used for branding purposes.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_ENABLE_FAVORITES:
name: FRONTEND_ENABLE_FAVORITES
defaultValue: "false"
type: bool
description: Enables the support for favorites in the clients.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_ENABLE_FEDERATED_SHARING_INCOMING:
name: OCIS_ENABLE_OCM;FRONTEND_ENABLE_FEDERATED_SHARING_INCOMING
defaultValue: "false"
type: bool
description: Changing this value is NOT supported. Enables support for incoming
federated sharing for clients. The backend behaviour is not changed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_ENABLE_FEDERATED_SHARING_OUTGOING:
name: OCIS_ENABLE_OCM;FRONTEND_ENABLE_FEDERATED_SHARING_OUTGOING
defaultValue: "false"
type: bool
description: Changing this value is NOT supported. Enables support for outgoing
federated sharing for clients. The backend behaviour is not changed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_EVENTS_AUTH_PASSWORD:
name: OCIS_EVENTS_AUTH_PASSWORD;FRONTEND_EVENTS_AUTH_PASSWORD
defaultValue: ""
type: string
description: The password to authenticate with the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_EVENTS_AUTH_USERNAME:
name: OCIS_EVENTS_AUTH_USERNAME;FRONTEND_EVENTS_AUTH_USERNAME
defaultValue: ""
type: string
description: The username to authenticate with the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_EVENTS_CLUSTER:
name: OCIS_EVENTS_CLUSTER;FRONTEND_EVENTS_CLUSTER
defaultValue: ocis-cluster
type: string
description: The clusterID of the event system. The event system is the message
queuing service. It is used as message broker for the microservice architecture.
Mandatory when using NATS as event system.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_EVENTS_ENABLE_TLS:
name: OCIS_EVENTS_ENABLE_TLS;FRONTEND_EVENTS_ENABLE_TLS
defaultValue: "false"
type: bool
description: Enable TLS for the connection to the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_EVENTS_ENDPOINT:
name: OCIS_EVENTS_ENDPOINT;FRONTEND_EVENTS_ENDPOINT
defaultValue: 127.0.0.1:9233
type: string
description: The address of the event system. The event system is the message queuing
service. It is used as message broker for the microservice architecture.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_EVENTS_TLS_INSECURE:
name: OCIS_INSECURE;FRONTEND_EVENTS_TLS_INSECURE
defaultValue: "false"
type: bool
description: Whether to verify the server TLS certificates.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_EVENTS_TLS_ROOT_CA_CERTIFICATE:
name: FRONTEND_EVENTS_TLS_ROOT_CA_CERTIFICATE;OCS_EVENTS_TLS_ROOT_CA_CERTIFICATE
defaultValue: ""
type: string
description: The root CA certificate used to validate the server's TLS certificate.
If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_FULL_TEXT_SEARCH_ENABLED:
name: FRONTEND_FULL_TEXT_SEARCH_ENABLED
defaultValue: "false"
type: bool
description: Set to true to signal the web client that full-text search is enabled.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_HTTP_ADDR:
name: FRONTEND_HTTP_ADDR
defaultValue: 127.0.0.1:9140
type: string
description: The bind address of the HTTP service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_HTTP_PREFIX:
name: FRONTEND_HTTP_PREFIX
defaultValue: ""
type: string
description: The Path prefix where the frontend can be accessed (defaults to /).
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_HTTP_PROTOCOL:
name: FRONTEND_HTTP_PROTOCOL
defaultValue: tcp
type: string
description: The transport protocol of the HTTP service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_JWT_SECRET:
name: OCIS_JWT_SECRET;FRONTEND_JWT_SECRET
defaultValue: ""
type: string
description: The secret to mint and validate jwt tokens.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_LDAP_SERVER_WRITE_ENABLED:
name: OCIS_LDAP_SERVER_WRITE_ENABLED;FRONTEND_LDAP_SERVER_WRITE_ENABLED
defaultValue: "true"
type: bool
description: Allow creating, modifying and deleting LDAP users via the GRAPH API.
This can only be set to 'true' when keeping default settings for the LDAP user
and group attribute types (the 'OCIS_LDAP_USER_SCHEMA_* and 'OCIS_LDAP_GROUP_SCHEMA_*
variables).
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_LOG_COLOR:
name: OCIS_LOG_COLOR;FRONTEND_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_LOG_FILE:
name: OCIS_LOG_FILE;FRONTEND_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_LOG_LEVEL:
name: OCIS_LOG_LEVEL;FRONTEND_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_LOG_PRETTY:
name: OCIS_LOG_PRETTY;FRONTEND_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_MACHINE_AUTH_API_KEY:
name: OCIS_MACHINE_AUTH_API_KEY;FRONTEND_MACHINE_AUTH_API_KEY
defaultValue: ""
type: string
description: The machine auth API key used to validate internal requests necessary
to access resources from other services.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_MAX_CONCURRENCY:
name: OCIS_MAX_CONCURRENCY;FRONTEND_MAX_CONCURRENCY
defaultValue: "25"
type: int
description: Maximum number of concurrent go-routines. Higher values can potentially
get work done faster but will also cause more load on the system. Values of 0
or below will be ignored and the default value will be used.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_MAX_QUOTA:
name: OCIS_SPACES_MAX_QUOTA;FRONTEND_MAX_QUOTA
defaultValue: "0"
type: uint64
description: Set the global max quota value in bytes. A value of 0 equals unlimited.
The value is provided via capabilities.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_OCS_ADDITIONAL_INFO_ATTRIBUTE:
name: FRONTEND_OCS_ADDITIONAL_INFO_ATTRIBUTE
defaultValue: '{{.Mail}}'
type: string
description: Additional information attribute for the user like {{.Mail}}.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_OCS_ENABLE_DENIALS:
name: FRONTEND_OCS_ENABLE_DENIALS
defaultValue: "false"
type: bool
description: 'EXPERIMENTAL: enable the feature to deny access on folders.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_OCS_INCLUDE_OCM_SHAREES:
name: OCIS_ENABLE_OCM;FRONTEND_OCS_INCLUDE_OCM_SHAREES
defaultValue: "false"
type: bool
description: Include OCM sharees when listing sharees.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_OCS_LIST_OCM_SHARES:
name: OCIS_ENABLE_OCM;FRONTEND_OCS_LIST_OCM_SHARES
defaultValue: "true"
type: bool
description: Include OCM shares when listing shares. See the OCM service documentation
for more details.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_OCS_PERSONAL_NAMESPACE:
name: FRONTEND_OCS_PERSONAL_NAMESPACE
defaultValue: /users/{{.Id.OpaqueId}}
type: string
description: Home namespace identifier.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_OCS_PREFIX:
name: FRONTEND_OCS_PREFIX
defaultValue: ocs
type: string
description: URL path prefix for the OCS service. Note that the string must not
start with '/'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD:
name: OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD
defaultValue: "true"
type: bool
description: Set this to true if you want to enforce passwords on all public shares.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD:
name: OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD
defaultValue: "false"
type: bool
description: Set this to true if you want to enforce passwords for writable shares.
Only effective if the setting for 'passwords on all public shares' is set to false.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_OCS_SHARE_PREFIX:
name: FRONTEND_OCS_SHARE_PREFIX
defaultValue: /Shares
type: string
description: Path prefix for shares as part of an ocis resource. Note that the path
must start with '/'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_OCS_STAT_CACHE_AUTH_PASSWORD:
name: OCIS_CACHE_AUTH_PASSWORD;FRONTEND_OCS_STAT_CACHE_AUTH_PASSWORD
defaultValue: ""
type: string
description: The password to use for authentication. Only applies when using the
'nats-js-kv' store type.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_OCS_STAT_CACHE_AUTH_USERNAME:
name: OCIS_CACHE_AUTH_USERNAME;FRONTEND_OCS_STAT_CACHE_AUTH_USERNAME
defaultValue: ""
type: string
description: The username to use for authentication. Only applies when using the
'nats-js-kv' store type.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_OCS_STAT_CACHE_DISABLE_PERSISTENCE:
name: OCIS_CACHE_DISABLE_PERSISTENCE;FRONTEND_OCS_STAT_CACHE_DISABLE_PERSISTENCE
defaultValue: "false"
type: bool
description: Disable persistence of the cache. Only applies when using the 'nats-js-kv'
store type. Defaults to false.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_OCS_STAT_CACHE_SIZE:
name: OCIS_CACHE_SIZE;FRONTEND_OCS_STAT_CACHE_SIZE
defaultValue: "0"
type: int
description: Max number of entries to hold in the cache.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_OCS_STAT_CACHE_STORE:
name: OCIS_CACHE_STORE;FRONTEND_OCS_STAT_CACHE_STORE
defaultValue: memory
type: string
description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'',
''nats-js-kv'', ''noop''. See the text description for details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_OCS_STAT_CACHE_STORE_NODES:
name: OCIS_CACHE_STORE_NODES;FRONTEND_OCS_STAT_CACHE_STORE_NODES
defaultValue: '[127.0.0.1:9233]'
type: '[]string'
description: A list of nodes to access the configured store. This has no effect
when 'memory' store is configured. Note that the behaviour how nodes are used
is dependent on the library of the configured store. See the Environment Variable
Types description for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_OCS_STAT_CACHE_TABLE:
name: FRONTEND_OCS_STAT_CACHE_TABLE
defaultValue: ""
type: string
description: The database table the store should use.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_OCS_STAT_CACHE_TTL:
name: OCIS_CACHE_TTL;FRONTEND_OCS_STAT_CACHE_TTL
defaultValue: 5m0s
type: Duration
description: Default time to live for user info in the cache. Only applied when
access tokens has no expiration. See the Environment Variable Types description
for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_PASSWORD_POLICY_BANNED_PASSWORDS_LIST:
name: OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST;FRONTEND_PASSWORD_POLICY_BANNED_PASSWORDS_LIST
defaultValue: ""
type: string
description: Path to the 'banned passwords list' file. This only impacts public
link password validation. See the documentation for more details.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_PASSWORD_POLICY_DISABLED:
name: OCIS_PASSWORD_POLICY_DISABLED;FRONTEND_PASSWORD_POLICY_DISABLED
defaultValue: "false"
type: bool
description: Disable the password policy. Defaults to false if not set.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_PASSWORD_POLICY_MIN_CHARACTERS:
name: OCIS_PASSWORD_POLICY_MIN_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_CHARACTERS
defaultValue: "8"
type: int
description: Define the minimum password length. Defaults to 8 if not set.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_PASSWORD_POLICY_MIN_DIGITS:
name: OCIS_PASSWORD_POLICY_MIN_DIGITS;FRONTEND_PASSWORD_POLICY_MIN_DIGITS
defaultValue: "1"
type: int
description: Define the minimum number of digits. Defaults to 1 if not set.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS:
name: OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS
defaultValue: "1"
type: int
description: Define the minimum number of uppercase letters. Defaults to 1 if not
set.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS:
name: OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS
defaultValue: "1"
type: int
description: Define the minimum number of characters from the special characters
list to be present. Defaults to 1 if not set.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS:
name: OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS
defaultValue: "1"
type: int
description: Define the minimum number of lowercase letters. Defaults to 1 if not
set.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_PUBLIC_URL:
name: OCIS_URL;FRONTEND_PUBLIC_URL
defaultValue: https://localhost:9200
type: string
description: The public facing URL of the oCIS frontend.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_READONLY_USER_ATTRIBUTES:
name: FRONTEND_READONLY_USER_ATTRIBUTES
defaultValue: '[]'
type: '[]string'
description: 'A list of user attributes to indicate as read-only. Supported values:
''user.onPremisesSamAccountName'' (username), ''user.displayName'', ''user.mail'',
''user.passwordProfile'' (password), ''user.appRoleAssignments'' (role), ''user.memberOf''
(groups), ''user.accountEnabled'' (login allowed), ''drive.quota'' (quota). See
the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_SEARCH_MIN_LENGTH:
name: FRONTEND_SEARCH_MIN_LENGTH
defaultValue: "3"
type: int
description: Minimum number of characters to enter before a client should start
a search for Share receivers. This setting can be used to customize the user experience
if e.g too many results are displayed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_SERVICE_ACCOUNT_ID:
name: OCIS_SERVICE_ACCOUNT_ID;FRONTEND_SERVICE_ACCOUNT_ID
defaultValue: ""
type: string
description: The ID of the service account the service should use. See the 'auth-service'
service description for more details.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_SERVICE_ACCOUNT_SECRET:
name: OCIS_SERVICE_ACCOUNT_SECRET;FRONTEND_SERVICE_ACCOUNT_SECRET
defaultValue: ""
type: string
description: The service account secret.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_SKIP_USER_GROUPS_IN_TOKEN:
name: FRONTEND_SKIP_USER_GROUPS_IN_TOKEN
defaultValue: "false"
type: bool
description: Disables the loading of user's group memberships from the reva access
token.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;FRONTEND_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;FRONTEND_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;FRONTEND_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_TRACING_TYPE:
name: OCIS_TRACING_TYPE;FRONTEND_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_UPLOAD_HTTP_METHOD_OVERRIDE:
name: FRONTEND_UPLOAD_HTTP_METHOD_OVERRIDE
defaultValue: ""
type: string
description: Advise TUS to replace PATCH requests by POST requests.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
FRONTEND_UPLOAD_MAX_CHUNK_SIZE:
name: FRONTEND_UPLOAD_MAX_CHUNK_SIZE
defaultValue: "10000000"
type: int
description: Sets the max chunk sizes in bytes for uploads via the clients.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_APP_REGISTRY_ENDPOINT:
name: GATEWAY_APP_REGISTRY_ENDPOINT
defaultValue: com.owncloud.api.app-registry
type: string
description: The endpoint of the app-registry service. Can take a service name or
a gRPC URI with the dns, kubernetes or unix protocol.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_AUTH_APP_ENDPOINT:
name: GATEWAY_AUTH_APP_ENDPOINT
defaultValue: com.owncloud.api.auth-app
type: string
description: The endpoint of the auth-app service. Can take a service name or a
gRPC URI with the dns, kubernetes or unix protocol.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_AUTH_BASIC_ENDPOINT:
name: GATEWAY_AUTH_BASIC_ENDPOINT
defaultValue: com.owncloud.api.auth-basic
type: string
description: The endpoint of the auth-basic service. Can take a service name or
a gRPC URI with the dns, kubernetes or unix protocol.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_AUTH_BEARER_ENDPOINT:
name: GATEWAY_AUTH_BEARER_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the auth-bearer service. Can take a service name or
a gRPC URI with the dns, kubernetes or unix protocol.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_AUTH_MACHINE_ENDPOINT:
name: GATEWAY_AUTH_MACHINE_ENDPOINT
defaultValue: com.owncloud.api.auth-machine
type: string
description: The endpoint of the auth-machine service. Can take a service name or
a gRPC URI with the dns, kubernetes or unix protocol.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_AUTH_SERVICE_ENDPOINT:
name: GATEWAY_AUTH_SERVICE_ENDPOINT
defaultValue: com.owncloud.api.auth-service
type: string
description: The endpoint of the auth-service service. Can take a service name or
a gRPC URI with the dns, kubernetes or unix protocol.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_COMMIT_SHARE_TO_STORAGE_GRANT:
name: GATEWAY_COMMIT_SHARE_TO_STORAGE_GRANT
defaultValue: "true"
type: bool
description: Commit shares to storage grants. This grants access to shared resources
for the share receiver directly on the storage.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_CREATE_HOME_CACHE_AUTH_PASSWORD:
name: OCIS_CACHE_AUTH_PASSWORD;GATEWAY_CREATE_HOME_CACHE_AUTH_PASSWORD
defaultValue: ""
type: string
description: The password to use for authentication. Only applies when store type
'nats-js-kv' is configured.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_CREATE_HOME_CACHE_AUTH_USERNAME:
name: OCIS_CACHE_AUTH_USERNAME;GATEWAY_CREATE_HOME_CACHE_AUTH_USERNAME
defaultValue: ""
type: string
description: The username to use for authentication. Only applies when store type
'nats-js-kv' is configured.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_CREATE_HOME_CACHE_DISABLE_PERSISTENCE:
name: OCIS_CACHE_DISABLE_PERSISTENCE;GATEWAY_CREATE_HOME_CACHE_DISABLE_PERSISTENCE
defaultValue: "false"
type: bool
description: Disables persistence of the create home cache. Only applies when store
type 'nats-js-kv' is configured. Defaults to false.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_CREATE_HOME_CACHE_SIZE:
name: OCIS_CACHE_SIZE;GATEWAY_CREATE_HOME_CACHE_SIZE
defaultValue: "0"
type: int
description: The maximum quantity of items in the cache. Only applies when store
type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package
though not explicitly set as default.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_CREATE_HOME_CACHE_STORE:
name: OCIS_CACHE_STORE;GATEWAY_CREATE_HOME_CACHE_STORE
defaultValue: memory
type: string
description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'',
''nats-js-kv'', ''noop''. See the text description for details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_CREATE_HOME_CACHE_STORE_NODES:
name: OCIS_CACHE_STORE_NODES;GATEWAY_CREATE_HOME_CACHE_STORE_NODES
defaultValue: '[127.0.0.1:9233]'
type: '[]string'
description: A list of nodes to access the configured store. This has no effect
when 'memory' store is configured. Note that the behaviour how nodes are used
is dependent on the library of the configured store. See the Environment Variable
Types description for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_CREATE_HOME_CACHE_TTL:
name: OCIS_CACHE_TTL;GATEWAY_CREATE_HOME_CACHE_TTL
defaultValue: 5m0s
type: Duration
description: Default time to live for user info in the cache. Only applied when
access tokens has no expiration. See the Environment Variable Types description
for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_DEBUG_ADDR:
name: GATEWAY_DEBUG_ADDR
defaultValue: 127.0.0.1:9143
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_DEBUG_PPROF:
name: GATEWAY_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_DEBUG_TOKEN:
name: GATEWAY_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_DEBUG_ZPAGES:
name: GATEWAY_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing in-memory
traces.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_DISABLE_HOME_CREATION_ON_LOGIN:
name: GATEWAY_DISABLE_HOME_CREATION_ON_LOGIN
defaultValue: "true"
type: bool
description: Disable creation of the home space on login.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_FRONTEND_PUBLIC_URL:
name: OCIS_URL;GATEWAY_FRONTEND_PUBLIC_URL
defaultValue: https://localhost:9200
type: string
description: The public facing URL of the oCIS frontend.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_GROUPS_ENDPOINT:
name: GATEWAY_GROUPS_ENDPOINT
defaultValue: com.owncloud.api.groups
type: string
description: The endpoint of the groups service. Can take a service name or a gRPC
URI with the dns, kubernetes or unix protocol.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_GRPC_ADDR:
name: OCIS_GATEWAY_GRPC_ADDR;GATEWAY_GRPC_ADDR
defaultValue: 127.0.0.1:9142
type: string
description: The bind address of the GRPC service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_GRPC_PROTOCOL:
name: OCIS_GRPC_PROTOCOL;GATEWAY_GRPC_PROTOCOL
defaultValue: tcp
type: string
description: The transport protocol of the GRPC service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_JWT_SECRET:
name: OCIS_JWT_SECRET;GATEWAY_JWT_SECRET
defaultValue: ""
type: string
description: The secret to mint and validate jwt tokens.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_LOG_COLOR:
name: OCIS_LOG_COLOR;GATEWAY_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_LOG_FILE:
name: OCIS_LOG_FILE;GATEWAY_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_LOG_LEVEL:
name: OCIS_LOG_LEVEL;GATEWAY_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_LOG_PRETTY:
name: OCIS_LOG_PRETTY;GATEWAY_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_OCM_ENDPOINT:
name: GATEWAY_OCM_ENDPOINT
defaultValue: com.owncloud.api.ocm
type: string
description: The endpoint of the ocm service. Can take a service name or a gRPC
URI with the dns, kubernetes or unix protocol.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_PERMISSIONS_ENDPOINT:
name: GATEWAY_PERMISSIONS_ENDPOINT
defaultValue: com.owncloud.api.settings
type: string
description: The endpoint of the permissions service. Can take a service name or
a gRPC URI with the dns, kubernetes or unix protocol.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_PROVIDER_CACHE_AUTH_PASSWORD:
name: OCIS_CACHE_AUTH_PASSWORD;GATEWAY_PROVIDER_CACHE_AUTH_PASSWORD
defaultValue: ""
type: string
description: The password to use for authentication. Only applies when store type
'nats-js-kv' is configured.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_PROVIDER_CACHE_AUTH_USERNAME:
name: OCIS_CACHE_AUTH_USERNAME;GATEWAY_PROVIDER_CACHE_AUTH_USERNAME
defaultValue: ""
type: string
description: The username to use for authentication. Only applies when store type
'nats-js-kv' is configured.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_PROVIDER_CACHE_DISABLE_PERSISTENCE:
name: OCIS_CACHE_DISABLE_PERSISTENCE;GATEWAY_PROVIDER_CACHE_DISABLE_PERSISTENCE
defaultValue: "false"
type: bool
description: Disables persistence of the provider cache. Only applies when store
type 'nats-js-kv' is configured. Defaults to false.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_PROVIDER_CACHE_SIZE:
name: OCIS_CACHE_SIZE;GATEWAY_PROVIDER_CACHE_SIZE
defaultValue: "0"
type: int
description: The maximum quantity of items in the cache. Only applies when store
type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package
though not explicitly set as default.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_PROVIDER_CACHE_STORE:
name: OCIS_CACHE_STORE;GATEWAY_PROVIDER_CACHE_STORE
defaultValue: noop
type: string
description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'',
''nats-js-kv'', ''noop''. See the text description for details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_PROVIDER_CACHE_STORE_NODES:
name: OCIS_CACHE_STORE_NODES;GATEWAY_PROVIDER_CACHE_STORE_NODES
defaultValue: '[127.0.0.1:9233]'
type: '[]string'
description: A list of nodes to access the configured store. This has no effect
when 'memory' store is configured. Note that the behaviour how nodes are used
is dependent on the library of the configured store. See the Environment Variable
Types description for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_PROVIDER_CACHE_TTL:
name: OCIS_CACHE_TTL;GATEWAY_PROVIDER_CACHE_TTL
defaultValue: 5m0s
type: Duration
description: Default time to live for user info in the cache. Only applied when
access tokens has no expiration. See the Environment Variable Types description
for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_SHARE_FOLDER_NAME:
name: GATEWAY_SHARE_FOLDER_NAME
defaultValue: Shares
type: string
description: Name of the share folder in users' home space.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_SHARING_ENDPOINT:
name: GATEWAY_SHARING_ENDPOINT
defaultValue: com.owncloud.api.sharing
type: string
description: The endpoint of the shares service. Can take a service name or a gRPC
URI with the dns, kubernetes or unix protocol.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_SKIP_USER_GROUPS_IN_TOKEN:
name: GATEWAY_SKIP_USER_GROUPS_IN_TOKEN
defaultValue: "false"
type: bool
description: Disables the loading of user's group memberships from the reva access
token.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_STORAGE_PUBLIC_LINK_ENDPOINT:
name: GATEWAY_STORAGE_PUBLIC_LINK_ENDPOINT
defaultValue: com.owncloud.api.storage-publiclink
type: string
description: The endpoint of the storage-publiclink service. Can take a service
name or a gRPC URI with the dns, kubernetes or unix protocol.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_STORAGE_REGISTRY_CONFIG_JSON:
name: GATEWAY_STORAGE_REGISTRY_CONFIG_JSON
defaultValue: ""
type: string
description: Additional configuration for the storage registry in json format.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_STORAGE_REGISTRY_DRIVER:
name: GATEWAY_STORAGE_REGISTRY_DRIVER
defaultValue: spaces
type: string
description: The driver name of the storage registry to use.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_STORAGE_REGISTRY_RULES:
name: GATEWAY_STORAGE_REGISTRY_RULES
defaultValue: '[]'
type: '[]string'
description: The rules for the storage registry. See the Environment Variable Types
description for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_STORAGE_SHARES_ENDPOINT:
name: GATEWAY_STORAGE_SHARES_ENDPOINT
defaultValue: com.owncloud.api.storage-shares
type: string
description: The endpoint of the storage-shares service. Can take a service name
or a gRPC URI with the dns, kubernetes or unix protocol.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_STORAGE_USERS_ENDPOINT:
name: GATEWAY_STORAGE_USERS_ENDPOINT
defaultValue: com.owncloud.api.storage-users
type: string
description: The endpoint of the storage-users service. Can take a service name
or a gRPC URI with the dns, kubernetes or unix protocol.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_STORAGE_USERS_MOUNT_ID:
name: GATEWAY_STORAGE_USERS_MOUNT_ID
defaultValue: ""
type: string
description: Mount ID of this storage. Admins can set the ID for the storage in
this config option manually which is then used to reference the storage. Any reasonable
long string is possible, preferably this would be an UUIDv4 format.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;GATEWAY_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;GATEWAY_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;GATEWAY_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_TRACING_TYPE:
name: OCIS_TRACING_TYPE;GATEWAY_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_TRANSFER_EXPIRES:
name: GATEWAY_TRANSFER_EXPIRES
defaultValue: "86400"
type: int
description: Expiry for the gateway tokens.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GATEWAY_USERS_ENDPOINT:
name: GATEWAY_USERS_ENDPOINT
defaultValue: com.owncloud.api.users
type: string
description: The endpoint of the users service. Can take a service name or a gRPC
URI with the dns, kubernetes or unix protocol.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_APPLICATION_DISPLAYNAME:
name: GRAPH_APPLICATION_DISPLAYNAME
defaultValue: ownCloud Infinite Scale
type: string
description: The ocis application name.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_APPLICATION_ID:
name: GRAPH_APPLICATION_ID
defaultValue: ""
type: string
description: The ocis application ID shown in the graph. All app roles are tied
to this ID.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_ASSIGN_DEFAULT_USER_ROLE:
name: GRAPH_ASSIGN_DEFAULT_USER_ROLE
defaultValue: "true"
type: bool
description: Whether to assign newly created users the default role 'User'. Set
this to 'false' if you want to assign roles manually, or if the role assignment
should happen at first login. Set this to 'true' (the default) to assign the role
'User' when creating a new user.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_AVAILABLE_ROLES:
name: GRAPH_AVAILABLE_ROLES
defaultValue: '[b1e2218d-eef8-4d4c-b82d-0f1a1b48f3b5 a8d5fe5e-96e3-418d-825b-534dbdf22b99
fb6c3e19-e378-47e5-b277-9732f9de6e21 58c63c02-1d89-4572-916a-870abc5a1b7d 2d00ce52-1fc2-4dbc-8b95-a73b73395f5a
1c996275-f1c9-4e71-abdf-a42f6495e960 312c0871-5ef7-4b3a-85b6-0e4074c64049]'
type: '[]string'
description: A comma separated list of roles that are available for assignment.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_CACHE_AUTH_PASSWORD:
name: OCIS_CACHE_AUTH_PASSWORD;GRAPH_CACHE_AUTH_PASSWORD
defaultValue: ""
type: string
description: The password to authenticate with the cache. Only applies when store
type 'nats-js-kv' is configured.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_CACHE_AUTH_USERNAME:
name: OCIS_CACHE_AUTH_USERNAME;GRAPH_CACHE_AUTH_USERNAME
defaultValue: ""
type: string
description: The username to authenticate with the cache. Only applies when store
type 'nats-js-kv' is configured.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_CACHE_DISABLE_PERSISTENCE:
name: OCIS_CACHE_DISABLE_PERSISTENCE;GRAPH_CACHE_DISABLE_PERSISTENCE
defaultValue: "false"
type: bool
description: Disables persistence of the cache. Only applies when store type 'nats-js-kv'
is configured. Defaults to false.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_CACHE_SIZE:
name: OCIS_CACHE_SIZE;GRAPH_CACHE_SIZE
defaultValue: "0"
type: int
description: The maximum quantity of items in the store. Only applies when store
type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package
though not explicitly set as default.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_CACHE_STORE:
name: OCIS_CACHE_STORE;GRAPH_CACHE_STORE
defaultValue: memory
type: string
description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'',
''nats-js-kv'', ''noop''. See the text description for details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_CACHE_STORE_DATABASE:
name: GRAPH_CACHE_STORE_DATABASE
defaultValue: cache-roles
type: string
description: The database name the configured store should use.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_CACHE_STORE_NODES:
name: OCIS_CACHE_STORE_NODES;GRAPH_CACHE_STORE_NODES
defaultValue: '[127.0.0.1:9233]'
type: '[]string'
description: A list of nodes to access the configured store. This has no effect
when 'memory' store are configured. Note that the behaviour how nodes are used
is dependent on the library of the configured store. See the Environment Variable
Types description for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_CACHE_STORE_TABLE:
name: GRAPH_CACHE_STORE_TABLE
defaultValue: ""
type: string
description: The database table the store should use.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_CACHE_TTL:
name: OCIS_CACHE_TTL;GRAPH_CACHE_TTL
defaultValue: 336h0m0s
type: Duration
description: Time to live for cache records in the graph. Defaults to '336h' (2
weeks). See the Environment Variable Types description for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_CORS_ALLOW_CREDENTIALS:
name: OCIS_CORS_ALLOW_CREDENTIALS;GRAPH_CORS_ALLOW_CREDENTIALS
defaultValue: "true"
type: bool
description: 'Allow credentials for CORS.See following chapter for more details:
*Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_CORS_ALLOW_HEADERS:
name: OCIS_CORS_ALLOW_HEADERS;GRAPH_CORS_ALLOW_HEADERS
defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id
Purge Restore]'
type: '[]string'
description: 'A list of allowed CORS headers. See following chapter for more details:
*Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_CORS_ALLOW_METHODS:
name: OCIS_CORS_ALLOW_METHODS;GRAPH_CORS_ALLOW_METHODS
defaultValue: '[GET POST PUT PATCH DELETE OPTIONS]'
type: '[]string'
description: 'A list of allowed CORS methods. See following chapter for more details:
*Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_CORS_ALLOW_ORIGINS:
name: OCIS_CORS_ALLOW_ORIGINS;GRAPH_CORS_ALLOW_ORIGINS
defaultValue: '[*]'
type: '[]string'
description: 'A list of allowed CORS origins. See following chapter for more details:
*Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_DEBUG_ADDR:
name: GRAPH_DEBUG_ADDR
defaultValue: 127.0.0.1:9124
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_DEBUG_PPROF:
name: GRAPH_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_DEBUG_TOKEN:
name: GRAPH_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_DEBUG_ZPAGES:
name: GRAPH_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing in-memory
traces.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_DISABLE_USER_MECHANISM:
name: OCIS_LDAP_DISABLE_USER_MECHANISM;GRAPH_DISABLE_USER_MECHANISM
defaultValue: attribute
type: string
description: An option to control the behavior for disabling users. Supported options
are 'none', 'attribute' and 'group'. If set to 'group', disabling a user via API
will add the user to the configured group for disabled users, if set to 'attribute'
this will be done in the ldap user entry, if set to 'none' the disable request
is not processed. Default is 'attribute'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_DISABLED_USERS_GROUP_DN:
name: OCIS_LDAP_DISABLED_USERS_GROUP_DN;GRAPH_DISABLED_USERS_GROUP_DN
defaultValue: cn=DisabledUsersGroup,ou=groups,o=libregraph-idm
type: string
description: The distinguished name of the group to which added users will be classified
as disabled when 'disable_user_mechanism' is set to 'group'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_EVENTS_AUTH_PASSWORD:
name: OCIS_EVENTS_AUTH_PASSWORD;GRAPH_EVENTS_AUTH_PASSWORD
defaultValue: ""
type: string
description: The password to authenticate with the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_EVENTS_AUTH_USERNAME:
name: OCIS_EVENTS_AUTH_USERNAME;GRAPH_EVENTS_AUTH_USERNAME
defaultValue: ""
type: string
description: The username to authenticate with the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_EVENTS_CLUSTER:
name: OCIS_EVENTS_CLUSTER;GRAPH_EVENTS_CLUSTER
defaultValue: ocis-cluster
type: string
description: The clusterID of the event system. The event system is the message
queuing service. It is used as message broker for the microservice architecture.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_EVENTS_ENABLE_TLS:
name: OCIS_EVENTS_ENABLE_TLS;GRAPH_EVENTS_ENABLE_TLS
defaultValue: "false"
type: bool
description: Enable TLS for the connection to the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_EVENTS_ENDPOINT:
name: OCIS_EVENTS_ENDPOINT;GRAPH_EVENTS_ENDPOINT
defaultValue: 127.0.0.1:9233
type: string
description: The address of the event system. The event system is the message queuing
service. It is used as message broker for the microservice architecture. Set to
a empty string to disable emitting events.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_EVENTS_TLS_INSECURE:
name: OCIS_INSECURE;GRAPH_EVENTS_TLS_INSECURE
defaultValue: "false"
type: bool
description: Whether to verify the server TLS certificates.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_EVENTS_TLS_ROOT_CA_CERTIFICATE:
name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;GRAPH_EVENTS_TLS_ROOT_CA_CERTIFICATE
defaultValue: ""
type: string
description: The root CA certificate used to validate the server's TLS certificate.
If provided GRAPH_EVENTS_TLS_INSECURE will be seen as false.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_GROUP_MEMBERS_PATCH_LIMIT:
name: GRAPH_GROUP_MEMBERS_PATCH_LIMIT
defaultValue: "20"
type: int
description: The amount of group members allowed to be added with a single patch
request.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_HTTP_ADDR:
name: GRAPH_HTTP_ADDR
defaultValue: 127.0.0.1:9120
type: string
description: The bind address of the HTTP service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_HTTP_API_TOKEN:
name: GRAPH_HTTP_API_TOKEN
defaultValue: ""
type: string
description: An optional API bearer token
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_HTTP_ROOT:
name: GRAPH_HTTP_ROOT
defaultValue: /graph
type: string
description: Subdirectory that serves as the root for this HTTP service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_IDENTITY_BACKEND:
name: GRAPH_IDENTITY_BACKEND
defaultValue: ldap
type: string
description: The user identity backend to use. Supported backend types are 'ldap'
and 'cs3'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_IDENTITY_SEARCH_MIN_LENGTH:
name: GRAPH_IDENTITY_SEARCH_MIN_LENGTH
defaultValue: "3"
type: int
description: The minimum length the search term needs to have for unprivileged users
when searching for users or groups.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_INCLUDE_OCM_SHAREES:
name: OCIS_ENABLE_OCM;GRAPH_INCLUDE_OCM_SHAREES
defaultValue: "false"
type: bool
description: Include OCM sharees when listing users.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_JWT_SECRET:
name: OCIS_JWT_SECRET;GRAPH_JWT_SECRET
defaultValue: ""
type: string
description: The secret to mint and validate jwt tokens.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_KEYCLOAK_BASE_PATH:
name: OCIS_KEYCLOAK_BASE_PATH;GRAPH_KEYCLOAK_BASE_PATH
defaultValue: ""
type: string
description: The URL to access keycloak.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_KEYCLOAK_CLIENT_ID:
name: OCIS_KEYCLOAK_CLIENT_ID;GRAPH_KEYCLOAK_CLIENT_ID
defaultValue: ""
type: string
description: The client id to authenticate with keycloak.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_KEYCLOAK_CLIENT_REALM:
name: OCIS_KEYCLOAK_CLIENT_REALM;GRAPH_KEYCLOAK_CLIENT_REALM
defaultValue: ""
type: string
description: The realm the client is defined in.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_KEYCLOAK_CLIENT_SECRET:
name: OCIS_KEYCLOAK_CLIENT_SECRET;GRAPH_KEYCLOAK_CLIENT_SECRET
defaultValue: ""
type: string
description: The client secret to use in authentication.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_KEYCLOAK_INSECURE_SKIP_VERIFY:
name: OCIS_KEYCLOAK_INSECURE_SKIP_VERIFY;GRAPH_KEYCLOAK_INSECURE_SKIP_VERIFY
defaultValue: "false"
type: bool
description: Disable TLS certificate validation for Keycloak connections. Do not
set this in production environments.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_KEYCLOAK_USER_REALM:
name: OCIS_KEYCLOAK_USER_REALM;GRAPH_KEYCLOAK_USER_REALM
defaultValue: ""
type: string
description: The realm users are defined.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LDAP_BIND_DN:
name: OCIS_LDAP_BIND_DN;GRAPH_LDAP_BIND_DN
defaultValue: uid=libregraph,ou=sysusers,o=libregraph-idm
type: string
description: LDAP DN to use for simple bind authentication with the target LDAP
server.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LDAP_BIND_PASSWORD:
name: OCIS_LDAP_BIND_PASSWORD;GRAPH_LDAP_BIND_PASSWORD
defaultValue: ""
type: string
description: Password to use for authenticating the 'bind_dn'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LDAP_CACERT:
name: OCIS_LDAP_CACERT;GRAPH_LDAP_CACERT
defaultValue: /var/lib/ocis/idm/ldap.crt
type: string
description: Path/File name for the root CA certificate (in PEM format) used to
validate TLS server certificates of the LDAP service. If not defined, the root
directory derives from $OCIS_BASE_DATA_PATH/idm.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LDAP_EDUCATION_RESOURCES_ENABLED:
name: GRAPH_LDAP_EDUCATION_RESOURCES_ENABLED
defaultValue: "false"
type: bool
description: Enable LDAP support for managing education related resources.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LDAP_GROUP_BASE_DN:
name: OCIS_LDAP_GROUP_BASE_DN;GRAPH_LDAP_GROUP_BASE_DN
defaultValue: ou=groups,o=libregraph-idm
type: string
description: Search base DN for looking up LDAP groups.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LDAP_GROUP_CREATE_BASE_DN:
name: GRAPH_LDAP_GROUP_CREATE_BASE_DN
defaultValue: ou=groups,o=libregraph-idm
type: string
description: Parent DN under which new groups are created. This DN needs to be subordinate
to the 'GRAPH_LDAP_GROUP_BASE_DN'. This setting is only relevant when 'GRAPH_LDAP_SERVER_WRITE_ENABLED'
is 'true'. It defaults to the value of 'GRAPH_LDAP_GROUP_BASE_DN'. All groups
outside of this subtree are treated as readonly groups and cannot be updated.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LDAP_GROUP_FILTER:
name: OCIS_LDAP_GROUP_FILTER;GRAPH_LDAP_GROUP_FILTER
defaultValue: ""
type: string
description: LDAP filter to add to the default filters for group searches.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LDAP_GROUP_ID_ATTRIBUTE:
name: OCIS_LDAP_GROUP_SCHEMA_ID;GRAPH_LDAP_GROUP_ID_ATTRIBUTE
defaultValue: owncloudUUID
type: string
description: LDAP Attribute to use as the unique id for groups. This should be a
stable globally unique ID like a UUID.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LDAP_GROUP_MEMBER_ATTRIBUTE:
name: OCIS_LDAP_GROUP_SCHEMA_MEMBER;GRAPH_LDAP_GROUP_MEMBER_ATTRIBUTE
defaultValue: member
type: string
description: LDAP Attribute that is used for group members.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LDAP_GROUP_NAME_ATTRIBUTE:
name: OCIS_LDAP_GROUP_SCHEMA_GROUPNAME;GRAPH_LDAP_GROUP_NAME_ATTRIBUTE
defaultValue: cn
type: string
description: LDAP Attribute to use for the name of groups.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LDAP_GROUP_OBJECTCLASS:
name: OCIS_LDAP_GROUP_OBJECTCLASS;GRAPH_LDAP_GROUP_OBJECTCLASS
defaultValue: groupOfNames
type: string
description: The object class to use for groups in the default group search filter
('groupOfNames').
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING:
name: OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;GRAPH_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING
defaultValue: "false"
type: bool
description: Set this to true if the defined 'ID' attribute for groups is of the
'OCTETSTRING' syntax. This is required when using the 'objectGUID' attribute of
Active Directory for the group ID's.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LDAP_GROUP_SEARCH_SCOPE:
name: OCIS_LDAP_GROUP_SCOPE;GRAPH_LDAP_GROUP_SEARCH_SCOPE
defaultValue: sub
type: string
description: LDAP search scope to use when looking up groups. Supported scopes are
'base', 'one' and 'sub'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LDAP_INSECURE:
name: OCIS_LDAP_INSECURE;GRAPH_LDAP_INSECURE
defaultValue: "false"
type: bool
description: Disable TLS certificate validation for the LDAP connections. Do not
set this in production environments.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LDAP_REFINT_ENABLED:
name: GRAPH_LDAP_REFINT_ENABLED
defaultValue: "false"
type: bool
description: Signals that the server has the refint plugin enabled, which makes
some actions not needed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LDAP_SCHOOL_BASE_DN:
name: GRAPH_LDAP_SCHOOL_BASE_DN
defaultValue: ""
type: string
description: Search base DN for looking up LDAP schools.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LDAP_SCHOOL_FILTER:
name: GRAPH_LDAP_SCHOOL_FILTER
defaultValue: ""
type: string
description: LDAP filter to add to the default filters for school searches.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LDAP_SCHOOL_ID_ATTRIBUTE:
name: GRAPH_LDAP_SCHOOL_ID_ATTRIBUTE
defaultValue: ""
type: string
description: LDAP Attribute to use as the unique id for schools. This should be
a stable globally unique ID like a UUID.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LDAP_SCHOOL_NAME_ATTRIBUTE:
name: GRAPH_LDAP_SCHOOL_NAME_ATTRIBUTE
defaultValue: ""
type: string
description: LDAP Attribute to use for the name of a school.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LDAP_SCHOOL_NUMBER_ATTRIBUTE:
name: GRAPH_LDAP_SCHOOL_NUMBER_ATTRIBUTE
defaultValue: ""
type: string
description: LDAP Attribute to use for the number of a school.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LDAP_SCHOOL_OBJECTCLASS:
name: GRAPH_LDAP_SCHOOL_OBJECTCLASS
defaultValue: ""
type: string
description: The object class to use for schools in the default school search filter.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LDAP_SCHOOL_SEARCH_SCOPE:
name: GRAPH_LDAP_SCHOOL_SEARCH_SCOPE
defaultValue: ""
type: string
description: LDAP search scope to use when looking up schools. Supported scopes
are 'base', 'one' and 'sub'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LDAP_SCHOOL_TERMINATION_MIN_GRACE_DAYS:
name: GRAPH_LDAP_SCHOOL_TERMINATION_MIN_GRACE_DAYS
defaultValue: "0"
type: int
description: When setting a 'terminationDate' for a school, require the date to
be at least this number of days in the future.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LDAP_SERVER_USE_PASSWORD_MODIFY_EXOP:
name: GRAPH_LDAP_SERVER_USE_PASSWORD_MODIFY_EXOP
defaultValue: "true"
type: bool
description: Use the 'Password Modify Extended Operation' for updating user passwords.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LDAP_SERVER_UUID:
name: GRAPH_LDAP_SERVER_UUID
defaultValue: "false"
type: bool
description: If set to true, rely on the LDAP Server to generate a unique ID for
users and groups, like when using 'entryUUID' as the user ID attribute.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LDAP_SERVER_WRITE_ENABLED:
name: OCIS_LDAP_SERVER_WRITE_ENABLED;GRAPH_LDAP_SERVER_WRITE_ENABLED
defaultValue: "true"
type: bool
description: Allow creating, modifying and deleting LDAP users via the GRAPH API.
This can only be set to 'true' when keeping default settings for the LDAP user
and group attribute types (the 'OCIS_LDAP_USER_SCHEMA_* and 'OCIS_LDAP_GROUP_SCHEMA_*
variables).
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LDAP_URI:
name: OCIS_LDAP_URI;GRAPH_LDAP_URI
defaultValue: ldaps://localhost:9235
type: string
description: URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://'
and 'ldap://'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LDAP_USER_BASE_DN:
name: OCIS_LDAP_USER_BASE_DN;GRAPH_LDAP_USER_BASE_DN
defaultValue: ou=users,o=libregraph-idm
type: string
description: Search base DN for looking up LDAP users.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE:
name: OCIS_LDAP_USER_SCHEMA_DISPLAYNAME;LDAP_USER_SCHEMA_DISPLAY_NAME;GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE
defaultValue: displayName
type: string
description: LDAP Attribute to use for the display name of users.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LDAP_USER_EMAIL_ATTRIBUTE:
name: OCIS_LDAP_USER_SCHEMA_MAIL;GRAPH_LDAP_USER_EMAIL_ATTRIBUTE
defaultValue: mail
type: string
description: LDAP Attribute to use for the email address of users.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LDAP_USER_FILTER:
name: OCIS_LDAP_USER_FILTER;GRAPH_LDAP_USER_FILTER
defaultValue: ""
type: string
description: LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LDAP_USER_NAME_ATTRIBUTE:
name: OCIS_LDAP_USER_SCHEMA_USERNAME;GRAPH_LDAP_USER_NAME_ATTRIBUTE
defaultValue: uid
type: string
description: LDAP Attribute to use for username of users.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LDAP_USER_OBJECTCLASS:
name: OCIS_LDAP_USER_OBJECTCLASS;GRAPH_LDAP_USER_OBJECTCLASS
defaultValue: inetOrgPerson
type: string
description: The object class to use for users in the default user search filter
('inetOrgPerson').
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING:
name: OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;GRAPH_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING
defaultValue: "false"
type: bool
description: Set this to true if the defined 'ID' attribute for users is of the
'OCTETSTRING' syntax. This is required when using the 'objectGUID' attribute of
Active Directory for the user ID's.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LDAP_USER_SCOPE:
name: OCIS_LDAP_USER_SCOPE;GRAPH_LDAP_USER_SCOPE
defaultValue: sub
type: string
description: LDAP search scope to use when looking up users. Supported scopes are
'base', 'one' and 'sub'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LDAP_USER_TYPE_ATTRIBUTE:
name: OCIS_LDAP_USER_SCHEMA_USER_TYPE;GRAPH_LDAP_USER_TYPE_ATTRIBUTE
defaultValue: ownCloudUserType
type: string
description: LDAP Attribute to distinguish between 'Member' and 'Guest' users. Default
is 'ownCloudUserType'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LDAP_USER_UID_ATTRIBUTE:
name: OCIS_LDAP_USER_SCHEMA_ID;GRAPH_LDAP_USER_UID_ATTRIBUTE
defaultValue: owncloudUUID
type: string
description: LDAP Attribute to use as the unique ID for users. This should be a
stable globally unique ID like a UUID.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LOG_COLOR:
name: OCIS_LOG_COLOR;GRAPH_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LOG_FILE:
name: OCIS_LOG_FILE;GRAPH_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LOG_LEVEL:
name: OCIS_LOG_LEVEL;GRAPH_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_LOG_PRETTY:
name: OCIS_LOG_PRETTY;GRAPH_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_SERVICE_ACCOUNT_ID:
name: OCIS_SERVICE_ACCOUNT_ID;GRAPH_SERVICE_ACCOUNT_ID
defaultValue: ""
type: string
description: The ID of the service account the service should use. See the 'auth-service'
service description for more details.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_SERVICE_ACCOUNT_SECRET:
name: OCIS_SERVICE_ACCOUNT_SECRET;GRAPH_SERVICE_ACCOUNT_SECRET
defaultValue: ""
type: string
description: The service account secret.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_SPACES_DEFAULT_QUOTA:
name: GRAPH_SPACES_DEFAULT_QUOTA
defaultValue: "1000000000"
type: string
description: The default quota in bytes.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_SPACES_EXTENDED_SPACE_PROPERTIES_CACHE_TTL:
name: GRAPH_SPACES_EXTENDED_SPACE_PROPERTIES_CACHE_TTL
defaultValue: "60000000000"
type: int
description: Max TTL in seconds for the spaces property cache.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_SPACES_GROUPS_CACHE_TTL:
name: GRAPH_SPACES_GROUPS_CACHE_TTL
defaultValue: "60000000000"
type: int
description: Max TTL in seconds for the spaces groups cache.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_SPACES_STORAGE_USERS_ADDRESS:
name: GRAPH_SPACES_STORAGE_USERS_ADDRESS
defaultValue: com.owncloud.api.storage-users
type: string
description: The address of the storage-users service.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_SPACES_USERS_CACHE_TTL:
name: GRAPH_SPACES_USERS_CACHE_TTL
defaultValue: "60000000000"
type: int
description: Max TTL in seconds for the spaces users cache.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_SPACES_WEBDAV_BASE:
name: OCIS_URL;GRAPH_SPACES_WEBDAV_BASE
defaultValue: https://localhost:9200
type: string
description: The public facing URL of WebDAV.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_SPACES_WEBDAV_PATH:
name: GRAPH_SPACES_WEBDAV_PATH
defaultValue: /dav/spaces/
type: string
description: The WebDAV sub-path for spaces.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;GRAPH_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;GRAPH_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;GRAPH_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_TRACING_TYPE:
name: OCIS_TRACING_TYPE;GRAPH_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_TRANSLATION_PATH:
name: OCIS_TRANSLATION_PATH;GRAPH_TRANSLATION_PATH
defaultValue: ""
type: string
description: (optional) Set this to a path with custom translations to overwrite
the builtin translations. Note that file and folder naming rules apply, see the
documentation for more details.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_USER_ENABLED_ATTRIBUTE:
name: OCIS_LDAP_USER_ENABLED_ATTRIBUTE;GRAPH_USER_ENABLED_ATTRIBUTE
defaultValue: ownCloudUserEnabled
type: string
description: LDAP Attribute to use as a flag telling if the user is enabled or disabled.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GRAPH_USERNAME_MATCH:
name: GRAPH_USERNAME_MATCH
defaultValue: default
type: string
description: Apply restrictions to usernames. Supported values are 'default' and
'none'. When set to 'default', user names must not start with a number and are
restricted to ASCII characters. When set to 'none', no restrictions are applied.
The default value is 'default'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_DEBUG_ADDR:
name: GROUPS_DEBUG_ADDR
defaultValue: 127.0.0.1:9161
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_DEBUG_PPROF:
name: GROUPS_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_DEBUG_TOKEN:
name: GROUPS_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_DEBUG_ZPAGES:
name: GROUPS_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing in-memory
traces.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_DRIVER:
name: GROUPS_DRIVER
defaultValue: ldap
type: string
description: The driver which should be used by the groups service. Supported values
are 'ldap' and 'owncloudsql'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_GRPC_ADDR:
name: GROUPS_GRPC_ADDR
defaultValue: 127.0.0.1:9160
type: string
description: The bind address of the GRPC service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_GRPC_PROTOCOL:
name: OCIS_GRPC_PROTOCOL;GROUPS_GRPC_PROTOCOL
defaultValue: tcp
type: string
description: The transport protocol of the GRPC service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_IDP_URL:
name: OCIS_URL;OCIS_OIDC_ISSUER;GROUPS_IDP_URL
defaultValue: https://localhost:9200
type: string
description: The identity provider value to set in the group IDs of the CS3 group
objects for groups returned by this group provider.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_JWT_SECRET:
name: OCIS_JWT_SECRET;GROUPS_JWT_SECRET
defaultValue: ""
type: string
description: The secret to mint and validate jwt tokens.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_LDAP_BIND_DN:
name: OCIS_LDAP_BIND_DN;GROUPS_LDAP_BIND_DN
defaultValue: uid=reva,ou=sysusers,o=libregraph-idm
type: string
description: LDAP DN to use for simple bind authentication with the target LDAP
server.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_LDAP_BIND_PASSWORD:
name: OCIS_LDAP_BIND_PASSWORD;GROUPS_LDAP_BIND_PASSWORD
defaultValue: ""
type: string
description: Password to use for authenticating the 'bind_dn'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_LDAP_CACERT:
name: OCIS_LDAP_CACERT;GROUPS_LDAP_CACERT
defaultValue: /var/lib/ocis/idm/ldap.crt
type: string
description: Path/File name for the root CA certificate (in PEM format) used to
validate TLS server certificates of the LDAP service. If not defined, the root
directory derives from $OCIS_BASE_DATA_PATH/idm.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_LDAP_GROUP_BASE_DN:
name: OCIS_LDAP_GROUP_BASE_DN;GROUPS_LDAP_GROUP_BASE_DN
defaultValue: ou=groups,o=libregraph-idm
type: string
description: Search base DN for looking up LDAP groups.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_LDAP_GROUP_FILTER:
name: OCIS_LDAP_GROUP_FILTER;GROUPS_LDAP_GROUP_FILTER
defaultValue: ""
type: string
description: LDAP filter to add to the default filters for group searches.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_LDAP_GROUP_OBJECTCLASS:
name: OCIS_LDAP_GROUP_OBJECTCLASS;GROUPS_LDAP_GROUP_OBJECTCLASS
defaultValue: groupOfNames
type: string
description: The object class to use for groups in the default group search filter
('groupOfNames').
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_LDAP_GROUP_SCHEMA_DISPLAYNAME:
name: OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME;GROUPS_LDAP_GROUP_SCHEMA_DISPLAYNAME
defaultValue: cn
type: string
description: LDAP Attribute to use for the displayname of groups (often the same
as groupname attribute).
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_LDAP_GROUP_SCHEMA_GROUPNAME:
name: OCIS_LDAP_GROUP_SCHEMA_GROUPNAME;GROUPS_LDAP_GROUP_SCHEMA_GROUPNAME
defaultValue: cn
type: string
description: LDAP Attribute to use for the name of groups.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_LDAP_GROUP_SCHEMA_ID:
name: OCIS_LDAP_GROUP_SCHEMA_ID;GROUPS_LDAP_GROUP_SCHEMA_ID
defaultValue: ownclouduuid
type: string
description: LDAP Attribute to use as the unique id for groups. This should be a
stable globally unique ID like a UUID.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING:
name: OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;GROUPS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING
defaultValue: "false"
type: bool
description: Set this to true if the defined 'id' attribute for groups is of the
'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute
of Active Directory for the group ID's.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_LDAP_GROUP_SCHEMA_MAIL:
name: OCIS_LDAP_GROUP_SCHEMA_MAIL;GROUPS_LDAP_GROUP_SCHEMA_MAIL
defaultValue: mail
type: string
description: LDAP Attribute to use for the email address of groups (can be empty).
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_LDAP_GROUP_SCHEMA_MEMBER:
name: OCIS_LDAP_GROUP_SCHEMA_MEMBER;GROUPS_LDAP_GROUP_SCHEMA_MEMBER
defaultValue: member
type: string
description: LDAP Attribute that is used for group members.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_LDAP_GROUP_SCOPE:
name: OCIS_LDAP_GROUP_SCOPE;GROUPS_LDAP_GROUP_SCOPE
defaultValue: sub
type: string
description: LDAP search scope to use when looking up groups. Supported scopes are
'base', 'one' and 'sub'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_LDAP_GROUP_SUBSTRING_FILTER_TYPE:
name: LDAP_GROUP_SUBSTRING_FILTER_TYPE;GROUPS_LDAP_GROUP_SUBSTRING_FILTER_TYPE
defaultValue: any
type: string
description: Type of substring search filter to use for substring searches for groups.
Supported values are 'initial', 'final' and 'any'. The value 'initial' is used
for doing prefix only searches, 'final' for doing suffix only searches or 'any'
for doing full substring searches
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_LDAP_INSECURE:
name: OCIS_LDAP_INSECURE;GROUPS_LDAP_INSECURE
defaultValue: "false"
type: bool
description: Disable TLS certificate validation for the LDAP connections. Do not
set this in production environments.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_LDAP_URI:
name: OCIS_LDAP_URI;GROUPS_LDAP_URI
defaultValue: ldaps://localhost:9235
type: string
description: URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://'
and 'ldap://'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_LDAP_USER_BASE_DN:
name: OCIS_LDAP_USER_BASE_DN;GROUPS_LDAP_USER_BASE_DN
defaultValue: ou=users,o=libregraph-idm
type: string
description: Search base DN for looking up LDAP users.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_LDAP_USER_FILTER:
name: OCIS_LDAP_USER_FILTER;GROUPS_LDAP_USER_FILTER
defaultValue: ""
type: string
description: LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_LDAP_USER_OBJECTCLASS:
name: OCIS_LDAP_USER_OBJECTCLASS;GROUPS_LDAP_USER_OBJECTCLASS
defaultValue: inetOrgPerson
type: string
description: The object class to use for users in the default user search filter
('inetOrgPerson').
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_LDAP_USER_SCHEMA_DISPLAYNAME:
name: OCIS_LDAP_USER_SCHEMA_DISPLAYNAME;GROUPS_LDAP_USER_SCHEMA_DISPLAYNAME
defaultValue: displayname
type: string
description: LDAP Attribute to use for the displayname of users.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_LDAP_USER_SCHEMA_ID:
name: OCIS_LDAP_USER_SCHEMA_ID;GROUPS_LDAP_USER_SCHEMA_ID
defaultValue: ownclouduuid
type: string
description: LDAP Attribute to use as the unique id for users. This should be a
stable globally unique id like a UUID.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING:
name: OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;GROUPS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING
defaultValue: "false"
type: bool
description: Set this to true if the defined 'ID' attribute for users is of the
'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute
of Active Directory for the user ID's.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_LDAP_USER_SCHEMA_MAIL:
name: OCIS_LDAP_USER_SCHEMA_MAIL;GROUPS_LDAP_USER_SCHEMA_MAIL
defaultValue: mail
type: string
description: LDAP Attribute to use for the email address of users.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_LDAP_USER_SCHEMA_USERNAME:
name: OCIS_LDAP_USER_SCHEMA_USERNAME;GROUPS_LDAP_USER_SCHEMA_USERNAME
defaultValue: uid
type: string
description: LDAP Attribute to use for username of users.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_LDAP_USER_SCOPE:
name: OCIS_LDAP_USER_SCOPE;GROUPS_LDAP_USER_SCOPE
defaultValue: sub
type: string
description: LDAP search scope to use when looking up users. Supported scopes are
'base', 'one' and 'sub'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_LOG_COLOR:
name: OCIS_LOG_COLOR;GROUPS_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_LOG_FILE:
name: OCIS_LOG_FILE;GROUPS_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_LOG_LEVEL:
name: OCIS_LOG_LEVEL;GROUPS_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_LOG_PRETTY:
name: OCIS_LOG_PRETTY;GROUPS_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_OWNCLOUDSQL_DB_HOST:
name: GROUPS_OWNCLOUDSQL_DB_HOST
defaultValue: mysql
type: string
description: Hostname of the database server.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_OWNCLOUDSQL_DB_NAME:
name: GROUPS_OWNCLOUDSQL_DB_NAME
defaultValue: owncloud
type: string
description: Name of the owncloud database.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_OWNCLOUDSQL_DB_PASSWORD:
name: GROUPS_OWNCLOUDSQL_DB_PASSWORD
defaultValue: ""
type: string
description: Password for the database user.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_OWNCLOUDSQL_DB_PORT:
name: GROUPS_OWNCLOUDSQL_DB_PORT
defaultValue: "3306"
type: int
description: Network port to use for the database connection.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_OWNCLOUDSQL_DB_USERNAME:
name: GROUPS_OWNCLOUDSQL_DB_USERNAME
defaultValue: owncloud
type: string
description: Database user to use for authenticating with the owncloud database.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_OWNCLOUDSQL_ENABLE_MEDIAL_SEARCH:
name: GROUPS_OWNCLOUDSQL_ENABLE_MEDIAL_SEARCH
defaultValue: "false"
type: bool
description: Allow 'medial search' when searching for users instead of just doing
a prefix search. This allows finding 'Alice' when searching for 'lic'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_OWNCLOUDSQL_IDP:
name: GROUPS_OWNCLOUDSQL_IDP
defaultValue: https://localhost:9200
type: string
description: The identity provider value to set in the userids of the CS3 user objects
for users returned by this user provider.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_OWNCLOUDSQL_JOIN_OWNCLOUD_UUID:
name: GROUPS_OWNCLOUDSQL_JOIN_OWNCLOUD_UUID
defaultValue: "false"
type: bool
description: Join the user properties table to read user IDs.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_OWNCLOUDSQL_JOIN_USERNAME:
name: GROUPS_OWNCLOUDSQL_JOIN_USERNAME
defaultValue: "false"
type: bool
description: Join the user properties table to read usernames.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_OWNCLOUDSQL_NOBODY:
name: GROUPS_OWNCLOUDSQL_NOBODY
defaultValue: "90"
type: int64
description: Fallback number if no numeric UID and GID properties are provided.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_SKIP_USER_GROUPS_IN_TOKEN:
name: GROUPS_SKIP_USER_GROUPS_IN_TOKEN
defaultValue: "false"
type: bool
description: Disables the loading of user's group memberships from the reva access
token.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;GROUPS_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;GROUPS_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;GROUPS_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
GROUPS_TRACING_TYPE:
name: OCIS_TRACING_TYPE;GROUPS_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDM_ADMIN_PASSWORD:
name: IDM_ADMIN_PASSWORD
defaultValue: ""
type: string
description: Password to set for the oCIS 'admin' user. Either cleartext or an argon2id
hash.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDM_ADMIN_USER_ID:
name: OCIS_ADMIN_USER_ID;IDM_ADMIN_USER_ID
defaultValue: ""
type: string
description: ID of the user that should receive admin privileges. Consider that
the UUID can be encoded in some LDAP deployment configurations like in .ldif files.
These need to be decoded beforehand.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDM_CREATE_DEMO_USERS:
name: SETTINGS_SETUP_DEFAULT_ASSIGNMENTS;IDM_CREATE_DEMO_USERS
defaultValue: "false"
type: bool
description: The default role assignments the demo users should be setup.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDM_DATABASE_PATH:
name: IDM_DATABASE_PATH
defaultValue: /var/lib/ocis/idm/ocis.boltdb
type: string
description: Full path to the IDM backend database. If not defined, the root directory
derives from $OCIS_BASE_DATA_PATH/idm.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDM_DEBUG_ADDR:
name: IDM_DEBUG_ADDR
defaultValue: 127.0.0.1:9239
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDM_DEBUG_PPROF:
name: IDM_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDM_DEBUG_TOKEN:
name: IDM_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDM_DEBUG_ZPAGES:
name: IDM_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing in-memory
traces.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDM_IDPSVC_PASSWORD:
name: IDM_IDPSVC_PASSWORD
defaultValue: ""
type: string
description: Password to set for the 'idp' service user. Either cleartext or an
argon2id hash.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDM_LDAPS_ADDR:
name: IDM_LDAPS_ADDR
defaultValue: 127.0.0.1:9235
type: string
description: Listen address for the LDAPS listener (ip-addr:port).
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDM_LDAPS_CERT:
name: IDM_LDAPS_CERT
defaultValue: /var/lib/ocis/idm/ldap.crt
type: string
description: File name of the TLS server certificate for the LDAPS listener. If
not defined, the root directory derives from $OCIS_BASE_DATA_PATH/idm.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDM_LDAPS_KEY:
name: IDM_LDAPS_KEY
defaultValue: /var/lib/ocis/idm/ldap.key
type: string
description: File name for the TLS certificate key for the server certificate. If
not defined, the root directory derives from $OCIS_BASE_DATA_PATH/idm.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDM_LOG_COLOR:
name: OCIS_LOG_COLOR;IDM_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDM_LOG_FILE:
name: OCIS_LOG_FILE;IDM_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDM_LOG_LEVEL:
name: OCIS_LOG_LEVEL;IDM_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDM_LOG_PRETTY:
name: OCIS_LOG_PRETTY;IDM_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDM_REVASVC_PASSWORD:
name: IDM_REVASVC_PASSWORD
defaultValue: ""
type: string
description: Password to set for the 'reva' service user. Either cleartext or an
argon2id hash.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDM_SVC_PASSWORD:
name: IDM_SVC_PASSWORD
defaultValue: ""
type: string
description: Password to set for the 'idm' service user. Either cleartext or an
argon2id hash.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDM_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;IDM_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDM_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;IDM_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDM_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;IDM_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDM_TRACING_TYPE:
name: OCIS_TRACING_TYPE;IDM_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_ACCESS_TOKEN_EXPIRATION:
name: IDP_ACCESS_TOKEN_EXPIRATION
defaultValue: "300"
type: uint64
description: '''Access token lifespan in seconds (time before an access token is
expired).'''
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_ALLOW_CLIENT_GUESTS:
name: IDP_ALLOW_CLIENT_GUESTS
defaultValue: "false"
type: bool
description: Allow guest clients to access oCIS.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_ALLOW_DYNAMIC_CLIENT_REGISTRATION:
name: IDP_ALLOW_DYNAMIC_CLIENT_REGISTRATION
defaultValue: "false"
type: bool
description: Allow dynamic client registration.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_ASSET_PATH:
name: IDP_ASSET_PATH
defaultValue: ""
type: string
description: Serve IDP assets from a path on the filesystem instead of the builtin
assets.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_DEBUG_ADDR:
name: IDP_DEBUG_ADDR
defaultValue: 127.0.0.1:9134
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_DEBUG_PPROF:
name: IDP_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_DEBUG_TOKEN:
name: IDP_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_DEBUG_ZPAGES:
name: IDP_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing in-memory
traces.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_DYNAMIC_CLIENT_SECRET_DURATION:
name: IDP_DYNAMIC_CLIENT_SECRET_DURATION
defaultValue: "0"
type: uint64
description: Lifespan in seconds of a dynamically registered OIDC client.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_ENCRYPTION_SECRET_FILE:
name: IDP_ENCRYPTION_SECRET_FILE
defaultValue: /var/lib/ocis/idp/encryption.key
type: string
description: Path to the encryption secret file, if unset, a new certificate will
be autogenerated upon each restart, thus invalidating all existing sessions. If
not defined, the root directory derives from $OCIS_BASE_DATA_PATH/idp.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_ENDPOINT_URI:
name: IDP_ENDPOINT_URI
defaultValue: ""
type: string
description: URL of the IDP endpoint.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_HTTP_ADDR:
name: IDP_HTTP_ADDR
defaultValue: 127.0.0.1:9130
type: string
description: The bind address of the HTTP service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_HTTP_ROOT:
name: IDP_HTTP_ROOT
defaultValue: /
type: string
description: Subdirectory that serves as the root for this HTTP service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_ID_TOKEN_EXPIRATION:
name: IDP_ID_TOKEN_EXPIRATION
defaultValue: "300"
type: uint64
description: ID token lifespan in seconds (time before an ID token is expired).
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_IDENTITY_MANAGER:
name: IDP_IDENTITY_MANAGER
defaultValue: ldap
type: string
description: The identity manager implementation to use. Supported identity managers
are 'ldap', 'cs3', 'libregraph' and 'guest'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_INSECURE:
name: OCIS_LDAP_INSECURE;IDP_INSECURE
defaultValue: "false"
type: bool
description: Disable TLS certificate validation for the LDAP connections. Do not
set this in production environments.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_ISS:
name: OCIS_URL;OCIS_OIDC_ISSUER;IDP_ISS
defaultValue: https://localhost:9200
type: string
description: The OIDC issuer URL to use.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_LDAP_BASE_DN:
name: OCIS_LDAP_USER_BASE_DN;IDP_LDAP_BASE_DN
defaultValue: ou=users,o=libregraph-idm
type: string
description: Search base DN for looking up LDAP users.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_LDAP_BIND_DN:
name: OCIS_LDAP_BIND_DN;IDP_LDAP_BIND_DN
defaultValue: uid=idp,ou=sysusers,o=libregraph-idm
type: string
description: LDAP DN to use for simple bind authentication with the target LDAP
server.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_LDAP_BIND_PASSWORD:
name: OCIS_LDAP_BIND_PASSWORD;IDP_LDAP_BIND_PASSWORD
defaultValue: ""
type: string
description: Password to use for authenticating the 'bind_dn'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_LDAP_EMAIL_ATTRIBUTE:
name: OCIS_LDAP_USER_SCHEMA_MAIL;IDP_LDAP_EMAIL_ATTRIBUTE
defaultValue: mail
type: string
description: LDAP User email attribute like 'mail'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_LDAP_FILTER:
name: OCIS_LDAP_USER_FILTER;IDP_LDAP_FILTER
defaultValue: ""
type: string
description: LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_LDAP_LOGIN_ATTRIBUTE:
name: IDP_LDAP_LOGIN_ATTRIBUTE
defaultValue: uid
type: string
description: LDAP User attribute to use for login like 'uid'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_LDAP_NAME_ATTRIBUTE:
name: OCIS_LDAP_USER_SCHEMA_USERNAME;IDP_LDAP_NAME_ATTRIBUTE
defaultValue: displayName
type: string
description: LDAP User name attribute like 'displayName'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_LDAP_OBJECTCLASS:
name: OCIS_LDAP_USER_OBJECTCLASS;IDP_LDAP_OBJECTCLASS
defaultValue: inetOrgPerson
type: string
description: LDAP User ObjectClass like 'inetOrgPerson'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_LDAP_SCOPE:
name: OCIS_LDAP_USER_SCOPE;IDP_LDAP_SCOPE
defaultValue: sub
type: string
description: LDAP search scope to use when looking up users. Supported scopes are
'base', 'one' and 'sub'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_LDAP_TLS_CACERT:
name: OCIS_LDAP_CACERT;IDP_LDAP_TLS_CACERT
defaultValue: /var/lib/ocis/idm/ldap.crt
type: string
description: Path/File name for the root CA certificate (in PEM format) used to
validate TLS server certificates of the LDAP service. If not defined, the root
directory derives from $OCIS_BASE_DATA_PATH/idp.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_LDAP_URI:
name: OCIS_LDAP_URI;IDP_LDAP_URI
defaultValue: ldaps://localhost:9235
type: string
description: Url of the LDAP service to use as IDP.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_LDAP_UUID_ATTRIBUTE:
name: OCIS_LDAP_USER_SCHEMA_ID;IDP_LDAP_UUID_ATTRIBUTE
defaultValue: ownCloudUUID
type: string
description: LDAP User UUID attribute like 'uid'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_LDAP_UUID_ATTRIBUTE_TYPE:
name: IDP_LDAP_UUID_ATTRIBUTE_TYPE
defaultValue: text
type: string
description: LDAP User uuid attribute type like 'text'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_LOG_COLOR:
name: OCIS_LOG_COLOR;IDP_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_LOG_FILE:
name: OCIS_LOG_FILE;IDP_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_LOG_LEVEL:
name: OCIS_LOG_LEVEL;IDP_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_LOG_PRETTY:
name: OCIS_LOG_PRETTY;IDP_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_LOGIN_BACKGROUND_URL:
name: IDP_LOGIN_BACKGROUND_URL
defaultValue: ""
type: string
description: Configure an alternative URL to the background image for the login
page.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_MACHINE_AUTH_API_KEY:
name: OCIS_MACHINE_AUTH_API_KEY;IDP_MACHINE_AUTH_API_KEY
defaultValue: ""
type: string
description: Machine auth API key used to validate internal requests necessary for
the access to resources from other services.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_PASSWORD_RESET_URI:
name: IDP_PASSWORD_RESET_URI
defaultValue: ""
type: string
description: The URI where a user can reset their password.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_REFRESH_TOKEN_EXPIRATION:
name: IDP_REFRESH_TOKEN_EXPIRATION
defaultValue: "2592000"
type: uint64
description: Refresh token lifespan in seconds (time before an refresh token is
expired). This also limits the duration of an idle offline session.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_SIGN_IN_URI:
name: IDP_SIGN_IN_URI
defaultValue: ""
type: string
description: IDP sign-in url.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_SIGN_OUT_URI:
name: IDP_SIGN_OUT_URI
defaultValue: ""
type: string
description: IDP sign-out url.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_SIGNING_KID:
name: IDP_SIGNING_KID
defaultValue: private-key
type: string
description: Value of the KID (Key ID) field which is used in created tokens to
uniquely identify the signing-private-key.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_SIGNING_METHOD:
name: IDP_SIGNING_METHOD
defaultValue: PS256
type: string
description: Signing method of IDP requests like 'PS256'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_SIGNING_PRIVATE_KEY_FILES:
name: IDP_SIGNING_PRIVATE_KEY_FILES
defaultValue: '[/var/lib/ocis/idp/private-key.pem]'
type: '[]string'
description: A list of private key files for signing IDP requests. If not defined,
the root directory derives from $OCIS_BASE_DATA_PATH/idp. See the Environment
Variable Types description for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_TLS:
name: IDP_TLS
defaultValue: "false"
type: bool
description: Disable or Enable HTTPS for the communication between the Proxy service
and the IDP service. If set to 'true', the key and cert files need to be configured
and present.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;IDP_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;IDP_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;IDP_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_TRACING_TYPE:
name: OCIS_TRACING_TYPE;IDP_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_TRANSPORT_TLS_CERT:
name: IDP_TRANSPORT_TLS_CERT
defaultValue: /var/lib/ocis/idp/server.crt
type: string
description: Path/File name of the TLS server certificate (in PEM format) for the
IDP service. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/idp.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_TRANSPORT_TLS_KEY:
name: IDP_TRANSPORT_TLS_KEY
defaultValue: /var/lib/ocis/idp/server.key
type: string
description: Path/File name for the TLS certificate key (in PEM format) for the
server certificate to use for the IDP service. If not defined, the root directory
derives from $OCIS_BASE_DATA_PATH/idp.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_URI_BASE_PATH:
name: IDP_URI_BASE_PATH
defaultValue: ""
type: string
description: IDP uri base path (defaults to '').
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_USER_ENABLED_ATTRIBUTE:
name: OCIS_LDAP_USER_ENABLED_ATTRIBUTE;IDP_USER_ENABLED_ATTRIBUTE
defaultValue: ownCloudUserEnabled
type: string
description: LDAP Attribute to use as a flag telling if the user is enabled or disabled.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
IDP_VALIDATION_KEYS_PATH:
name: IDP_VALIDATION_KEYS_PATH
defaultValue: ""
type: string
description: Path to validation keys for IDP requests.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
INVITATIONS_CORS_ALLOW_CREDENTIALS:
name: OCIS_CORS_ALLOW_CREDENTIALS;INVITATIONS_CORS_ALLOW_CREDENTIALS
defaultValue: "false"
type: bool
description: 'Allow credentials for CORS.See following chapter for more details:
*Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
INVITATIONS_CORS_ALLOW_HEADERS:
name: OCIS_CORS_ALLOW_HEADERS;INVITATIONS_CORS_ALLOW_HEADERS
defaultValue: '[]'
type: '[]string'
description: 'A list of allowed CORS headers. See following chapter for more details:
*Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
INVITATIONS_CORS_ALLOW_METHODS:
name: OCIS_CORS_ALLOW_METHODS;INVITATIONS_CORS_ALLOW_METHODS
defaultValue: '[]'
type: '[]string'
description: 'A list of allowed CORS methods. See following chapter for more details:
*Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
INVITATIONS_CORS_ALLOW_ORIGINS:
name: OCIS_CORS_ALLOW_ORIGINS;INVITATIONS_CORS_ALLOW_ORIGINS
defaultValue: '[https://localhost:9200]'
type: '[]string'
description: 'A list of allowed CORS origins. See following chapter for more details:
*Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
INVITATIONS_DEBUG_ADDR:
name: INVITATIONS_DEBUG_ADDR
defaultValue: 127.0.0.1:9269
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
INVITATIONS_DEBUG_PPROF:
name: INVITATIONS_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
INVITATIONS_DEBUG_TOKEN:
name: INVITATIONS_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
INVITATIONS_DEBUG_ZPAGES:
name: INVITATIONS_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing in-memory
traces.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
INVITATIONS_HTTP_ADDR:
name: INVITATIONS_HTTP_ADDR
defaultValue: 127.0.0.1:9265
type: string
description: The bind address of the HTTP service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
INVITATIONS_HTTP_ROOT:
name: INVITATIONS_HTTP_ROOT
defaultValue: /graph/v1.0
type: string
description: Subdirectory that serves as the root for this HTTP service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
INVITATIONS_JWT_SECRET:
name: OCIS_JWT_SECRET;INVITATIONS_JWT_SECRET
defaultValue: ""
type: string
description: The secret to mint and validate jwt tokens.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
INVITATIONS_KEYCLOAK_BASE_PATH:
name: OCIS_KEYCLOAK_BASE_PATH;INVITATIONS_KEYCLOAK_BASE_PATH
defaultValue: ""
type: string
description: The URL to access keycloak.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
INVITATIONS_KEYCLOAK_CLIENT_ID:
name: OCIS_KEYCLOAK_CLIENT_ID;INVITATIONS_KEYCLOAK_CLIENT_ID
defaultValue: ""
type: string
description: The client ID to authenticate with keycloak.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
INVITATIONS_KEYCLOAK_CLIENT_REALM:
name: OCIS_KEYCLOAK_CLIENT_REALM;INVITATIONS_KEYCLOAK_CLIENT_REALM
defaultValue: ""
type: string
description: The realm the client is defined in.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
INVITATIONS_KEYCLOAK_CLIENT_SECRET:
name: OCIS_KEYCLOAK_CLIENT_SECRET;INVITATIONS_KEYCLOAK_CLIENT_SECRET
defaultValue: ""
type: string
description: The client secret to use in authentication.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
INVITATIONS_KEYCLOAK_INSECURE_SKIP_VERIFY:
name: OCIS_KEYCLOAK_INSECURE_SKIP_VERIFY;INVITATIONS_KEYCLOAK_INSECURE_SKIP_VERIFY
defaultValue: "false"
type: bool
description: Disable TLS certificate validation for Keycloak connections. Do not
set this in production environments.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
INVITATIONS_KEYCLOAK_USER_REALM:
name: OCIS_KEYCLOAK_USER_REALM;INVITATIONS_KEYCLOAK_USER_REALM
defaultValue: ""
type: string
description: The realm users are defined.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
INVITATIONS_LOG_COLOR:
name: OCIS_LOG_COLOR;INVITATIONS_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
INVITATIONS_LOG_FILE:
name: OCIS_LOG_FILE;INVITATIONS_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
INVITATIONS_LOG_LEVEL:
name: OCIS_LOG_LEVEL;INVITATIONS_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
INVITATIONS_LOG_PRETTY:
name: OCIS_LOG_PRETTY;INVITATIONS_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
INVITATIONS_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;INVITATIONS_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
INVITATIONS_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;INVITATIONS_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
INVITATIONS_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;INVITATIONS_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
INVITATIONS_TRACING_TYPE:
name: OCIS_TRACING_TYPE;INVITATIONS_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
LDAP_GROUP_SUBSTRING_FILTER_TYPE:
name: LDAP_GROUP_SUBSTRING_FILTER_TYPE;GROUPS_LDAP_GROUP_SUBSTRING_FILTER_TYPE
defaultValue: any
type: string
description: Type of substring search filter to use for substring searches for groups.
Supported values are 'initial', 'final' and 'any'. The value 'initial' is used
for doing prefix only searches, 'final' for doing suffix only searches or 'any'
for doing full substring searches
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
LDAP_LOGIN_ATTRIBUTES:
name: LDAP_LOGIN_ATTRIBUTES;AUTH_BASIC_LDAP_LOGIN_ATTRIBUTES
defaultValue: '[uid]'
type: '[]string'
description: A list of user object attributes that can be used for login. See the
Environment Variable Types description for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
LDAP_USER_SCHEMA_DISPLAY_NAME:
name: OCIS_LDAP_USER_SCHEMA_DISPLAYNAME;LDAP_USER_SCHEMA_DISPLAY_NAME;GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE
defaultValue: displayName
type: string
description: LDAP Attribute to use for the display name of users.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
LDAP_USER_SUBSTRING_FILTER_TYPE:
name: LDAP_USER_SUBSTRING_FILTER_TYPE;USERS_LDAP_USER_SUBSTRING_FILTER_TYPE
defaultValue: any
type: string
description: 'Type of substring search filter to use for substring searches for
users. Possible values: ''initial'' for doing prefix only searches, ''final''
for doing suffix only searches or ''any'' for doing full substring searches'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NATS_DEBUG_ADDR:
name: NATS_DEBUG_ADDR
defaultValue: 127.0.0.1:9234
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NATS_DEBUG_PPROF:
name: NATS_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NATS_DEBUG_TOKEN:
name: NATS_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NATS_DEBUG_ZPAGES:
name: NATS_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing in-memory
traces.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NATS_EVENTS_ENABLE_TLS:
name: OCIS_EVENTS_ENABLE_TLS;NATS_EVENTS_ENABLE_TLS
defaultValue: "false"
type: bool
description: Enable TLS for the connection to the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NATS_LOG_COLOR:
name: OCIS_LOG_COLOR;NATS_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NATS_LOG_FILE:
name: OCIS_LOG_FILE;NATS_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NATS_LOG_LEVEL:
name: OCIS_LOG_LEVEL;NATS_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NATS_LOG_PRETTY:
name: OCIS_LOG_PRETTY;NATS_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NATS_NATS_CLUSTER_ID:
name: NATS_NATS_CLUSTER_ID
defaultValue: ocis-cluster
type: string
description: ID of the NATS cluster.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NATS_NATS_HOST:
name: NATS_NATS_HOST
defaultValue: 127.0.0.1
type: string
description: Bind address.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NATS_NATS_PORT:
name: NATS_NATS_PORT
defaultValue: "9233"
type: int
description: Bind port.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NATS_NATS_STORE_DIR:
name: NATS_NATS_STORE_DIR
defaultValue: /var/lib/ocis/nats
type: string
description: The directory where the filesystem storage will store NATS JetStream
data. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/nats.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NATS_TLS_CERT:
name: NATS_TLS_CERT
defaultValue: /var/lib/ocis/nats/tls.crt
type: string
description: Path/File name of the TLS server certificate (in PEM format) for the
NATS listener. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/nats.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NATS_TLS_KEY:
name: NATS_TLS_KEY
defaultValue: /var/lib/ocis/nats/tls.key
type: string
description: Path/File name for the TLS certificate key (in PEM format) for the
NATS listener. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/nats.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NATS_TLS_SKIP_VERIFY_CLIENT_CERT:
name: OCIS_INSECURE;NATS_TLS_SKIP_VERIFY_CLIENT_CERT
defaultValue: "false"
type: bool
description: Whether the NATS server should skip the client certificate verification
during the TLS handshake.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NATS_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;NATS_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NATS_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;NATS_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NATS_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;NATS_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NATS_TRACING_TYPE:
name: OCIS_TRACING_TYPE;NATS_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NOTIFICATIONS_DEBUG_ADDR:
name: NOTIFICATIONS_DEBUG_ADDR
defaultValue: 127.0.0.1:9174
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NOTIFICATIONS_DEBUG_PPROF:
name: NOTIFICATIONS_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NOTIFICATIONS_DEBUG_TOKEN:
name: NOTIFICATIONS_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NOTIFICATIONS_DEBUG_ZPAGES:
name: NOTIFICATIONS_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing in-memory
traces.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NOTIFICATIONS_EMAIL_TEMPLATE_PATH:
name: OCIS_EMAIL_TEMPLATE_PATH;NOTIFICATIONS_EMAIL_TEMPLATE_PATH
defaultValue: ""
type: string
description: Path to Email notification templates overriding embedded ones.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NOTIFICATIONS_EVENTS_AUTH_PASSWORD:
name: OCIS_EVENTS_AUTH_PASSWORD;NOTIFICATIONS_EVENTS_AUTH_PASSWORD
defaultValue: ""
type: string
description: The password to authenticate with the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NOTIFICATIONS_EVENTS_AUTH_USERNAME:
name: OCIS_EVENTS_AUTH_USERNAME;NOTIFICATIONS_EVENTS_AUTH_USERNAME
defaultValue: ""
type: string
description: The username to authenticate with the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NOTIFICATIONS_EVENTS_CLUSTER:
name: OCIS_EVENTS_CLUSTER;NOTIFICATIONS_EVENTS_CLUSTER
defaultValue: ocis-cluster
type: string
description: The clusterID of the event system. The event system is the message
queuing service. It is used as message broker for the microservice architecture.
Mandatory when using NATS as event system.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NOTIFICATIONS_EVENTS_ENABLE_TLS:
name: OCIS_EVENTS_ENABLE_TLS;NOTIFICATIONS_EVENTS_ENABLE_TLS
defaultValue: "false"
type: bool
description: Enable TLS for the connection to the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NOTIFICATIONS_EVENTS_ENDPOINT:
name: OCIS_EVENTS_ENDPOINT;NOTIFICATIONS_EVENTS_ENDPOINT
defaultValue: 127.0.0.1:9233
type: string
description: The address of the event system. The event system is the message queuing
service. It is used as message broker for the microservice architecture.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NOTIFICATIONS_EVENTS_TLS_INSECURE:
name: OCIS_INSECURE;NOTIFICATIONS_EVENTS_TLS_INSECURE
defaultValue: "false"
type: bool
description: Whether to verify the server TLS certificates.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NOTIFICATIONS_EVENTS_TLS_ROOT_CA_CERTIFICATE:
name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;NOTIFICATIONS_EVENTS_TLS_ROOT_CA_CERTIFICATE
defaultValue: ""
type: string
description: The root CA certificate used to validate the server's TLS certificate.
If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NOTIFICATIONS_LOG_COLOR:
name: OCIS_LOG_COLOR;NOTIFICATIONS_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NOTIFICATIONS_LOG_FILE:
name: OCIS_LOG_FILE;NOTIFICATIONS_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NOTIFICATIONS_LOG_LEVEL:
name: OCIS_LOG_LEVEL;NOTIFICATIONS_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NOTIFICATIONS_LOG_PRETTY:
name: OCIS_LOG_PRETTY;NOTIFICATIONS_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NOTIFICATIONS_SERVICE_ACCOUNT_ID:
name: OCIS_SERVICE_ACCOUNT_ID;NOTIFICATIONS_SERVICE_ACCOUNT_ID
defaultValue: ""
type: string
description: The ID of the service account the service should use. See the 'auth-service'
service description for more details.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NOTIFICATIONS_SERVICE_ACCOUNT_SECRET:
name: OCIS_SERVICE_ACCOUNT_SECRET;NOTIFICATIONS_SERVICE_ACCOUNT_SECRET
defaultValue: ""
type: string
description: The service account secret.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NOTIFICATIONS_SMTP_AUTHENTICATION:
name: NOTIFICATIONS_SMTP_AUTHENTICATION
defaultValue: ""
type: string
description: Authentication method for the SMTP communication. Possible values are
'login', 'plain', 'crammd5', 'none' or 'auto'. If set to 'auto' or unset, the
authentication method is automatically negotiated with the server.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NOTIFICATIONS_SMTP_ENCRYPTION:
name: NOTIFICATIONS_SMTP_ENCRYPTION
defaultValue: none
type: string
description: Encryption method for the SMTP communication. Possible values are 'starttls',
'ssltls' and 'none'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NOTIFICATIONS_SMTP_HOST:
name: NOTIFICATIONS_SMTP_HOST
defaultValue: ""
type: string
description: SMTP host to connect to.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NOTIFICATIONS_SMTP_INSECURE:
name: NOTIFICATIONS_SMTP_INSECURE
defaultValue: "false"
type: bool
description: Allow insecure connections to the SMTP server.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NOTIFICATIONS_SMTP_PASSWORD:
name: NOTIFICATIONS_SMTP_PASSWORD
defaultValue: ""
type: string
description: Password for the SMTP host to connect to.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NOTIFICATIONS_SMTP_PORT:
name: NOTIFICATIONS_SMTP_PORT
defaultValue: "0"
type: int
description: Port of the SMTP host to connect to.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NOTIFICATIONS_SMTP_SENDER:
name: NOTIFICATIONS_SMTP_SENDER
defaultValue: ""
type: string
description: Sender address of emails that will be sent (e.g. 'ownCloud <noreply@example.com>'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NOTIFICATIONS_SMTP_USERNAME:
name: NOTIFICATIONS_SMTP_USERNAME
defaultValue: ""
type: string
description: Username for the SMTP host to connect to.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NOTIFICATIONS_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;NOTIFICATIONS_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NOTIFICATIONS_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;NOTIFICATIONS_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NOTIFICATIONS_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;NOTIFICATIONS_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NOTIFICATIONS_TRACING_TYPE:
name: OCIS_TRACING_TYPE;NOTIFICATIONS_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NOTIFICATIONS_TRANSLATION_PATH:
name: OCIS_TRANSLATION_PATH;NOTIFICATIONS_TRANSLATION_PATH
defaultValue: ""
type: string
description: (optional) Set this to a path with custom translations to overwrite
the builtin translations. Note that file and folder naming rules apply, see the
documentation for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
NOTIFICATIONS_WEB_UI_URL:
name: OCIS_URL;NOTIFICATIONS_WEB_UI_URL
defaultValue: https://localhost:9200
type: string
description: The public facing URL of the oCIS Web UI, used e.g. when sending notification
eMails
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCDAV_ALLOW_PROPFIND_DEPTH_INFINITY:
name: OCDAV_ALLOW_PROPFIND_DEPTH_INFINITY
defaultValue: "false"
type: bool
description: Allow the use of depth infinity in PROPFINDS. When enabled, a propfind
will traverse through all subfolders. If many subfolders are expected, depth infinity
can cause heavy server load and/or delayed response times.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCDAV_CORS_ALLOW_CREDENTIALS:
name: OCIS_CORS_ALLOW_CREDENTIALS;OCDAV_CORS_ALLOW_CREDENTIALS
defaultValue: "false"
type: bool
description: 'Allow credentials for CORS.See following chapter for more details:
*Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCDAV_CORS_ALLOW_HEADERS:
name: OCIS_CORS_ALLOW_HEADERS;OCDAV_CORS_ALLOW_HEADERS
defaultValue: '[Origin Accept Content-Type Depth Authorization Ocs-Apirequest If-None-Match
If-Match Destination Overwrite X-Request-Id X-Requested-With Tus-Resumable Tus-Checksum-Algorithm
Upload-Concat Upload-Length Upload-Metadata Upload-Defer-Length Upload-Expires
Upload-Checksum Upload-Offset X-HTTP-Method-Override Cache-Control]'
type: '[]string'
description: 'A list of allowed CORS headers. See following chapter for more details:
*Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCDAV_CORS_ALLOW_METHODS:
name: OCIS_CORS_ALLOW_METHODS;OCDAV_CORS_ALLOW_METHODS
defaultValue: '[OPTIONS HEAD GET PUT POST DELETE MKCOL PROPFIND PROPPATCH MOVE COPY
REPORT SEARCH]'
type: '[]string'
description: 'A list of allowed CORS methods. See following chapter for more details:
*Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCDAV_CORS_ALLOW_ORIGINS:
name: OCIS_CORS_ALLOW_ORIGINS;OCDAV_CORS_ALLOW_ORIGINS
defaultValue: '[https://localhost:9200]'
type: '[]string'
description: 'A list of allowed CORS origins. See following chapter for more details:
*Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCDAV_DEBUG_ADDR:
name: OCDAV_DEBUG_ADDR
defaultValue: 127.0.0.1:9163
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCDAV_DEBUG_PPROF:
name: OCDAV_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCDAV_DEBUG_TOKEN:
name: OCDAV_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCDAV_DEBUG_ZPAGES:
name: OCDAV_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing in-memory
traces.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCDAV_EDITION:
name: OCIS_EDITION;OCDAV_EDITION
defaultValue: Community
type: string
description: Edition of oCIS. Used for branding purposes.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCDAV_FILES_NAMESPACE:
name: OCDAV_FILES_NAMESPACE
defaultValue: /users/{{.Id.OpaqueId}}
type: string
description: Jail requests to /dav/files/{username} into this CS3 namespace. Supports
template layouting with CS3 User properties.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCDAV_GATEWAY_REQUEST_TIMEOUT:
name: OCDAV_GATEWAY_REQUEST_TIMEOUT
defaultValue: "84300"
type: int64
description: Request timeout in seconds for requests from the oCDAV service to the
GATEWAY service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCDAV_HTTP_ADDR:
name: OCDAV_HTTP_ADDR
defaultValue: 127.0.0.1:9350
type: string
description: The bind address of the HTTP service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCDAV_HTTP_PREFIX:
name: OCDAV_HTTP_PREFIX
defaultValue: ""
type: string
description: A URL path prefix for the handler.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCDAV_HTTP_PROTOCOL:
name: OCDAV_HTTP_PROTOCOL
defaultValue: tcp
type: string
description: The transport protocol of the HTTP service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCDAV_INSECURE:
name: OCIS_INSECURE;OCDAV_INSECURE
defaultValue: "false"
type: bool
description: Allow insecure connections to the GATEWAY service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCDAV_JWT_SECRET:
name: OCIS_JWT_SECRET;OCDAV_JWT_SECRET
defaultValue: ""
type: string
description: The secret to mint and validate jwt tokens.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCDAV_LOG_COLOR:
name: OCIS_LOG_COLOR;OCDAV_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCDAV_LOG_FILE:
name: OCIS_LOG_FILE;OCDAV_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCDAV_LOG_LEVEL:
name: OCIS_LOG_LEVEL;OCDAV_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCDAV_LOG_PRETTY:
name: OCIS_LOG_PRETTY;OCDAV_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCDAV_MACHINE_AUTH_API_KEY:
name: OCIS_MACHINE_AUTH_API_KEY;OCDAV_MACHINE_AUTH_API_KEY
defaultValue: ""
type: string
description: Machine auth API key used to validate internal requests necessary for
the access to resources from other services.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCDAV_OCM_NAMESPACE:
name: OCDAV_OCM_NAMESPACE
defaultValue: /public
type: string
description: The human readable path prefix for the ocm shares.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCDAV_PUBLIC_URL:
name: OCIS_URL;OCDAV_PUBLIC_URL
defaultValue: https://localhost:9200
type: string
description: URL where oCIS is reachable for users.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCDAV_SHARES_NAMESPACE:
name: OCDAV_SHARES_NAMESPACE
defaultValue: /Shares
type: string
description: The human readable path for the share jail. Relative to a users personal
space root. Upcased intentionally.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCDAV_SKIP_USER_GROUPS_IN_TOKEN:
name: OCDAV_SKIP_USER_GROUPS_IN_TOKEN
defaultValue: "false"
type: bool
description: Disables the loading of user's group memberships from the reva access
token.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCDAV_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;OCDAV_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCDAV_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;OCDAV_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCDAV_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;OCDAV_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCDAV_TRACING_TYPE:
name: OCIS_TRACING_TYPE;OCDAV_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCDAV_WEBDAV_NAMESPACE:
name: OCDAV_WEBDAV_NAMESPACE
defaultValue: /users/{{.Id.OpaqueId}}
type: string
description: Jail requests to /dav/webdav into this CS3 namespace. Supports template
layouting with CS3 User properties.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_ADMIN_USER_ID:
name: OCIS_ADMIN_USER_ID;SETTINGS_ADMIN_USER_ID
defaultValue: ""
type: string
description: ID of the user that should receive admin privileges. Consider that
the UUID can be encoded in some LDAP deployment configurations like in .ldif files.
These need to be decoded beforehand.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_ASSET_THEMES_PATH:
name: OCIS_ASSET_THEMES_PATH;WEB_ASSET_THEMES_PATH
defaultValue: /var/lib/ocis/web/assets/themes
type: string
description: Serve ownCloud themes from a path on the filesystem instead of the
builtin assets. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/web/assets/themes
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_ASYNC_UPLOADS:
name: OCIS_ASYNC_UPLOADS;SEARCH_EVENTS_ASYNC_UPLOADS
defaultValue: "true"
type: bool
description: Enable asynchronous file uploads.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_CACHE_AUTH_PASSWORD:
name: OCIS_CACHE_AUTH_PASSWORD;GRAPH_CACHE_AUTH_PASSWORD
defaultValue: ""
type: string
description: The password to authenticate with the cache. Only applies when store
type 'nats-js-kv' is configured.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_CACHE_AUTH_USERNAME:
name: OCIS_CACHE_AUTH_USERNAME;GRAPH_CACHE_AUTH_USERNAME
defaultValue: ""
type: string
description: The username to authenticate with the cache. Only applies when store
type 'nats-js-kv' is configured.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_CACHE_DATABASE:
name: OCIS_CACHE_DATABASE
defaultValue: cache-userinfo
type: string
description: The database name the configured store should use.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_CACHE_DISABLE_PERSISTENCE:
name: OCIS_CACHE_DISABLE_PERSISTENCE;GRAPH_CACHE_DISABLE_PERSISTENCE
defaultValue: "false"
type: bool
description: Disables persistence of the cache. Only applies when store type 'nats-js-kv'
is configured. Defaults to false.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_CACHE_SIZE:
name: OCIS_CACHE_SIZE;GATEWAY_CREATE_HOME_CACHE_SIZE
defaultValue: "0"
type: int
description: The maximum quantity of items in the cache. Only applies when store
type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package
though not explicitly set as default.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_CACHE_STORE:
name: OCIS_CACHE_STORE;GRAPH_CACHE_STORE
defaultValue: memory
type: string
description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'',
''nats-js-kv'', ''noop''. See the text description for details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_CACHE_STORE_NODES:
name: OCIS_CACHE_STORE_NODES;GRAPH_CACHE_STORE_NODES
defaultValue: '[127.0.0.1:9233]'
type: '[]string'
description: A list of nodes to access the configured store. This has no effect
when 'memory' store are configured. Note that the behaviour how nodes are used
is dependent on the library of the configured store. See the Environment Variable
Types description for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_CACHE_TTL:
name: OCIS_CACHE_TTL;GRAPH_CACHE_TTL
defaultValue: 336h0m0s
type: Duration
description: Time to live for cache records in the graph. Defaults to '336h' (2
weeks). See the Environment Variable Types description for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_CORS_ALLOW_CREDENTIALS:
name: OCIS_CORS_ALLOW_CREDENTIALS;ACTIVITYLOG_CORS_ALLOW_CREDENTIALS
defaultValue: "true"
type: bool
description: 'Allow credentials for CORS.See following chapter for more details:
*Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_CORS_ALLOW_HEADERS:
name: OCIS_CORS_ALLOW_HEADERS;ACTIVITYLOG_CORS_ALLOW_HEADERS
defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id
Ocs-Apirequest]'
type: '[]string'
description: 'A list of allowed CORS headers. See following chapter for more details:
*Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_CORS_ALLOW_METHODS:
name: OCIS_CORS_ALLOW_METHODS;ACTIVITYLOG_CORS_ALLOW_METHODS
defaultValue: '[GET]'
type: '[]string'
description: 'A list of allowed CORS methods. See following chapter for more details:
*Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_CORS_ALLOW_ORIGINS:
name: OCIS_CORS_ALLOW_ORIGINS;ACTIVITYLOG_CORS_ALLOW_ORIGINS
defaultValue: '[*]'
type: '[]string'
description: 'A list of allowed CORS origins. See following chapter for more details:
*Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_CORS_EXPOSE_HEADERS:
name: OCIS_CORS_EXPOSE_HEADERS;STORAGE_USERS_CORS_EXPOSE_HEADERS
defaultValue: '[Upload-Offset Location Upload-Length Tus-Version Tus-Resumable Tus-Max-Size
Tus-Extension Upload-Metadata Upload-Defer-Length Upload-Concat Upload-Incomplete
Upload-Draft-Interop-Version]'
type: '[]string'
description: 'A list of exposed CORS headers. See following chapter for more details:
*Access-Control-Expose-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_CORS_MAX_AGE:
name: OCIS_CORS_MAX_AGE;STORAGE_USERS_CORS_MAX_AGE
defaultValue: "86400"
type: uint
description: 'The max cache duration of preflight headers. See following chapter
for more details: *Access-Control-Max-Age* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_DECOMPOSEDFS_METADATA_BACKEND:
name: OCIS_DECOMPOSEDFS_METADATA_BACKEND;STORAGE_SYSTEM_OCIS_METADATA_BACKEND
defaultValue: messagepack
type: string
description: The backend to use for storing metadata. Supported values are 'messagepack'
and 'xattrs'. The setting 'messagepack' uses a dedicated file to store file metadata
while 'xattrs' uses extended attributes to store file metadata. Defaults to 'messagepack'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_DECOMPOSEDFS_PROPAGATOR:
name: OCIS_DECOMPOSEDFS_PROPAGATOR;STORAGE_USERS_S3NG_PROPAGATOR
defaultValue: sync
type: string
description: The propagator used for decomposedfs. At the moment, only 'sync' is
fully supported, 'async' is available as an experimental option.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_DEFAULT_LANGUAGE:
name: OCIS_DEFAULT_LANGUAGE
defaultValue: ""
type: string
description: The default language used by services and the WebUI. If not defined,
English will be used as default. See the documentation for more details.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_DISABLE_PREVIEWS:
name: OCIS_DISABLE_PREVIEWS;WEBDAV_DISABLE_PREVIEWS
defaultValue: "false"
type: bool
description: Set this option to 'true' to disable rendering of thumbnails triggered
via webdav access. Note that when disabled, all access to preview related webdav
paths will return a 404.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_DISABLE_SSE:
name: OCIS_DISABLE_SSE;FRONTEND_DISABLE_SSE
defaultValue: "false"
type: bool
description: When set to true, clients are informed that the Server-Sent Events
endpoint is not accessible.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_DISABLE_SSE,USERLOG_DISABLE_SSE:
name: OCIS_DISABLE_SSE,USERLOG_DISABLE_SSE
defaultValue: "false"
type: bool
description: Disables server-sent events (sse). When disabled, clients will no longer
receive sse notifications.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_DISABLE_VERSIONING:
name: OCIS_DISABLE_VERSIONING
defaultValue: "false"
type: bool
description: Disables versioning of files. When set to true, new uploads with the
same filename will overwrite existing files instead of creating a new version.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_EDITION:
name: OCIS_EDITION;OCDAV_EDITION
defaultValue: Community
type: string
description: Edition of oCIS. Used for branding purposes.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_EMAIL_TEMPLATE_PATH:
name: OCIS_EMAIL_TEMPLATE_PATH;NOTIFICATIONS_EMAIL_TEMPLATE_PATH
defaultValue: ""
type: string
description: Path to Email notification templates overriding embedded ones.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_ENABLE_OCM:
name: OCIS_ENABLE_OCM;GRAPH_INCLUDE_OCM_SHAREES
defaultValue: "false"
type: bool
description: Include OCM sharees when listing users.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_EVENTS_AUTH_PASSWORD:
name: OCIS_EVENTS_AUTH_PASSWORD
defaultValue: ""
type: string
description: The password to authenticate with the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_EVENTS_AUTH_USERNAME:
name: OCIS_EVENTS_AUTH_USERNAME
defaultValue: ""
type: string
description: The username to authenticate with the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_EVENTS_CLUSTER:
name: OCIS_EVENTS_CLUSTER
defaultValue: ocis-cluster
type: string
description: The clusterID of the event system. The event system is the message
queuing service. It is used as message broker for the microservice architecture.
Mandatory when using NATS as event system.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_EVENTS_ENABLE_TLS:
name: OCIS_EVENTS_ENABLE_TLS
defaultValue: "false"
type: bool
description: Enable TLS for the connection to the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_EVENTS_ENDPOINT:
name: OCIS_EVENTS_ENDPOINT
defaultValue: 127.0.0.1:9233
type: string
description: The address of the event system. The event system is the message queuing
service. It is used as message broker for the microservice architecture.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE:
name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE
defaultValue: ""
type: string
description: The root CA certificate used to validate the server's TLS certificate.
If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_GATEWAY_GRPC_ADDR:
name: OCIS_GATEWAY_GRPC_ADDR;GATEWAY_GRPC_ADDR
defaultValue: 127.0.0.1:9142
type: string
description: The bind address of the GRPC service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_GRPC_CLIENT_TLS_CACERT:
name: OCIS_GRPC_CLIENT_TLS_CACERT
defaultValue: ""
type: string
description: Path/File name for the root CA certificate (in PEM format) used to
validate TLS server certificates of the go-micro based grpc services.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_GRPC_CLIENT_TLS_MODE:
name: OCIS_GRPC_CLIENT_TLS_MODE
defaultValue: ""
type: string
description: 'TLS mode for grpc connection to the go-micro based grpc services.
Possible values are ''off'', ''insecure'' and ''on''. ''off'': disables transport
security for the clients. ''insecure'' allows using transport security, but disables
certificate verification (to be used with the autogenerated self-signed certificates).
''on'' enables transport security, including server certificate verification.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_GRPC_PROTOCOL:
name: OCIS_GRPC_PROTOCOL;APP_PROVIDER_GRPC_PROTOCOL
defaultValue: ""
type: string
description: The transport protocol of the GPRC service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_HTTP_TLS_CERTIFICATE:
name: OCIS_HTTP_TLS_CERTIFICATE
defaultValue: ""
type: string
description: Path/File name of the TLS server certificate (in PEM format) for the
http services.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_HTTP_TLS_ENABLED:
name: OCIS_HTTP_TLS_ENABLED
defaultValue: "false"
type: bool
description: Activates TLS for the http based services using the server certifcate
and key configured via OCIS_HTTP_TLS_CERTIFICATE and OCIS_HTTP_TLS_KEY. If OCIS_HTTP_TLS_CERTIFICATE
is not set a temporary server certificate is generated - to be used with PROXY_INSECURE_BACKEND=true.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_HTTP_TLS_KEY:
name: OCIS_HTTP_TLS_KEY
defaultValue: ""
type: string
description: Path/File name for the TLS certificate key (in PEM format) for the
server certificate to use for the http services.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_INSECURE:
name: OCIS_INSECURE
defaultValue: "false"
type: bool
description: Whether to verify the server TLS certificates.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_JWT_SECRET:
name: OCIS_JWT_SECRET;APP_PROVIDER_JWT_SECRET
defaultValue: ""
type: string
description: The secret to mint and validate jwt tokens.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_KEYCLOAK_BASE_PATH:
name: OCIS_KEYCLOAK_BASE_PATH;GRAPH_KEYCLOAK_BASE_PATH
defaultValue: ""
type: string
description: The URL to access keycloak.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_KEYCLOAK_CLIENT_ID:
name: OCIS_KEYCLOAK_CLIENT_ID;GRAPH_KEYCLOAK_CLIENT_ID
defaultValue: ""
type: string
description: The client id to authenticate with keycloak.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_KEYCLOAK_CLIENT_REALM:
name: OCIS_KEYCLOAK_CLIENT_REALM;GRAPH_KEYCLOAK_CLIENT_REALM
defaultValue: ""
type: string
description: The realm the client is defined in.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_KEYCLOAK_CLIENT_SECRET:
name: OCIS_KEYCLOAK_CLIENT_SECRET;GRAPH_KEYCLOAK_CLIENT_SECRET
defaultValue: ""
type: string
description: The client secret to use in authentication.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_KEYCLOAK_INSECURE_SKIP_VERIFY:
name: OCIS_KEYCLOAK_INSECURE_SKIP_VERIFY;GRAPH_KEYCLOAK_INSECURE_SKIP_VERIFY
defaultValue: "false"
type: bool
description: Disable TLS certificate validation for Keycloak connections. Do not
set this in production environments.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_KEYCLOAK_USER_REALM:
name: OCIS_KEYCLOAK_USER_REALM;GRAPH_KEYCLOAK_USER_REALM
defaultValue: ""
type: string
description: The realm users are defined.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_LDAP_BIND_DN:
name: OCIS_LDAP_BIND_DN;GRAPH_LDAP_BIND_DN
defaultValue: uid=libregraph,ou=sysusers,o=libregraph-idm
type: string
description: LDAP DN to use for simple bind authentication with the target LDAP
server.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_LDAP_BIND_PASSWORD:
name: OCIS_LDAP_BIND_PASSWORD;GRAPH_LDAP_BIND_PASSWORD
defaultValue: ""
type: string
description: Password to use for authenticating the 'bind_dn'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_LDAP_CACERT:
name: OCIS_LDAP_CACERT;GRAPH_LDAP_CACERT
defaultValue: /var/lib/ocis/idm/ldap.crt
type: string
description: Path/File name for the root CA certificate (in PEM format) used to
validate TLS server certificates of the LDAP service. If not defined, the root
directory derives from $OCIS_BASE_DATA_PATH/idm.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_LDAP_DISABLE_USER_MECHANISM:
name: OCIS_LDAP_DISABLE_USER_MECHANISM;GRAPH_DISABLE_USER_MECHANISM
defaultValue: attribute
type: string
description: An option to control the behavior for disabling users. Supported options
are 'none', 'attribute' and 'group'. If set to 'group', disabling a user via API
will add the user to the configured group for disabled users, if set to 'attribute'
this will be done in the ldap user entry, if set to 'none' the disable request
is not processed. Default is 'attribute'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_LDAP_DISABLED_USERS_GROUP_DN:
name: OCIS_LDAP_DISABLED_USERS_GROUP_DN;GRAPH_DISABLED_USERS_GROUP_DN
defaultValue: cn=DisabledUsersGroup,ou=groups,o=libregraph-idm
type: string
description: The distinguished name of the group to which added users will be classified
as disabled when 'disable_user_mechanism' is set to 'group'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_LDAP_GROUP_BASE_DN:
name: OCIS_LDAP_GROUP_BASE_DN;GRAPH_LDAP_GROUP_BASE_DN
defaultValue: ou=groups,o=libregraph-idm
type: string
description: Search base DN for looking up LDAP groups.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_LDAP_GROUP_FILTER:
name: OCIS_LDAP_GROUP_FILTER;GRAPH_LDAP_GROUP_FILTER
defaultValue: ""
type: string
description: LDAP filter to add to the default filters for group searches.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_LDAP_GROUP_OBJECTCLASS:
name: OCIS_LDAP_GROUP_OBJECTCLASS;GRAPH_LDAP_GROUP_OBJECTCLASS
defaultValue: groupOfNames
type: string
description: The object class to use for groups in the default group search filter
('groupOfNames').
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME:
name: OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME;USERS_LDAP_GROUP_SCHEMA_DISPLAYNAME
defaultValue: cn
type: string
description: LDAP Attribute to use for the displayname of groups (often the same
as groupname attribute).
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_LDAP_GROUP_SCHEMA_GROUPNAME:
name: OCIS_LDAP_GROUP_SCHEMA_GROUPNAME;GRAPH_LDAP_GROUP_NAME_ATTRIBUTE
defaultValue: cn
type: string
description: LDAP Attribute to use for the name of groups.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_LDAP_GROUP_SCHEMA_ID:
name: OCIS_LDAP_GROUP_SCHEMA_ID;GRAPH_LDAP_GROUP_ID_ATTRIBUTE
defaultValue: owncloudUUID
type: string
description: LDAP Attribute to use as the unique id for groups. This should be a
stable globally unique ID like a UUID.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING:
name: OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;GRAPH_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING
defaultValue: "false"
type: bool
description: Set this to true if the defined 'ID' attribute for groups is of the
'OCTETSTRING' syntax. This is required when using the 'objectGUID' attribute of
Active Directory for the group ID's.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_LDAP_GROUP_SCHEMA_MAIL:
name: OCIS_LDAP_GROUP_SCHEMA_MAIL;USERS_LDAP_GROUP_SCHEMA_MAIL
defaultValue: mail
type: string
description: LDAP Attribute to use for the email address of groups (can be empty).
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_LDAP_GROUP_SCHEMA_MEMBER:
name: OCIS_LDAP_GROUP_SCHEMA_MEMBER;GRAPH_LDAP_GROUP_MEMBER_ATTRIBUTE
defaultValue: member
type: string
description: LDAP Attribute that is used for group members.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_LDAP_GROUP_SCOPE:
name: OCIS_LDAP_GROUP_SCOPE;GRAPH_LDAP_GROUP_SEARCH_SCOPE
defaultValue: sub
type: string
description: LDAP search scope to use when looking up groups. Supported scopes are
'base', 'one' and 'sub'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_LDAP_INSECURE:
name: OCIS_LDAP_INSECURE;GRAPH_LDAP_INSECURE
defaultValue: "false"
type: bool
description: Disable TLS certificate validation for the LDAP connections. Do not
set this in production environments.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_LDAP_SERVER_WRITE_ENABLED:
name: OCIS_LDAP_SERVER_WRITE_ENABLED;GRAPH_LDAP_SERVER_WRITE_ENABLED
defaultValue: "true"
type: bool
description: Allow creating, modifying and deleting LDAP users via the GRAPH API.
This can only be set to 'true' when keeping default settings for the LDAP user
and group attribute types (the 'OCIS_LDAP_USER_SCHEMA_* and 'OCIS_LDAP_GROUP_SCHEMA_*
variables).
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_LDAP_URI:
name: OCIS_LDAP_URI;GRAPH_LDAP_URI
defaultValue: ldaps://localhost:9235
type: string
description: URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://'
and 'ldap://'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_LDAP_USER_BASE_DN:
name: OCIS_LDAP_USER_BASE_DN;GRAPH_LDAP_USER_BASE_DN
defaultValue: ou=users,o=libregraph-idm
type: string
description: Search base DN for looking up LDAP users.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_LDAP_USER_ENABLED_ATTRIBUTE:
name: OCIS_LDAP_USER_ENABLED_ATTRIBUTE;GRAPH_USER_ENABLED_ATTRIBUTE
defaultValue: ownCloudUserEnabled
type: string
description: LDAP Attribute to use as a flag telling if the user is enabled or disabled.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_LDAP_USER_FILTER:
name: OCIS_LDAP_USER_FILTER;GRAPH_LDAP_USER_FILTER
defaultValue: ""
type: string
description: LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_LDAP_USER_OBJECTCLASS:
name: OCIS_LDAP_USER_OBJECTCLASS;GRAPH_LDAP_USER_OBJECTCLASS
defaultValue: inetOrgPerson
type: string
description: The object class to use for users in the default user search filter
('inetOrgPerson').
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_LDAP_USER_SCHEMA_DISPLAYNAME:
name: OCIS_LDAP_USER_SCHEMA_DISPLAYNAME;LDAP_USER_SCHEMA_DISPLAY_NAME;GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE
defaultValue: displayName
type: string
description: LDAP Attribute to use for the display name of users.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_LDAP_USER_SCHEMA_ID:
name: OCIS_LDAP_USER_SCHEMA_ID;GRAPH_LDAP_USER_UID_ATTRIBUTE
defaultValue: owncloudUUID
type: string
description: LDAP Attribute to use as the unique ID for users. This should be a
stable globally unique ID like a UUID.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING:
name: OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;GRAPH_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING
defaultValue: "false"
type: bool
description: Set this to true if the defined 'ID' attribute for users is of the
'OCTETSTRING' syntax. This is required when using the 'objectGUID' attribute of
Active Directory for the user ID's.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_LDAP_USER_SCHEMA_MAIL:
name: OCIS_LDAP_USER_SCHEMA_MAIL;GRAPH_LDAP_USER_EMAIL_ATTRIBUTE
defaultValue: mail
type: string
description: LDAP Attribute to use for the email address of users.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_LDAP_USER_SCHEMA_USER_TYPE:
name: OCIS_LDAP_USER_SCHEMA_USER_TYPE;GRAPH_LDAP_USER_TYPE_ATTRIBUTE
defaultValue: ownCloudUserType
type: string
description: LDAP Attribute to distinguish between 'Member' and 'Guest' users. Default
is 'ownCloudUserType'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_LDAP_USER_SCHEMA_USERNAME:
name: OCIS_LDAP_USER_SCHEMA_USERNAME;GRAPH_LDAP_USER_NAME_ATTRIBUTE
defaultValue: uid
type: string
description: LDAP Attribute to use for username of users.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_LDAP_USER_SCOPE:
name: OCIS_LDAP_USER_SCOPE;GRAPH_LDAP_USER_SCOPE
defaultValue: sub
type: string
description: LDAP search scope to use when looking up users. Supported scopes are
'base', 'one' and 'sub'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_LOG_COLOR:
name: OCIS_LOG_COLOR;APP_PROVIDER_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_LOG_FILE:
name: OCIS_LOG_FILE;APP_PROVIDER_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_LOG_LEVEL:
name: OCIS_LOG_LEVEL;APP_PROVIDER_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_LOG_PRETTY:
name: OCIS_LOG_PRETTY;APP_PROVIDER_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_MACHINE_AUTH_API_KEY:
name: OCIS_MACHINE_AUTH_API_KEY;AUTH_APP_MACHINE_AUTH_API_KEY
defaultValue: ""
type: string
description: The machine auth API key used to validate internal requests necessary
to access resources from other services.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_MAX_CONCURRENCY:
name: OCIS_MAX_CONCURRENCY;USERLOG_MAX_CONCURRENCY
defaultValue: "5"
type: int
description: Maximum number of concurrent go-routines. Higher values can potentially
get work done faster but will also cause more load on the system. Values of 0
or below will be ignored and the default value will be used.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_OIDC_CLIENT_ID:
name: OCIS_OIDC_CLIENT_ID;WEB_OIDC_CLIENT_ID
defaultValue: web
type: string
description: The OIDC client ID which ownCloud Web uses. This client needs to be
set up in your IDP. Note that this setting has no effect when using the builtin
IDP.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_OIDC_ISSUER:
name: OCIS_URL;OCIS_OIDC_ISSUER;PROXY_OIDC_ISSUER
defaultValue: https://localhost:9200
type: string
description: URL of the OIDC issuer. It defaults to URL of the builtin IDP.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST:
name: OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST;SHARING_PASSWORD_POLICY_BANNED_PASSWORDS_LIST
defaultValue: ""
type: string
description: Path to the 'banned passwords list' file. This only impacts public
link password validation. See the documentation for more details.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_PASSWORD_POLICY_DISABLED:
name: OCIS_PASSWORD_POLICY_DISABLED;SHARING_PASSWORD_POLICY_DISABLED
defaultValue: "false"
type: bool
description: Disable the password policy. Defaults to false if not set.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_PASSWORD_POLICY_MIN_CHARACTERS:
name: OCIS_PASSWORD_POLICY_MIN_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_CHARACTERS
defaultValue: "8"
type: int
description: Define the minimum password length. Defaults to 8 if not set.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_PASSWORD_POLICY_MIN_DIGITS:
name: OCIS_PASSWORD_POLICY_MIN_DIGITS;SHARING_PASSWORD_POLICY_MIN_DIGITS
defaultValue: "1"
type: int
description: Define the minimum number of digits. Defaults to 1 if not set.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS:
name: OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS
defaultValue: "1"
type: int
description: Define the minimum number of uppercase letters. Defaults to 1 if not
set.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS:
name: OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS
defaultValue: "1"
type: int
description: Define the minimum number of characters from the special characters
list to be present. Defaults to 1 if not set.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS:
name: OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS
defaultValue: "1"
type: int
description: Define the minimum number of lowercase letters. Defaults to 1 if not
set.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_PERSISTENT_STORE:
name: OCIS_PERSISTENT_STORE;ACTIVITYLOG_STORE
defaultValue: nats-js-kv
type: string
description: 'The type of the store. Supported values are: ''memory'', ''nats-js-kv'',
''redis-sentinel'', ''noop''. See the text description for details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_PERSISTENT_STORE_AUTH_PASSWORD:
name: OCIS_PERSISTENT_STORE_AUTH_PASSWORD;ACTIVITYLOG_STORE_AUTH_PASSWORD
defaultValue: ""
type: string
description: The password to authenticate with the store. Only applies when store
type 'nats-js-kv' is configured.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_PERSISTENT_STORE_AUTH_USERNAME:
name: OCIS_PERSISTENT_STORE_AUTH_USERNAME;ACTIVITYLOG_STORE_AUTH_USERNAME
defaultValue: ""
type: string
description: The username to authenticate with the store. Only applies when store
type 'nats-js-kv' is configured.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_PERSISTENT_STORE_NODES:
name: OCIS_PERSISTENT_STORE_NODES;ACTIVITYLOG_STORE_NODES
defaultValue: '[127.0.0.1:9233]'
type: '[]string'
description: A list of nodes to access the configured store. This has no effect
when 'memory' store is configured. Note that the behaviour how nodes are used
is dependent on the library of the configured store. See the Environment Variable
Types description for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_PERSISTENT_STORE_SIZE:
name: OCIS_PERSISTENT_STORE_SIZE;EVENTHISTORY_STORE_SIZE
defaultValue: "0"
type: int
description: The maximum quantity of items in the store. Only applies when store
type 'ocmem' is configured. Defaults to 512 which is derived and used from the
ocmem package though no explicit default was set.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_PERSISTENT_STORE_TTL:
name: OCIS_PERSISTENT_STORE_TTL;ACTIVITYLOG_STORE_TTL
defaultValue: 0s
type: Duration
description: Time to live for events in the store. See the Environment Variable
Types description for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_PUBLIC_URL:
name: OCIS_URL;OCIS_PUBLIC_URL
defaultValue: https://127.0.0.1:9200
type: string
description: URL, where oCIS is reachable for users.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_REVA_GATEWAY:
name: OCIS_REVA_GATEWAY
defaultValue: com.owncloud.api.gateway
type: string
description: The CS3 gateway endpoint.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_REVA_GATEWAY_TLS_CACERT:
name: OCIS_REVA_GATEWAY_TLS_CACERT
defaultValue: ""
type: string
description: The root CA certificate used to validate the gateway's TLS certificate.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_REVA_GATEWAY_TLS_MODE:
name: OCIS_REVA_GATEWAY_TLS_MODE
defaultValue: ""
type: string
description: 'TLS mode for grpc connection to the CS3 gateway endpoint. Possible
values are ''off'', ''insecure'' and ''on''. ''off'': disables transport security
for the clients. ''insecure'' allows using transport security, but disables certificate
verification (to be used with the autogenerated self-signed certificates). ''on''
enables transport security, including server certificate verification.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_SERVICE_ACCOUNT_ID:
name: OCIS_SERVICE_ACCOUNT_ID;ACTIVITYLOG_SERVICE_ACCOUNT_ID
defaultValue: ""
type: string
description: The ID of the service account the service should use. See the 'auth-service'
service description for more details.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_SERVICE_ACCOUNT_SECRET:
name: OCIS_SERVICE_ACCOUNT_SECRET;ACTIVITYLOG_SERVICE_ACCOUNT_SECRET
defaultValue: ""
type: string
description: The service account secret.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD:
name: OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD;SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD
defaultValue: "true"
type: bool
description: Set this to true if you want to enforce passwords on all public shares.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD:
name: OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD;SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD
defaultValue: "false"
type: bool
description: Set this to true if you want to enforce passwords on Uploader, Editor
or Contributor shares. If not using the global OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD,
you must define the FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD in
the frontend service.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_SHOW_USER_EMAIL_IN_RESULTS:
name: OCIS_SHOW_USER_EMAIL_IN_RESULTS
defaultValue: "false"
type: bool
description: Include user email addresses in responses. If absent or set to false
emails will be omitted from results. Please note that admin users can always see
all email addresses.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_SPACES_MAX_QUOTA:
name: OCIS_SPACES_MAX_QUOTA;STORAGE_USERS_OCIS_MAX_QUOTA
defaultValue: "0"
type: uint64
description: Set a global max quota for spaces in bytes. A value of 0 equals unlimited.
If not using the global OCIS_SPACES_MAX_QUOTA, you must define the FRONTEND_MAX_QUOTA
in the frontend service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_SYSTEM_USER_API_KEY:
name: OCIS_SYSTEM_USER_API_KEY;SHARING_PUBLIC_CS3_SYSTEM_USER_API_KEY
defaultValue: ""
type: string
description: API key for the STORAGE-SYSTEM system user.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_SYSTEM_USER_ID:
name: OCIS_SYSTEM_USER_ID;SHARING_PUBLIC_CS3_SYSTEM_USER_ID
defaultValue: ""
type: string
description: ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID
for the STORAGE-SYSTEM system user in this config option which is then used to
reference the user. Any reasonable long string is possible, preferably this would
be an UUIDv4 format.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_SYSTEM_USER_IDP:
name: OCIS_SYSTEM_USER_IDP;SHARING_PUBLIC_CS3_SYSTEM_USER_IDP
defaultValue: internal
type: string
description: IDP of the oCIS STORAGE-SYSTEM system user.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;APP_PROVIDER_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;APP_PROVIDER_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;APP_PROVIDER_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_TRACING_TYPE:
name: OCIS_TRACING_TYPE;APP_PROVIDER_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_TRANSFER_SECRET:
name: OCIS_TRANSFER_SECRET
defaultValue: ""
type: string
description: The storage transfer secret.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_TRANSLATION_PATH:
name: OCIS_TRANSLATION_PATH;ACTIVITYLOG_TRANSLATION_PATH
defaultValue: ""
type: string
description: (optional) Set this to a path with custom translations to overwrite
the builtin translations. Note that file and folder naming rules apply, see the
documentation for more details.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_URL:
name: OCIS_URL;APP_PROVIDER_WOPI_FOLDER_URL_BASE_URL
defaultValue: https://localhost:9200/
type: string
description: Base url to navigate back from the app to the containing folder in
the file list.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCIS_WOPI_DISABLE_CHAT:
name: APP_PROVIDER_WOPI_DISABLE_CHAT;OCIS_WOPI_DISABLE_CHAT
defaultValue: "false"
type: bool
description: Disable the chat functionality of the office app.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_CORS_ALLOW_CREDENTIALS:
name: OCIS_CORS_ALLOW_CREDENTIALS;OCM_CORS_ALLOW_CREDENTIALS
defaultValue: "false"
type: bool
description: 'Allow credentials for CORS.See following chapter for more details:
*Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.'
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_CORS_ALLOW_HEADERS:
name: OCIS_CORS_ALLOW_HEADERS;OCM_CORS_ALLOW_HEADERS
defaultValue: '[Origin Accept Content-Type Depth Authorization Ocs-Apirequest If-None-Match
If-Match Destination Overwrite X-Request-Id X-Requested-With Tus-Resumable Tus-Checksum-Algorithm
Upload-Concat Upload-Length Upload-Metadata Upload-Defer-Length Upload-Expires
Upload-Checksum Upload-Offset X-HTTP-Method-Override Cache-Control]'
type: '[]string'
description: 'A list of allowed CORS headers. See following chapter for more details:
*Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers.
See the Environment Variable Types description for more details.'
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_CORS_ALLOW_METHODS:
name: OCIS_CORS_ALLOW_METHODS;OCM_CORS_ALLOW_METHODS
defaultValue: '[OPTIONS HEAD GET PUT POST DELETE MKCOL PROPFIND PROPPATCH MOVE COPY
REPORT SEARCH]'
type: '[]string'
description: 'A list of allowed CORS methods. See following chapter for more details:
*Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method.
See the Environment Variable Types description for more details.'
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_CORS_ALLOW_ORIGINS:
name: OCIS_CORS_ALLOW_ORIGINS;OCM_CORS_ALLOW_ORIGINS
defaultValue: '[https://localhost:9200]'
type: '[]string'
description: 'A list of allowed CORS origins. See following chapter for more details:
*Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin.
See the Environment Variable Types description for more details.'
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_DEBUG_ADDR:
name: OCM_DEBUG_ADDR
defaultValue: 127.0.0.1:9281
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_DEBUG_PPROF:
name: OCM_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_DEBUG_TOKEN:
name: OCM_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_DEBUG_ZPAGES:
name: OCM_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing in-memory
traces.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_EVENTS_AUTH_PASSWORD:
name: OCIS_EVENTS_AUTH_PASSWORD;OCM_EVENTS_AUTH_PASSWORD
defaultValue: ""
type: string
description: The password to authenticate with the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_EVENTS_AUTH_USERNAME:
name: OCIS_EVENTS_AUTH_USERNAME;OCM_EVENTS_AUTH_USERNAME
defaultValue: ""
type: string
description: The username to authenticate with the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_EVENTS_CLUSTER:
name: OCIS_EVENTS_CLUSTER;OCM_EVENTS_CLUSTER
defaultValue: ocis-cluster
type: string
description: The clusterID of the event system. The event system is the message
queuing service. It is used as message broker for the microservice architecture.
Mandatory when using NATS as event system.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_EVENTS_ENABLE_TLS:
name: OCIS_EVENTS_ENABLE_TLS;OCM_EVENTS_ENABLE_TLS
defaultValue: "false"
type: bool
description: Enable TLS for the connection to the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_EVENTS_ENDPOINT:
name: OCIS_EVENTS_ENDPOINT;OCM_EVENTS_ENDPOINT
defaultValue: 127.0.0.1:9233
type: string
description: The address of the event system. The event system is the message queuing
service. It is used as message broker for the microservice architecture.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_EVENTS_TLS_INSECURE:
name: OCIS_INSECURE;OCM_EVENTS_TLS_INSECURE
defaultValue: "false"
type: bool
description: Whether to verify the server TLS certificates.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_EVENTS_TLS_ROOT_CA_CERTIFICATE:
name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;OCM_EVENTS_TLS_ROOT_CA_CERTIFICATE
defaultValue: ""
type: string
description: The root CA certificate used to validate the server's TLS certificate.
If provided OCM_EVENTS_TLS_INSECURE will be seen as false.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_GRPC_ADDR:
name: OCM_GRPC_ADDR
defaultValue: 127.0.0.1:9282
type: string
description: The bind address of the GRPC service.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_GRPC_PROTOCOL:
name: OCIS_GRPC_PROTOCOL;OCM_GRPC_PROTOCOL
defaultValue: ""
type: string
description: The transport protocol of the GRPC service.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_HTTP_ADDR:
name: OCM_HTTP_ADDR
defaultValue: 127.0.0.1:9280
type: string
description: The bind address of the HTTP service.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_HTTP_PREFIX:
name: OCM_HTTP_PREFIX
defaultValue: ""
type: string
description: The path prefix where OCM can be accessed (defaults to /).
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_HTTP_PROTOCOL:
name: OCM_HTTP_PROTOCOL
defaultValue: tcp
type: string
description: The transport protocol of the HTTP service.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_JWT_SECRET:
name: OCIS_JWT_SECRET;OCM_JWT_SECRET
defaultValue: ""
type: string
description: The secret to mint and validate jwt tokens.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_LOG_COLOR:
name: OCIS_LOG_COLOR;OCM_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_LOG_FILE:
name: OCIS_LOG_FILE;OCM_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_LOG_LEVEL:
name: OCIS_LOG_LEVEL;OCM_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_LOG_PRETTY:
name: OCIS_LOG_PRETTY;OCM_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_MESH_DIRECTORY_URL:
name: OCM_MESH_DIRECTORY_URL
defaultValue: ""
type: string
description: URL of the mesh directory service.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_OCM_CORE_DRIVER:
name: OCM_OCM_CORE_DRIVER
defaultValue: json
type: string
description: Driver to be used for the OCM core. Supported value is only 'json'.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_OCM_CORE_JSON_FILE:
name: OCM_OCM_CORE_JSON_FILE
defaultValue: /var/lib/ocis/storage/ocm/ocmshares.json
type: string
description: Path to the JSON file where OCM share data will be stored. If not defined,
the root directory derives from $OCIS_BASE_DATA_PATH/storage.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_OCM_INVITE_MANAGER_DRIVER:
name: OCM_OCM_INVITE_MANAGER_DRIVER
defaultValue: json
type: string
description: Driver to be used to persist OCM invites. Supported value is only 'json'.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_OCM_INVITE_MANAGER_INSECURE:
name: OCM_OCM_INVITE_MANAGER_INSECURE
defaultValue: "false"
type: bool
description: Disable TLS certificate validation for the OCM connections. Do not
set this in production environments.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_OCM_INVITE_MANAGER_JSON_FILE:
name: OCM_OCM_INVITE_MANAGER_JSON_FILE
defaultValue: /var/lib/ocis/storage/ocm/ocminvites.json
type: string
description: Path to the JSON file where OCM invite data will be stored. This file
is maintained by the instance and must not be changed manually. If not defined,
the root directory derives from $OCIS_BASE_DATA_PATH/storage/ocm.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_OCM_INVITE_MANAGER_TIMEOUT:
name: OCM_OCM_INVITE_MANAGER_TIMEOUT
defaultValue: 30s
type: Duration
description: Timeout specifies a time limit for requests made to OCM endpoints.
introductionVersion: 6.0.1
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_OCM_INVITE_MANAGER_TOKEN_EXPIRATION:
name: OCM_OCM_INVITE_MANAGER_TOKEN_EXPIRATION
defaultValue: 24h0m0s
type: Duration
description: Expiry duration for invite tokens.
introductionVersion: 6.0.1
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_OCM_PROVIDER_AUTHORIZER_PROVIDERS_FILE:
name: OCM_OCM_PROVIDER_AUTHORIZER_PROVIDERS_FILE
defaultValue: /etc/ocis/ocmproviders.json
type: string
description: Path to the JSON file where ocm invite data will be stored. Defaults
to $OCIS_CONFIG_DIR/ocmproviders.json.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_OCM_PROVIDER_AUTHORIZER_VERIFY_REQUEST_HOSTNAME:
name: OCM_OCM_PROVIDER_AUTHORIZER_VERIFY_REQUEST_HOSTNAME
defaultValue: "true"
type: bool
description: Verify the hostname of the incoming request against the hostname of
the OCM provider.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_OCM_SHARE_PROVIDER_DRIVER:
name: OCM_OCM_SHARE_PROVIDER_DRIVER
defaultValue: json
type: string
description: Driver to be used for the OCM share provider. Supported value is only
'json'.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_OCM_SHARE_PROVIDER_INSECURE:
name: OCM_OCM_SHARE_PROVIDER_INSECURE
defaultValue: "false"
type: bool
description: Disable TLS certificate validation for the OCM connections. Do not
set this in production environments.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_OCM_SHAREPROVIDER_JSON_FILE:
name: OCM_OCM_SHAREPROVIDER_JSON_FILE
defaultValue: /var/lib/ocis/storage/ocm/ocmshares.json
type: string
description: Path to the JSON file where OCM share data will be stored. If not defined,
the root directory derives from $OCIS_BASE_DATA_PATH/storage.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_OCM_STORAGE_DATA_SERVER_URL:
name: OCM_OCM_STORAGE_DATA_SERVER_URL
defaultValue: http://localhost:9280/data
type: string
description: URL of the data server, needs to be reachable by the data gateway provided
by the frontend service or the user if directly exposed.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_OCM_STORAGE_PROVIDER_INSECURE:
name: OCM_OCM_STORAGE_PROVIDER_INSECURE
defaultValue: "false"
type: bool
description: Disable TLS certificate validation for the OCM connections. Do not
set this in production environments.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_OCM_STORAGE_PROVIDER_STORAGE_ROOT:
name: OCM_OCM_STORAGE_PROVIDER_STORAGE_ROOT
defaultValue: /var/lib/ocis/storage/ocm
type: string
description: Directory where the ocm storage provider persists its data like tus
upload info files.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_OCMD_EXPOSE_RECIPIENT_DISPLAY_NAME:
name: OCM_OCMD_EXPOSE_RECIPIENT_DISPLAY_NAME
defaultValue: "false"
type: bool
description: Expose the display name of OCM share recipients.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_OCMD_PREFIX:
name: OCM_OCMD_PREFIX
defaultValue: ocm
type: string
description: URL path prefix for the OCMD service. Note that the string must not
start with '/'.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_SCIENCEMESH_PREFIX:
name: OCM_SCIENCEMESH_PREFIX
defaultValue: sciencemesh
type: string
description: URL path prefix for the ScienceMesh service. Note that the string must
not start with '/'.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_SERVICE_ACCOUNT_ID:
name: OCIS_SERVICE_ACCOUNT_ID;OCM_SERVICE_ACCOUNT_ID
defaultValue: ""
type: string
description: The ID of the service account the service should use. See the 'auth-service'
service description for more details.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_SERVICE_ACCOUNT_SECRET:
name: OCIS_SERVICE_ACCOUNT_SECRET;OCM_SERVICE_ACCOUNT_SECRET
defaultValue: ""
type: string
description: The service account secret.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;OCM_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;OCM_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;OCM_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_TRACING_TYPE:
name: OCIS_TRACING_TYPE;OCM_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCM_WEBAPP_TEMPLATE:
name: OCM_WEBAPP_TEMPLATE
defaultValue: ""
type: string
description: Template for the webapp url.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCS_CORS_ALLOW_CREDENTIALS:
name: OCIS_CORS_ALLOW_CREDENTIALS;OCS_CORS_ALLOW_CREDENTIALS
defaultValue: "true"
type: bool
description: 'Allow credentials for CORS.See following chapter for more details:
*Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCS_CORS_ALLOW_HEADERS:
name: OCIS_CORS_ALLOW_HEADERS;OCS_CORS_ALLOW_HEADERS
defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id
Cache-Control]'
type: '[]string'
description: 'A list of allowed CORS headers. See following chapter for more details:
*Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCS_CORS_ALLOW_METHODS:
name: OCIS_CORS_ALLOW_METHODS;OCS_CORS_ALLOW_METHODS
defaultValue: '[GET POST PUT PATCH DELETE OPTIONS]'
type: '[]string'
description: 'A list of allowed CORS methods. See following chapter for more details:
*Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCS_CORS_ALLOW_ORIGINS:
name: OCIS_CORS_ALLOW_ORIGINS;OCS_CORS_ALLOW_ORIGINS
defaultValue: '[*]'
type: '[]string'
description: 'A list of allowed CORS origins. See following chapter for more details:
*Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCS_DEBUG_ADDR:
name: OCS_DEBUG_ADDR
defaultValue: 127.0.0.1:9114
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCS_DEBUG_PPROF:
name: OCS_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCS_DEBUG_TOKEN:
name: OCS_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCS_DEBUG_ZPAGES:
name: OCS_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing in-memory
traces.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCS_EVENTS_TLS_ROOT_CA_CERTIFICATE:
name: FRONTEND_EVENTS_TLS_ROOT_CA_CERTIFICATE;OCS_EVENTS_TLS_ROOT_CA_CERTIFICATE
defaultValue: ""
type: string
description: The root CA certificate used to validate the server's TLS certificate.
If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCS_HTTP_ADDR:
name: OCS_HTTP_ADDR
defaultValue: 127.0.0.1:9110
type: string
description: The bind address of the HTTP service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCS_HTTP_ROOT:
name: OCS_HTTP_ROOT
defaultValue: /ocs
type: string
description: Subdirectory that serves as the root for this HTTP service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCS_JWT_SECRET:
name: OCIS_JWT_SECRET;OCS_JWT_SECRET
defaultValue: ""
type: string
description: The secret to mint and validate jwt tokens.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCS_LOG_COLOR:
name: OCIS_LOG_COLOR;OCS_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCS_LOG_FILE:
name: OCIS_LOG_FILE;OCS_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCS_LOG_LEVEL:
name: OCIS_LOG_LEVEL;OCS_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCS_LOG_PRETTY:
name: OCIS_LOG_PRETTY;OCS_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCS_PRESIGNEDURL_SIGNING_KEYS_STORE:
name: OCIS_CACHE_STORE;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE
defaultValue: nats-js-kv
type: string
description: 'The type of the signing key store. Supported values are: ''redis-sentinel''
and ''nats-js-kv''. See the text description for details.'
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_PASSWORD:
name: OCIS_CACHE_AUTH_PASSWORD;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_PASSWORD
defaultValue: ""
type: string
description: The password to authenticate with the store. Only applies when store
type 'nats-js-kv' is configured.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_USERNAME:
name: OCIS_CACHE_AUTH_USERNAME;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_USERNAME
defaultValue: ""
type: string
description: The username to authenticate with the store. Only applies when store
type 'nats-js-kv' is configured.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES:
name: OCIS_CACHE_STORE_NODES;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES
defaultValue: '[127.0.0.1:9233]'
type: '[]string'
description: A list of nodes to access the configured store. Note that the behaviour
how nodes are used is dependent on the library of the configured store. See the
Environment Variable Types description for more details.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_TTL:
name: OCIS_CACHE_TTL;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_TTL
defaultValue: 12h0m0s
type: Duration
description: Default time to live for signing keys. See the Environment Variable
Types description for more details.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCS_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;OCS_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCS_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;OCS_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCS_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;OCS_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
OCS_TRACING_TYPE:
name: OCIS_TRACING_TYPE;OCS_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POLICIES_DEBUG_ADDR:
name: POLICIES_DEBUG_ADDR
defaultValue: 127.0.0.1:9129
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POLICIES_DEBUG_PPROF:
name: POLICIES_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POLICIES_DEBUG_TOKEN:
name: POLICIES_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POLICIES_DEBUG_ZPAGES:
name: POLICIES_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing in-memory
traces.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POLICIES_ENGINE_MIMES:
name: POLICIES_ENGINE_MIMES
defaultValue: ""
type: string
description: Sets the mimes file path which maps mimetypes to associated file extensions.
See the text description for details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POLICIES_ENGINE_TIMEOUT:
name: POLICIES_ENGINE_TIMEOUT
defaultValue: 10s
type: Duration
description: Sets the timeout the rego expression evaluation can take. Rules default
to deny if the timeout was reached. See the Environment Variable Types description
for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POLICIES_EVENTS_AUTH_PASSWORD:
name: OCIS_EVENTS_AUTH_PASSWORD;POLICIES_EVENTS_AUTH_PASSWORD
defaultValue: ""
type: string
description: The password to authenticate with the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POLICIES_EVENTS_AUTH_USERNAME:
name: OCIS_EVENTS_AUTH_USERNAME;POLICIES_EVENTS_AUTH_USERNAME
defaultValue: ""
type: string
description: The username to authenticate with the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POLICIES_EVENTS_CLUSTER:
name: OCIS_EVENTS_CLUSTER;POLICIES_EVENTS_CLUSTER
defaultValue: ocis-cluster
type: string
description: The clusterID of the event system. The event system is the message
queuing service. It is used as message broker for the microservice architecture.
Mandatory when using NATS as event system.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POLICIES_EVENTS_ENABLE_TLS:
name: OCIS_EVENTS_ENABLE_TLS;POLICIES_EVENTS_ENABLE_TLS
defaultValue: "false"
type: bool
description: Enable TLS for the connection to the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POLICIES_EVENTS_ENDPOINT:
name: OCIS_EVENTS_ENDPOINT;POLICIES_EVENTS_ENDPOINT
defaultValue: 127.0.0.1:9233
type: string
description: The address of the event system. The event system is the message queuing
service. It is used as message broker for the microservice architecture.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POLICIES_EVENTS_TLS_INSECURE:
name: OCIS_INSECURE;POLICIES_EVENTS_TLS_INSECURE
defaultValue: "false"
type: bool
description: Whether the server should skip the client certificate verification
during the TLS handshake.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POLICIES_EVENTS_TLS_ROOT_CA_CERTIFICATE:
name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;POLICIES_EVENTS_TLS_ROOT_CA_CERTIFICATE
defaultValue: ""
type: string
description: The root CA certificate used to validate the server's TLS certificate.
If provided POLICIES_EVENTS_TLS_INSECURE will be seen as false.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POLICIES_GRPC_ADDR:
name: POLICIES_GRPC_ADDR
defaultValue: 127.0.0.1:9125
type: string
description: The bind address of the GRPC service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POLICIES_LOG_COLOR:
name: OCIS_LOG_COLOR;POLICIES_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POLICIES_LOG_FILE:
name: OCIS_LOG_FILE;POLICIES_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POLICIES_LOG_LEVEL:
name: OCIS_LOG_LEVEL;POLICIES_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POLICIES_LOG_PRETTY:
name: OCIS_LOG_PRETTY;POLICIES_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POLICIES_POSTPROCESSING_QUERY:
name: POLICIES_POSTPROCESSING_QUERY
defaultValue: ""
type: string
description: Defines the 'Complete Rules' variable defined in the rego rule set
this step uses for its evaluation. Defaults to deny if the variable was not found.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POLICIES_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;POLICIES_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POLICIES_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;POLICIES_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POLICIES_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;POLICIES_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POLICIES_TRACING_TYPE:
name: OCIS_TRACING_TYPE;POLICIES_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POSTPROCESSING_DEBUG_ADDR:
name: POSTPROCESSING_DEBUG_ADDR
defaultValue: 127.0.0.1:9255
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POSTPROCESSING_DEBUG_PPROF:
name: POSTPROCESSING_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POSTPROCESSING_DEBUG_TOKEN:
name: POSTPROCESSING_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POSTPROCESSING_DEBUG_ZPAGES:
name: POSTPROCESSING_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing in-memory
traces.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POSTPROCESSING_DELAY:
name: POSTPROCESSING_DELAY
defaultValue: 0s
type: Duration
description: After uploading a file but before making it available for download,
a delay step can be added. Intended for developing purposes only. If a duration
is set but the keyword 'delay' is not explicitely added to 'POSTPROCESSING_STEPS',
the delay step will be processed as last step. In such a case, a log entry will
be written on service startup to remind the admin about that situation. See the
Environment Variable Types description for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POSTPROCESSING_EVENTS_AUTH_PASSWORD:
name: OCIS_EVENTS_AUTH_PASSWORD;POSTPROCESSING_EVENTS_AUTH_PASSWORD
defaultValue: ""
type: string
description: The password to authenticate with the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POSTPROCESSING_EVENTS_AUTH_USERNAME:
name: OCIS_EVENTS_AUTH_USERNAME;POSTPROCESSING_EVENTS_AUTH_USERNAME
defaultValue: ""
type: string
description: The username to authenticate with the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POSTPROCESSING_EVENTS_CLUSTER:
name: OCIS_EVENTS_CLUSTER;POSTPROCESSING_EVENTS_CLUSTER
defaultValue: ocis-cluster
type: string
description: The clusterID of the event system. The event system is the message
queuing service. It is used as message broker for the microservice architecture.
Mandatory when using NATS as event system.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POSTPROCESSING_EVENTS_ENABLE_TLS:
name: OCIS_EVENTS_ENABLE_TLS;POSTPROCESSING_EVENTS_ENABLE_TLS
defaultValue: "false"
type: bool
description: Enable TLS for the connection to the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POSTPROCESSING_EVENTS_ENDPOINT:
name: OCIS_EVENTS_ENDPOINT;POSTPROCESSING_EVENTS_ENDPOINT
defaultValue: 127.0.0.1:9233
type: string
description: The address of the event system. The event system is the message queuing
service. It is used as message broker for the microservice architecture.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POSTPROCESSING_EVENTS_TLS_INSECURE:
name: OCIS_INSECURE;POSTPROCESSING_EVENTS_TLS_INSECURE
defaultValue: "false"
type: bool
description: Whether the ocis server should skip the client certificate verification
during the TLS handshake.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POSTPROCESSING_EVENTS_TLS_ROOT_CA_CERTIFICATE:
name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;POSTPROCESSING_EVENTS_TLS_ROOT_CA_CERTIFICATE
defaultValue: ""
type: string
description: The root CA certificate used to validate the server's TLS certificate.
If provided POSTPROCESSING_EVENTS_TLS_INSECURE will be seen as false.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POSTPROCESSING_LOG_COLOR:
name: OCIS_LOG_COLOR;POSTPROCESSING_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POSTPROCESSING_LOG_FILE:
name: OCIS_LOG_FILE;POSTPROCESSING_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POSTPROCESSING_LOG_LEVEL:
name: OCIS_LOG_LEVEL;POSTPROCESSING_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POSTPROCESSING_LOG_PRETTY:
name: OCIS_LOG_PRETTY;POSTPROCESSING_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POSTPROCESSING_MAX_RETRIES:
name: POSTPROCESSING_MAX_RETRIES
defaultValue: "14"
type: int
description: The maximum number of retries for a failed postprocessing step.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POSTPROCESSING_RETRY_BACKOFF_DURATION:
name: POSTPROCESSING_RETRY_BACKOFF_DURATION
defaultValue: 5s
type: Duration
description: The base for the exponential backoff duration before retrying a failed
postprocessing step. See the Environment Variable Types description for more details.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POSTPROCESSING_STEPS:
name: POSTPROCESSING_STEPS
defaultValue: '[]'
type: '[]string'
description: 'A list of postprocessing steps processed in order of their appearance.
Currently supported values by the system are: ''virusscan'', ''policies'' and
''delay''. Custom steps are allowed. See the documentation for instructions. See
the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POSTPROCESSING_STORE:
name: OCIS_PERSISTENT_STORE;POSTPROCESSING_STORE
defaultValue: nats-js-kv
type: string
description: 'The type of the store. Supported values are: ''memory'', ''redis-sentinel'',
''nats-js-kv'', ''noop''. See the text description for details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POSTPROCESSING_STORE_AUTH_PASSWORD:
name: OCIS_PERSISTENT_STORE_AUTH_PASSWORD;POSTPROCESSING_STORE_AUTH_PASSWORD
defaultValue: ""
type: string
description: The password to authenticate with the store. Only applies when store
type 'nats-js-kv' is configured.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POSTPROCESSING_STORE_AUTH_USERNAME:
name: OCIS_PERSISTENT_STORE_AUTH_USERNAME;POSTPROCESSING_STORE_AUTH_USERNAME
defaultValue: ""
type: string
description: The username to authenticate with the store. Only applies when store
type 'nats-js-kv' is configured.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POSTPROCESSING_STORE_DATABASE:
name: POSTPROCESSING_STORE_DATABASE
defaultValue: postprocessing
type: string
description: The database name the configured store should use.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POSTPROCESSING_STORE_NODES:
name: OCIS_PERSISTENT_STORE_NODES;POSTPROCESSING_STORE_NODES
defaultValue: '[127.0.0.1:9233]'
type: '[]string'
description: A list of nodes to access the configured store. This has no effect
when 'memory' store is configured. Note that the behaviour how nodes are used
is dependent on the library of the configured store. See the Environment Variable
Types description for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POSTPROCESSING_STORE_SIZE:
name: OCIS_PERSISTENT_STORE_SIZE;POSTPROCESSING_STORE_SIZE
defaultValue: "0"
type: int
description: The maximum quantity of items in the store. Only applies when store
type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package
though not exclicitly set as default.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POSTPROCESSING_STORE_TABLE:
name: POSTPROCESSING_STORE_TABLE
defaultValue: ""
type: string
description: The database table the store should use.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POSTPROCESSING_STORE_TTL:
name: OCIS_PERSISTENT_STORE_TTL;POSTPROCESSING_STORE_TTL
defaultValue: 0s
type: Duration
description: Time to live for events in the store. See the Environment Variable
Types description for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POSTPROCESSING_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;POSTPROCESSING_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POSTPROCESSING_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;POSTPROCESSING_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POSTPROCESSING_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;POSTPROCESSING_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POSTPROCESSING_TRACING_TYPE:
name: OCIS_TRACING_TYPE;POSTPROCESSING_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
POSTPROCESSING_WORKERS:
name: POSTPROCESSING_WORKERS
defaultValue: "3"
type: int
description: The number of concurrent go routines that fetch events from the event
queue.
introductionVersion: "6.7"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_ACCOUNT_BACKEND_TYPE:
name: PROXY_ACCOUNT_BACKEND_TYPE
defaultValue: cs3
type: string
description: Account backend the PROXY service should use. Currently only 'cs3'
is possible here.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_AUTOPROVISION_ACCOUNTS:
name: PROXY_AUTOPROVISION_ACCOUNTS
defaultValue: "false"
type: bool
description: Set this to 'true' to automatically provision users that do not yet
exist in the users service on-demand upon first sign-in. To use this a write-enabled
libregraph user backend needs to be setup an running.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_AUTOPROVISION_CLAIM_DISPLAYNAME:
name: PROXY_AUTOPROVISION_CLAIM_DISPLAYNAME
defaultValue: name
type: string
description: The name of the OIDC claim that holds the display name.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_AUTOPROVISION_CLAIM_EMAIL:
name: PROXY_AUTOPROVISION_CLAIM_EMAIL
defaultValue: email
type: string
description: The name of the OIDC claim that holds the email.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_AUTOPROVISION_CLAIM_GROUPS:
name: PROXY_AUTOPROVISION_CLAIM_GROUPS
defaultValue: groups
type: string
description: The name of the OIDC claim that holds the groups.
introductionVersion: 6.1.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_AUTOPROVISION_CLAIM_USERNAME:
name: PROXY_AUTOPROVISION_CLAIM_USERNAME
defaultValue: preferred_username
type: string
description: The name of the OIDC claim that holds the username.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_CSP_CONFIG_FILE_LOCATION:
name: PROXY_CSP_CONFIG_FILE_LOCATION
defaultValue: ""
type: string
description: The location of the CSP configuration file.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_DEBUG_ADDR:
name: PROXY_DEBUG_ADDR
defaultValue: 127.0.0.1:9205
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_DEBUG_PPROF:
name: PROXY_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_DEBUG_TOKEN:
name: PROXY_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_DEBUG_ZPAGES:
name: PROXY_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing in-memory
traces.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_ENABLE_APP_AUTH:
name: PROXY_ENABLE_APP_AUTH
defaultValue: "false"
type: bool
description: Allow app authentication. This can be used to authenticate 3rd party
applications. Note that auth-app service must be running for this feature to work.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_ENABLE_BASIC_AUTH:
name: PROXY_ENABLE_BASIC_AUTH
defaultValue: "false"
type: bool
description: Set this to true to enable 'basic authentication' (username/password).
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_ENABLE_PRESIGNEDURLS:
name: PROXY_ENABLE_PRESIGNEDURLS
defaultValue: "true"
type: bool
description: Allow OCS to get a signing key to sign requests.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_EVENTS_AUTH_PASSWORD:
name: OCIS_EVENTS_AUTH_PASSWORD;PROXY_EVENTS_AUTH_PASSWORD
defaultValue: ""
type: string
description: The password to authenticate with the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_EVENTS_AUTH_USERNAME:
name: OCIS_EVENTS_AUTH_USERNAME;PROXY_EVENTS_AUTH_USERNAME
defaultValue: ""
type: string
description: The username to authenticate with the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_EVENTS_CLUSTER:
name: OCIS_EVENTS_CLUSTER;PROXY_EVENTS_CLUSTER
defaultValue: ocis-cluster
type: string
description: The clusterID of the event system. The event system is the message
queuing service. It is used as message broker for the microservice architecture.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_EVENTS_ENABLE_TLS:
name: OCIS_EVENTS_ENABLE_TLS;PROXY_EVENTS_ENABLE_TLS
defaultValue: "false"
type: bool
description: Enable TLS for the connection to the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_EVENTS_ENDPOINT:
name: OCIS_EVENTS_ENDPOINT;PROXY_EVENTS_ENDPOINT
defaultValue: 127.0.0.1:9233
type: string
description: The address of the event system. The event system is the message queuing
service. It is used as message broker for the microservice architecture. Set to
a empty string to disable emitting events.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_EVENTS_TLS_INSECURE:
name: OCIS_INSECURE;PROXY_EVENTS_TLS_INSECURE
defaultValue: "false"
type: bool
description: Whether to verify the server TLS certificates.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_EVENTS_TLS_ROOT_CA_CERTIFICATE:
name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;PROXY_EVENTS_TLS_ROOT_CA_CERTIFICATE
defaultValue: ""
type: string
description: The root CA certificate used to validate the server's TLS certificate.
If provided PROXY_EVENTS_TLS_INSECURE will be seen as false.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_HTTP_ADDR:
name: PROXY_HTTP_ADDR
defaultValue: 0.0.0.0:9200
type: string
description: The bind address of the HTTP service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_HTTP_ROOT:
name: PROXY_HTTP_ROOT
defaultValue: /
type: string
description: Subdirectory that serves as the root for this HTTP service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_HTTPS_CACERT:
name: PROXY_HTTPS_CACERT
defaultValue: ""
type: string
description: Path/File for the root CA certificate used to validate the servers
TLS certificate for https enabled backend services.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_INSECURE_BACKENDS:
name: PROXY_INSECURE_BACKENDS
defaultValue: "false"
type: bool
description: Disable TLS certificate validation for all HTTP backend connections.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_LOG_COLOR:
name: OCIS_LOG_COLOR;PROXY_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_LOG_FILE:
name: OCIS_LOG_FILE;PROXY_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_LOG_LEVEL:
name: OCIS_LOG_LEVEL;PROXY_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_LOG_PRETTY:
name: OCIS_LOG_PRETTY;PROXY_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_MACHINE_AUTH_API_KEY:
name: OCIS_MACHINE_AUTH_API_KEY;PROXY_MACHINE_AUTH_API_KEY
defaultValue: ""
type: string
description: Machine auth API key used to validate internal requests necessary to
access resources from other services.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_OIDC_ACCESS_TOKEN_VERIFY_METHOD:
name: PROXY_OIDC_ACCESS_TOKEN_VERIFY_METHOD
defaultValue: jwt
type: string
description: Sets how OIDC access tokens should be verified. Possible values are
'none' and 'jwt'. When using 'none', no special validation apart from using it
for accessing the IPD's userinfo endpoint will be done. When using 'jwt', it tries
to parse the access token as a jwt token and verifies the signature using the
keys published on the IDP's 'jwks_uri'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_OIDC_INSECURE:
name: OCIS_INSECURE;PROXY_OIDC_INSECURE
defaultValue: "false"
type: bool
description: Disable TLS certificate validation for connections to the IDP. Note
that this is not recommended for production environments.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_OIDC_ISSUER:
name: OCIS_URL;OCIS_OIDC_ISSUER;PROXY_OIDC_ISSUER
defaultValue: https://localhost:9200
type: string
description: URL of the OIDC issuer. It defaults to URL of the builtin IDP.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_OIDC_JWKS_REFRESH_INTERVAL:
name: PROXY_OIDC_JWKS_REFRESH_INTERVAL
defaultValue: "60"
type: uint64
description: The interval for refreshing the JWKS (JSON Web Key Set) in minutes
in the background via a new HTTP request to the IDP.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_OIDC_JWKS_REFRESH_RATE_LIMIT:
name: PROXY_OIDC_JWKS_REFRESH_RATE_LIMIT
defaultValue: "60"
type: uint64
description: Limits the rate in seconds at which refresh requests are performed
for unknown keys. This is used to prevent malicious clients from imposing high
network load on the IDP via ocis.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_OIDC_JWKS_REFRESH_TIMEOUT:
name: PROXY_OIDC_JWKS_REFRESH_TIMEOUT
defaultValue: "10"
type: uint64
description: The timeout in seconds for an outgoing JWKS request.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_OIDC_JWKS_REFRESH_UNKNOWN_KID:
name: PROXY_OIDC_JWKS_REFRESH_UNKNOWN_KID
defaultValue: "true"
type: bool
description: If set to 'true', the JWKS refresh request will occur every time an
unknown KEY ID (KID) is seen. Always set a 'refresh_limit' when enabling this.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_OIDC_REWRITE_WELLKNOWN:
name: PROXY_OIDC_REWRITE_WELLKNOWN
defaultValue: "false"
type: bool
description: Enables rewriting the /.well-known/openid-configuration to the configured
OIDC issuer. Needed by the Desktop Client, Android Client and iOS Client to discover
the OIDC provider.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_OIDC_SKIP_USER_INFO:
name: PROXY_OIDC_SKIP_USER_INFO
defaultValue: "false"
type: bool
description: Do not look up user claims at the userinfo endpoint and directly read
them from the access token. Incompatible with 'PROXY_OIDC_ACCESS_TOKEN_VERIFY_METHOD=none'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_OIDC_USERINFO_CACHE_AUTH_PASSWORD:
name: OCIS_CACHE_AUTH_PASSWORD;PROXY_OIDC_USERINFO_CACHE_AUTH_PASSWORD
defaultValue: ""
type: string
description: The password to authenticate with the cache. Only applies when store
type 'nats-js-kv' is configured.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_OIDC_USERINFO_CACHE_AUTH_USERNAME:
name: OCIS_CACHE_AUTH_USERNAME;PROXY_OIDC_USERINFO_CACHE_AUTH_USERNAME
defaultValue: ""
type: string
description: The username to authenticate with the cache. Only applies when store
type 'nats-js-kv' is configured.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_OIDC_USERINFO_CACHE_DISABLE_PERSISTENCE:
name: OCIS_CACHE_DISABLE_PERSISTENCE;PROXY_OIDC_USERINFO_CACHE_DISABLE_PERSISTENCE
defaultValue: "false"
type: bool
description: Disables persistence of the cache. Only applies when store type 'nats-js-kv'
is configured. Defaults to false.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_OIDC_USERINFO_CACHE_SIZE:
name: OCIS_CACHE_SIZE;PROXY_OIDC_USERINFO_CACHE_SIZE
defaultValue: "0"
type: int
description: The maximum quantity of items in the user info cache. Only applies
when store type 'ocmem' is configured. Defaults to 512 which is derived from the
ocmem package though not explicitly set as default.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_OIDC_USERINFO_CACHE_STORE:
name: OCIS_CACHE_STORE;PROXY_OIDC_USERINFO_CACHE_STORE
defaultValue: memory
type: string
description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'',
''nats-js-kv'', ''noop''. See the text description for details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_OIDC_USERINFO_CACHE_STORE_NODES:
name: OCIS_CACHE_STORE_NODES;PROXY_OIDC_USERINFO_CACHE_STORE_NODES
defaultValue: '[127.0.0.1:9233]'
type: '[]string'
description: A list of nodes to access the configured store. This has no effect
when 'memory' store is configured. Note that the behaviour how nodes are used
is dependent on the library of the configured store. See the Environment Variable
Types description for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_OIDC_USERINFO_CACHE_TABLE:
name: PROXY_OIDC_USERINFO_CACHE_TABLE
defaultValue: ""
type: string
description: The database table the store should use.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_OIDC_USERINFO_CACHE_TTL:
name: OCIS_CACHE_TTL;PROXY_OIDC_USERINFO_CACHE_TTL
defaultValue: 10s
type: Duration
description: Default time to live for user info in the user info cache. Only applied
when access tokens has no expiration. See the Environment Variable Types description
for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_POLICIES_QUERY:
name: PROXY_POLICIES_QUERY
defaultValue: ""
type: string
description: Defines the 'Complete Rules' variable defined in the rego rule set
this step uses for its evaluation. Rules default to deny if the variable was not
found.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE:
name: OCIS_CACHE_STORE;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE
defaultValue: nats-js-kv
type: string
description: 'The type of the signing key store. Supported values are: ''redis-sentinel'',
''nats-js-kv'' and ''ocisstoreservice'' (deprecated). See the text description
for details.'
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_PASSWORD:
name: OCIS_CACHE_AUTH_PASSWORD;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_PASSWORD
defaultValue: ""
type: string
description: The password to authenticate with the store. Only applies when store
type 'nats-js-kv' is configured.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_USERNAME:
name: OCIS_CACHE_AUTH_USERNAME;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_USERNAME
defaultValue: ""
type: string
description: The username to authenticate with the store. Only applies when store
type 'nats-js-kv' is configured.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_DISABLE_PERSISTENCE:
name: OCIS_CACHE_DISABLE_PERSISTENCE;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_DISABLE_PERSISTENCE
defaultValue: "true"
type: bool
description: Disables persistence of the store. Only applies when store type 'nats-js-kv'
is configured. Defaults to true.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES:
name: OCIS_CACHE_STORE_NODES;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES
defaultValue: '[127.0.0.1:9233]'
type: '[]string'
description: A list of nodes to access the configured store. Note that the behaviour
how nodes are used is dependent on the library of the configured store. See the
Environment Variable Types description for more details.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_TTL:
name: OCIS_CACHE_TTL;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_TTL
defaultValue: 12h0m0s
type: Duration
description: Default time to live for signing keys. See the Environment Variable
Types description for more details.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_ROLE_ASSIGNMENT_DRIVER:
name: PROXY_ROLE_ASSIGNMENT_DRIVER
defaultValue: default
type: string
description: 'The mechanism that should be used to assign roles to user upon login.
Supported values: ''default'' or ''oidc''. ''default'' will assign the role ''user''
to users which don''t have a role assigned at the time they login. ''oidc'' will
assign the role based on the value of a claim (configured via PROXY_ROLE_ASSIGNMENT_OIDC_CLAIM)
from the users OIDC claims.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_ROLE_ASSIGNMENT_OIDC_CLAIM:
name: PROXY_ROLE_ASSIGNMENT_OIDC_CLAIM
defaultValue: roles
type: string
description: The OIDC claim used to create the users role assignment.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_SERVICE_ACCOUNT_ID:
name: OCIS_SERVICE_ACCOUNT_ID;PROXY_SERVICE_ACCOUNT_ID
defaultValue: ""
type: string
description: The ID of the service account the service should use. See the 'auth-service'
service description for more details.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_SERVICE_ACCOUNT_SECRET:
name: OCIS_SERVICE_ACCOUNT_SECRET;PROXY_SERVICE_ACCOUNT_SECRET
defaultValue: ""
type: string
description: The service account secret.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_TLS:
name: PROXY_TLS
defaultValue: "true"
type: bool
description: Enable/Disable HTTPS for external HTTP services. Must be set to 'true'
if the built-in IDP service an no reverse proxy is used. See the text description
for details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;PROXY_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;PROXY_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;PROXY_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_TRACING_TYPE:
name: OCIS_TRACING_TYPE;PROXY_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_TRANSPORT_TLS_CERT:
name: PROXY_TRANSPORT_TLS_CERT
defaultValue: /var/lib/ocis/proxy/server.crt
type: string
description: Path/File name of the TLS server certificate (in PEM format) for the
external http services. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/proxy.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_TRANSPORT_TLS_KEY:
name: PROXY_TRANSPORT_TLS_KEY
defaultValue: /var/lib/ocis/proxy/server.key
type: string
description: Path/File name for the TLS certificate key (in PEM format) for the
server certificate to use for the external http services. If not defined, the
root directory derives from $OCIS_BASE_DATA_PATH/proxy.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_USER_CS3_CLAIM:
name: PROXY_USER_CS3_CLAIM
defaultValue: username
type: string
description: The name of a CS3 user attribute (claim) that should be mapped to the
'user_oidc_claim'. Supported values are 'username', 'mail' and 'userid'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
PROXY_USER_OIDC_CLAIM:
name: PROXY_USER_OIDC_CLAIM
defaultValue: preferred_username
type: string
description: The name of an OpenID Connect claim that is used for resolving users
with the account backend. The value of the claim must hold a per user unique,
stable and non re-assignable identifier. The availability of claims depends on
your Identity Provider. There are common claims available for most Identity providers
like 'email' or 'preferred_username' but you can also add your own claim.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SEARCH_CONTENT_EXTRACTION_SIZE_LIMIT:
name: SEARCH_CONTENT_EXTRACTION_SIZE_LIMIT
defaultValue: "20971520"
type: uint64
description: Maximum file size in bytes that is allowed for content extraction.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SEARCH_DEBUG_ADDR:
name: SEARCH_DEBUG_ADDR
defaultValue: 127.0.0.1:9224
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SEARCH_DEBUG_PPROF:
name: SEARCH_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SEARCH_DEBUG_TOKEN:
name: SEARCH_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SEARCH_DEBUG_ZPAGES:
name: SEARCH_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing in-memory
traces.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SEARCH_ENGINE_BLEVE_DATA_PATH:
name: SEARCH_ENGINE_BLEVE_DATA_PATH
defaultValue: /var/lib/ocis/search
type: string
description: The directory where the filesystem will store search data. If not defined,
the root directory derives from $OCIS_BASE_DATA_PATH/search.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SEARCH_ENGINE_TYPE:
name: SEARCH_ENGINE_TYPE
defaultValue: bleve
type: string
description: 'Defines which search engine to use. Defaults to ''bleve''. Supported
values are: ''bleve''.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SEARCH_EVENTS_ASYNC_UPLOADS:
name: OCIS_ASYNC_UPLOADS;SEARCH_EVENTS_ASYNC_UPLOADS
defaultValue: "true"
type: bool
description: Enable asynchronous file uploads.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SEARCH_EVENTS_AUTH_PASSWORD:
name: OCIS_EVENTS_AUTH_PASSWORD;SEARCH_EVENTS_AUTH_PASSWORD
defaultValue: ""
type: string
description: The password to authenticate with the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SEARCH_EVENTS_AUTH_USERNAME:
name: OCIS_EVENTS_AUTH_USERNAME;SEARCH_EVENTS_AUTH_USERNAME
defaultValue: ""
type: string
description: The username to authenticate with the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SEARCH_EVENTS_CLUSTER:
name: OCIS_EVENTS_CLUSTER;SEARCH_EVENTS_CLUSTER
defaultValue: ocis-cluster
type: string
description: The clusterID of the event system. The event system is the message
queuing service. It is used as message broker for the microservice architecture.
Mandatory when using NATS as event system.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SEARCH_EVENTS_ENABLE_TLS:
name: OCIS_EVENTS_ENABLE_TLS;SEARCH_EVENTS_ENABLE_TLS
defaultValue: "false"
type: bool
description: Enable TLS for the connection to the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SEARCH_EVENTS_ENDPOINT:
name: OCIS_EVENTS_ENDPOINT;SEARCH_EVENTS_ENDPOINT
defaultValue: 127.0.0.1:9233
type: string
description: The address of the event system. The event system is the message queuing
service. It is used as message broker for the microservice architecture.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SEARCH_EVENTS_NUM_CONSUMERS:
name: SEARCH_EVENTS_NUM_CONSUMERS
defaultValue: "0"
type: int
description: The amount of concurrent event consumers to start. Event consumers
are used for searching files. Multiple consumers increase parallelisation, but
will also increase CPU and memory demands. The default value is 0.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SEARCH_EVENTS_REINDEX_DEBOUNCE_DURATION:
name: SEARCH_EVENTS_REINDEX_DEBOUNCE_DURATION
defaultValue: "1000"
type: int
description: The duration in milliseconds the reindex debouncer waits before triggering
a reindex of a space that was modified.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SEARCH_EVENTS_TLS_INSECURE:
name: OCIS_INSECURE;SEARCH_EVENTS_TLS_INSECURE
defaultValue: "false"
type: bool
description: Whether to verify the server TLS certificates.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SEARCH_EVENTS_TLS_ROOT_CA_CERTIFICATE:
name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;SEARCH_EVENTS_TLS_ROOT_CA_CERTIFICATE
defaultValue: ""
type: string
description: The root CA certificate used to validate the server's TLS certificate.
If provided SEARCH_EVENTS_TLS_INSECURE will be seen as false.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SEARCH_EXTRACTOR_CS3SOURCE_INSECURE:
name: OCIS_INSECURE;SEARCH_EXTRACTOR_CS3SOURCE_INSECURE
defaultValue: "false"
type: bool
description: Ignore untrusted SSL certificates when connecting to the CS3 source.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SEARCH_EXTRACTOR_TIKA_CLEAN_STOP_WORDS:
name: SEARCH_EXTRACTOR_TIKA_CLEAN_STOP_WORDS
defaultValue: "true"
type: bool
description: Defines if stop words should be cleaned or not. See the documentation
for more details.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SEARCH_EXTRACTOR_TIKA_TIKA_URL:
name: SEARCH_EXTRACTOR_TIKA_TIKA_URL
defaultValue: http://127.0.0.1:9998
type: string
description: URL of the tika server.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SEARCH_EXTRACTOR_TYPE:
name: SEARCH_EXTRACTOR_TYPE
defaultValue: basic
type: string
description: 'Defines the content extraction engine. Defaults to ''basic''. Supported
values are: ''basic'' and ''tika''.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SEARCH_GRPC_ADDR:
name: SEARCH_GRPC_ADDR
defaultValue: 127.0.0.1:9220
type: string
description: The bind address of the GRPC service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SEARCH_JWT_SECRET:
name: OCIS_JWT_SECRET;SEARCH_JWT_SECRET
defaultValue: ""
type: string
description: The secret to mint and validate jwt tokens.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SEARCH_LOG_COLOR:
name: OCIS_LOG_COLOR;SEARCH_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SEARCH_LOG_FILE:
name: OCIS_LOG_FILE;SEARCH_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SEARCH_LOG_LEVEL:
name: OCIS_LOG_LEVEL;SEARCH_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SEARCH_LOG_PRETTY:
name: OCIS_LOG_PRETTY;SEARCH_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SEARCH_SERVICE_ACCOUNT_ID:
name: OCIS_SERVICE_ACCOUNT_ID;SEARCH_SERVICE_ACCOUNT_ID
defaultValue: ""
type: string
description: The ID of the service account the service should use. See the 'auth-service'
service description for more details.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SEARCH_SERVICE_ACCOUNT_SECRET:
name: OCIS_SERVICE_ACCOUNT_SECRET;SEARCH_SERVICE_ACCOUNT_SECRET
defaultValue: ""
type: string
description: The service account secret.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SEARCH_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;SEARCH_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SEARCH_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;SEARCH_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SEARCH_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;SEARCH_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SEARCH_TRACING_TYPE:
name: OCIS_TRACING_TYPE;SEARCH_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SETTINGS_ADMIN_USER_ID:
name: OCIS_ADMIN_USER_ID;SETTINGS_ADMIN_USER_ID
defaultValue: ""
type: string
description: ID of the user that should receive admin privileges. Consider that
the UUID can be encoded in some LDAP deployment configurations like in .ldif files.
These need to be decoded beforehand.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SETTINGS_BUNDLES_PATH:
name: SETTINGS_BUNDLES_PATH
defaultValue: ""
type: string
description: The path to a JSON file with a list of bundles. If not defined, the
default bundles will be loaded.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SETTINGS_CACHE_AUTH_PASSWORD:
name: OCIS_CACHE_AUTH_PASSWORD;SETTINGS_CACHE_AUTH_PASSWORD
defaultValue: ""
type: string
description: The password to authenticate with the cache. Only applies when store
type 'nats-js-kv' is configured.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SETTINGS_CACHE_AUTH_USERNAME:
name: OCIS_CACHE_AUTH_USERNAME;SETTINGS_CACHE_AUTH_USERNAME
defaultValue: ""
type: string
description: The username to authenticate with the cache. Only applies when store
type 'nats-js-kv' is configured.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SETTINGS_CACHE_DISABLE_PERSISTENCE:
name: OCIS_CACHE_DISABLE_PERSISTENCE;SETTINGS_CACHE_DISABLE_PERSISTENCE
defaultValue: "false"
type: bool
description: Disables persistence of the cache. Only applies when store type 'nats-js-kv'
is configured. Defaults to false.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SETTINGS_CACHE_SIZE:
name: OCIS_CACHE_SIZE;SETTINGS_CACHE_SIZE
defaultValue: "0"
type: int
description: The maximum quantity of items in the cache. Only applies when store
type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package
though not exclicitly set as default.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SETTINGS_CACHE_STORE:
name: OCIS_CACHE_STORE;SETTINGS_CACHE_STORE
defaultValue: memory
type: string
description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'',
''nats-js-kv'', ''noop''. See the text description for details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SETTINGS_CACHE_STORE_NODES:
name: OCIS_CACHE_STORE_NODES;SETTINGS_CACHE_STORE_NODES
defaultValue: '[127.0.0.1:9233]'
type: '[]string'
description: A list of nodes to access the configured store. This has no effect
when 'memory' store is configured. Note that the behaviour how nodes are used
is dependent on the library of the configured store. See the Environment Variable
Types description for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SETTINGS_CACHE_TTL:
name: OCIS_CACHE_TTL;SETTINGS_CACHE_TTL
defaultValue: 10m0s
type: Duration
description: Default time to live for entries in the cache. Only applied when access
tokens has no expiration. See the Environment Variable Types description for more
details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SETTINGS_CORS_ALLOW_CREDENTIALS:
name: OCIS_CORS_ALLOW_CREDENTIALS;SETTINGS_CORS_ALLOW_CREDENTIALS
defaultValue: "true"
type: bool
description: 'Allow credentials for CORS.See following chapter for more details:
*Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SETTINGS_CORS_ALLOW_HEADERS:
name: OCIS_CORS_ALLOW_HEADERS;SETTINGS_CORS_ALLOW_HEADERS
defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id]'
type: '[]string'
description: 'A list of allowed CORS headers. See following chapter for more details:
*Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SETTINGS_CORS_ALLOW_METHODS:
name: OCIS_CORS_ALLOW_METHODS;SETTINGS_CORS_ALLOW_METHODS
defaultValue: '[GET POST PUT PATCH DELETE OPTIONS]'
type: '[]string'
description: 'A list of allowed CORS methods. See following chapter for more details:
*Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SETTINGS_CORS_ALLOW_ORIGINS:
name: OCIS_CORS_ALLOW_ORIGINS;SETTINGS_CORS_ALLOW_ORIGINS
defaultValue: '[*]'
type: '[]string'
description: 'A list of allowed CORS origins. See following chapter for more details:
*Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SETTINGS_DATA_PATH:
name: SETTINGS_DATA_PATH
defaultValue: /var/lib/ocis/settings
type: string
description: The directory where the filesystem storage will store ocis settings.
If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/settings.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SETTINGS_DEBUG_ADDR:
name: SETTINGS_DEBUG_ADDR
defaultValue: 127.0.0.1:9194
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SETTINGS_DEBUG_PPROF:
name: SETTINGS_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SETTINGS_DEBUG_TOKEN:
name: SETTINGS_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SETTINGS_DEBUG_ZPAGES:
name: SETTINGS_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing in-memory
traces.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SETTINGS_DIRECTORY_CACHE_TABLE:
name: SETTINGS_DIRECTORY_CACHE_TABLE
defaultValue: settings_dirs
type: string
description: The database table the store should use for the directory cache.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SETTINGS_FILE_CACHE_TABLE:
name: SETTINGS_FILE_CACHE_TABLE
defaultValue: settings_files
type: string
description: The database table the store should use for the file cache.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SETTINGS_GRPC_ADDR:
name: SETTINGS_GRPC_ADDR
defaultValue: 127.0.0.1:9191
type: string
description: The bind address of the GRPC service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SETTINGS_HTTP_ADDR:
name: SETTINGS_HTTP_ADDR
defaultValue: 127.0.0.1:9190
type: string
description: The bind address of the HTTP service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SETTINGS_HTTP_ROOT:
name: SETTINGS_HTTP_ROOT
defaultValue: /
type: string
description: Subdirectory that serves as the root for this HTTP service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SETTINGS_JWT_SECRET:
name: OCIS_JWT_SECRET;SETTINGS_JWT_SECRET
defaultValue: ""
type: string
description: The secret to mint and validate jwt tokens.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SETTINGS_LOG_COLOR:
name: OCIS_LOG_COLOR;SETTINGS_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SETTINGS_LOG_FILE:
name: OCIS_LOG_FILE;SETTINGS_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SETTINGS_LOG_LEVEL:
name: OCIS_LOG_LEVEL;SETTINGS_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SETTINGS_LOG_PRETTY:
name: OCIS_LOG_PRETTY;SETTINGS_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SETTINGS_SERVICE_ACCOUNT_IDS:
name: SETTINGS_SERVICE_ACCOUNT_IDS;OCIS_SERVICE_ACCOUNT_ID
defaultValue: '[service-user-id]'
type: '[]string'
description: 'The list of all service account IDs. These will be assigned the hidden
''service-account'' role. Note: When using ''OCIS_SERVICE_ACCOUNT_ID'' this will
contain only one value while ''SETTINGS_SERVICE_ACCOUNT_IDS'' can have multiple.
See the ''auth-service'' service description for more details about service accounts.'
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SETTINGS_SETUP_DEFAULT_ASSIGNMENTS:
name: SETTINGS_SETUP_DEFAULT_ASSIGNMENTS;IDM_CREATE_DEMO_USERS
defaultValue: "false"
type: bool
description: The default role assignments the demo users should be setup.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SETTINGS_STORAGE_GATEWAY_GRPC_ADDR:
name: SETTINGS_STORAGE_GATEWAY_GRPC_ADDR;STORAGE_GATEWAY_GRPC_ADDR
defaultValue: com.owncloud.api.storage-system
type: string
description: GRPC address of the STORAGE-SYSTEM service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SETTINGS_STORAGE_GRPC_ADDR:
name: SETTINGS_STORAGE_GRPC_ADDR;STORAGE_GRPC_ADDR
defaultValue: com.owncloud.api.storage-system
type: string
description: GRPC address of the STORAGE-SYSTEM service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SETTINGS_STORE_TYPE:
name: SETTINGS_STORE_TYPE
defaultValue: metadata
type: string
description: Store type configures the persistency driver. Supported values are
'metadata' and 'filesystem'. Note that the value 'filesystem' is considered deprecated.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SETTINGS_SYSTEM_USER_ID:
name: OCIS_SYSTEM_USER_ID;SETTINGS_SYSTEM_USER_ID
defaultValue: ""
type: string
description: ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID
for the STORAGE-SYSTEM system user in this config option which is then used to
reference the user. Any reasonable long string is possible, preferably this would
be an UUIDv4 format.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SETTINGS_SYSTEM_USER_IDP:
name: OCIS_SYSTEM_USER_IDP;SETTINGS_SYSTEM_USER_IDP
defaultValue: internal
type: string
description: IDP of the oCIS STORAGE-SYSTEM system user.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SETTINGS_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;SETTINGS_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SETTINGS_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;SETTINGS_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SETTINGS_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;SETTINGS_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SETTINGS_TRACING_TYPE:
name: OCIS_TRACING_TYPE;SETTINGS_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_DEBUG_ADDR:
name: SHARING_DEBUG_ADDR
defaultValue: 127.0.0.1:9151
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_DEBUG_PPROF:
name: SHARING_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_DEBUG_TOKEN:
name: SHARING_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_DEBUG_ZPAGES:
name: SHARING_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing in-memory
traces.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_EVENTS_AUTH_PASSWORD:
name: OCIS_EVENTS_AUTH_PASSWORD;SHARING_EVENTS_AUTH_PASSWORD
defaultValue: ""
type: string
description: Password for the events broker.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_EVENTS_AUTH_USERNAME:
name: OCIS_EVENTS_AUTH_USERNAME;SHARING_EVENTS_AUTH_USERNAME
defaultValue: ""
type: string
description: Username for the events broker.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_EVENTS_CLUSTER:
name: OCIS_EVENTS_CLUSTER;SHARING_EVENTS_CLUSTER
defaultValue: ocis-cluster
type: string
description: The clusterID of the event system. The event system is the message
queuing service. It is used as message broker for the microservice architecture.
Mandatory when using NATS as event system.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_EVENTS_ENABLE_TLS:
name: OCIS_EVENTS_ENABLE_TLS;SHARING_EVENTS_ENABLE_TLS
defaultValue: "false"
type: bool
description: Enable TLS for the connection to the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_EVENTS_ENDPOINT:
name: OCIS_EVENTS_ENDPOINT;SHARING_EVENTS_ENDPOINT
defaultValue: 127.0.0.1:9233
type: string
description: The address of the event system. The event system is the message queuing
service. It is used as message broker for the microservice architecture.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_EVENTS_TLS_INSECURE:
name: OCIS_INSECURE;SHARING_EVENTS_TLS_INSECURE
defaultValue: "false"
type: bool
description: Whether to verify the server TLS certificates.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_EVENTS_TLS_ROOT_CA_CERTIFICATE:
name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;SHARING_EVENTS_TLS_ROOT_CA_CERTIFICATE
defaultValue: ""
type: string
description: The root CA certificate used to validate the server's TLS certificate.
If provided SHARING_EVENTS_TLS_INSECURE will be seen as false.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_GRPC_ADDR:
name: SHARING_GRPC_ADDR
defaultValue: 127.0.0.1:9150
type: string
description: The bind address of the GRPC service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_GRPC_PROTOCOL:
name: OCIS_GRPC_PROTOCOL;SHARING_GRPC_PROTOCOL
defaultValue: tcp
type: string
description: The transport protocol of the GRPC service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_JWT_SECRET:
name: OCIS_JWT_SECRET;SHARING_JWT_SECRET
defaultValue: ""
type: string
description: The secret to mint and validate jwt tokens.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_LOG_COLOR:
name: OCIS_LOG_COLOR;SHARING_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_LOG_FILE:
name: OCIS_LOG_FILE;SHARING_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_LOG_LEVEL:
name: OCIS_LOG_LEVEL;SHARING_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_LOG_PRETTY:
name: OCIS_LOG_PRETTY;SHARING_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_OCM_PROVIDER_AUTHORIZER_DRIVER:
name: SHARING_OCM_PROVIDER_AUTHORIZER_DRIVER
defaultValue: json
type: string
description: Driver to be used to persist ocm invites. Supported value is only 'json'.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_PASSWORD_POLICY_BANNED_PASSWORDS_LIST:
name: OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST;SHARING_PASSWORD_POLICY_BANNED_PASSWORDS_LIST
defaultValue: ""
type: string
description: Path to the 'banned passwords list' file. This only impacts public
link password validation. See the documentation for more details.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_PASSWORD_POLICY_DISABLED:
name: OCIS_PASSWORD_POLICY_DISABLED;SHARING_PASSWORD_POLICY_DISABLED
defaultValue: "false"
type: bool
description: Disable the password policy. Defaults to false if not set.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_PASSWORD_POLICY_MIN_CHARACTERS:
name: OCIS_PASSWORD_POLICY_MIN_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_CHARACTERS
defaultValue: "8"
type: int
description: Define the minimum password length. Defaults to 8 if not set.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_PASSWORD_POLICY_MIN_DIGITS:
name: OCIS_PASSWORD_POLICY_MIN_DIGITS;SHARING_PASSWORD_POLICY_MIN_DIGITS
defaultValue: "1"
type: int
description: Define the minimum number of digits. Defaults to 1 if not set.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS:
name: OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS
defaultValue: "1"
type: int
description: Define the minimum number of uppercase letters. Defaults to 1 if not
set.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS:
name: OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS
defaultValue: "1"
type: int
description: Define the minimum number of characters from the special characters
list to be present. Defaults to 1 if not set.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS:
name: OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS
defaultValue: "1"
type: int
description: Define the minimum number of lowercase letters. Defaults to 1 if not
set.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_PUBLIC_CS3_PROVIDER_ADDR:
name: SHARING_PUBLIC_CS3_PROVIDER_ADDR
defaultValue: com.owncloud.api.storage-system
type: string
description: GRPC address of the STORAGE-SYSTEM service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_PUBLIC_CS3_SYSTEM_USER_API_KEY:
name: OCIS_SYSTEM_USER_API_KEY;SHARING_PUBLIC_CS3_SYSTEM_USER_API_KEY
defaultValue: ""
type: string
description: API key for the STORAGE-SYSTEM system user.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_PUBLIC_CS3_SYSTEM_USER_ID:
name: OCIS_SYSTEM_USER_ID;SHARING_PUBLIC_CS3_SYSTEM_USER_ID
defaultValue: ""
type: string
description: ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID
for the STORAGE-SYSTEM system user in this config option which is then used to
reference the user. Any reasonable long string is possible, preferably this would
be an UUIDv4 format.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_PUBLIC_CS3_SYSTEM_USER_IDP:
name: OCIS_SYSTEM_USER_IDP;SHARING_PUBLIC_CS3_SYSTEM_USER_IDP
defaultValue: internal
type: string
description: IDP of the oCIS STORAGE-SYSTEM system user.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_PUBLIC_DRIVER:
name: SHARING_PUBLIC_DRIVER
defaultValue: jsoncs3
type: string
description: Driver to be used to persist public shares. Supported values are 'jsoncs3',
'json' and 'cs3' (deprecated).
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_PUBLIC_JSON_FILE:
name: SHARING_PUBLIC_JSON_FILE
defaultValue: /var/lib/ocis/storage/publicshares.json
type: string
description: Path to the JSON file where public share meta-data will be stored.
This JSON file contains the information about public shares that have been created.
If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/storage.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_PUBLIC_JSONCS3_PROVIDER_ADDR:
name: SHARING_PUBLIC_JSONCS3_PROVIDER_ADDR
defaultValue: com.owncloud.api.storage-system
type: string
description: GRPC address of the STORAGE-SYSTEM service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_PUBLIC_JSONCS3_SYSTEM_USER_API_KEY:
name: OCIS_SYSTEM_USER_API_KEY;SHARING_PUBLIC_JSONCS3_SYSTEM_USER_API_KEY
defaultValue: ""
type: string
description: API key for the STORAGE-SYSTEM system user.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_PUBLIC_JSONCS3_SYSTEM_USER_ID:
name: OCIS_SYSTEM_USER_ID;SHARING_PUBLIC_JSONCS3_SYSTEM_USER_ID
defaultValue: ""
type: string
description: ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID
for the STORAGE-SYSTEM system user in this config option which is then used to
reference the user. Any reasonable long string is possible, preferably this would
be an UUIDv4 format.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_PUBLIC_JSONCS3_SYSTEM_USER_IDP:
name: OCIS_SYSTEM_USER_IDP;SHARING_PUBLIC_JSONCS3_SYSTEM_USER_IDP
defaultValue: internal
type: string
description: IDP of the oCIS STORAGE-SYSTEM system user.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD:
name: OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD;SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD
defaultValue: "true"
type: bool
description: Set this to true if you want to enforce passwords on all public shares.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD:
name: OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD;SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD
defaultValue: "false"
type: bool
description: Set this to true if you want to enforce passwords on Uploader, Editor
or Contributor shares. If not using the global OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD,
you must define the FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD in
the frontend service.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_SKIP_USER_GROUPS_IN_TOKEN:
name: SHARING_SKIP_USER_GROUPS_IN_TOKEN
defaultValue: "false"
type: bool
description: Disables the loading of user's group memberships from the reva access
token.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;SHARING_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;SHARING_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;SHARING_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_TRACING_TYPE:
name: OCIS_TRACING_TYPE;SHARING_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_USER_CS3_PROVIDER_ADDR:
name: SHARING_USER_CS3_PROVIDER_ADDR
defaultValue: com.owncloud.api.storage-system
type: string
description: GRPC address of the STORAGE-SYSTEM service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_USER_CS3_SYSTEM_USER_API_KEY:
name: OCIS_SYSTEM_USER_API_KEY;SHARING_USER_CS3_SYSTEM_USER_API_KEY
defaultValue: ""
type: string
description: API key for the STORAGE-SYSTEM system user.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_USER_CS3_SYSTEM_USER_ID:
name: OCIS_SYSTEM_USER_ID;SHARING_USER_CS3_SYSTEM_USER_ID
defaultValue: ""
type: string
description: ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID
for the STORAGE-SYSTEM system user in this config option which is then used to
reference the user. Any reasonable long string is possible, preferably this would
be an UUIDv4 format.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_USER_CS3_SYSTEM_USER_IDP:
name: OCIS_SYSTEM_USER_IDP;SHARING_USER_CS3_SYSTEM_USER_IDP
defaultValue: internal
type: string
description: IDP of the oCIS STORAGE-SYSTEM system user.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_USER_DRIVER:
name: SHARING_USER_DRIVER
defaultValue: jsoncs3
type: string
description: Driver to be used to persist shares. Supported values are 'jsoncs3',
'json', 'cs3' (deprecated) and 'owncloudsql'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_USER_JSON_FILE:
name: SHARING_USER_JSON_FILE
defaultValue: /var/lib/ocis/storage/shares.json
type: string
description: Path to the JSON file where shares will be persisted. If not defined,
the root directory derives from $OCIS_BASE_DATA_PATH/storage.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_USER_JSONCS3_CACHE_TTL:
name: SHARING_USER_JSONCS3_CACHE_TTL
defaultValue: "0"
type: int
description: TTL for the internal caches in seconds.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_USER_JSONCS3_PROVIDER_ADDR:
name: SHARING_USER_JSONCS3_PROVIDER_ADDR
defaultValue: com.owncloud.api.storage-system
type: string
description: GRPC address of the STORAGE-SYSTEM service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_USER_JSONCS3_SYSTEM_USER_API_KEY:
name: OCIS_SYSTEM_USER_API_KEY;SHARING_USER_JSONCS3_SYSTEM_USER_API_KEY
defaultValue: ""
type: string
description: API key for the STORAGE-SYSTEM system user.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_USER_JSONCS3_SYSTEM_USER_ID:
name: OCIS_SYSTEM_USER_ID;SHARING_USER_JSONCS3_SYSTEM_USER_ID
defaultValue: ""
type: string
description: ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID
for the STORAGE-SYSTEM system user in this config option which is then used to
reference the user. Any reasonable long string is possible, preferably this would
be an UUIDv4 format.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_USER_JSONCS3_SYSTEM_USER_IDP:
name: OCIS_SYSTEM_USER_IDP;SHARING_USER_JSONCS3_SYSTEM_USER_IDP
defaultValue: internal
type: string
description: IDP of the oCIS STORAGE-SYSTEM system user.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_USER_OWNCLOUDSQL_DB_HOST:
name: SHARING_USER_OWNCLOUDSQL_DB_HOST
defaultValue: mysql
type: string
description: Hostname or IP of the database server.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_USER_OWNCLOUDSQL_DB_NAME:
name: SHARING_USER_OWNCLOUDSQL_DB_NAME
defaultValue: owncloud
type: string
description: Name of the database to be used.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_USER_OWNCLOUDSQL_DB_PASSWORD:
name: SHARING_USER_OWNCLOUDSQL_DB_PASSWORD
defaultValue: ""
type: string
description: Password for the database.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_USER_OWNCLOUDSQL_DB_PORT:
name: SHARING_USER_OWNCLOUDSQL_DB_PORT
defaultValue: "3306"
type: int
description: Port that the database server is listening on.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_USER_OWNCLOUDSQL_DB_USERNAME:
name: SHARING_USER_OWNCLOUDSQL_DB_USERNAME
defaultValue: owncloud
type: string
description: Username for the database.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SHARING_USER_OWNCLOUDSQL_USER_STORAGE_MOUNT_ID:
name: SHARING_USER_OWNCLOUDSQL_USER_STORAGE_MOUNT_ID
defaultValue: ""
type: string
description: Mount ID of the ownCloudSQL users storage for mapping ownCloud 10 shares.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SSE_CORS_ALLOW_CREDENTIALS:
name: OCIS_CORS_ALLOW_CREDENTIALS;SSE_CORS_ALLOW_CREDENTIALS
defaultValue: "true"
type: bool
description: 'Allow credentials for CORS.See following chapter for more details:
*Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.'
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SSE_CORS_ALLOW_HEADERS:
name: OCIS_CORS_ALLOW_HEADERS;SSE_CORS_ALLOW_HEADERS
defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id
Ocs-Apirequest]'
type: '[]string'
description: 'A list of allowed CORS headers. See following chapter for more details:
*Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers.
See the Environment Variable Types description for more details.'
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SSE_CORS_ALLOW_METHODS:
name: OCIS_CORS_ALLOW_METHODS;SSE_CORS_ALLOW_METHODS
defaultValue: '[GET]'
type: '[]string'
description: 'A list of allowed CORS methods. See following chapter for more details:
*Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method.
See the Environment Variable Types description for more details.'
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SSE_CORS_ALLOW_ORIGINS:
name: OCIS_CORS_ALLOW_ORIGINS;SSE_CORS_ALLOW_ORIGINS
defaultValue: '[*]'
type: '[]string'
description: 'A list of allowed CORS origins. See following chapter for more details:
*Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin.
See the Environment Variable Types description for more details.'
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SSE_DEBUG_ADDR:
name: SSE_DEBUG_ADDR
defaultValue: 127.0.0.1:9139
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SSE_DEBUG_PPROF:
name: SSE_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SSE_DEBUG_TOKEN:
name: SSE_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SSE_DEBUG_ZPAGES:
name: SSE_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing in-memory
traces.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SSE_EVENTS_AUTH_PASSWORD:
name: OCIS_EVENTS_AUTH_PASSWORD;SSE_EVENTS_AUTH_PASSWORD
defaultValue: ""
type: string
description: The password to authenticate with the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SSE_EVENTS_AUTH_USERNAME:
name: OCIS_EVENTS_AUTH_USERNAME;SSE_EVENTS_AUTH_USERNAME
defaultValue: ""
type: string
description: The username to authenticate with the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SSE_EVENTS_CLUSTER:
name: OCIS_EVENTS_CLUSTER;SSE_EVENTS_CLUSTER
defaultValue: ocis-cluster
type: string
description: The clusterID of the event system. The event system is the message
queuing service. It is used as message broker for the microservice architecture.
Mandatory when using NATS as event system.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SSE_EVENTS_ENABLE_TLS:
name: OCIS_EVENTS_ENABLE_TLS;SSE_EVENTS_ENABLE_TLS
defaultValue: "false"
type: bool
description: Enable TLS for the connection to the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SSE_EVENTS_ENDPOINT:
name: OCIS_EVENTS_ENDPOINT;SSE_EVENTS_ENDPOINT
defaultValue: 127.0.0.1:9233
type: string
description: The address of the event system. The event system is the message queuing
service. It is used as message broker for the microservice architecture.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SSE_EVENTS_TLS_INSECURE:
name: OCIS_INSECURE;SSE_EVENTS_TLS_INSECURE
defaultValue: "false"
type: bool
description: Whether to verify the server TLS certificates.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SSE_EVENTS_TLS_ROOT_CA_CERTIFICATE:
name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;SSE_EVENTS_TLS_ROOT_CA_CERTIFICATE
defaultValue: ""
type: string
description: The root CA certificate used to validate the server's TLS certificate.
If provided SSE_EVENTS_TLS_INSECURE will be seen as false.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SSE_HTTP_ADDR:
name: SSE_HTTP_ADDR
defaultValue: 127.0.0.1:9135
type: string
description: The bind address of the HTTP service.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SSE_HTTP_ROOT:
name: SSE_HTTP_ROOT
defaultValue: /
type: string
description: Subdirectory that serves as the root for this HTTP service.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SSE_JWT_SECRET:
name: OCIS_JWT_SECRET;SSE_JWT_SECRET
defaultValue: ""
type: string
description: The secret to mint and validate jwt tokens.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SSE_KEEPALIVE_INTERVAL:
name: SSE_KEEPALIVE_INTERVAL
defaultValue: 0s
type: Duration
description: To prevent intermediate proxies from closing the SSE connection, send
periodic SSE comments to keep it open.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SSE_LOG_COLOR:
name: OCIS_LOG_COLOR;SSE_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SSE_LOG_FILE:
name: OCIS_LOG_FILE;SSE_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SSE_LOG_LEVEL:
name: OCIS_LOG_LEVEL;SSE_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SSE_LOG_PRETTY:
name: OCIS_LOG_PRETTY;SSE_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SSE_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;SSE_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SSE_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;SSE_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SSE_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;SSE_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
SSE_TRACING_TYPE:
name: OCIS_TRACING_TYPE;SSE_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_GATEWAY_GRPC_ADDR:
name: SETTINGS_STORAGE_GATEWAY_GRPC_ADDR;STORAGE_GATEWAY_GRPC_ADDR
defaultValue: com.owncloud.api.storage-system
type: string
description: GRPC address of the STORAGE-SYSTEM service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_GRPC_ADDR:
name: SETTINGS_STORAGE_GRPC_ADDR;STORAGE_GRPC_ADDR
defaultValue: com.owncloud.api.storage-system
type: string
description: GRPC address of the STORAGE-SYSTEM service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_PUBLICLINK_DEBUG_ADDR:
name: STORAGE_PUBLICLINK_DEBUG_ADDR
defaultValue: 127.0.0.1:9179
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_PUBLICLINK_DEBUG_PPROF:
name: STORAGE_PUBLICLINK_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_PUBLICLINK_DEBUG_TOKEN:
name: STORAGE_PUBLICLINK_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_PUBLICLINK_DEBUG_ZPAGES:
name: STORAGE_PUBLICLINK_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing in-memory
traces.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_PUBLICLINK_GRPC_ADDR:
name: STORAGE_PUBLICLINK_GRPC_ADDR
defaultValue: 127.0.0.1:9178
type: string
description: The bind address of the GRPC service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_PUBLICLINK_GRPC_PROTOCOL:
name: OCIS_GRPC_PROTOCOL;STORAGE_PUBLICLINK_GRPC_PROTOCOL
defaultValue: tcp
type: string
description: The transport protocol of the GRPC service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_PUBLICLINK_JWT_SECRET:
name: OCIS_JWT_SECRET;STORAGE_PUBLICLINK_JWT_SECRET
defaultValue: ""
type: string
description: The secret to mint and validate jwt tokens.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_PUBLICLINK_LOG_COLOR:
name: OCIS_LOG_COLOR;STORAGE_PUBLICLINK_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_PUBLICLINK_LOG_FILE:
name: OCIS_LOG_FILE;STORAGE_PUBLICLINK_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_PUBLICLINK_LOG_LEVEL:
name: OCIS_LOG_LEVEL;STORAGE_PUBLICLINK_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_PUBLICLINK_LOG_PRETTY:
name: OCIS_LOG_PRETTY;STORAGE_PUBLICLINK_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_PUBLICLINK_SKIP_USER_GROUPS_IN_TOKEN:
name: STORAGE_PUBLICLINK_SKIP_USER_GROUPS_IN_TOKEN
defaultValue: "false"
type: bool
description: Disables the loading of user's group memberships from the reva access
token.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_PUBLICLINK_STORAGE_PROVIDER_MOUNT_ID:
name: STORAGE_PUBLICLINK_STORAGE_PROVIDER_MOUNT_ID
defaultValue: 7993447f-687f-490d-875c-ac95e89a62a4
type: string
description: Mount ID of this storage. Admins can set the ID for the storage in
this config option manually which is then used to reference the storage. Any reasonable
long string is possible, preferably this would be an UUIDv4 format.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_PUBLICLINK_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;STORAGE_PUBLICLINK_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_PUBLICLINK_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;STORAGE_PUBLICLINK_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_PUBLICLINK_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;STORAGE_PUBLICLINK_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_PUBLICLINK_TRACING_TYPE:
name: OCIS_TRACING_TYPE;STORAGE_PUBLICLINK_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SHARES_DEBUG_ADDR:
name: STORAGE_SHARES_DEBUG_ADDR
defaultValue: 127.0.0.1:9156
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SHARES_DEBUG_PPROF:
name: STORAGE_SHARES_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SHARES_DEBUG_TOKEN:
name: STORAGE_SHARES_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SHARES_DEBUG_ZPAGES:
name: STORAGE_SHARES_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing in-memory
traces.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SHARES_GRPC_ADDR:
name: STORAGE_SHARES_GRPC_ADDR
defaultValue: 127.0.0.1:9154
type: string
description: The bind address of the GRPC service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SHARES_GRPC_PROTOCOL:
name: OCIS_GRPC_PROTOCOL;STORAGE_SHARES_GRPC_PROTOCOL
defaultValue: tcp
type: string
description: The transport protocol of the GRPC service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SHARES_JWT_SECRET:
name: OCIS_JWT_SECRET;STORAGE_SHARES_JWT_SECRET
defaultValue: ""
type: string
description: The secret to mint and validate jwt tokens.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SHARES_LOG_COLOR:
name: OCIS_LOG_COLOR;STORAGE_SHARES_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SHARES_LOG_FILE:
name: OCIS_LOG_FILE;STORAGE_SHARES_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SHARES_LOG_LEVEL:
name: OCIS_LOG_LEVEL;STORAGE_SHARES_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SHARES_LOG_PRETTY:
name: OCIS_LOG_PRETTY;STORAGE_SHARES_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SHARES_MOUNT_ID:
name: STORAGE_SHARES_MOUNT_ID
defaultValue: 7639e57c-4433-4a12-8201-722fd0009154
type: string
description: Mount ID of this storage. Admins can set the ID for the storage in
this config option manually which is then used to reference the storage. Any reasonable
long string is possible, preferably this would be an UUIDv4 format.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SHARES_READ_ONLY:
name: STORAGE_SHARES_READ_ONLY
defaultValue: "false"
type: bool
description: Set this storage to be read-only.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SHARES_SKIP_USER_GROUPS_IN_TOKEN:
name: STORAGE_SHARES_SKIP_USER_GROUPS_IN_TOKEN
defaultValue: "false"
type: bool
description: Disables the loading of user's group memberships from the reva access
token.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SHARES_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;STORAGE_SHARES_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SHARES_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;STORAGE_SHARES_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SHARES_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;STORAGE_SHARES_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SHARES_TRACING_TYPE:
name: OCIS_TRACING_TYPE;STORAGE_SHARES_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SHARES_USER_SHARE_PROVIDER_ENDPOINT:
name: STORAGE_SHARES_USER_SHARE_PROVIDER_ENDPOINT
defaultValue: com.owncloud.api.sharing
type: string
description: GRPC endpoint of the SHARING service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SYSTEM_CACHE_AUTH_PASSWORD:
name: OCIS_CACHE_AUTH_PASSWORD;STORAGE_SYSTEM_CACHE_AUTH_PASSWORD
defaultValue: ""
type: string
description: Password for the configured store. Only applies when store type 'nats-js-kv'
is configured.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SYSTEM_CACHE_AUTH_USERNAME:
name: OCIS_CACHE_AUTH_USERNAME;STORAGE_SYSTEM_CACHE_AUTH_USERNAME
defaultValue: ""
type: string
description: Username for the configured store. Only applies when store type 'nats-js-kv'
is configured.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SYSTEM_CACHE_DISABLE_PERSISTENCE:
name: OCIS_CACHE_DISABLE_PERSISTENCE;STORAGE_SYSTEM_CACHE_DISABLE_PERSISTENCE
defaultValue: "false"
type: bool
description: Disables persistence of the cache. Only applies when store type 'nats-js-kv'
is configured. Defaults to false.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SYSTEM_CACHE_SIZE:
name: OCIS_CACHE_SIZE;STORAGE_SYSTEM_CACHE_SIZE
defaultValue: "0"
type: int
description: The maximum quantity of items in the user info cache. Only applies
when store type 'ocmem' is configured. Defaults to 512 which is derived from the
ocmem package though not exclicitly set as default.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SYSTEM_CACHE_STORE:
name: OCIS_CACHE_STORE;STORAGE_SYSTEM_CACHE_STORE
defaultValue: memory
type: string
description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'',
''nats-js-kv'', ''noop''. See the text description for details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SYSTEM_CACHE_STORE_NODES:
name: OCIS_CACHE_STORE_NODES;STORAGE_SYSTEM_CACHE_STORE_NODES
defaultValue: '[127.0.0.1:9233]'
type: '[]string'
description: A list of nodes to access the configured store. This has no effect
when 'memory' store is configured. Note that the behaviour how nodes are used
is dependent on the library of the configured store. See the Environment Variable
Types description for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SYSTEM_CACHE_TTL:
name: OCIS_CACHE_TTL;STORAGE_SYSTEM_CACHE_TTL
defaultValue: 24m0s
type: Duration
description: Default time to live for user info in the user info cache. Only applied
when access tokens has no expiration. See the Environment Variable Types description
for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SYSTEM_DATA_SERVER_URL:
name: STORAGE_SYSTEM_DATA_SERVER_URL
defaultValue: http://localhost:9216/data
type: string
description: URL of the data server, needs to be reachable by other services using
this service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SYSTEM_DEBUG_ADDR:
name: STORAGE_SYSTEM_DEBUG_ADDR
defaultValue: 127.0.0.1:9217
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SYSTEM_DEBUG_PPROF:
name: STORAGE_SYSTEM_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SYSTEM_DEBUG_TOKEN:
name: STORAGE_SYSTEM_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SYSTEM_DEBUG_ZPAGES:
name: STORAGE_SYSTEM_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing in-memory
traces.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SYSTEM_DRIVER:
name: STORAGE_SYSTEM_DRIVER
defaultValue: ocis
type: string
description: The driver which should be used by the service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SYSTEM_GRPC_ADDR:
name: STORAGE_SYSTEM_GRPC_ADDR
defaultValue: 127.0.0.1:9215
type: string
description: The bind address of the GRPC service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SYSTEM_GRPC_PROTOCOL:
name: OCIS_GRPC_PROTOCOL;STORAGE_SYSTEM_GRPC_PROTOCOL
defaultValue: tcp
type: string
description: The transport protocol of the GPRC service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SYSTEM_HTTP_ADDR:
name: STORAGE_SYSTEM_HTTP_ADDR
defaultValue: 127.0.0.1:9216
type: string
description: The bind address of the HTTP service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SYSTEM_HTTP_PROTOCOL:
name: STORAGE_SYSTEM_HTTP_PROTOCOL
defaultValue: tcp
type: string
description: The transport protocol of the HTTP service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SYSTEM_JWT_SECRET:
name: OCIS_JWT_SECRET;STORAGE_SYSTEM_JWT_SECRET
defaultValue: ""
type: string
description: The secret to mint and validate jwt tokens.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SYSTEM_LOG_COLOR:
name: OCIS_LOG_COLOR;STORAGE_SYSTEM_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SYSTEM_LOG_FILE:
name: OCIS_LOG_FILE;STORAGE_SYSTEM_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SYSTEM_LOG_LEVEL:
name: OCIS_LOG_LEVEL;STORAGE_SYSTEM_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SYSTEM_LOG_PRETTY:
name: OCIS_LOG_PRETTY;STORAGE_SYSTEM_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SYSTEM_OCIS_LOCK_CYCLE_DURATION_FACTOR:
name: STORAGE_SYSTEM_OCIS_LOCK_CYCLE_DURATION_FACTOR
defaultValue: "30"
type: int
description: When trying to lock files, ocis will multiply the cycle with this factor
and use it as a millisecond timeout. Values of 0 or below will be ignored and
the default value of 30 will be used.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SYSTEM_OCIS_MAX_ACQUIRE_LOCK_CYCLES:
name: STORAGE_SYSTEM_OCIS_MAX_ACQUIRE_LOCK_CYCLES
defaultValue: "20"
type: int
description: When trying to lock files, ocis will try this amount of times to acquire
the lock before failing. After each try it will wait for an increasing amount
of time. Values of 0 or below will be ignored and the default value of 20 will
be used.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SYSTEM_OCIS_ROOT:
name: STORAGE_SYSTEM_OCIS_ROOT
defaultValue: /var/lib/ocis/storage/metadata
type: string
description: Path for the directory where the STORAGE-SYSTEM service stores it's
persistent data. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/storage.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SYSTEM_SKIP_USER_GROUPS_IN_TOKEN:
name: STORAGE_SYSTEM_SKIP_USER_GROUPS_IN_TOKEN
defaultValue: "false"
type: bool
description: Disables the loading of user's group memberships from the reva access
token.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SYSTEM_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;STORAGE_SYSTEM_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SYSTEM_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;STORAGE_SYSTEM_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SYSTEM_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;STORAGE_SYSTEM_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_SYSTEM_TRACING_TYPE:
name: OCIS_TRACING_TYPE;STORAGE_SYSTEM_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_ASYNC_PROPAGATOR_PROPAGATION_DELAY:
name: STORAGE_USERS_ASYNC_PROPAGATOR_PROPAGATION_DELAY
defaultValue: 0s
type: Duration
description: The delay between a change made to a tree and the propagation start
on treesize and treetime. Multiple propagations are computed to a single one.
See the Environment Variable Types description for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_CLI_MAX_ATTEMPTS_RENAME_FILE:
name: STORAGE_USERS_CLI_MAX_ATTEMPTS_RENAME_FILE
defaultValue: "0"
type: int
description: The maximum number of attempts to rename a file when a user restores
a file to an existing destination with the same name. The minimum value is 100.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_CORS_ALLOW_CREDENTIALS:
name: OCIS_CORS_ALLOW_CREDENTIALS;STORAGE_USERS_CORS_ALLOW_CREDENTIALS
defaultValue: "false"
type: bool
description: 'Allow credentials for CORS.See following chapter for more details:
*Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_CORS_ALLOW_HEADERS:
name: OCIS_CORS_ALLOW_HEADERS;STORAGE_USERS_CORS_ALLOW_HEADERS
defaultValue: '[Authorization Origin X-Requested-With X-Request-Id X-HTTP-Method-Override
Content-Type Upload-Length Upload-Offset Tus-Resumable Upload-Metadata Upload-Defer-Length
Upload-Concat Upload-Incomplete Upload-Draft-Interop-Version]'
type: '[]string'
description: 'A list of allowed CORS headers. See following chapter for more details:
*Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_CORS_ALLOW_METHODS:
name: OCIS_CORS_ALLOW_METHODS;STORAGE_USERS_CORS_ALLOW_METHODS
defaultValue: '[POST HEAD PATCH OPTIONS GET DELETE]'
type: '[]string'
description: 'A list of allowed CORS methods. See following chapter for more details:
*Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_CORS_ALLOW_ORIGINS:
name: OCIS_CORS_ALLOW_ORIGINS;STORAGE_USERS_CORS_ALLOW_ORIGINS
defaultValue: '[https://localhost:9200]'
type: '[]string'
description: 'A list of allowed CORS origins. See following chapter for more details:
*Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_CORS_EXPOSE_HEADERS:
name: OCIS_CORS_EXPOSE_HEADERS;STORAGE_USERS_CORS_EXPOSE_HEADERS
defaultValue: '[Upload-Offset Location Upload-Length Tus-Version Tus-Resumable Tus-Max-Size
Tus-Extension Upload-Metadata Upload-Defer-Length Upload-Concat Upload-Incomplete
Upload-Draft-Interop-Version]'
type: '[]string'
description: 'A list of exposed CORS headers. See following chapter for more details:
*Access-Control-Expose-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_CORS_MAX_AGE:
name: OCIS_CORS_MAX_AGE;STORAGE_USERS_CORS_MAX_AGE
defaultValue: "86400"
type: uint
description: 'The max cache duration of preflight headers. See following chapter
for more details: *Access-Control-Max-Age* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_DATA_GATEWAY_URL:
name: STORAGE_USERS_DATA_GATEWAY_URL
defaultValue: https://localhost:9200/data
type: string
description: URL of the data gateway server
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_DATA_SERVER_URL:
name: STORAGE_USERS_DATA_SERVER_URL
defaultValue: http://localhost:9158/data
type: string
description: URL of the data server, needs to be reachable by the data gateway provided
by the frontend service or the user if directly exposed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_DEBUG_ADDR:
name: STORAGE_USERS_DEBUG_ADDR
defaultValue: 127.0.0.1:9159
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_DEBUG_PPROF:
name: STORAGE_USERS_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_DEBUG_TOKEN:
name: STORAGE_USERS_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_DEBUG_ZPAGES:
name: STORAGE_USERS_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing in-memory
traces.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_DRIVER:
name: STORAGE_USERS_DRIVER
defaultValue: ocis
type: string
description: 'The storage driver which should be used by the service. Defaults to
''ocis'', Supported values are: ''ocis'', ''s3ng'' and ''owncloudsql''. The ''ocis''
driver stores all data (blob and meta data) in an POSIX compliant volume. The
''s3ng'' driver stores metadata in a POSIX compliant volume and uploads blobs
to the s3 bucket.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_EVENTS_AUTH_PASSWORD:
name: OCIS_EVENTS_AUTH_PASSWORD;STORAGE_USERS_EVENTS_AUTH_PASSWORD
defaultValue: ""
type: string
description: The password to authenticate with the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_EVENTS_AUTH_USERNAME:
name: OCIS_EVENTS_AUTH_USERNAME;STORAGE_USERS_EVENTS_AUTH_USERNAME
defaultValue: ""
type: string
description: The username to authenticate with the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_EVENTS_CLUSTER:
name: OCIS_EVENTS_CLUSTER;STORAGE_USERS_EVENTS_CLUSTER
defaultValue: ocis-cluster
type: string
description: The clusterID of the event system. The event system is the message
queuing service. It is used as message broker for the microservice architecture.
Mandatory when using NATS as event system.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_EVENTS_ENABLE_TLS:
name: OCIS_EVENTS_ENABLE_TLS;STORAGE_USERS_EVENTS_ENABLE_TLS
defaultValue: "false"
type: bool
description: Enable TLS for the connection to the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_EVENTS_ENDPOINT:
name: OCIS_EVENTS_ENDPOINT;STORAGE_USERS_EVENTS_ENDPOINT
defaultValue: 127.0.0.1:9233
type: string
description: The address of the event system. The event system is the message queuing
service. It is used as message broker for the microservice architecture.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_EVENTS_NUM_CONSUMERS:
name: STORAGE_USERS_EVENTS_NUM_CONSUMERS
defaultValue: "0"
type: int
description: The amount of concurrent event consumers to start. Event consumers
are used for post-processing files. Multiple consumers increase parallelisation,
but will also increase CPU and memory demands. The setting has no effect when
the OCIS_ASYNC_UPLOADS is set to false. The default and minimum value is 1.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_EVENTS_TLS_INSECURE:
name: OCIS_INSECURE;STORAGE_USERS_EVENTS_TLS_INSECURE
defaultValue: "false"
type: bool
description: Whether to verify the server TLS certificates.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_EVENTS_TLS_ROOT_CA_CERTIFICATE:
name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;STORAGE_USERS_EVENTS_TLS_ROOT_CA_CERTIFICATE
defaultValue: ""
type: string
description: The root CA certificate used to validate the server's TLS certificate.
If provided STORAGE_USERS_EVENTS_TLS_INSECURE will be seen as false.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_EXPOSE_DATA_SERVER:
name: STORAGE_USERS_EXPOSE_DATA_SERVER
defaultValue: "false"
type: bool
description: Exposes the data server directly to users and bypasses the data gateway.
Ensure that the data server address is reachable by users.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_FILEMETADATA_CACHE_AUTH_PASSWORD:
name: OCIS_CACHE_AUTH_PASSWORD;STORAGE_USERS_FILEMETADATA_CACHE_AUTH_PASSWORD
defaultValue: ""
type: string
description: The password to authenticate with the cache store. Only applies when
store type 'nats-js-kv' is configured.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_FILEMETADATA_CACHE_AUTH_USERNAME:
name: OCIS_CACHE_AUTH_USERNAME;STORAGE_USERS_FILEMETADATA_CACHE_AUTH_USERNAME
defaultValue: ""
type: string
description: The username to authenticate with the cache store. Only applies when
store type 'nats-js-kv' is configured.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_FILEMETADATA_CACHE_DISABLE_PERSISTENCE:
name: OCIS_CACHE_DISABLE_PERSISTENCE;STORAGE_USERS_FILEMETADATA_CACHE_DISABLE_PERSISTENCE
defaultValue: "false"
type: bool
description: Disables persistence of the cache. Only applies when store type 'nats-js-kv'
is configured. Defaults to false.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_FILEMETADATA_CACHE_SIZE:
name: OCIS_CACHE_SIZE;STORAGE_USERS_FILEMETADATA_CACHE_SIZE
defaultValue: "0"
type: int
description: The maximum quantity of items in the user info cache. Only applies
when store type 'ocmem' is configured. Defaults to 512 which is derived from the
ocmem package though not exclicitly set as default.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_FILEMETADATA_CACHE_STORE:
name: OCIS_CACHE_STORE;STORAGE_USERS_FILEMETADATA_CACHE_STORE
defaultValue: memory
type: string
description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'',
''nats-js-kv'', ''noop''. See the text description for details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_FILEMETADATA_CACHE_STORE_NODES:
name: OCIS_CACHE_STORE_NODES;STORAGE_USERS_FILEMETADATA_CACHE_STORE_NODES
defaultValue: '[127.0.0.1:9233]'
type: '[]string'
description: A list of nodes to access the configured store. This has no effect
when 'memory' store is configured. Note that the behaviour how nodes are used
is dependent on the library of the configured store. See the Environment Variable
Types description for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_FILEMETADATA_CACHE_TTL:
name: OCIS_CACHE_TTL;STORAGE_USERS_FILEMETADATA_CACHE_TTL
defaultValue: 24m0s
type: Duration
description: Default time to live for user info in the user info cache. Only applied
when access tokens has no expiration. See the Environment Variable Types description
for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_GATEWAY_GRPC_ADDR:
name: OCIS_GATEWAY_GRPC_ADDR;STORAGE_USERS_GATEWAY_GRPC_ADDR
defaultValue: 127.0.0.1:9142
type: string
description: The bind address of the gateway GRPC address.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_GRACEFUL_SHUTDOWN_TIMEOUT:
name: STORAGE_USERS_GRACEFUL_SHUTDOWN_TIMEOUT
defaultValue: "30"
type: int
description: 'The number of seconds to wait for the ''storage-users'' service to
shutdown cleanly before exiting with an error that gets logged. Note: This setting
is only applicable when running the ''storage-users'' service as a standalone
service. See the text description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_GRPC_ADDR:
name: STORAGE_USERS_GRPC_ADDR
defaultValue: 127.0.0.1:9157
type: string
description: The bind address of the GRPC service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_GRPC_PROTOCOL:
name: OCIS_GRPC_PROTOCOL;STORAGE_USERS_GRPC_PROTOCOL
defaultValue: tcp
type: string
description: The transport protocol of the GPRC service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_HTTP_ADDR:
name: STORAGE_USERS_HTTP_ADDR
defaultValue: 127.0.0.1:9158
type: string
description: The bind address of the HTTP service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_HTTP_PROTOCOL:
name: STORAGE_USERS_HTTP_PROTOCOL
defaultValue: tcp
type: string
description: The transport protocol of the HTTP service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_ID_CACHE_AUTH_PASSWORD:
name: OCIS_CACHE_AUTH_PASSWORD;STORAGE_USERS_ID_CACHE_AUTH_PASSWORD
defaultValue: ""
type: string
description: The password to authenticate with the cache store. Only applies when
store type 'nats-js-kv' is configured.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_ID_CACHE_AUTH_USERNAME:
name: OCIS_CACHE_AUTH_USERNAME;STORAGE_USERS_ID_CACHE_AUTH_USERNAME
defaultValue: ""
type: string
description: The username to authenticate with the cache store. Only applies when
store type 'nats-js-kv' is configured.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_ID_CACHE_DISABLE_PERSISTENCE:
name: OCIS_CACHE_DISABLE_PERSISTENCE;STORAGE_USERS_ID_CACHE_DISABLE_PERSISTENCE
defaultValue: "false"
type: bool
description: Disables persistence of the cache. Only applies when store type 'nats-js-kv'
is configured. Defaults to false.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_ID_CACHE_SIZE:
name: OCIS_CACHE_SIZE;STORAGE_USERS_ID_CACHE_SIZE
defaultValue: "0"
type: int
description: The maximum quantity of items in the user info cache. Only applies
when store type 'ocmem' is configured. Defaults to 512 which is derived from the
ocmem package though not exclicitly set as default.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_ID_CACHE_STORE:
name: OCIS_CACHE_STORE;STORAGE_USERS_ID_CACHE_STORE
defaultValue: memory
type: string
description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'',
''nats-js-kv'', ''noop''. See the text description for details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_ID_CACHE_STORE_NODES:
name: OCIS_CACHE_STORE_NODES;STORAGE_USERS_ID_CACHE_STORE_NODES
defaultValue: '[127.0.0.1:9233]'
type: '[]string'
description: A list of nodes to access the configured store. This has no effect
when 'memory' store is configured. Note that the behaviour how nodes are used
is dependent on the library of the configured store. See the Environment Variable
Types description for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_ID_CACHE_TTL:
name: OCIS_CACHE_TTL;STORAGE_USERS_ID_CACHE_TTL
defaultValue: 24m0s
type: Duration
description: Default time to live for user info in the user info cache. Only applied
when access tokens have no expiration. Defaults to 300s which is derived from
the underlaying package though not explicitly set as default. See the Environment
Variable Types description for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_JWT_SECRET:
name: OCIS_JWT_SECRET;STORAGE_USERS_JWT_SECRET
defaultValue: ""
type: string
description: The secret to mint and validate jwt tokens.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_LOG_COLOR:
name: OCIS_LOG_COLOR;STORAGE_USERS_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_LOG_FILE:
name: OCIS_LOG_FILE;STORAGE_USERS_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_LOG_LEVEL:
name: OCIS_LOG_LEVEL;STORAGE_USERS_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_LOG_PRETTY:
name: OCIS_LOG_PRETTY;STORAGE_USERS_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_MACHINE_AUTH_API_KEY:
name: OCIS_MACHINE_AUTH_API_KEY;STORAGE_USERS_MACHINE_AUTH_API_KEY
defaultValue: ""
type: string
description: Machine auth API key used to validate internal requests necessary for
the access to resources from other services.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_MOUNT_ID:
name: STORAGE_USERS_MOUNT_ID
defaultValue: ""
type: string
description: Mount ID of this storage.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_OCIS_GENERAL_SPACE_ALIAS_TEMPLATE:
name: STORAGE_USERS_OCIS_GENERAL_SPACE_ALIAS_TEMPLATE
defaultValue: '{{.SpaceType}}/{{.SpaceName \| replace &#34; &#34; &#34;-&#34; \|
lower}}'
type: string
description: Template string to construct general space aliases.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_OCIS_GENERAL_SPACE_PATH_TEMPLATE:
name: STORAGE_USERS_OCIS_GENERAL_SPACE_PATH_TEMPLATE
defaultValue: ""
type: string
description: Template string to construct the paths of the projects space roots.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_OCIS_LOCK_CYCLE_DURATION_FACTOR:
name: STORAGE_USERS_OCIS_LOCK_CYCLE_DURATION_FACTOR
defaultValue: "30"
type: int
description: When trying to lock files, ocis will multiply the cycle with this factor
and use it as a millisecond timeout. Values of 0 or below will be ignored and
the default value will be used.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_OCIS_MAX_ACQUIRE_LOCK_CYCLES:
name: STORAGE_USERS_OCIS_MAX_ACQUIRE_LOCK_CYCLES
defaultValue: "20"
type: int
description: When trying to lock files, ocis will try this amount of times to acquire
the lock before failing. After each try it will wait for an increasing amount
of time. Values of 0 or below will be ignored and the default value will be used.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_OCIS_MAX_CONCURRENCY:
name: OCIS_MAX_CONCURRENCY;STORAGE_USERS_OCIS_MAX_CONCURRENCY
defaultValue: "5"
type: int
description: Maximum number of concurrent go-routines. Higher values can potentially
get work done faster but will also cause more load on the system. Values of 0
or below will be ignored and the default value will be used.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_OCIS_MAX_QUOTA:
name: OCIS_SPACES_MAX_QUOTA;STORAGE_USERS_OCIS_MAX_QUOTA
defaultValue: "0"
type: uint64
description: Set a global max quota for spaces in bytes. A value of 0 equals unlimited.
If not using the global OCIS_SPACES_MAX_QUOTA, you must define the FRONTEND_MAX_QUOTA
in the frontend service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_OCIS_PERMISSIONS_ENDPOINT:
name: STORAGE_USERS_PERMISSION_ENDPOINT;STORAGE_USERS_OCIS_PERMISSIONS_ENDPOINT
defaultValue: com.owncloud.api.settings
type: string
description: Endpoint of the permissions service. The endpoints can differ for 'ocis'
and 's3ng'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_OCIS_PERSONAL_SPACE_ALIAS_TEMPLATE:
name: STORAGE_USERS_OCIS_PERSONAL_SPACE_ALIAS_TEMPLATE
defaultValue: '{{.SpaceType}}/{{.User.Username \| lower}}'
type: string
description: Template string to construct personal space aliases.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_OCIS_PERSONAL_SPACE_PATH_TEMPLATE:
name: STORAGE_USERS_OCIS_PERSONAL_SPACE_PATH_TEMPLATE
defaultValue: ""
type: string
description: Template string to construct the paths of the personal space roots.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_OCIS_PROPAGATOR:
name: OCIS_DECOMPOSEDFS_PROPAGATOR;STORAGE_USERS_OCIS_PROPAGATOR
defaultValue: sync
type: string
description: The propagator used for decomposedfs. At the moment, only 'sync' is
fully supported, 'async' is available as an experimental option.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_OCIS_ROOT:
name: STORAGE_USERS_OCIS_ROOT
defaultValue: /var/lib/ocis/storage/users
type: string
description: The directory where the filesystem storage will store blobs and metadata.
If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/storage/users.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_OCIS_SHARE_FOLDER:
name: STORAGE_USERS_OCIS_SHARE_FOLDER
defaultValue: /Shares
type: string
description: Name of the folder jailing all shares.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_OCIS_USER_LAYOUT:
name: STORAGE_USERS_OCIS_USER_LAYOUT
defaultValue: '{{.Id.OpaqueId}}'
type: string
description: Template string for the user storage layout in the user directory.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_OWNCLOUDSQL_DATADIR:
name: STORAGE_USERS_OWNCLOUDSQL_DATADIR
defaultValue: /var/lib/ocis/storage/owncloud
type: string
description: The directory where the filesystem storage will store SQL migration
data. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/storage/owncloud.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_OWNCLOUDSQL_DB_HOST:
name: STORAGE_USERS_OWNCLOUDSQL_DB_HOST
defaultValue: ""
type: string
description: Hostname or IP of the database server.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_OWNCLOUDSQL_DB_NAME:
name: STORAGE_USERS_OWNCLOUDSQL_DB_NAME
defaultValue: owncloud
type: string
description: Name of the database to be used.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_OWNCLOUDSQL_DB_PASSWORD:
name: STORAGE_USERS_OWNCLOUDSQL_DB_PASSWORD
defaultValue: owncloud
type: string
description: Password for the database.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_OWNCLOUDSQL_DB_PORT:
name: STORAGE_USERS_OWNCLOUDSQL_DB_PORT
defaultValue: "3306"
type: int
description: Port that the database server is listening on.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_OWNCLOUDSQL_DB_USERNAME:
name: STORAGE_USERS_OWNCLOUDSQL_DB_USERNAME
defaultValue: owncloud
type: string
description: Username for the database.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_OWNCLOUDSQL_LAYOUT:
name: STORAGE_USERS_OWNCLOUDSQL_LAYOUT
defaultValue: '{{.Username}}'
type: string
description: Path layout to use to navigate into a users folder in an owncloud data
directory
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_OWNCLOUDSQL_SHARE_FOLDER:
name: STORAGE_USERS_OWNCLOUDSQL_SHARE_FOLDER
defaultValue: /Shares
type: string
description: Name of the folder jailing all shares.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_OWNCLOUDSQL_UPLOADINFO_DIR:
name: STORAGE_USERS_OWNCLOUDSQL_UPLOADINFO_DIR
defaultValue: /var/lib/ocis/storage/uploadinfo
type: string
description: The directory where the filesystem will store uploads temporarily.
If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/storage/uploadinfo.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_OWNCLOUDSQL_USERS_PROVIDER_ENDPOINT:
name: STORAGE_USERS_OWNCLOUDSQL_USERS_PROVIDER_ENDPOINT
defaultValue: com.owncloud.api.users
type: string
description: Endpoint of the users provider.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_PERMISSION_ENDPOINT:
name: STORAGE_USERS_PERMISSION_ENDPOINT;STORAGE_USERS_POSIX_PERMISSIONS_ENDPOINT
defaultValue: com.owncloud.api.settings
type: string
description: Endpoint of the permissions service. The endpoints can differ for 'ocis',
'posix' and 's3ng'.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_POSIX_GENERAL_SPACE_PATH_TEMPLATE:
name: STORAGE_USERS_POSIX_GENERAL_SPACE_PATH_TEMPLATE
defaultValue: projects/{{.SpaceId}}
type: string
description: Template string to construct the paths of the projects space roots.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_POSIX_PERMISSIONS_ENDPOINT:
name: STORAGE_USERS_PERMISSION_ENDPOINT;STORAGE_USERS_POSIX_PERMISSIONS_ENDPOINT
defaultValue: com.owncloud.api.settings
type: string
description: Endpoint of the permissions service. The endpoints can differ for 'ocis',
'posix' and 's3ng'.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_POSIX_PERSONAL_SPACE_PATH_TEMPLATE:
name: STORAGE_USERS_POSIX_PERSONAL_SPACE_PATH_TEMPLATE
defaultValue: users/{{.User.Username}}
type: string
description: Template string to construct the paths of the personal space roots.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_POSIX_ROOT:
name: STORAGE_USERS_POSIX_ROOT
defaultValue: ""
type: string
description: The directory where the filesystem storage will store its data. If
not defined, the root directory derives from $OCIS_BASE_DATA_PATH/storage/users.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_POSIX_SCAN_DEBOUNCE_DELAY:
name: STORAGE_USERS_POSIX_SCAN_DEBOUNCE_DELAY
defaultValue: 1s
type: Duration
description: The time in milliseconds to wait before scanning the filesystem for
changes after a change has been detected.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_POSIX_USE_SPACE_GROUPS:
name: STORAGE_USERS_POSIX_USE_SPACE_GROUPS
defaultValue: "false"
type: bool
description: Use space groups to manage permissions on spaces.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_POSIX_WATCH_FOLDER_KAFKA_BROKERS:
name: STORAGE_USERS_POSIX_WATCH_FOLDER_KAFKA_BROKERS
defaultValue: ""
type: string
description: Comma-separated list of kafka brokers to read the watchfolder events
from.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_POSIX_WATCH_PATH:
name: STORAGE_USERS_POSIX_WATCH_PATH
defaultValue: ""
type: string
description: Path to the watch directory/file. Only applies to the 'gpfsfileauditlogging'
and 'inotifywait' watcher, in which case it is the path of the file audit log
file/base directory to watch.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_POSIX_WATCH_TYPE:
name: STORAGE_USERS_POSIX_WATCH_TYPE
defaultValue: ""
type: string
description: Type of the watcher to use for getting notified about changes to the
filesystem. Currently available options are 'inotifywait' (default), 'gpfswatchfolder'
and 'gpfsfileauditlogging'.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_PURGE_TRASH_BIN_PERSONAL_DELETE_BEFORE:
name: STORAGE_USERS_PURGE_TRASH_BIN_PERSONAL_DELETE_BEFORE
defaultValue: 720h0m0s
type: Duration
description: Specifies the period of time in which items that have been in the personal
trash-bin for longer than this value should be deleted. A value of 0 means no
automatic deletion. See the Environment Variable Types description for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_PURGE_TRASH_BIN_PROJECT_DELETE_BEFORE:
name: STORAGE_USERS_PURGE_TRASH_BIN_PROJECT_DELETE_BEFORE
defaultValue: 720h0m0s
type: Duration
description: Specifies the period of time in which items that have been in the project
trash-bin for longer than this value should be deleted. A value of 0 means no
automatic deletion. See the Environment Variable Types description for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_PURGE_TRASH_BIN_USER_ID:
name: OCIS_ADMIN_USER_ID;STORAGE_USERS_PURGE_TRASH_BIN_USER_ID
defaultValue: ""
type: string
description: ID of the user who collects all necessary information for deletion.
Consider that the UUID can be encoded in some LDAP deployment configurations like
in .ldif files. These need to be decoded beforehand.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_READ_ONLY:
name: STORAGE_USERS_READ_ONLY
defaultValue: "false"
type: bool
description: Set this storage to be read-only.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_S3NG_ACCESS_KEY:
name: STORAGE_USERS_S3NG_ACCESS_KEY
defaultValue: ""
type: string
description: Access key for the S3 bucket.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_S3NG_BUCKET:
name: STORAGE_USERS_S3NG_BUCKET
defaultValue: ""
type: string
description: Name of the S3 bucket.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_S3NG_ENDPOINT:
name: STORAGE_USERS_S3NG_ENDPOINT
defaultValue: ""
type: string
description: Endpoint for the S3 bucket.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_S3NG_GENERAL_SPACE_ALIAS_TEMPLATE:
name: STORAGE_USERS_S3NG_GENERAL_SPACE_ALIAS_TEMPLATE
defaultValue: '{{.SpaceType}}/{{.SpaceName \| replace &#34; &#34; &#34;-&#34; \|
lower}}'
type: string
description: Template string to construct general space aliases.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_S3NG_GENERAL_SPACE_PATH_TEMPLATE:
name: STORAGE_USERS_S3NG_GENERAL_SPACE_PATH_TEMPLATE
defaultValue: ""
type: string
description: Template string to construct the paths of the projects space roots.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_S3NG_LOCK_CYCLE_DURATION_FACTOR:
name: STORAGE_USERS_S3NG_LOCK_CYCLE_DURATION_FACTOR
defaultValue: "30"
type: int
description: When trying to lock files, ocis will multiply the cycle with this factor
and use it as a millisecond timeout. Values of 0 or below will be ignored and
the default value of 30 will be used.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_S3NG_MAX_ACQUIRE_LOCK_CYCLES:
name: STORAGE_USERS_S3NG_MAX_ACQUIRE_LOCK_CYCLES
defaultValue: "20"
type: int
description: When trying to lock files, ocis will try this amount of times to acquire
the lock before failing. After each try it will wait for an increasing amount
of time. Values of 0 or below will be ignored and the default value of 20 will
be used.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_S3NG_MAX_CONCURRENCY:
name: OCIS_MAX_CONCURRENCY;STORAGE_USERS_S3NG_MAX_CONCURRENCY
defaultValue: "5"
type: int
description: Maximum number of concurrent go-routines. Higher values can potentially
get work done faster but will also cause more load on the system. Values of 0
or below will be ignored and the default value of 100 will be used.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_S3NG_METADATA_BACKEND:
name: STORAGE_USERS_S3NG_METADATA_BACKEND
defaultValue: messagepack
type: string
description: The backend to use for storing metadata. Supported values are 'xattrs'
and 'messagepack'. The setting 'xattrs' uses extended attributes to store file
metadata while 'messagepack' uses a dedicated file to store file metadata. Defaults
to 'xattrs'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_S3NG_PERMISSIONS_ENDPOINT:
name: STORAGE_USERS_PERMISSION_ENDPOINT;STORAGE_USERS_S3NG_PERMISSIONS_ENDPOINT
defaultValue: com.owncloud.api.settings
type: string
description: Endpoint of the permissions service. The endpoints can differ for 'ocis'
and 's3ng'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_S3NG_PERSONAL_SPACE_ALIAS_TEMPLATE:
name: STORAGE_USERS_S3NG_PERSONAL_SPACE_ALIAS_TEMPLATE
defaultValue: '{{.SpaceType}}/{{.User.Username \| lower}}'
type: string
description: Template string to construct personal space aliases.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_S3NG_PERSONAL_SPACE_PATH_TEMPLATE:
name: STORAGE_USERS_S3NG_PERSONAL_SPACE_PATH_TEMPLATE
defaultValue: ""
type: string
description: Template string to construct the paths of the personal space roots.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_S3NG_PROPAGATOR:
name: OCIS_DECOMPOSEDFS_PROPAGATOR;STORAGE_USERS_S3NG_PROPAGATOR
defaultValue: sync
type: string
description: The propagator used for decomposedfs. At the moment, only 'sync' is
fully supported, 'async' is available as an experimental option.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_S3NG_PUT_OBJECT_CONCURRENT_STREAM_PARTS:
name: STORAGE_USERS_S3NG_PUT_OBJECT_CONCURRENT_STREAM_PARTS
defaultValue: "true"
type: bool
description: Always precreate parts when copying objects to S3.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_S3NG_PUT_OBJECT_DISABLE_CONTENT_SHA256:
name: STORAGE_USERS_S3NG_PUT_OBJECT_DISABLE_CONTENT_SHA256
defaultValue: "false"
type: bool
description: Disable sending content sha256 when copying objects to S3.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_S3NG_PUT_OBJECT_DISABLE_MULTIPART:
name: STORAGE_USERS_S3NG_PUT_OBJECT_DISABLE_MULTIPART
defaultValue: "true"
type: bool
description: Disable multipart uploads when copying objects to S3
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_S3NG_PUT_OBJECT_NUM_THREADS:
name: STORAGE_USERS_S3NG_PUT_OBJECT_NUM_THREADS
defaultValue: "4"
type: uint
description: Number of concurrent uploads to use when copying objects to S3.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_S3NG_PUT_OBJECT_PART_SIZE:
name: STORAGE_USERS_S3NG_PUT_OBJECT_PART_SIZE
defaultValue: "0"
type: uint64
description: Part size for concurrent uploads to S3.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_S3NG_PUT_OBJECT_SEND_CONTENT_MD5:
name: STORAGE_USERS_S3NG_PUT_OBJECT_SEND_CONTENT_MD5
defaultValue: "true"
type: bool
description: Send a Content-MD5 header when copying objects to S3.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_S3NG_REGION:
name: STORAGE_USERS_S3NG_REGION
defaultValue: default
type: string
description: Region of the S3 bucket.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_S3NG_ROOT:
name: STORAGE_USERS_S3NG_ROOT
defaultValue: /var/lib/ocis/storage/users
type: string
description: The directory where the filesystem storage will store metadata for
blobs. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/storage/users.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_S3NG_SECRET_KEY:
name: STORAGE_USERS_S3NG_SECRET_KEY
defaultValue: ""
type: string
description: Secret key for the S3 bucket.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_S3NG_SHARE_FOLDER:
name: STORAGE_USERS_S3NG_SHARE_FOLDER
defaultValue: /Shares
type: string
description: Name of the folder jailing all shares.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_S3NG_USER_LAYOUT:
name: STORAGE_USERS_S3NG_USER_LAYOUT
defaultValue: '{{.Id.OpaqueId}}'
type: string
description: Template string for the user storage layout in the user directory.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_SERVICE_ACCOUNT_ID:
name: OCIS_SERVICE_ACCOUNT_ID;STORAGE_USERS_SERVICE_ACCOUNT_ID
defaultValue: ""
type: string
description: The ID of the service account the service should use. See the 'auth-service'
service description for more details.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_SERVICE_ACCOUNT_SECRET:
name: OCIS_SERVICE_ACCOUNT_SECRET;STORAGE_USERS_SERVICE_ACCOUNT_SECRET
defaultValue: ""
type: string
description: The service account secret.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_SERVICE_NAME:
name: STORAGE_USERS_SERVICE_NAME
defaultValue: storage-users
type: string
description: Service name to use. Change this when starting an additional storage
provider with a custom configuration to prevent it from colliding with the default
'storage-users' service.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_SKIP_USER_GROUPS_IN_TOKEN:
name: STORAGE_USERS_SKIP_USER_GROUPS_IN_TOKEN
defaultValue: "false"
type: bool
description: Disables the loading of user's group memberships from the reva access
token.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;STORAGE_USERS_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;STORAGE_USERS_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;STORAGE_USERS_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_TRACING_TYPE:
name: OCIS_TRACING_TYPE;STORAGE_USERS_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_TRANSFER_EXPIRES:
name: STORAGE_USERS_TRANSFER_EXPIRES
defaultValue: "86400"
type: int64
description: The time after which the token for upload postprocessing expires
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
STORAGE_USERS_UPLOAD_EXPIRATION:
name: STORAGE_USERS_UPLOAD_EXPIRATION
defaultValue: "86400"
type: int64
description: Duration in seconds after which uploads will expire. Note that when
setting this to a low number, uploads could be cancelled before they are finished
and return a 403 to the user.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
THUMBNAILS_CORS_ALLOW_CREDENTIALS:
name: OCIS_CORS_ALLOW_CREDENTIALS;THUMBNAILS_CORS_ALLOW_CREDENTIALS
defaultValue: "true"
type: bool
description: 'Allow credentials for CORS.See following chapter for more details:
*Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.'
introductionVersion: "6.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
THUMBNAILS_CORS_ALLOW_HEADERS:
name: OCIS_CORS_ALLOW_HEADERS;THUMBNAILS_CORS_ALLOW_HEADERS
defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id
Cache-Control]'
type: '[]string'
description: 'A list of allowed CORS headers. See following chapter for more details:
*Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers.
See the Environment Variable Types description for more details.'
introductionVersion: "6.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
THUMBNAILS_CORS_ALLOW_METHODS:
name: OCIS_CORS_ALLOW_METHODS;THUMBNAILS_CORS_ALLOW_METHODS
defaultValue: '[GET POST PUT PATCH DELETE OPTIONS]'
type: '[]string'
description: 'A list of allowed CORS methods. See following chapter for more details:
*Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method.
See the Environment Variable Types description for more details.'
introductionVersion: "6.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
THUMBNAILS_CORS_ALLOW_ORIGINS:
name: OCIS_CORS_ALLOW_ORIGINS;THUMBNAILS_CORS_ALLOW_ORIGINS
defaultValue: '[*]'
type: '[]string'
description: 'A list of allowed CORS origins. See following chapter for more details:
*Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin.
See the Environment Variable Types description for more details.'
introductionVersion: "6.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
THUMBNAILS_CS3SOURCE_INSECURE:
name: OCIS_INSECURE;THUMBNAILS_CS3SOURCE_INSECURE
defaultValue: "false"
type: bool
description: Ignore untrusted SSL certificates when connecting to the CS3 source.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
THUMBNAILS_DATA_ENDPOINT:
name: THUMBNAILS_DATA_ENDPOINT
defaultValue: http://127.0.0.1:9186/thumbnails/data
type: string
description: The HTTP endpoint where the actual thumbnail file can be downloaded.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
THUMBNAILS_DEBUG_ADDR:
name: THUMBNAILS_DEBUG_ADDR
defaultValue: 127.0.0.1:9189
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
THUMBNAILS_DEBUG_PPROF:
name: THUMBNAILS_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
THUMBNAILS_DEBUG_TOKEN:
name: THUMBNAILS_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
THUMBNAILS_DEBUG_ZPAGES:
name: THUMBNAILS_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing in-memory
traces.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
THUMBNAILS_FILESYSTEMSTORAGE_ROOT:
name: THUMBNAILS_FILESYSTEMSTORAGE_ROOT
defaultValue: /var/lib/ocis/thumbnails
type: string
description: The directory where the filesystem storage will store the thumbnails.
If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/thumbnails.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
THUMBNAILS_GRPC_ADDR:
name: THUMBNAILS_GRPC_ADDR
defaultValue: 127.0.0.1:9185
type: string
description: The bind address of the GRPC service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
THUMBNAILS_HTTP_ADDR:
name: THUMBNAILS_HTTP_ADDR
defaultValue: 127.0.0.1:9186
type: string
description: The bind address of the HTTP service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
THUMBNAILS_HTTP_ROOT:
name: THUMBNAILS_HTTP_ROOT
defaultValue: /thumbnails
type: string
description: Subdirectory that serves as the root for this HTTP service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
THUMBNAILS_LOG_COLOR:
name: OCIS_LOG_COLOR;THUMBNAILS_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
THUMBNAILS_LOG_FILE:
name: OCIS_LOG_FILE;THUMBNAILS_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
THUMBNAILS_LOG_LEVEL:
name: OCIS_LOG_LEVEL;THUMBNAILS_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
THUMBNAILS_LOG_PRETTY:
name: OCIS_LOG_PRETTY;THUMBNAILS_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
THUMBNAILS_MAX_CONCURRENT_REQUESTS:
name: THUMBNAILS_MAX_CONCURRENT_REQUESTS
defaultValue: "0"
type: int
description: Number of maximum concurrent thumbnail requests. Default is 0 which
is unlimited.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
THUMBNAILS_MAX_INPUT_HEIGHT:
name: THUMBNAILS_MAX_INPUT_HEIGHT
defaultValue: "7680"
type: int
description: The maximum height of an input image which is being processed.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
THUMBNAILS_MAX_INPUT_IMAGE_FILE_SIZE:
name: THUMBNAILS_MAX_INPUT_IMAGE_FILE_SIZE
defaultValue: 50MB
type: string
description: 'The maximum file size of an input image which is being processed.
Usable common abbreviations: [KB, KiB, MB, MiB, GB, GiB, TB, TiB, PB, PiB, EB,
EiB], example: 2GB.'
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
THUMBNAILS_MAX_INPUT_WIDTH:
name: THUMBNAILS_MAX_INPUT_WIDTH
defaultValue: "7680"
type: int
description: The maximum width of an input image which is being processed.
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
THUMBNAILS_RESOLUTIONS:
name: THUMBNAILS_RESOLUTIONS
defaultValue: '[16x16 32x32 64x64 128x128 1080x1920 1920x1080 2160x3840 3840x2160
4320x7680 7680x4320]'
type: '[]string'
description: The supported list of target resolutions in the format WidthxHeight
like 32x32. You can define any resolution as required. See the Environment Variable
Types description for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
THUMBNAILS_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;THUMBNAILS_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
THUMBNAILS_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;THUMBNAILS_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
THUMBNAILS_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;THUMBNAILS_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
THUMBNAILS_TRACING_TYPE:
name: OCIS_TRACING_TYPE;THUMBNAILS_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
THUMBNAILS_TRANSFER_TOKEN:
name: THUMBNAILS_TRANSFER_TOKEN
defaultValue: ""
type: string
description: The secret to sign JWT to download the actual thumbnail file.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
THUMBNAILS_TXT_FONTMAP_FILE:
name: THUMBNAILS_TXT_FONTMAP_FILE
defaultValue: ""
type: string
description: The path to a font file for txt thumbnails.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
THUMBNAILS_WEBDAVSOURCE_INSECURE:
name: OCIS_INSECURE;THUMBNAILS_WEBDAVSOURCE_INSECURE
defaultValue: "false"
type: bool
description: Ignore untrusted SSL certificates when connecting to the webdav source.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERLOG_CORS_ALLOW_CREDENTIALS:
name: OCIS_CORS_ALLOW_CREDENTIALS;USERLOG_CORS_ALLOW_CREDENTIALS
defaultValue: "true"
type: bool
description: 'Allow credentials for CORS.See following chapter for more details:
*Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERLOG_CORS_ALLOW_HEADERS:
name: OCIS_CORS_ALLOW_HEADERS;USERLOG_CORS_ALLOW_HEADERS
defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id
Ocs-Apirequest]'
type: '[]string'
description: 'A list of allowed CORS headers. See following chapter for more details:
*Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERLOG_CORS_ALLOW_METHODS:
name: OCIS_CORS_ALLOW_METHODS;USERLOG_CORS_ALLOW_METHODS
defaultValue: '[GET]'
type: '[]string'
description: 'A list of allowed CORS methods. See following chapter for more details:
*Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERLOG_CORS_ALLOW_ORIGINS:
name: OCIS_CORS_ALLOW_ORIGINS;USERLOG_CORS_ALLOW_ORIGINS
defaultValue: '[*]'
type: '[]string'
description: 'A list of allowed CORS origins. See following chapter for more details:
*Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERLOG_DEBUG_ADDR:
name: USERLOG_DEBUG_ADDR
defaultValue: 127.0.0.1:9214
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERLOG_DEBUG_PPROF:
name: USERLOG_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERLOG_DEBUG_TOKEN:
name: USERLOG_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERLOG_DEBUG_ZPAGES:
name: USERLOG_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing in-memory
traces.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERLOG_EVENTS_AUTH_PASSWORD:
name: OCIS_EVENTS_AUTH_PASSWORD;USERLOG_EVENTS_AUTH_PASSWORD
defaultValue: ""
type: string
description: The password to authenticate with the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERLOG_EVENTS_AUTH_USERNAME:
name: OCIS_EVENTS_AUTH_USERNAME;USERLOG_EVENTS_AUTH_USERNAME
defaultValue: ""
type: string
description: The username to authenticate with the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERLOG_EVENTS_CLUSTER:
name: OCIS_EVENTS_CLUSTER;USERLOG_EVENTS_CLUSTER
defaultValue: ocis-cluster
type: string
description: The clusterID of the event system. The event system is the message
queuing service. It is used as message broker for the microservice architecture.
Mandatory when using NATS as event system.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERLOG_EVENTS_ENABLE_TLS:
name: OCIS_EVENTS_ENABLE_TLS;USERLOG_EVENTS_ENABLE_TLS
defaultValue: "false"
type: bool
description: Enable TLS for the connection to the events broker. The events broker
is the ocis service which receives and delivers events between the services.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERLOG_EVENTS_ENDPOINT:
name: OCIS_EVENTS_ENDPOINT;USERLOG_EVENTS_ENDPOINT
defaultValue: 127.0.0.1:9233
type: string
description: The address of the event system. The event system is the message queuing
service. It is used as message broker for the microservice architecture.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERLOG_EVENTS_TLS_INSECURE:
name: OCIS_INSECURE;USERLOG_EVENTS_TLS_INSECURE
defaultValue: "false"
type: bool
description: Whether to verify the server TLS certificates.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERLOG_EVENTS_TLS_ROOT_CA_CERTIFICATE:
name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;USERLOG_EVENTS_TLS_ROOT_CA_CERTIFICATE
defaultValue: ""
type: string
description: The root CA certificate used to validate the server's TLS certificate.
If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERLOG_GLOBAL_NOTIFICATIONS_SECRET:
name: USERLOG_GLOBAL_NOTIFICATIONS_SECRET
defaultValue: ""
type: string
description: The secret to secure the global notifications endpoint. Only system
admins and users knowing that secret can call the global notifications POST/DELETE
endpoints.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERLOG_HTTP_ADDR:
name: USERLOG_HTTP_ADDR
defaultValue: 127.0.0.1:9210
type: string
description: The bind address of the HTTP service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERLOG_HTTP_ROOT:
name: USERLOG_HTTP_ROOT
defaultValue: /
type: string
description: Subdirectory that serves as the root for this HTTP service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERLOG_JWT_SECRET:
name: OCIS_JWT_SECRET;USERLOG_JWT_SECRET
defaultValue: ""
type: string
description: The secret to mint and validate jwt tokens.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERLOG_LOG_COLOR:
name: OCIS_LOG_COLOR;USERLOG_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERLOG_LOG_FILE:
name: OCIS_LOG_FILE;USERLOG_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERLOG_LOG_LEVEL:
name: OCIS_LOG_LEVEL;USERLOG_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERLOG_LOG_PRETTY:
name: OCIS_LOG_PRETTY;USERLOG_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERLOG_MAX_CONCURRENCY:
name: OCIS_MAX_CONCURRENCY;USERLOG_MAX_CONCURRENCY
defaultValue: "5"
type: int
description: Maximum number of concurrent go-routines. Higher values can potentially
get work done faster but will also cause more load on the system. Values of 0
or below will be ignored and the default value will be used.
introductionVersion: 7.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERLOG_SERVICE_ACCOUNT_ID:
name: OCIS_SERVICE_ACCOUNT_ID;USERLOG_SERVICE_ACCOUNT_ID
defaultValue: ""
type: string
description: The ID of the service account the service should use. See the 'auth-service'
service description for more details.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERLOG_SERVICE_ACCOUNT_SECRET:
name: OCIS_SERVICE_ACCOUNT_SECRET;USERLOG_SERVICE_ACCOUNT_SECRET
defaultValue: ""
type: string
description: The service account secret.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERLOG_STORE:
name: OCIS_PERSISTENT_STORE;USERLOG_STORE
defaultValue: memory
type: string
description: 'The type of the store. Supported values are: ''memory'', ''nats-js-kv'',
''redis-sentinel'', ''noop''. See the text description for details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERLOG_STORE_AUTH_PASSWORD:
name: OCIS_PERSISTENT_STORE_AUTH_PASSWORD;USERLOG_STORE_AUTH_PASSWORD
defaultValue: ""
type: string
description: The password to authenticate with the store. Only applies when store
type 'nats-js-kv' is configured.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERLOG_STORE_AUTH_USERNAME:
name: OCIS_PERSISTENT_STORE_AUTH_USERNAME;USERLOG_STORE_AUTH_USERNAME
defaultValue: ""
type: string
description: The username to authenticate with the store. Only applies when store
type 'nats-js-kv' is configured.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERLOG_STORE_DATABASE:
name: USERLOG_STORE_DATABASE
defaultValue: userlog
type: string
description: The database name the configured store should use.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERLOG_STORE_NODES:
name: OCIS_PERSISTENT_STORE_NODES;USERLOG_STORE_NODES
defaultValue: '[]'
type: '[]string'
description: A list of nodes to access the configured store. This has no effect
when 'memory' store is configured. Note that the behaviour how nodes are used
is dependent on the library of the configured store. See the Environment Variable
Types description for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERLOG_STORE_SIZE:
name: OCIS_PERSISTENT_STORE_SIZE;USERLOG_STORE_SIZE
defaultValue: "0"
type: int
description: The maximum quantity of items in the store. Only applies when store
type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package
though not exclicitly set as default.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERLOG_STORE_TABLE:
name: USERLOG_STORE_TABLE
defaultValue: events
type: string
description: The database table the store should use.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERLOG_STORE_TTL:
name: OCIS_PERSISTENT_STORE_TTL;USERLOG_STORE_TTL
defaultValue: 336h0m0s
type: Duration
description: Time to live for events in the store. Defaults to '336h' (2 weeks).
See the Environment Variable Types description for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERLOG_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;USERLOG_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERLOG_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;USERLOG_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERLOG_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;USERLOG_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERLOG_TRACING_TYPE:
name: OCIS_TRACING_TYPE;USERLOG_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERLOG_TRANSLATION_PATH:
name: OCIS_TRANSLATION_PATH;USERLOG_TRANSLATION_PATH
defaultValue: ""
type: string
description: (optional) Set this to a path with custom translations to overwrite
the builtin translations. Note that file and folder naming rules apply, see the
documentation for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_DEBUG_ADDR:
name: USERS_DEBUG_ADDR
defaultValue: 127.0.0.1:9145
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_DEBUG_PPROF:
name: USERS_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_DEBUG_TOKEN:
name: USERS_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_DEBUG_ZPAGES:
name: USERS_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing in-memory
traces.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_DRIVER:
name: USERS_DRIVER
defaultValue: ldap
type: string
description: The driver which should be used by the users service. Supported values
are 'ldap' and 'owncloudsql'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_GRPC_ADDR:
name: USERS_GRPC_ADDR
defaultValue: 127.0.0.1:9144
type: string
description: The bind address of the GRPC service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_GRPC_PROTOCOL:
name: OCIS_GRPC_PROTOCOL;USERS_GRPC_PROTOCOL
defaultValue: tcp
type: string
description: The transport protocol of the GPRC service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_IDP_URL:
name: OCIS_URL;OCIS_OIDC_ISSUER;USERS_IDP_URL
defaultValue: https://localhost:9200
type: string
description: The identity provider value to set in the userids of the CS3 user objects
for users returned by this user provider.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_JWT_SECRET:
name: OCIS_JWT_SECRET;USERS_JWT_SECRET
defaultValue: ""
type: string
description: The secret to mint and validate jwt tokens.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_LDAP_BIND_DN:
name: OCIS_LDAP_BIND_DN;USERS_LDAP_BIND_DN
defaultValue: uid=reva,ou=sysusers,o=libregraph-idm
type: string
description: LDAP DN to use for simple bind authentication with the target LDAP
server.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_LDAP_BIND_PASSWORD:
name: OCIS_LDAP_BIND_PASSWORD;USERS_LDAP_BIND_PASSWORD
defaultValue: ""
type: string
description: Password to use for authenticating the 'bind_dn'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_LDAP_CACERT:
name: OCIS_LDAP_CACERT;USERS_LDAP_CACERT
defaultValue: /var/lib/ocis/idm/ldap.crt
type: string
description: Path/File name for the root CA certificate (in PEM format) used to
validate TLS server certificates of the LDAP service. If not defined, the root
directory derives from $OCIS_BASE_DATA_PATH/idm.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_LDAP_DISABLE_USER_MECHANISM:
name: OCIS_LDAP_DISABLE_USER_MECHANISM;USERS_LDAP_DISABLE_USER_MECHANISM
defaultValue: attribute
type: string
description: An option to control the behavior for disabling users. Valid options
are 'none', 'attribute' and 'group'. If set to 'group', disabling a user via API
will add the user to the configured group for disabled users, if set to 'attribute'
this will be done in the ldap user entry, if set to 'none' the disable request
is not processed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_LDAP_DISABLED_USERS_GROUP_DN:
name: OCIS_LDAP_DISABLED_USERS_GROUP_DN;USERS_LDAP_DISABLED_USERS_GROUP_DN
defaultValue: cn=DisabledUsersGroup,ou=groups,o=libregraph-idm
type: string
description: The distinguished name of the group to which added users will be classified
as disabled when 'disable_user_mechanism' is set to 'group'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_LDAP_GROUP_BASE_DN:
name: OCIS_LDAP_GROUP_BASE_DN;USERS_LDAP_GROUP_BASE_DN
defaultValue: ou=groups,o=libregraph-idm
type: string
description: Search base DN for looking up LDAP groups.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_LDAP_GROUP_FILTER:
name: OCIS_LDAP_GROUP_FILTER;USERS_LDAP_GROUP_FILTER
defaultValue: ""
type: string
description: LDAP filter to add to the default filters for group searches.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_LDAP_GROUP_OBJECTCLASS:
name: OCIS_LDAP_GROUP_OBJECTCLASS;USERS_LDAP_GROUP_OBJECTCLASS
defaultValue: groupOfNames
type: string
description: The object class to use for groups in the default group search filter
like 'groupOfNames'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_LDAP_GROUP_SCHEMA_DISPLAYNAME:
name: OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME;USERS_LDAP_GROUP_SCHEMA_DISPLAYNAME
defaultValue: cn
type: string
description: LDAP Attribute to use for the displayname of groups (often the same
as groupname attribute).
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_LDAP_GROUP_SCHEMA_GROUPNAME:
name: OCIS_LDAP_GROUP_SCHEMA_GROUPNAME;USERS_LDAP_GROUP_SCHEMA_GROUPNAME
defaultValue: cn
type: string
description: LDAP Attribute to use for the name of groups.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_LDAP_GROUP_SCHEMA_ID:
name: OCIS_LDAP_GROUP_SCHEMA_ID;USERS_LDAP_GROUP_SCHEMA_ID
defaultValue: ownclouduuid
type: string
description: LDAP Attribute to use as the unique ID for groups. This should be a
stable globally unique ID like a UUID.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING:
name: OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;USERS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING
defaultValue: "false"
type: bool
description: Set this to true if the defined 'id' attribute for groups is of the
'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute
of Active Directory for the group ID's.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_LDAP_GROUP_SCHEMA_MAIL:
name: OCIS_LDAP_GROUP_SCHEMA_MAIL;USERS_LDAP_GROUP_SCHEMA_MAIL
defaultValue: mail
type: string
description: LDAP Attribute to use for the email address of groups (can be empty).
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_LDAP_GROUP_SCHEMA_MEMBER:
name: OCIS_LDAP_GROUP_SCHEMA_MEMBER;USERS_LDAP_GROUP_SCHEMA_MEMBER
defaultValue: member
type: string
description: LDAP Attribute that is used for group members.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_LDAP_GROUP_SCOPE:
name: OCIS_LDAP_GROUP_SCOPE;USERS_LDAP_GROUP_SCOPE
defaultValue: sub
type: string
description: LDAP search scope to use when looking up groups. Supported values are
'base', 'one' and 'sub'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_LDAP_INSECURE:
name: OCIS_LDAP_INSECURE;USERS_LDAP_INSECURE
defaultValue: "false"
type: bool
description: Disable TLS certificate validation for the LDAP connections. Do not
set this in production environments.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_LDAP_URI:
name: OCIS_LDAP_URI;USERS_LDAP_URI
defaultValue: ldaps://localhost:9235
type: string
description: URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://'
and 'ldap://'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_LDAP_USER_BASE_DN:
name: OCIS_LDAP_USER_BASE_DN;USERS_LDAP_USER_BASE_DN
defaultValue: ou=users,o=libregraph-idm
type: string
description: Search base DN for looking up LDAP users.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_LDAP_USER_ENABLED_ATTRIBUTE:
name: OCIS_LDAP_USER_ENABLED_ATTRIBUTE;USERS_LDAP_USER_ENABLED_ATTRIBUTE
defaultValue: ownCloudUserEnabled
type: string
description: LDAP attribute to use as a flag telling if the user is enabled or disabled.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_LDAP_USER_FILTER:
name: OCIS_LDAP_USER_FILTER;USERS_LDAP_USER_FILTER
defaultValue: ""
type: string
description: LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_LDAP_USER_OBJECTCLASS:
name: OCIS_LDAP_USER_OBJECTCLASS;USERS_LDAP_USER_OBJECTCLASS
defaultValue: inetOrgPerson
type: string
description: The object class to use for users in the default user search filter
like 'inetOrgPerson'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_LDAP_USER_SCHEMA_DISPLAYNAME:
name: OCIS_LDAP_USER_SCHEMA_DISPLAYNAME;USERS_LDAP_USER_SCHEMA_DISPLAYNAME
defaultValue: displayname
type: string
description: LDAP Attribute to use for the displayname of users.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_LDAP_USER_SCHEMA_ID:
name: OCIS_LDAP_USER_SCHEMA_ID;USERS_LDAP_USER_SCHEMA_ID
defaultValue: ownclouduuid
type: string
description: LDAP Attribute to use as the unique ID for users. This should be a
stable globally unique ID like a UUID.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING:
name: OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;USERS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING
defaultValue: "false"
type: bool
description: Set this to true if the defined 'ID' attribute for users is of the
'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute
of Active Directory for the user ID's.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_LDAP_USER_SCHEMA_MAIL:
name: OCIS_LDAP_USER_SCHEMA_MAIL;USERS_LDAP_USER_SCHEMA_MAIL
defaultValue: mail
type: string
description: LDAP Attribute to use for the email address of users.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_LDAP_USER_SCHEMA_USERNAME:
name: OCIS_LDAP_USER_SCHEMA_USERNAME;USERS_LDAP_USER_SCHEMA_USERNAME
defaultValue: uid
type: string
description: LDAP Attribute to use for username of users.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_LDAP_USER_SCOPE:
name: OCIS_LDAP_USER_SCOPE;USERS_LDAP_USER_SCOPE
defaultValue: sub
type: string
description: LDAP search scope to use when looking up users. Supported values are
'base', 'one' and 'sub'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_LDAP_USER_SUBSTRING_FILTER_TYPE:
name: LDAP_USER_SUBSTRING_FILTER_TYPE;USERS_LDAP_USER_SUBSTRING_FILTER_TYPE
defaultValue: any
type: string
description: 'Type of substring search filter to use for substring searches for
users. Possible values: ''initial'' for doing prefix only searches, ''final''
for doing suffix only searches or ''any'' for doing full substring searches'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_LDAP_USER_TYPE_ATTRIBUTE:
name: OCIS_LDAP_USER_SCHEMA_USER_TYPE;USERS_LDAP_USER_TYPE_ATTRIBUTE
defaultValue: ownCloudUserType
type: string
description: LDAP Attribute to distinguish between 'Member' and 'Guest' users. Default
is 'ownCloudUserType'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_LOG_COLOR:
name: OCIS_LOG_COLOR;USERS_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_LOG_FILE:
name: OCIS_LOG_FILE;USERS_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_LOG_LEVEL:
name: OCIS_LOG_LEVEL;USERS_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_LOG_PRETTY:
name: OCIS_LOG_PRETTY;USERS_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_OWNCLOUDSQL_DB_HOST:
name: USERS_OWNCLOUDSQL_DB_HOST
defaultValue: mysql
type: string
description: Hostname of the database server.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_OWNCLOUDSQL_DB_NAME:
name: USERS_OWNCLOUDSQL_DB_NAME
defaultValue: owncloud
type: string
description: Name of the owncloud database.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_OWNCLOUDSQL_DB_PASSWORD:
name: USERS_OWNCLOUDSQL_DB_PASSWORD
defaultValue: secret
type: string
description: Password for the database user.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_OWNCLOUDSQL_DB_PORT:
name: USERS_OWNCLOUDSQL_DB_PORT
defaultValue: "3306"
type: int
description: Network port to use for the database connection.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_OWNCLOUDSQL_DB_USERNAME:
name: USERS_OWNCLOUDSQL_DB_USERNAME
defaultValue: owncloud
type: string
description: Database user to use for authenticating with the owncloud database.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_OWNCLOUDSQL_ENABLE_MEDIAL_SEARCH:
name: USERS_OWNCLOUDSQL_ENABLE_MEDIAL_SEARCH
defaultValue: "false"
type: bool
description: Allow 'medial search' when searching for users instead of just doing
a prefix search. This allows finding 'Alice' when searching for 'lic'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_OWNCLOUDSQL_IDP:
name: USERS_OWNCLOUDSQL_IDP
defaultValue: https://localhost:9200
type: string
description: The identity provider value to set in the userids of the CS3 user objects
for users returned by this user provider.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_OWNCLOUDSQL_JOIN_OWNCLOUD_UUID:
name: USERS_OWNCLOUDSQL_JOIN_OWNCLOUD_UUID
defaultValue: "false"
type: bool
description: Join the user properties table to read user IDs.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_OWNCLOUDSQL_JOIN_USERNAME:
name: USERS_OWNCLOUDSQL_JOIN_USERNAME
defaultValue: "false"
type: bool
description: Join the user properties table to read usernames
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_OWNCLOUDSQL_NOBODY:
name: USERS_OWNCLOUDSQL_NOBODY
defaultValue: "90"
type: int64
description: Fallback number if no numeric UID and GID properties are provided.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_SKIP_USER_GROUPS_IN_TOKEN:
name: USERS_SKIP_USER_GROUPS_IN_TOKEN
defaultValue: "false"
type: bool
description: Disables the loading of user's group memberships from the reva access
token.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;USERS_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;USERS_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;USERS_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
USERS_TRACING_TYPE:
name: OCIS_TRACING_TYPE;USERS_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_ASSET_APPS_PATH:
name: WEB_ASSET_APPS_PATH
defaultValue: /var/lib/ocis/web/assets/apps
type: string
description: Serve ownCloud Web apps assets from a path on the filesystem instead
of the builtin assets. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/web/assets/apps
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_ASSET_CORE_PATH:
name: WEB_ASSET_CORE_PATH
defaultValue: /var/lib/ocis/web/assets/core
type: string
description: Serve ownCloud Web assets from a path on the filesystem instead of
the builtin assets. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/web/assets/core
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_ASSET_THEMES_PATH:
name: OCIS_ASSET_THEMES_PATH;WEB_ASSET_THEMES_PATH
defaultValue: /var/lib/ocis/web/assets/themes
type: string
description: Serve ownCloud themes from a path on the filesystem instead of the
builtin assets. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH/web/assets/themes
introductionVersion: 6.0.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_CACHE_TTL:
name: WEB_CACHE_TTL
defaultValue: "604800"
type: int
description: Cache policy in seconds for ownCloud Web assets.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_CORS_ALLOW_CREDENTIALS:
name: OCIS_CORS_ALLOW_CREDENTIALS;WEB_CORS_ALLOW_CREDENTIALS
defaultValue: "false"
type: bool
description: 'Allow credentials for CORS. See following chapter for more details:
*Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_CORS_ALLOW_HEADERS:
name: OCIS_CORS_ALLOW_HEADERS;WEB_CORS_ALLOW_HEADERS
defaultValue: '[Origin Accept Content-Type Depth Authorization Ocs-Apirequest If-None-Match
If-Match Destination Overwrite X-Request-Id X-Requested-With Tus-Resumable Tus-Checksum-Algorithm
Upload-Concat Upload-Length Upload-Metadata Upload-Defer-Length Upload-Expires
Upload-Checksum Upload-Offset X-HTTP-Method-Override]'
type: '[]string'
description: 'A list of allowed CORS headers. See following chapter for more details:
*Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_CORS_ALLOW_METHODS:
name: OCIS_CORS_ALLOW_METHODS;WEB_CORS_ALLOW_METHODS
defaultValue: '[OPTIONS HEAD GET PUT PATCH POST DELETE MKCOL PROPFIND PROPPATCH
MOVE COPY REPORT SEARCH]'
type: '[]string'
description: 'A list of allowed CORS methods. See following chapter for more details:
*Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_CORS_ALLOW_ORIGINS:
name: OCIS_CORS_ALLOW_ORIGINS;WEB_CORS_ALLOW_ORIGINS
defaultValue: '[https://localhost:9200]'
type: '[]string'
description: 'A list of allowed CORS origins. See following chapter for more details:
*Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_DEBUG_ADDR:
name: WEB_DEBUG_ADDR
defaultValue: 127.0.0.1:9104
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_DEBUG_PPROF:
name: WEB_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_DEBUG_TOKEN:
name: WEB_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_DEBUG_ZPAGES:
name: WEB_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing in-memory
traces.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_GATEWAY_GRPC_ADDR:
name: WEB_GATEWAY_GRPC_ADDR
defaultValue: com.owncloud.api.gateway
type: string
description: The bind address of the GRPC service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_HTTP_ADDR:
name: WEB_HTTP_ADDR
defaultValue: 127.0.0.1:9100
type: string
description: The bind address of the HTTP service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_HTTP_ROOT:
name: WEB_HTTP_ROOT
defaultValue: /
type: string
description: Subdirectory that serves as the root for this HTTP service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_JWT_SECRET:
name: OCIS_JWT_SECRET;WEB_JWT_SECRET
defaultValue: ""
type: string
description: The secret to mint and validate jwt tokens.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_LOG_COLOR:
name: OCIS_LOG_COLOR;WEB_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_LOG_FILE:
name: OCIS_LOG_FILE;WEB_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_LOG_LEVEL:
name: OCIS_LOG_LEVEL;WEB_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_LOG_PRETTY:
name: OCIS_LOG_PRETTY;WEB_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_OIDC_AUTHORITY:
name: OCIS_URL;OCIS_OIDC_ISSUER;WEB_OIDC_AUTHORITY
defaultValue: https://localhost:9200
type: string
description: URL of the OIDC issuer. It defaults to URL of the builtin IDP.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_OIDC_CLIENT_ID:
name: OCIS_OIDC_CLIENT_ID;WEB_OIDC_CLIENT_ID
defaultValue: web
type: string
description: The OIDC client ID which ownCloud Web uses. This client needs to be
set up in your IDP. Note that this setting has no effect when using the builtin
IDP.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_OIDC_METADATA_URL:
name: WEB_OIDC_METADATA_URL
defaultValue: https://localhost:9200/.well-known/openid-configuration
type: string
description: URL for the OIDC well-known configuration endpoint. Defaults to the
oCIS API URL + '/.well-known/openid-configuration'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_OIDC_POST_LOGOUT_REDIRECT_URI:
name: WEB_OIDC_POST_LOGOUT_REDIRECT_URI
defaultValue: ""
type: string
description: This value needs to point to a valid and reachable web page. The web
client will trigger a redirect to that page directly after the logout action.
The default value is empty and redirects to the login page.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_OIDC_RESPONSE_TYPE:
name: WEB_OIDC_RESPONSE_TYPE
defaultValue: code
type: string
description: The OIDC response type to use for authentication.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_OIDC_SCOPE:
name: WEB_OIDC_SCOPE
defaultValue: openid profile email
type: string
description: OIDC scopes to request during authentication to authorize access to
user details. Defaults to 'openid profile email'. Values are separated by blank.
More example values but not limited to are 'address' or 'phone' etc.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_OPTION_CONCURRENT_REQUESTS_RESOURCE_BATCH_ACTIONS:
name: WEB_OPTION_CONCURRENT_REQUESTS_RESOURCE_BATCH_ACTIONS
defaultValue: "0"
type: int
description: Defines the maximum number of concurrent requests per file/folder/space
batch action. Defaults to 4.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_OPTION_CONCURRENT_REQUESTS_SHARES_CREATE:
name: WEB_OPTION_CONCURRENT_REQUESTS_SHARES_CREATE
defaultValue: "0"
type: int
description: Defines the maximum number of concurrent requests per sharing invite
batch. Defaults to 4.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_OPTION_CONCURRENT_REQUESTS_SHARES_LIST:
name: WEB_OPTION_CONCURRENT_REQUESTS_SHARES_LIST
defaultValue: "0"
type: int
description: Defines the maximum number of concurrent requests when loading individual
share information inside listings. Defaults to 2.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_OPTION_CONCURRENT_REQUESTS_SSE:
name: WEB_OPTION_CONCURRENT_REQUESTS_SSE
defaultValue: "0"
type: int
description: Defines the maximum number of concurrent requests in SSE event handlers.
Defaults to 4.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_OPTION_CONTEXTHELPERS_READ_MORE:
name: WEB_OPTION_CONTEXTHELPERS_READ_MORE
defaultValue: "true"
type: bool
description: Specifies whether the 'Read more' link should be displayed or not.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_OPTION_DISABLE_FEEDBACK_LINK:
name: WEB_OPTION_DISABLE_FEEDBACK_LINK
defaultValue: "false"
type: bool
description: Set this option to 'true' to disable the feedback link in the top bar.
Keeping it enabled by setting the value to 'false' or with the absence of the
option, allows ownCloud to get feedback from your user base through a dedicated
survey website.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_OPTION_DISABLE_PREVIEWS:
name: OCIS_DISABLE_PREVIEWS;WEB_OPTION_DISABLE_PREVIEWS
defaultValue: "false"
type: bool
description: Set this option to 'true' to disable previews in all the different
web file listing views. This can speed up file listings in folders with many files.
The only list view that is not affected by this setting is the trash bin, as it
does not allow previewing at all.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_OPTION_DISABLED_EXTENSIONS:
name: WEB_OPTION_DISABLED_EXTENSIONS
defaultValue: '[]'
type: '[]string'
description: 'A list to disable specific Web extensions identified by their ID.
The ID can e.g. be taken from the ''index.ts'' file of the web extension. Example:
''com.github.owncloud.web.files.search,com.github.owncloud.web.files.print''.
See the Environment Variable Types description for more details.'
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_OPTION_EMBED_DELEGATE_AUTHENTICATION:
name: WEB_OPTION_EMBED_DELEGATE_AUTHENTICATION
defaultValue: "false"
type: bool
description: Defines whether Web should require authentication to be done by the
parent application when running in 'embed' mode. If set to 'true' Web will not
try to authenticate the user on its own but will require an access token coming
from the parent application. Defaults to being unset.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_OPTION_EMBED_DELEGATE_AUTHENTICATION_ORIGIN:
name: WEB_OPTION_EMBED_DELEGATE_AUTHENTICATION_ORIGIN
defaultValue: ""
type: string
description: Defines the host to validate the message event origin against when
running Web in 'embed' mode with delegated authentication. Defaults to event message
origin validation being omitted, which is only recommended for development setups.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_OPTION_EMBED_ENABLED:
name: WEB_OPTION_EMBED_ENABLED
defaultValue: ""
type: string
description: Defines whether Web should be running in 'embed' mode. Setting this
to 'true' will enable a stripped down version of Web with reduced functionality
used to integrate Web into other applications like via iFrame. Setting it to 'false'
or not setting it (default) will run Web as usual with all functionality enabled.
See the text description for more details.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_OPTION_EMBED_MESSAGES_ORIGIN:
name: WEB_OPTION_EMBED_MESSAGES_ORIGIN
defaultValue: ""
type: string
description: Defines a URL under which Web can be integrated via iFrame in 'embed'
mode. Note that setting this is mandatory when running Web in 'embed' mode. Use
'*' as value to allow running the iFrame under any URL, although this is not recommended
for security reasons. See the text description for more details.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_OPTION_EMBED_TARGET:
name: WEB_OPTION_EMBED_TARGET
defaultValue: ""
type: string
description: Defines how Web is being integrated when running in 'embed' mode. Currently,
the only supported options are '' (empty) and 'location'. With '' which is the
default, Web will run regular as defined via the 'embed.enabled' config option.
With 'location', Web will run embedded as location picker. Resource selection
will be disabled and the selected resources array always includes the current
folder as the only item. See the text description for more details.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_OPTION_HOME_FOLDER:
name: WEB_OPTION_HOME_FOLDER
defaultValue: ""
type: string
description: Specifies a folder that is used when the user navigates 'home'. Navigating
home gets triggered by clicking on the 'All files' menu item. The user will not
be jailed in that directory, it simply serves as a default location. A static
location can be provided, or variables of the user object to come up with a user
specific home path can be used. This uses the twig template variable style and
allows picking a value or a substring of a value of the authenticated user. Examples
are '/Shares', '/{{.Id}}' and '/{{substr 0 3 .Id}}/{{.Id}'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_OPTION_HOVERABLE_QUICK_ACTIONS:
name: WEB_OPTION_HOVERABLE_QUICK_ACTIONS
defaultValue: "false"
type: bool
description: Set this option to 'true' to hide quick actions (buttons appearing
on file rows) and only show them when the user hovers over the row with his mouse.
Defaults to 'false'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_OPTION_LOGIN_URL:
name: WEB_OPTION_LOGIN_URL
defaultValue: ""
type: string
description: 'Specifies the target URL to the login page. This is helpful when an
external IdP is used. This option is disabled by default. Example URL like: https://www.myidp.com/login.'
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_OPTION_LOGOUT_URL:
name: WEB_OPTION_LOGOUT_URL
defaultValue: ""
type: string
description: Adds a link to the user's profile page to point him to an external
page, where he can manage his session and devices. This is helpful when an external
IdP is used. This option is disabled by default.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_OPTION_OPEN_APPS_IN_TAB:
name: WEB_OPTION_OPEN_APPS_IN_TAB
defaultValue: "false"
type: bool
description: Configures whether apps and extensions should generally open in a new
tab. Defaults to false.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_OPTION_OPEN_LINKS_WITH_DEFAULT_APP:
name: WEB_OPTION_OPEN_LINKS_WITH_DEFAULT_APP
defaultValue: "true"
type: bool
description: Specifies whether single file link shares should be opened with the
default app or not. If not opened by the default app, the Web UI just displays
the file details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_OPTION_PREVIEW_FILE_MIMETYPES:
name: WEB_OPTION_PREVIEW_FILE_MIMETYPES
defaultValue: '[image/gif image/png image/jpeg text/plain image/tiff image/bmp image/x-ms-bmp
application/vnd.geogebra.slides]'
type: '[]string'
description: A list of mimeTypes to specify which ones will be previewed in the
UI. For example, to only preview jpg and text files, set this option to 'image/jpeg,text/plain'.
See the Environment Variable Types description for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_OPTION_ROUTING_ID_BASED:
name: WEB_OPTION_ROUTING_ID_BASED
defaultValue: "true"
type: bool
description: 'Enable or disable fileIds being added to the URL. Defaults to ''true'',
because otherwise spaces with name clashes cannot be resolved correctly. Note:
Only disable this if you can guarantee on the server side, that spaces of the
same namespace cannot have name clashes.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_OPTION_RUNNING_ON_EOS:
name: WEB_OPTION_RUNNING_ON_EOS
defaultValue: "false"
type: bool
description: Set this option to 'true' if running on an EOS storage backend (https://eos-web.web.cern.ch/eos-web/)
to enable its specific features. Defaults to 'false'.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_OPTION_SHARING_RECIPIENTS_PER_PAGE:
name: WEB_OPTION_SHARING_RECIPIENTS_PER_PAGE
defaultValue: "200"
type: int
description: Sets the number of users shown as recipients in the dropdown menu when
sharing resources.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_OPTION_SIDEBAR_SHARES_SHOW_ALL_ON_LOAD:
name: WEB_OPTION_SIDEBAR_SHARES_SHOW_ALL_ON_LOAD
defaultValue: "false"
type: bool
description: Sets the list of the (link) shares list in the sidebar to be initially
expanded. Default is a collapsed state, only showing the first three shares.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_OPTION_TOKEN_STORAGE_LOCAL:
name: WEB_OPTION_TOKEN_STORAGE_LOCAL
defaultValue: "true"
type: bool
description: Specifies whether the access token will be stored in the local storage
when set to 'true' or in the session storage when set to 'false'. If stored in
the local storage, login state will be persisted across multiple browser tabs,
means no additional logins are required.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_OPTION_USER_LIST_REQUIRES_FILTER:
name: WEB_OPTION_USER_LIST_REQUIRES_FILTER
defaultValue: "false"
type: bool
description: Defines whether one or more filters must be set in order to list users
in the Web admin settings. Set this option to 'true' if running in an environment
with a lot of users and listing all users could slow down performance. Defaults
to 'false'.
introductionVersion: "5.0"
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;WEB_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;WEB_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;WEB_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_TRACING_TYPE:
name: OCIS_TRACING_TYPE;WEB_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_UI_CONFIG_FILE:
name: WEB_UI_CONFIG_FILE
defaultValue: ""
type: string
description: Read the ownCloud Web json based configuration from this path/file.
The config file takes precedence over WEB_OPTION_xxx environment variables. See
the text description for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_UI_CONFIG_SERVER:
name: OCIS_URL;WEB_UI_CONFIG_SERVER
defaultValue: https://localhost:9200
type: string
description: URL, where the oCIS APIs are reachable for ownCloud Web.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_UI_THEME_PATH:
name: WEB_UI_THEME_PATH
defaultValue: /themes/owncloud/theme.json
type: string
description: Path to the theme json file. Will be appended to the URL of the theme
server.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEB_UI_THEME_SERVER:
name: OCIS_URL;WEB_UI_THEME_SERVER
defaultValue: https://localhost:9200
type: string
description: Base URL to load themes from. Will be prepended to the theme path.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBDAV_CORS_ALLOW_CREDENTIALS:
name: OCIS_CORS_ALLOW_CREDENTIALS;WEBDAV_CORS_ALLOW_CREDENTIALS
defaultValue: "true"
type: bool
description: 'Allow credentials for CORS.See following chapter for more details:
*Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBDAV_CORS_ALLOW_HEADERS:
name: OCIS_CORS_ALLOW_HEADERS;WEBDAV_CORS_ALLOW_HEADERS
defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id
Cache-Control]'
type: '[]string'
description: 'A list of allowed CORS headers. See following chapter for more details:
*Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBDAV_CORS_ALLOW_METHODS:
name: OCIS_CORS_ALLOW_METHODS;WEBDAV_CORS_ALLOW_METHODS
defaultValue: '[GET POST PUT PATCH DELETE OPTIONS]'
type: '[]string'
description: 'A list of allowed CORS methods. See following chapter for more details:
*Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBDAV_CORS_ALLOW_ORIGINS:
name: OCIS_CORS_ALLOW_ORIGINS;WEBDAV_CORS_ALLOW_ORIGINS
defaultValue: '[*]'
type: '[]string'
description: 'A list of allowed CORS origins. See following chapter for more details:
*Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBDAV_DEBUG_ADDR:
name: WEBDAV_DEBUG_ADDR
defaultValue: 127.0.0.1:9119
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBDAV_DEBUG_PPROF:
name: WEBDAV_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBDAV_DEBUG_TOKEN:
name: WEBDAV_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBDAV_DEBUG_ZPAGES:
name: WEBDAV_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing in-memory
traces.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBDAV_DISABLE_PREVIEWS:
name: OCIS_DISABLE_PREVIEWS;WEBDAV_DISABLE_PREVIEWS
defaultValue: "false"
type: bool
description: Set this option to 'true' to disable rendering of thumbnails triggered
via webdav access. Note that when disabled, all access to preview related webdav
paths will return a 404.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBDAV_HTTP_ADDR:
name: WEBDAV_HTTP_ADDR
defaultValue: 127.0.0.1:9115
type: string
description: The bind address of the HTTP service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBDAV_HTTP_ROOT:
name: WEBDAV_HTTP_ROOT
defaultValue: /
type: string
description: Subdirectory that serves as the root for this HTTP service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBDAV_LOG_COLOR:
name: OCIS_LOG_COLOR;WEBDAV_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBDAV_LOG_FILE:
name: OCIS_LOG_FILE;WEBDAV_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBDAV_LOG_LEVEL:
name: OCIS_LOG_LEVEL;WEBDAV_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBDAV_LOG_PRETTY:
name: OCIS_LOG_PRETTY;WEBDAV_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBDAV_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;WEBDAV_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBDAV_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;WEBDAV_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBDAV_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;WEBDAV_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBDAV_TRACING_TYPE:
name: OCIS_TRACING_TYPE;WEBDAV_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBDAV_WEBDAV_NAMESPACE:
name: WEBDAV_WEBDAV_NAMESPACE
defaultValue: /users/{{.Id.OpaqueId}}
type: string
description: CS3 path layout to use when forwarding /webdav requests
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBFINGER_CORS_ALLOW_CREDENTIALS:
name: OCIS_CORS_ALLOW_CREDENTIALS;WEBFINGER_CORS_ALLOW_CREDENTIALS
defaultValue: "false"
type: bool
description: 'Allow credentials for CORS.See following chapter for more details:
*Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBFINGER_CORS_ALLOW_HEADERS:
name: OCIS_CORS_ALLOW_HEADERS;WEBFINGER_CORS_ALLOW_HEADERS
defaultValue: '[]'
type: '[]string'
description: 'A list of allowed CORS headers. See following chapter for more details:
*Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBFINGER_CORS_ALLOW_METHODS:
name: OCIS_CORS_ALLOW_METHODS;WEBFINGER_CORS_ALLOW_METHODS
defaultValue: '[]'
type: '[]string'
description: 'A list of allowed CORS methods. See following chapter for more details:
*Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBFINGER_CORS_ALLOW_ORIGINS:
name: OCIS_CORS_ALLOW_ORIGINS;WEBFINGER_CORS_ALLOW_ORIGINS
defaultValue: '[https://localhost:9200]'
type: '[]string'
description: 'A list of allowed CORS origins. See following chapter for more details:
*Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin.
See the Environment Variable Types description for more details.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBFINGER_DEBUG_ADDR:
name: WEBFINGER_DEBUG_ADDR
defaultValue: 127.0.0.1:9279
type: string
description: Bind address of the debug server, where metrics, health, config and
debug endpoints will be exposed.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBFINGER_DEBUG_PPROF:
name: WEBFINGER_DEBUG_PPROF
defaultValue: "false"
type: bool
description: Enables pprof, which can be used for profiling.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBFINGER_DEBUG_TOKEN:
name: WEBFINGER_DEBUG_TOKEN
defaultValue: ""
type: string
description: Token to secure the metrics endpoint.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBFINGER_DEBUG_ZPAGES:
name: WEBFINGER_DEBUG_ZPAGES
defaultValue: "false"
type: bool
description: Enables zpages, which can be used for collecting and viewing in-memory
traces.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBFINGER_HTTP_ADDR:
name: WEBFINGER_HTTP_ADDR
defaultValue: 127.0.0.1:9275
type: string
description: The bind address of the HTTP service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBFINGER_HTTP_ROOT:
name: WEBFINGER_HTTP_ROOT
defaultValue: /
type: string
description: Subdirectory that serves as the root for this HTTP service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBFINGER_INSECURE:
name: OCIS_INSECURE;WEBFINGER_INSECURE
defaultValue: "false"
type: bool
description: Allow insecure connections to the WEBFINGER service.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBFINGER_LOG_COLOR:
name: OCIS_LOG_COLOR;WEBFINGER_LOG_COLOR
defaultValue: "false"
type: bool
description: Activates colorized log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBFINGER_LOG_FILE:
name: OCIS_LOG_FILE;WEBFINGER_LOG_FILE
defaultValue: ""
type: string
description: The path to the log file. Activates logging to this file if set.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBFINGER_LOG_LEVEL:
name: OCIS_LOG_LEVEL;WEBFINGER_LOG_LEVEL
defaultValue: ""
type: string
description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'',
''warn'', ''info'', ''debug'', ''trace''.'
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBFINGER_LOG_PRETTY:
name: OCIS_LOG_PRETTY;WEBFINGER_LOG_PRETTY
defaultValue: "false"
type: bool
description: Activates pretty log output.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBFINGER_OIDC_ISSUER:
name: OCIS_URL;OCIS_OIDC_ISSUER;WEBFINGER_OIDC_ISSUER
defaultValue: https://localhost:9200
type: string
description: The identity provider href for the openid-discovery relation.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBFINGER_OWNCLOUD_SERVER_INSTANCE_URL:
name: OCIS_URL;WEBFINGER_OWNCLOUD_SERVER_INSTANCE_URL
defaultValue: https://localhost:9200
type: string
description: The URL for the legacy ownCloud server instance relation (not to be
confused with the product ownCloud Server). It defaults to the OCIS_URL but can
be overridden to support some reverse proxy corner cases. To shard the deployment,
multiple instances can be configured in the configuration file.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBFINGER_RELATIONS:
name: WEBFINGER_RELATIONS
defaultValue: '[http://openid.net/specs/connect/1.0/issuer http://webfinger.owncloud/rel/server-instance]'
type: '[]string'
description: A list of relation URIs or registered relation types to add to webfinger
responses. See the Environment Variable Types description for more details.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBFINGER_TRACING_COLLECTOR:
name: OCIS_TRACING_COLLECTOR;WEBFINGER_TRACING_COLLECTOR
defaultValue: ""
type: string
description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces.
Only used if the tracing endpoint is unset.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBFINGER_TRACING_ENABLED:
name: OCIS_TRACING_ENABLED;WEBFINGER_TRACING_ENABLED
defaultValue: "false"
type: bool
description: Activates tracing.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBFINGER_TRACING_ENDPOINT:
name: OCIS_TRACING_ENDPOINT;WEBFINGER_TRACING_ENDPOINT
defaultValue: ""
type: string
description: The endpoint of the tracing agent.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
WEBFINGER_TRACING_TYPE:
name: OCIS_TRACING_TYPE;WEBFINGER_TRACING_TYPE
defaultValue: ""
type: string
description: The type of tracing. Defaults to '', which is the same as 'jaeger'.
Allowed tracing types are 'jaeger' and '' as of now.
introductionVersion: pre5.0
deprecationVersion: ""
removalVersion: ""
deprecationInfo: ""
Reference in New Issue View Git Blame Copy Permalink