From 0f75730eff764878b9bde652bf610daf565c5f6e Mon Sep 17 00:00:00 2001 From: mmattel Date: Fri, 14 Jun 2024 09:21:23 +0200 Subject: [PATCH] [docs-only] [chore] Update helper generated envvar yamls --- docs/helpers/env_vars.yaml | 886 ++++++++++++++++++++++++++------ docs/helpers/extended_vars.yaml | 6 +- 2 files changed, 725 insertions(+), 167 deletions(-) diff --git a/docs/helpers/env_vars.yaml b/docs/helpers/env_vars.yaml index 7bfdd5f773e..88ad235e54a 100644 --- a/docs/helpers/env_vars.yaml +++ b/docs/helpers/env_vars.yaml @@ -1,3 +1,104 @@ +ACTIVITYLOG_SERVICE_ACCOUNT_ID: + name: OCIS_SERVICE_ACCOUNT_ID;ACTIVITYLOG_SERVICE_ACCOUNT_ID + defaultValue: "" + type: string + description: The ID of the service account the service should use. See the 'auth-service' + service description for more details. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +ACTIVITYLOG_STORE: + name: OCIS_PERSISTENT_STORE;ACTIVITYLOG_STORE + defaultValue: nats-js-kv + type: string + description: 'The type of the store. Supported values are: ''memory'', ''ocmem'', + ''etcd'', ''redis'', ''redis-sentinel'', ''nats-js'', ''noop''. See the text description + for details.' + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +ACTIVITYLOG_STORE_AUTH_PASSWORD: + name: OCIS_PERSISTENT_STORE_AUTH_PASSWORD;ACTIVITYLOG_STORE_AUTH_PASSWORD + defaultValue: "" + type: string + description: The password to authenticate with the store. Only applies when store + type 'nats-js-kv' is configured. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +ACTIVITYLOG_STORE_AUTH_USERNAME: + name: OCIS_PERSISTENT_STORE_AUTH_USERNAME;ACTIVITYLOG_STORE_AUTH_USERNAME + defaultValue: "" + type: string + description: The username to authenticate with the store. Only applies when store + type 'nats-js-kv' is configured. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +ACTIVITYLOG_STORE_DATABASE: + name: ACTIVITYLOG_STORE_DATABASE + defaultValue: activitylog + type: string + description: The database name the configured store should use. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +ACTIVITYLOG_STORE_NODES: + name: OCIS_PERSISTENT_STORE_NODES;ACTIVITYLOG_STORE_NODES + defaultValue: '[127.0.0.1:9233]' + type: '[]string' + description: A list of nodes to access the configured store. This has no effect + when 'memory' or 'ocmem' stores are configured. Note that the behaviour how nodes + are used is dependent on the library of the configured store. See the Environment + Variable Types description for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +ACTIVITYLOG_STORE_SIZE: + name: OCIS_PERSISTENT_STORE_SIZE;ACTIVITYLOG_STORE_SIZE + defaultValue: "0" + type: int + description: The maximum quantity of items in the store. Only applies when store + type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package + though not exclicitely set as default. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +ACTIVITYLOG_STORE_TABLE: + name: ACTIVITYLOG_STORE_TABLE + defaultValue: "" + type: string + description: The database table the store should use. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +ACTIVITYLOG_STORE_TTL: + name: OCIS_PERSISTENT_STORE_TTL;ACTIVITYLOG_STORE_TTL + defaultValue: 0s + type: Duration + description: Time to live for events in the store. See the Environment Variable + Types description for more details. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +ACTIVITYOG_SERVICE_ACCOUNT_SECRET: + name: OCIS_SERVICE_ACCOUNT_SECRET;ACTIVITYOG_SERVICE_ACCOUNT_SECRET + defaultValue: "" + type: string + description: The service account secret. + introductionVersion: "5.0" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" ANTIVIRUS_CLAMAV_SOCKET: name: ANTIVIRUS_CLAMAV_SOCKET defaultValue: /run/clamav/clamd.ctl @@ -219,8 +320,8 @@ ANTIVIRUS_MAX_SCAN_SIZE: type: string description: 'The maximum scan size the virus scanner can handle. Only this many bytes of a file will be scanned. 0 means unlimited and is the default. Usable - common abbreviations: [KB, KiB, GB, GiB, TB, TiB, PB, PiB, EB, EiB], example: - 2GB.' + common abbreviations: [KB, KiB, MB, MiB, GB, GiB, TB, TiB, PB, PiB, EB, EiB], + example: 2GB.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -1963,7 +2064,7 @@ AUTH_SERVICE_TRACING_TYPE: deprecationInfo: "" CLIENTLOG_DEBUG_ADDR: name: CLIENTLOG_DEBUG_ADDR - defaultValue: 127.0.0.1:9260 + defaultValue: 127.0.0.1:9197 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. @@ -2181,6 +2282,239 @@ CLIENTLOG_USERLOG_LOG_PRETTY: deprecationVersion: "" removalVersion: "" deprecationInfo: "" +COLLABORATION_APP_ADDR: + name: COLLABORATION_APP_ADDR + defaultValue: https://127.0.0.1:9980 + type: string + description: The URL where the WOPI app is located, such as https://127.0.0.1:8080. + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +COLLABORATION_APP_DESCRIPTION: + name: COLLABORATION_APP_DESCRIPTION + defaultValue: Open office documents with Collabora + type: string + description: App description + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +COLLABORATION_APP_ICON: + name: COLLABORATION_APP_ICON + defaultValue: image-edit + type: string + description: Icon for the app + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +COLLABORATION_APP_INSECURE: + name: COLLABORATION_APP_INSECURE + defaultValue: "false" + type: bool + description: Skip TLS certificate verification when connecting to the WOPI app + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +COLLABORATION_APP_LOCKNAME: + name: COLLABORATION_APP_LOCKNAME + defaultValue: com.github.owncloud.collaboration + type: string + description: Name for the app lock + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +COLLABORATION_APP_NAME: + name: COLLABORATION_APP_NAME + defaultValue: Collabora + type: string + description: The name of the app + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +COLLABORATION_CS3API_DATAGATEWAY_INSECURE: + name: COLLABORATION_CS3API_DATAGATEWAY_INSECURE + defaultValue: "false" + type: bool + description: Connect to the CS3API data gateway insecurely. + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +COLLABORATION_CS3API_GATEWAY_NAME: + name: OCIS_REVA_GATEWAY;COLLABORATION_CS3API_GATEWAY_NAME + defaultValue: com.owncloud.api.gateway + type: string + description: The service name of the CS3API gateway. + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +COLLABORATION_DEBUG_ADDR: + name: COLLABORATION_DEBUG_ADDR + defaultValue: 127.0.0.1:9304 + type: string + description: Bind address of the debug server, where metrics, health, config and + debug endpoints will be exposed. + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +COLLABORATION_DEBUG_PPROF: + name: COLLABORATION_DEBUG_PPROF + defaultValue: "false" + type: bool + description: Enables pprof, which can be used for profiling. + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +COLLABORATION_DEBUG_TOKEN: + name: COLLABORATION_DEBUG_TOKEN + defaultValue: "" + type: string + description: Token to secure the metrics endpoint. + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +COLLABORATION_DEBUG_ZPAGES: + name: COLLABORATION_DEBUG_ZPAGES + defaultValue: "false" + type: bool + description: Enables zpages, which can be used for collecting and viewing in-memory + traces. + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +COLLABORATION_GRPC_ADDR: + name: COLLABORATION_GRPC_ADDR + defaultValue: 127.0.0.1:9301 + type: string + description: The bind address of the GRPC service. + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +COLLABORATION_HTTP_ADDR: + name: COLLABORATION_HTTP_ADDR + defaultValue: 127.0.0.1:9300 + type: string + description: The bind address of the HTTP service. + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +COLLABORATION_JWT_SECRET: + name: OCIS_JWT_SECRET;COLLABORATION_JWT_SECRET + defaultValue: "" + type: string + description: The secret to mint and validate jwt tokens. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +COLLABORATION_LOG_COLOR: + name: OCIS_LOG_COLOR;COLLABORATION_LOG_COLOR + defaultValue: "false" + type: bool + description: Activates colorized log output. + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +COLLABORATION_LOG_FILE: + name: OCIS_LOG_FILE;COLLABORATION_LOG_FILE + defaultValue: "" + type: string + description: The path to the log file. Activates logging to this file if set. + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +COLLABORATION_LOG_LEVEL: + name: OCIS_LOG_LEVEL;COLLABORATION_LOG_LEVEL + defaultValue: "" + type: string + description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', + ''warn'', ''info'', ''debug'', ''trace''.' + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +COLLABORATION_LOG_PRETTY: + name: OCIS_LOG_PRETTY;COLLABORATION_LOG_PRETTY + defaultValue: "false" + type: bool + description: Activates pretty log output. + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +COLLABORATION_TRACING_COLLECTOR: + name: OCIS_TRACING_COLLECTOR;COLLABORATION_TRACING_COLLECTOR + defaultValue: "" + type: string + description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. + Only used if the tracing endpoint is unset. + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +COLLABORATION_TRACING_ENABLED: + name: OCIS_TRACING_ENABLED;COLLABORATION_TRACING_ENABLED + defaultValue: "false" + type: bool + description: Activates tracing. + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +COLLABORATION_TRACING_ENDPOINT: + name: OCIS_TRACING_ENDPOINT;COLLABORATION_TRACING_ENDPOINT + defaultValue: "" + type: string + description: The endpoint of the tracing agent. + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +COLLABORATION_TRACING_TYPE: + name: OCIS_TRACING_TYPE;COLLABORATION_TRACING_TYPE + defaultValue: "" + type: string + description: The type of tracing. Defaults to '', which is the same as 'jaeger'. + Allowed tracing types are 'jaeger' and '' as of now. + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +COLLABORATION_WOPI_SECRET: + name: COLLABORATION_WOPI_SECRET + defaultValue: "" + type: string + description: Used to mint and verify WOPI JWT tokens and encrypt and decrypt the + REVA JWT token embedded in the WOPI JWT token. + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +COLLABORATION_WOPI_SRC: + name: COLLABORATION_WOPI_SRC + defaultValue: https://localhost:9300 + type: string + description: The WOPISrc base URL containing schema, host and port. Set this to + the schema and domain where the collaboration service is reachable for the wopi + app, such as https://office.owncloud.test. + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" EVENTHISTORY_DEBUG_ADDR: name: EVENTHISTORY_DEBUG_ADDR defaultValue: 127.0.0.1:9270 @@ -2464,6 +2798,16 @@ FRONTEND_APP_HANDLER_INSECURE: deprecationVersion: "" removalVersion: "" deprecationInfo: "" +FRONTEND_APP_HANDLER_SECURE_VIEW_APP_ADDR: + name: FRONTEND_APP_HANDLER_SECURE_VIEW_APP_ADDR + defaultValue: com.owncloud.api.collaboration + type: string + description: Service name or address of the app provider to use for secure view. + Should match the service name or address of the registered CS3 app provider. + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" FRONTEND_ARCHIVER_INSECURE: name: OCIS_INSECURE;FRONTEND_ARCHIVER_INSECURE defaultValue: "false" @@ -2949,8 +3293,8 @@ FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD: name: OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD defaultValue: "false" type: bool - description: Set this to true if you want to enforce passwords on Uploader, Editor - or Contributor shares. + description: Set this to true if you want to enforce passwords for writable shares. + Only effective if the setting for 'passwords on all public shares' is set to false. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" @@ -6882,16 +7226,26 @@ OCDAV_WEBDAV_NAMESPACE: removalVersion: "" deprecationInfo: "" OCIS_ADMIN_USER_ID: - name: OCIS_ADMIN_USER_ID;STORAGE_USERS_PURGE_TRASH_BIN_USER_ID + name: OCIS_ADMIN_USER_ID;SETTINGS_ADMIN_USER_ID defaultValue: "" type: string - description: ID of the user who collects all necessary information for deletion. - Consider that the UUID can be encoded in some LDAP deployment configurations like - in .ldif files. These need to be decoded beforehand. + description: ID of the user that should receive admin privileges. Consider that + the UUID can be encoded in some LDAP deployment configurations like in .ldif files. + These need to be decoded beforehand. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" +OCIS_ASSET_THEMES_PATH: + name: OCIS_ASSET_THEMES_PATH;WEB_ASSET_THEMES_PATH + defaultValue: /var/lib/ocis/web/assets/themes + type: string + description: Serve ownCloud themes from a path on the filesystem instead of the + builtin assets. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/web/assets/themes + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" OCIS_ASYNC_UPLOADS: name: OCIS_ASYNC_UPLOADS;SEARCH_EVENTS_ASYNC_UPLOADS defaultValue: "true" @@ -6902,28 +7256,28 @@ OCIS_ASYNC_UPLOADS: removalVersion: "" deprecationInfo: "" OCIS_CACHE_AUTH_PASSWORD: - name: OCIS_CACHE_AUTH_PASSWORD;FRONTEND_OCS_STAT_CACHE_AUTH_PASSWORD + name: OCIS_CACHE_AUTH_PASSWORD;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_PASSWORD defaultValue: "" type: string - description: The password to use for authentication. Only applies when using the - 'nats-js-kv' store type. + description: The password to authenticate with the store. Only applies when store + type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_CACHE_AUTH_USERNAME: - name: OCIS_CACHE_AUTH_USERNAME;FRONTEND_OCS_STAT_CACHE_AUTH_USERNAME + name: OCIS_CACHE_AUTH_USERNAME;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_USERNAME defaultValue: "" type: string - description: The username to use for authentication. Only applies when using the - 'nats-js-kv' store type. + description: The username to authenticate with the store. Only applies when store + type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_CACHE_DATABASE: name: OCIS_CACHE_DATABASE - defaultValue: cache-stat + defaultValue: cache-createhome type: string description: The database name the configured store should use. introductionVersion: pre5.0 @@ -6931,60 +7285,60 @@ OCIS_CACHE_DATABASE: removalVersion: "" deprecationInfo: "" OCIS_CACHE_DISABLE_PERSISTENCE: - name: OCIS_CACHE_DISABLE_PERSISTENCE;FRONTEND_OCS_STAT_CACHE_DISABLE_PERSISTENCE + name: OCIS_CACHE_DISABLE_PERSISTENCE;GRAPH_CACHE_DISABLE_PERSISTENCE defaultValue: "false" type: bool - description: Disable persistence of the cache. Only applies when using the 'nats-js-kv' - store type. Defaults to false. + description: Disables persistence of the cache. Only applies when store type 'nats-js-kv' + is configured. Defaults to false. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_CACHE_SIZE: - name: OCIS_CACHE_SIZE;FRONTEND_OCS_STAT_CACHE_SIZE + name: OCIS_CACHE_SIZE;GRAPH_CACHE_SIZE defaultValue: "0" type: int - description: Max number of entries to hold in the cache. + description: The maximum quantity of items in the store. Only applies when store + type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package + though not explicitly set as default. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_CACHE_STORE: - name: OCIS_CACHE_STORE;FRONTEND_OCS_STAT_CACHE_STORE - defaultValue: memory + name: OCIS_CACHE_STORE;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE + defaultValue: nats-js-kv type: string - description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'', - ''nats-js-kv'', ''noop''. See the text description for details.' - introductionVersion: pre5.0 + description: 'The type of the signing key store. Supported values are: ''redis-sentinel'' + and ''nats-js-kv''. See the text description for details.' + introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_CACHE_STORE_NODES: - name: OCIS_CACHE_STORE_NODES;FRONTEND_OCS_STAT_CACHE_STORE_NODES + name: OCIS_CACHE_STORE_NODES;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' - description: A list of nodes to access the configured store. This has no effect - when 'memory' or 'ocmem' stores are configured. Note that the behaviour how nodes - are used is dependent on the library of the configured store. See the Environment - Variable Types description for more details. - introductionVersion: pre5.0 + description: A list of nodes to access the configured store. Note that the behaviour + how nodes are used is dependent on the library of the configured store. See the + Environment Variable Types description for more details. + introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_CACHE_TTL: - name: OCIS_CACHE_TTL;FRONTEND_OCS_STAT_CACHE_TTL - defaultValue: 5m0s + name: OCIS_CACHE_TTL;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_TTL + defaultValue: 12h0m0s type: Duration - description: Default time to live for user info in the cache. Only applied when - access tokens has no expiration. See the Environment Variable Types description - for more details. - introductionVersion: pre5.0 + description: Default time to live for signing keys. See the Environment Variable + Types description for more details. + introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_CORS_ALLOW_CREDENTIALS: - name: OCIS_CORS_ALLOW_CREDENTIALS;WEBDAV_CORS_ALLOW_CREDENTIALS - defaultValue: "true" + name: OCIS_CORS_ALLOW_CREDENTIALS;WEBFINGER_CORS_ALLOW_CREDENTIALS + defaultValue: "false" type: bool description: 'Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.' @@ -6993,9 +7347,8 @@ OCIS_CORS_ALLOW_CREDENTIALS: removalVersion: "" deprecationInfo: "" OCIS_CORS_ALLOW_HEADERS: - name: OCIS_CORS_ALLOW_HEADERS;WEBDAV_CORS_ALLOW_HEADERS - defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id - Cache-Control]' + name: OCIS_CORS_ALLOW_HEADERS;WEBFINGER_CORS_ALLOW_HEADERS + defaultValue: '[]' type: '[]string' description: 'A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. @@ -7005,8 +7358,8 @@ OCIS_CORS_ALLOW_HEADERS: removalVersion: "" deprecationInfo: "" OCIS_CORS_ALLOW_METHODS: - name: OCIS_CORS_ALLOW_METHODS;WEBDAV_CORS_ALLOW_METHODS - defaultValue: '[GET POST PUT PATCH DELETE OPTIONS]' + name: OCIS_CORS_ALLOW_METHODS;WEBFINGER_CORS_ALLOW_METHODS + defaultValue: '[]' type: '[]string' description: 'A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. @@ -7016,8 +7369,8 @@ OCIS_CORS_ALLOW_METHODS: removalVersion: "" deprecationInfo: "" OCIS_CORS_ALLOW_ORIGINS: - name: OCIS_CORS_ALLOW_ORIGINS;WEBDAV_CORS_ALLOW_ORIGINS - defaultValue: '[*]' + name: OCIS_CORS_ALLOW_ORIGINS;WEBFINGER_CORS_ALLOW_ORIGINS + defaultValue: '[https://localhost:9200]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. @@ -7051,7 +7404,7 @@ OCIS_CORS_MAX_AGE: removalVersion: "" deprecationInfo: "" OCIS_DECOMPOSEDFS_METADATA_BACKEND: - name: OCIS_DECOMPOSEDFS_METADATA_BACKEND;STORAGE_SYSTEM_OCIS_METADATA_BACKEND + name: OCIS_DECOMPOSEDFS_METADATA_BACKEND;STORAGE_USERS_OCIS_METADATA_BACKEND defaultValue: messagepack type: string description: The backend to use for storing metadata. Supported values are 'messagepack' @@ -7113,7 +7466,7 @@ OCIS_DISABLE_SSE,USERLOG_DISABLE_SSE: removalVersion: "" deprecationInfo: "" OCIS_EDITION: - name: OCIS_EDITION;OCDAV_EDITION + name: OCIS_EDITION;FRONTEND_EDITION defaultValue: Community type: string description: Edition of oCIS. Used for branding purposes. @@ -7141,7 +7494,7 @@ OCIS_ENABLE_RESHARING: removalVersion: "" deprecationInfo: Resharing will be removed in the future. OCIS_EVENTS_AUTH_PASSWORD: - name: OCIS_EVENTS_AUTH_PASSWORD;USERLOG_EVENTS_AUTH_PASSWORD + name: OCIS_EVENTS_AUTH_PASSWORD;ANTIVIRUS_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the events broker. The events broker @@ -7151,7 +7504,7 @@ OCIS_EVENTS_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" OCIS_EVENTS_AUTH_USERNAME: - name: OCIS_EVENTS_AUTH_USERNAME;USERLOG_EVENTS_AUTH_USERNAME + name: OCIS_EVENTS_AUTH_USERNAME;ANTIVIRUS_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the events broker. The events broker @@ -7161,7 +7514,7 @@ OCIS_EVENTS_AUTH_USERNAME: removalVersion: "" deprecationInfo: "" OCIS_EVENTS_CLUSTER: - name: OCIS_EVENTS_CLUSTER;USERLOG_EVENTS_CLUSTER + name: OCIS_EVENTS_CLUSTER;ANTIVIRUS_EVENTS_CLUSTER defaultValue: ocis-cluster type: string description: The clusterID of the event system. The event system is the message @@ -7172,7 +7525,7 @@ OCIS_EVENTS_CLUSTER: removalVersion: "" deprecationInfo: "" OCIS_EVENTS_ENABLE_TLS: - name: OCIS_EVENTS_ENABLE_TLS;USERLOG_EVENTS_ENABLE_TLS + name: OCIS_EVENTS_ENABLE_TLS;ANTIVIRUS_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker @@ -7182,7 +7535,7 @@ OCIS_EVENTS_ENABLE_TLS: removalVersion: "" deprecationInfo: "" OCIS_EVENTS_ENDPOINT: - name: OCIS_EVENTS_ENDPOINT;USERLOG_EVENTS_ENDPOINT + name: OCIS_EVENTS_ENDPOINT;ANTIVIRUS_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing @@ -7192,21 +7545,21 @@ OCIS_EVENTS_ENDPOINT: removalVersion: "" deprecationInfo: "" OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE: - name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;USERLOG_EVENTS_TLS_ROOT_CA_CERTIFICATE + name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;ANTIVIRUS_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. - If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false. + If provided ANTIVIRUS_EVENTS_TLS_INSECURE will be seen as false. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_GATEWAY_GRPC_ADDR: - name: OCIS_GATEWAY_GRPC_ADDR;STORAGE_USERS_GATEWAY_GRPC_ADDR + name: OCIS_GATEWAY_GRPC_ADDR;GATEWAY_GRPC_ADDR defaultValue: 127.0.0.1:9142 type: string - description: The bind address of the gateway GRPC address. - introductionVersion: "5.0" + description: The bind address of the GRPC service. + introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" @@ -7265,25 +7618,25 @@ OCIS_HTTP_TLS_KEY: removalVersion: "" deprecationInfo: "" OCIS_INSECURE: - name: OCIS_INSECURE;USERLOG_EVENTS_TLS_INSECURE + name: OCIS_INSECURE;WEBFINGER_INSECURE defaultValue: "false" type: bool - description: Whether to verify the server TLS certificates. + description: Allow insecure connections to the WEBFINGER service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_JWT_SECRET: - name: OCIS_JWT_SECRET;USERLOG_JWT_SECRET + name: OCIS_JWT_SECRET;AUTH_SERVICE_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. - introductionVersion: pre5.0 + introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_KEYCLOAK_BASE_PATH: - name: OCIS_KEYCLOAK_BASE_PATH;GRAPH_KEYCLOAK_BASE_PATH + name: OCIS_KEYCLOAK_BASE_PATH;INVITATIONS_KEYCLOAK_BASE_PATH defaultValue: "" type: string description: The URL to access keycloak. @@ -7292,16 +7645,16 @@ OCIS_KEYCLOAK_BASE_PATH: removalVersion: "" deprecationInfo: "" OCIS_KEYCLOAK_CLIENT_ID: - name: OCIS_KEYCLOAK_CLIENT_ID;GRAPH_KEYCLOAK_CLIENT_ID + name: OCIS_KEYCLOAK_CLIENT_ID;INVITATIONS_KEYCLOAK_CLIENT_ID defaultValue: "" type: string - description: The client id to authenticate with keycloak. + description: The client ID to authenticate with keycloak. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_KEYCLOAK_CLIENT_REALM: - name: OCIS_KEYCLOAK_CLIENT_REALM;GRAPH_KEYCLOAK_CLIENT_REALM + name: OCIS_KEYCLOAK_CLIENT_REALM;INVITATIONS_KEYCLOAK_CLIENT_REALM defaultValue: "" type: string description: The realm the client is defined in. @@ -7310,7 +7663,7 @@ OCIS_KEYCLOAK_CLIENT_REALM: removalVersion: "" deprecationInfo: "" OCIS_KEYCLOAK_CLIENT_SECRET: - name: OCIS_KEYCLOAK_CLIENT_SECRET;GRAPH_KEYCLOAK_CLIENT_SECRET + name: OCIS_KEYCLOAK_CLIENT_SECRET;INVITATIONS_KEYCLOAK_CLIENT_SECRET defaultValue: "" type: string description: The client secret to use in authentication. @@ -7319,7 +7672,7 @@ OCIS_KEYCLOAK_CLIENT_SECRET: removalVersion: "" deprecationInfo: "" OCIS_KEYCLOAK_INSECURE_SKIP_VERIFY: - name: OCIS_KEYCLOAK_INSECURE_SKIP_VERIFY;GRAPH_KEYCLOAK_INSECURE_SKIP_VERIFY + name: OCIS_KEYCLOAK_INSECURE_SKIP_VERIFY;INVITATIONS_KEYCLOAK_INSECURE_SKIP_VERIFY defaultValue: "false" type: bool description: Disable TLS certificate validation for Keycloak connections. Do not @@ -7329,7 +7682,7 @@ OCIS_KEYCLOAK_INSECURE_SKIP_VERIFY: removalVersion: "" deprecationInfo: "" OCIS_KEYCLOAK_USER_REALM: - name: OCIS_KEYCLOAK_USER_REALM;GRAPH_KEYCLOAK_USER_REALM + name: OCIS_KEYCLOAK_USER_REALM;INVITATIONS_KEYCLOAK_USER_REALM defaultValue: "" type: string description: The realm users are defined. @@ -7338,7 +7691,7 @@ OCIS_KEYCLOAK_USER_REALM: removalVersion: "" deprecationInfo: "" OCIS_LDAP_BIND_DN: - name: OCIS_LDAP_BIND_DN;AUTH_BASIC_LDAP_BIND_DN + name: OCIS_LDAP_BIND_DN;GROUPS_LDAP_BIND_DN defaultValue: uid=reva,ou=sysusers,o=libregraph-idm type: string description: LDAP DN to use for simple bind authentication with the target LDAP @@ -7348,7 +7701,7 @@ OCIS_LDAP_BIND_DN: removalVersion: "" deprecationInfo: "" OCIS_LDAP_BIND_PASSWORD: - name: OCIS_LDAP_BIND_PASSWORD;AUTH_BASIC_LDAP_BIND_PASSWORD + name: OCIS_LDAP_BIND_PASSWORD;GROUPS_LDAP_BIND_PASSWORD defaultValue: "" type: string description: Password to use for authenticating the 'bind_dn'. @@ -7357,7 +7710,7 @@ OCIS_LDAP_BIND_PASSWORD: removalVersion: "" deprecationInfo: "" OCIS_LDAP_CACERT: - name: OCIS_LDAP_CACERT;AUTH_BASIC_LDAP_CACERT + name: OCIS_LDAP_CACERT;GROUPS_LDAP_CACERT defaultValue: /var/lib/ocis/idm/ldap.crt type: string description: Path/File name for the root CA certificate (in PEM format) used to @@ -7368,20 +7721,20 @@ OCIS_LDAP_CACERT: removalVersion: "" deprecationInfo: "" OCIS_LDAP_DISABLE_USER_MECHANISM: - name: OCIS_LDAP_DISABLE_USER_MECHANISM;AUTH_BASIC_DISABLE_USER_MECHANISM + name: OCIS_LDAP_DISABLE_USER_MECHANISM;GRAPH_DISABLE_USER_MECHANISM defaultValue: attribute type: string - description: An option to control the behavior for disabling users. Valid options + description: An option to control the behavior for disabling users. Supported options are 'none', 'attribute' and 'group'. If set to 'group', disabling a user via API will add the user to the configured group for disabled users, if set to 'attribute' this will be done in the ldap user entry, if set to 'none' the disable request - is not processed. + is not processed. Default is 'attribute'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_DISABLED_USERS_GROUP_DN: - name: OCIS_LDAP_DISABLED_USERS_GROUP_DN;AUTH_BASIC_DISABLED_USERS_GROUP_DN + name: OCIS_LDAP_DISABLED_USERS_GROUP_DN;GRAPH_DISABLED_USERS_GROUP_DN defaultValue: cn=DisabledUsersGroup,ou=groups,o=libregraph-idm type: string description: The distinguished name of the group to which added users will be classified @@ -7391,7 +7744,7 @@ OCIS_LDAP_DISABLED_USERS_GROUP_DN: removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_BASE_DN: - name: OCIS_LDAP_GROUP_BASE_DN;AUTH_BASIC_LDAP_GROUP_BASE_DN + name: OCIS_LDAP_GROUP_BASE_DN;GROUPS_LDAP_GROUP_BASE_DN defaultValue: ou=groups,o=libregraph-idm type: string description: Search base DN for looking up LDAP groups. @@ -7400,7 +7753,7 @@ OCIS_LDAP_GROUP_BASE_DN: removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_FILTER: - name: OCIS_LDAP_GROUP_FILTER;AUTH_BASIC_LDAP_GROUP_FILTER + name: OCIS_LDAP_GROUP_FILTER;GROUPS_LDAP_GROUP_FILTER defaultValue: "" type: string description: LDAP filter to add to the default filters for group searches. @@ -7409,7 +7762,7 @@ OCIS_LDAP_GROUP_FILTER: removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_OBJECTCLASS: - name: OCIS_LDAP_GROUP_OBJECTCLASS;AUTH_BASIC_LDAP_GROUP_OBJECTCLASS + name: OCIS_LDAP_GROUP_OBJECTCLASS;GROUPS_LDAP_GROUP_OBJECTCLASS defaultValue: groupOfNames type: string description: The object class to use for groups in the default group search filter @@ -7419,7 +7772,7 @@ OCIS_LDAP_GROUP_OBJECTCLASS: removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME: - name: OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME;AUTH_BASIC_LDAP_GROUP_SCHEMA_DISPLAYNAME + name: OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME;GROUPS_LDAP_GROUP_SCHEMA_DISPLAYNAME defaultValue: cn type: string description: LDAP Attribute to use for the displayname of groups (often the same @@ -7429,7 +7782,7 @@ OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME: removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_SCHEMA_GROUPNAME: - name: OCIS_LDAP_GROUP_SCHEMA_GROUPNAME;AUTH_BASIC_LDAP_GROUP_SCHEMA_GROUPNAME + name: OCIS_LDAP_GROUP_SCHEMA_GROUPNAME;GROUPS_LDAP_GROUP_SCHEMA_GROUPNAME defaultValue: cn type: string description: LDAP Attribute to use for the name of groups. @@ -7438,28 +7791,28 @@ OCIS_LDAP_GROUP_SCHEMA_GROUPNAME: removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_SCHEMA_ID: - name: OCIS_LDAP_GROUP_SCHEMA_ID;AUTH_BASIC_LDAP_GROUP_SCHEMA_ID + name: OCIS_LDAP_GROUP_SCHEMA_ID;GROUPS_LDAP_GROUP_SCHEMA_ID defaultValue: ownclouduuid type: string description: LDAP Attribute to use as the unique id for groups. This should be a - stable globally unique id (e.g. a UUID). + stable globally unique ID like a UUID. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING: - name: OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;AUTH_BASIC_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING + name: OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;GROUPS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING defaultValue: "false" type: bool description: Set this to true if the defined 'id' attribute for groups is of the 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute - of Active Directory for the group IDs. + of Active Directory for the group ID's. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_SCHEMA_MAIL: - name: OCIS_LDAP_GROUP_SCHEMA_MAIL;AUTH_BASIC_LDAP_GROUP_SCHEMA_MAIL + name: OCIS_LDAP_GROUP_SCHEMA_MAIL;GROUPS_LDAP_GROUP_SCHEMA_MAIL defaultValue: mail type: string description: LDAP Attribute to use for the email address of groups (can be empty). @@ -7468,7 +7821,7 @@ OCIS_LDAP_GROUP_SCHEMA_MAIL: removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_SCHEMA_MEMBER: - name: OCIS_LDAP_GROUP_SCHEMA_MEMBER;AUTH_BASIC_LDAP_GROUP_SCHEMA_MEMBER + name: OCIS_LDAP_GROUP_SCHEMA_MEMBER;GROUPS_LDAP_GROUP_SCHEMA_MEMBER defaultValue: member type: string description: LDAP Attribute that is used for group members. @@ -7477,17 +7830,17 @@ OCIS_LDAP_GROUP_SCHEMA_MEMBER: removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_SCOPE: - name: OCIS_LDAP_GROUP_SCOPE;AUTH_BASIC_LDAP_GROUP_SCOPE + name: OCIS_LDAP_GROUP_SCOPE;GROUPS_LDAP_GROUP_SCOPE defaultValue: sub type: string - description: LDAP search scope to use when looking up groups. Supported values are + description: LDAP search scope to use when looking up groups. Supported scopes are 'base', 'one' and 'sub'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_INSECURE: - name: OCIS_LDAP_INSECURE;AUTH_BASIC_LDAP_INSECURE + name: OCIS_LDAP_INSECURE;GROUPS_LDAP_INSECURE defaultValue: "false" type: bool description: Disable TLS certificate validation for the LDAP connections. Do not @@ -7497,7 +7850,7 @@ OCIS_LDAP_INSECURE: removalVersion: "" deprecationInfo: "" OCIS_LDAP_SERVER_WRITE_ENABLED: - name: OCIS_LDAP_SERVER_WRITE_ENABLED;FRONTEND_LDAP_SERVER_WRITE_ENABLED + name: OCIS_LDAP_SERVER_WRITE_ENABLED;GRAPH_LDAP_SERVER_WRITE_ENABLED defaultValue: "true" type: bool description: Allow creating, modifying and deleting LDAP users via the GRAPH API. @@ -7509,7 +7862,7 @@ OCIS_LDAP_SERVER_WRITE_ENABLED: removalVersion: "" deprecationInfo: "" OCIS_LDAP_URI: - name: OCIS_LDAP_URI;AUTH_BASIC_LDAP_URI + name: OCIS_LDAP_URI;GROUPS_LDAP_URI defaultValue: ldaps://localhost:9235 type: string description: URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' @@ -7519,7 +7872,7 @@ OCIS_LDAP_URI: removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_BASE_DN: - name: OCIS_LDAP_USER_BASE_DN;AUTH_BASIC_LDAP_USER_BASE_DN + name: OCIS_LDAP_USER_BASE_DN;GROUPS_LDAP_USER_BASE_DN defaultValue: ou=users,o=libregraph-idm type: string description: Search base DN for looking up LDAP users. @@ -7528,16 +7881,16 @@ OCIS_LDAP_USER_BASE_DN: removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_ENABLED_ATTRIBUTE: - name: OCIS_LDAP_USER_ENABLED_ATTRIBUTE;AUTH_BASIC_LDAP_USER_ENABLED_ATTRIBUTE + name: OCIS_LDAP_USER_ENABLED_ATTRIBUTE;GRAPH_USER_ENABLED_ATTRIBUTE defaultValue: ownCloudUserEnabled type: string - description: LDAP attribute to use as a flag telling if the user is enabled or disabled. + description: LDAP Attribute to use as a flag telling if the user is enabled or disabled. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_FILTER: - name: OCIS_LDAP_USER_FILTER;AUTH_BASIC_LDAP_USER_FILTER + name: OCIS_LDAP_USER_FILTER;GROUPS_LDAP_USER_FILTER defaultValue: "" type: string description: LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'. @@ -7546,7 +7899,7 @@ OCIS_LDAP_USER_FILTER: removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_OBJECTCLASS: - name: OCIS_LDAP_USER_OBJECTCLASS;AUTH_BASIC_LDAP_USER_OBJECTCLASS + name: OCIS_LDAP_USER_OBJECTCLASS;GROUPS_LDAP_USER_OBJECTCLASS defaultValue: inetOrgPerson type: string description: The object class to use for users in the default user search filter @@ -7556,7 +7909,7 @@ OCIS_LDAP_USER_OBJECTCLASS: removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_SCHEMA_DISPLAYNAME: - name: OCIS_LDAP_USER_SCHEMA_DISPLAYNAME;AUTH_BASIC_LDAP_USER_SCHEMA_DISPLAYNAME + name: OCIS_LDAP_USER_SCHEMA_DISPLAYNAME;GROUPS_LDAP_USER_SCHEMA_DISPLAYNAME defaultValue: displayname type: string description: LDAP Attribute to use for the displayname of users. @@ -7565,28 +7918,28 @@ OCIS_LDAP_USER_SCHEMA_DISPLAYNAME: removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_SCHEMA_ID: - name: OCIS_LDAP_USER_SCHEMA_ID;AUTH_BASIC_LDAP_USER_SCHEMA_ID + name: OCIS_LDAP_USER_SCHEMA_ID;GROUPS_LDAP_USER_SCHEMA_ID defaultValue: ownclouduuid type: string - description: LDAP Attribute to use as the unique ID for users. This should be a - stable globally unique ID like a UUID. + description: LDAP Attribute to use as the unique id for users. This should be a + stable globally unique id like a UUID. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING: - name: OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;AUTH_BASIC_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING + name: OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;GROUPS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING defaultValue: "false" type: bool description: Set this to true if the defined 'ID' attribute for users is of the 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute - of Active Directory for the user IDs. + of Active Directory for the user ID's. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_SCHEMA_MAIL: - name: OCIS_LDAP_USER_SCHEMA_MAIL;AUTH_BASIC_LDAP_USER_SCHEMA_MAIL + name: OCIS_LDAP_USER_SCHEMA_MAIL;GROUPS_LDAP_USER_SCHEMA_MAIL defaultValue: mail type: string description: LDAP Attribute to use for the email address of users. @@ -7595,7 +7948,7 @@ OCIS_LDAP_USER_SCHEMA_MAIL: removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_SCHEMA_USER_TYPE: - name: OCIS_LDAP_USER_SCHEMA_USER_TYPE;USERS_LDAP_USER_TYPE_ATTRIBUTE + name: OCIS_LDAP_USER_SCHEMA_USER_TYPE;GRAPH_LDAP_USER_TYPE_ATTRIBUTE defaultValue: ownCloudUserType type: string description: LDAP Attribute to distinguish between 'Member' and 'Guest' users. Default @@ -7605,7 +7958,7 @@ OCIS_LDAP_USER_SCHEMA_USER_TYPE: removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_SCHEMA_USERNAME: - name: OCIS_LDAP_USER_SCHEMA_USERNAME;AUTH_BASIC_LDAP_USER_SCHEMA_USERNAME + name: OCIS_LDAP_USER_SCHEMA_USERNAME;GROUPS_LDAP_USER_SCHEMA_USERNAME defaultValue: uid type: string description: LDAP Attribute to use for username of users. @@ -7614,54 +7967,54 @@ OCIS_LDAP_USER_SCHEMA_USERNAME: removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_SCOPE: - name: OCIS_LDAP_USER_SCOPE;AUTH_BASIC_LDAP_USER_SCOPE + name: OCIS_LDAP_USER_SCOPE;GROUPS_LDAP_USER_SCOPE defaultValue: sub type: string - description: LDAP search scope to use when looking up users. Supported values are + description: LDAP search scope to use when looking up users. Supported scopes are 'base', 'one' and 'sub'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LOG_COLOR: - name: OCIS_LOG_COLOR;WEBDAV_LOG_COLOR + name: OCIS_LOG_COLOR;AUTH_SERVICE_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. - introductionVersion: pre5.0 + introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LOG_FILE: - name: OCIS_LOG_FILE;WEBDAV_LOG_FILE + name: OCIS_LOG_FILE;AUTH_SERVICE_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. - introductionVersion: pre5.0 + introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LOG_LEVEL: - name: OCIS_LOG_LEVEL;WEBDAV_LOG_LEVEL + name: OCIS_LOG_LEVEL;AUTH_SERVICE_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' - introductionVersion: pre5.0 + introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LOG_PRETTY: - name: OCIS_LOG_PRETTY;WEBDAV_LOG_PRETTY + name: OCIS_LOG_PRETTY;AUTH_SERVICE_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. - introductionVersion: pre5.0 + introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_MACHINE_AUTH_API_KEY: - name: OCIS_MACHINE_AUTH_API_KEY;OCDAV_MACHINE_AUTH_API_KEY + name: OCIS_MACHINE_AUTH_API_KEY;AUTH_MACHINE_API_KEY defaultValue: "" type: string description: Machine auth API key used to validate internal requests necessary for @@ -7682,16 +8035,16 @@ OCIS_OIDC_CLIENT_ID: removalVersion: "" deprecationInfo: "" OCIS_OIDC_ISSUER: - name: OCIS_URL;OCIS_OIDC_ISSUER;AUTH_BEARER_OIDC_ISSUER + name: OCIS_URL;OCIS_OIDC_ISSUER;WEBFINGER_OIDC_ISSUER defaultValue: https://localhost:9200 type: string - description: URL of the OIDC issuer. It defaults to URL of the builtin IDP. + description: The identity provider href for the openid-discovery relation. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST: - name: OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST;FRONTEND_PASSWORD_POLICY_BANNED_PASSWORDS_LIST + name: OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST;SHARING_PASSWORD_POLICY_BANNED_PASSWORDS_LIST defaultValue: "" type: string description: Path to the 'banned passwords list' file. See the documentation for @@ -7701,7 +8054,7 @@ OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST: removalVersion: "" deprecationInfo: "" OCIS_PASSWORD_POLICY_DISABLED: - name: OCIS_PASSWORD_POLICY_DISABLED;FRONTEND_PASSWORD_POLICY_DISABLED + name: OCIS_PASSWORD_POLICY_DISABLED;SHARING_PASSWORD_POLICY_DISABLED defaultValue: "false" type: bool description: Disable the password policy. Defaults to false if not set. @@ -7710,7 +8063,7 @@ OCIS_PASSWORD_POLICY_DISABLED: removalVersion: "" deprecationInfo: "" OCIS_PASSWORD_POLICY_MIN_CHARACTERS: - name: OCIS_PASSWORD_POLICY_MIN_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_CHARACTERS + name: OCIS_PASSWORD_POLICY_MIN_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_CHARACTERS defaultValue: "8" type: int description: Define the minimum password length. Defaults to 8 if not set. @@ -7719,7 +8072,7 @@ OCIS_PASSWORD_POLICY_MIN_CHARACTERS: removalVersion: "" deprecationInfo: "" OCIS_PASSWORD_POLICY_MIN_DIGITS: - name: OCIS_PASSWORD_POLICY_MIN_DIGITS;FRONTEND_PASSWORD_POLICY_MIN_DIGITS + name: OCIS_PASSWORD_POLICY_MIN_DIGITS;SHARING_PASSWORD_POLICY_MIN_DIGITS defaultValue: "1" type: int description: Define the minimum number of digits. Defaults to 1 if not set. @@ -7728,7 +8081,7 @@ OCIS_PASSWORD_POLICY_MIN_DIGITS: removalVersion: "" deprecationInfo: "" OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS: - name: OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS + name: OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS defaultValue: "1" type: int description: Define the minimum number of uppercase letters. Defaults to 1 if not @@ -7738,7 +8091,7 @@ OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS: removalVersion: "" deprecationInfo: "" OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS: - name: OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS + name: OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS defaultValue: "1" type: int description: Define the minimum number of characters from the special characters @@ -7748,7 +8101,7 @@ OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS: removalVersion: "" deprecationInfo: "" OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS: - name: OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS + name: OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS defaultValue: "1" type: int description: Define the minimum number of lowercase letters. Defaults to 1 if not @@ -7834,7 +8187,7 @@ OCIS_REVA_GATEWAY: name: OCIS_REVA_GATEWAY defaultValue: com.owncloud.api.gateway type: string - description: CS3 gateway used to look up user metadata + description: The CS3 gateway endpoint. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -7862,7 +8215,7 @@ OCIS_REVA_GATEWAY_TLS_MODE: removalVersion: "" deprecationInfo: "" OCIS_SERVICE_ACCOUNT_ID: - name: OCIS_SERVICE_ACCOUNT_ID;USERLOG_SERVICE_ACCOUNT_ID + name: OCIS_SERVICE_ACCOUNT_ID;AUTH_SERVICE_SERVICE_ACCOUNT_ID defaultValue: "" type: string description: The ID of the service account the service should use. See the 'auth-service' @@ -7872,7 +8225,7 @@ OCIS_SERVICE_ACCOUNT_ID: removalVersion: "" deprecationInfo: "" OCIS_SERVICE_ACCOUNT_SECRET: - name: OCIS_SERVICE_ACCOUNT_SECRET;USERLOG_SERVICE_ACCOUNT_SECRET + name: OCIS_SERVICE_ACCOUNT_SECRET;AUTH_SERVICE_SERVICE_ACCOUNT_SECRET defaultValue: "" type: string description: The service account secret. @@ -7881,7 +8234,7 @@ OCIS_SERVICE_ACCOUNT_SECRET: removalVersion: "" deprecationInfo: "" OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD: - name: OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD + name: OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD;SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD defaultValue: "true" type: bool description: Set this to true if you want to enforce passwords on all public shares. @@ -7890,11 +8243,13 @@ OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD: removalVersion: "" deprecationInfo: "" OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD: - name: OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD + name: OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD;SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD defaultValue: "false" type: bool description: Set this to true if you want to enforce passwords on Uploader, Editor - or Contributor shares. + or Contributor shares. If not using the global OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD, + you must define the FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD in + the frontend service. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" @@ -7904,7 +8259,7 @@ OCIS_SHOW_USER_EMAIL_IN_RESULTS: defaultValue: "false" type: bool description: Mask user email addresses in responses. - introductionVersion: "5.1" + introductionVersion: '%%NEXT%%' deprecationVersion: "" removalVersion: "" deprecationInfo: "" @@ -7919,7 +8274,7 @@ OCIS_SPACES_MAX_QUOTA: removalVersion: "" deprecationInfo: "" OCIS_SYSTEM_USER_API_KEY: - name: OCIS_SYSTEM_USER_API_KEY + name: OCIS_SYSTEM_USER_API_KEY;SHARING_PUBLIC_CS3_SYSTEM_USER_API_KEY defaultValue: "" type: string description: API key for the STORAGE-SYSTEM system user. @@ -7928,10 +8283,10 @@ OCIS_SYSTEM_USER_API_KEY: removalVersion: "" deprecationInfo: "" OCIS_SYSTEM_USER_ID: - name: OCIS_SYSTEM_USER_ID + name: OCIS_SYSTEM_USER_ID;SHARING_PUBLIC_CS3_SYSTEM_USER_ID defaultValue: "" type: string - description: ID of the oCIS storage-system system user. Admins need to set the ID + description: ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID for the STORAGE-SYSTEM system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format. @@ -7949,40 +8304,40 @@ OCIS_SYSTEM_USER_IDP: removalVersion: "" deprecationInfo: "" OCIS_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;WEBDAV_TRACING_COLLECTOR + name: OCIS_TRACING_COLLECTOR;AUTH_SERVICE_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. - introductionVersion: pre5.0 + introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;WEBDAV_TRACING_ENABLED + name: OCIS_TRACING_ENABLED;AUTH_SERVICE_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. - introductionVersion: pre5.0 + introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;WEBDAV_TRACING_ENDPOINT + name: OCIS_TRACING_ENDPOINT;AUTH_SERVICE_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. - introductionVersion: pre5.0 + introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_TRACING_TYPE: - name: OCIS_TRACING_TYPE;WEBDAV_TRACING_TYPE + name: OCIS_TRACING_TYPE;AUTH_SERVICE_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. - introductionVersion: pre5.0 + introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" @@ -7990,13 +8345,13 @@ OCIS_TRANSFER_SECRET: name: OCIS_TRANSFER_SECRET defaultValue: "" type: string - description: Transfer secret for signing file up- and download requests. + description: The storage transfer secret. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_TRANSLATION_PATH: - name: OCIS_TRANSLATION_PATH;USERLOG_TRANSLATION_PATH + name: OCIS_TRANSLATION_PATH;NOTIFICATIONS_TRANSLATION_PATH defaultValue: "" type: string description: (optional) Set this to a path with custom translations to overwrite @@ -8007,10 +8362,13 @@ OCIS_TRANSLATION_PATH: removalVersion: "" deprecationInfo: "" OCIS_URL: - name: OCIS_URL;OCIS_PUBLIC_URL - defaultValue: https://127.0.0.1:9200 + name: OCIS_URL;WEBFINGER_OWNCLOUD_SERVER_INSTANCE_URL + defaultValue: https://localhost:9200 type: string - description: URL, where oCIS is reachable for users. + description: The URL for the legacy ownCloud server instance relation (not to be + confused with the product ownCloud Server). It defaults to the OCIS_URL but can + be overridden to support some reverse proxy corner cases. To shard the deployment, + multiple instances can be configured in the configuration file. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -9066,7 +9424,7 @@ POSTPROCESSING_STEPS: deprecationInfo: "" POSTPROCESSING_STORE: name: OCIS_PERSISTENT_STORE;POSTPROCESSING_STORE - defaultValue: memory + defaultValue: nats-js-kv type: string description: 'The type of the store. Supported values are: ''memory'', ''ocmem'', ''etcd'', ''redis'', ''redis-sentinel'', ''nats-js'', ''noop''. See the text description @@ -9106,7 +9464,7 @@ POSTPROCESSING_STORE_DATABASE: deprecationInfo: "" POSTPROCESSING_STORE_NODES: name: OCIS_PERSISTENT_STORE_NODES;POSTPROCESSING_STORE_NODES - defaultValue: '[]' + defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. This has no effect when 'memory' or 'ocmem' stores are configured. Note that the behaviour how nodes @@ -9129,7 +9487,7 @@ POSTPROCESSING_STORE_SIZE: deprecationInfo: "" POSTPROCESSING_STORE_TABLE: name: POSTPROCESSING_STORE_TABLE - defaultValue: postprocessing + defaultValue: "" type: string description: The database table the store should use. introductionVersion: pre5.0 @@ -9205,6 +9563,42 @@ PROXY_AUTOPROVISION_ACCOUNTS: deprecationVersion: "" removalVersion: "" deprecationInfo: "" +PROXY_AUTOPROVISION_CLAIM_DISPLAYNAME: + name: PROXY_AUTOPROVISION_CLAIM_DISPLAYNAME + defaultValue: name + type: string + description: The name of the OIDC claim that holds the display name. + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_AUTOPROVISION_CLAIM_EMAIL: + name: PROXY_AUTOPROVISION_CLAIM_EMAIL + defaultValue: email + type: string + description: The name of the OIDC claim that holds the email. + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_AUTOPROVISION_CLAIM_USERNAME: + name: PROXY_AUTOPROVISION_CLAIM_USERNAME + defaultValue: preferred_username + type: string + description: The name of the OIDC claim that holds the username. + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +PROXY_CSP_CONFIG_FILE_LOCATION: + name: PROXY_CSP_CONFIG_FILE_LOCATION + defaultValue: "" + type: string + description: The location of the CSP configuration file. + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" PROXY_DEBUG_ADDR: name: PROXY_DEBUG_ADDR defaultValue: 127.0.0.1:9205 @@ -12446,6 +12840,15 @@ STORAGE_USERS_OCIS_GENERAL_SPACE_ALIAS_TEMPLATE: deprecationVersion: "" removalVersion: "" deprecationInfo: "" +STORAGE_USERS_OCIS_GENERAL_SPACE_PATH_TEMPLATE: + name: STORAGE_USERS_OCIS_GENERAL_SPACE_PATH_TEMPLATE + defaultValue: "" + type: string + description: Template string to construct the paths of the projects space roots. + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" STORAGE_USERS_OCIS_LOCK_CYCLE_DURATION_FACTOR: name: STORAGE_USERS_OCIS_LOCK_CYCLE_DURATION_FACTOR defaultValue: "30" @@ -12520,6 +12923,15 @@ STORAGE_USERS_OCIS_PERSONAL_SPACE_ALIAS_TEMPLATE: deprecationVersion: "" removalVersion: "" deprecationInfo: "" +STORAGE_USERS_OCIS_PERSONAL_SPACE_PATH_TEMPLATE: + name: STORAGE_USERS_OCIS_PERSONAL_SPACE_PATH_TEMPLATE + defaultValue: "" + type: string + description: Template string to construct the paths of the personal space roots. + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" STORAGE_USERS_OCIS_PROPAGATOR: name: OCIS_DECOMPOSEDFS_PROPAGATOR;STORAGE_USERS_OCIS_PROPAGATOR defaultValue: sync @@ -12652,12 +13064,91 @@ STORAGE_USERS_OWNCLOUDSQL_USERS_PROVIDER_ENDPOINT: removalVersion: "" deprecationInfo: "" STORAGE_USERS_PERMISSION_ENDPOINT: - name: STORAGE_USERS_PERMISSION_ENDPOINT;STORAGE_USERS_S3NG_PERMISSIONS_ENDPOINT + name: STORAGE_USERS_PERMISSION_ENDPOINT;STORAGE_USERS_POSIX_PERMISSIONS_ENDPOINT defaultValue: com.owncloud.api.settings type: string - description: Endpoint of the permissions service. The endpoints can differ for 'ocis' - and 's3ng'. - introductionVersion: pre5.0 + description: Endpoint of the permissions service. The endpoints can differ for 'ocis', + 'posix' and 's3ng'. + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_POSIX_GENERAL_SPACE_PATH_TEMPLATE: + name: STORAGE_USERS_POSIX_GENERAL_SPACE_PATH_TEMPLATE + defaultValue: projects/{{.SpaceId}} + type: string + description: Template string to construct the paths of the projects space roots. + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_POSIX_PERMISSIONS_ENDPOINT: + name: STORAGE_USERS_PERMISSION_ENDPOINT;STORAGE_USERS_POSIX_PERMISSIONS_ENDPOINT + defaultValue: com.owncloud.api.settings + type: string + description: Endpoint of the permissions service. The endpoints can differ for 'ocis', + 'posix' and 's3ng'. + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_POSIX_PERSONAL_SPACE_PATH_TEMPLATE: + name: STORAGE_USERS_POSIX_PERSONAL_SPACE_PATH_TEMPLATE + defaultValue: users/{{.User.Username}} + type: string + description: Template string to construct the paths of the personal space roots. + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_POSIX_ROOT: + name: STORAGE_USERS_POSIX_ROOT + defaultValue: "" + type: string + description: The directory where the filesystem storage will store its data. If + not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage/owncloud. + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_POSIX_USE_SPACE_GROUPS: + name: STORAGE_USERS_POSIX_USE_SPACE_GROUPS + defaultValue: "false" + type: bool + description: Use space groups to manage permissions on spaces. + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_POSIX_WATCH_FOLDER_KAFKA_BROKERS: + name: STORAGE_USERS_POSIX_WATCH_FOLDER_KAFKA_BROKERS + defaultValue: "" + type: string + description: Comma-separated list of kafka brokers to read the watchfolder events + from. + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_POSIX_WATCH_PATH: + name: STORAGE_USERS_POSIX_WATCH_PATH + defaultValue: "" + type: string + description: Path to the watch directory/file. Only applies to the 'gpfsfileauditlogging' + and 'inotifywait' watcher, in which case it is the path of the file audit log + file/base directory to watch. + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +STORAGE_USERS_POSIX_WATCH_TYPE: + name: STORAGE_USERS_POSIX_WATCH_TYPE + defaultValue: "" + type: string + description: Type of the watcher to use for getting notified about changes to the + filesystem. Currently available options are 'inotifywait' (default), 'gpfswatchfolder' + and 'gpfsfileauditlogging'. + introductionVersion: '%%NEXT%%' deprecationVersion: "" removalVersion: "" deprecationInfo: "" @@ -12740,6 +13231,15 @@ STORAGE_USERS_S3NG_GENERAL_SPACE_ALIAS_TEMPLATE: deprecationVersion: "" removalVersion: "" deprecationInfo: "" +STORAGE_USERS_S3NG_GENERAL_SPACE_PATH_TEMPLATE: + name: STORAGE_USERS_S3NG_GENERAL_SPACE_PATH_TEMPLATE + defaultValue: "" + type: string + description: Template string to construct the paths of the projects space roots. + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" STORAGE_USERS_S3NG_LOCK_CYCLE_DURATION_FACTOR: name: STORAGE_USERS_S3NG_LOCK_CYCLE_DURATION_FACTOR defaultValue: "30" @@ -12805,6 +13305,15 @@ STORAGE_USERS_S3NG_PERSONAL_SPACE_ALIAS_TEMPLATE: deprecationVersion: "" removalVersion: "" deprecationInfo: "" +STORAGE_USERS_S3NG_PERSONAL_SPACE_PATH_TEMPLATE: + name: STORAGE_USERS_S3NG_PERSONAL_SPACE_PATH_TEMPLATE + defaultValue: "" + type: string + description: Template string to construct the paths of the personal space roots. + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" STORAGE_USERS_S3NG_PROPAGATOR: name: OCIS_DECOMPOSEDFS_PROPAGATOR;STORAGE_USERS_S3NG_PROPAGATOR defaultValue: sync @@ -13264,6 +13773,45 @@ THUMBNAILS_LOG_PRETTY: deprecationVersion: "" removalVersion: "" deprecationInfo: "" +THUMBNAILS_MAX_CONCURRENT_REQUESTS: + name: THUMBNAILS_MAX_CONCURRENT_REQUESTS + defaultValue: "0" + type: int + description: Number of maximum concurrent thumbnail requests. Default is 0 which + is unlimited. + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +THUMBNAILS_MAX_INPUT_HEIGHT: + name: THUMBNAILS_MAX_INPUT_HEIGHT + defaultValue: "7680" + type: int + description: The maximum height of an input image which is being processed. + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +THUMBNAILS_MAX_INPUT_IMAGE_FILE_SIZE: + name: THUMBNAILS_MAX_INPUT_IMAGE_FILE_SIZE + defaultValue: 50MB + type: string + description: 'The maximum file size of an input image which is being processed. + Usable common abbreviations: [KB, KiB, MB, MiB, GB, GiB, TB, TiB, PB, PiB, EB, + EiB], example: 2GB.' + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +THUMBNAILS_MAX_INPUT_WIDTH: + name: THUMBNAILS_MAX_INPUT_WIDTH + defaultValue: "7680" + type: int + description: The maximum width of an input image which is being processed. + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" THUMBNAILS_RESOLUTIONS: name: THUMBNAILS_RESOLUTIONS defaultValue: '[16x16 32x32 64x64 128x128 1080x1920 1920x1080 2160x3840 3840x2160 @@ -14270,8 +14818,8 @@ WEB_ASSET_APPS_PATH: defaultValue: /var/lib/ocis/web/assets/apps type: string description: Serve ownCloud Web apps assets from a path on the filesystem instead - of the builtin assets. - introductionVersion: "5.1" + of the builtin assets. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/web/assets/apps + introductionVersion: '%%NEXT%%' deprecationVersion: "" removalVersion: "" deprecationInfo: "" @@ -14280,8 +14828,8 @@ WEB_ASSET_CORE_PATH: defaultValue: /var/lib/ocis/web/assets/core type: string description: Serve ownCloud Web assets from a path on the filesystem instead of - the builtin assets. - introductionVersion: "5.1" + the builtin assets. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/web/assets/core + introductionVersion: '%%NEXT%%' deprecationVersion: "" removalVersion: "" deprecationInfo: "" @@ -14295,6 +14843,16 @@ WEB_ASSET_PATH: deprecationVersion: 5.1.0 removalVersion: 6.0.0 deprecationInfo: The WEB_ASSET_PATH is deprecated and will be removed in the future. +WEB_ASSET_THEMES_PATH: + name: OCIS_ASSET_THEMES_PATH;WEB_ASSET_THEMES_PATH + defaultValue: /var/lib/ocis/web/assets/themes + type: string + description: Serve ownCloud themes from a path on the filesystem instead of the + builtin assets. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/web/assets/themes + introductionVersion: '%%NEXT%%' + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" WEB_CACHE_TTL: name: WEB_CACHE_TTL defaultValue: "604800" @@ -14576,7 +15134,7 @@ WEB_OPTION_DISABLE_FEEDBACK_LINK: name: WEB_OPTION_DISABLE_FEEDBACK_LINK defaultValue: "false" type: bool - description: Set this option to 'true' to disable the feedback link in the topbar. + description: Set this option to 'true' to disable the feedback link in the top bar. Keeping it enabled by setting the value to 'false' or with the absence of the option, allows ownCloud to get feedback from your user base through a dedicated survey website. @@ -14816,8 +15374,8 @@ WEB_UI_THEME_PATH: name: WEB_UI_THEME_PATH defaultValue: /themes/owncloud/theme.json type: string - description: Subpath/file to load the theme. Will be appended to the URL of the - theme server. + description: Path to the theme json file. Will be appended to the URL of the theme + server. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" diff --git a/docs/helpers/extended_vars.yaml b/docs/helpers/extended_vars.yaml index 8e67408be01..6ccd862ab87 100644 --- a/docs/helpers/extended_vars.yaml +++ b/docs/helpers/extended_vars.yaml @@ -52,7 +52,7 @@ variables: on supervision of ownCloud Support.' do_ignore: false - rawname: _registryAddressEnv - path: ocis-pkg/natsjsregistry/registry.go:145 + path: ocis-pkg/natsjsregistry/registry.go:165 foundincode: true name: MICRO_REGISTRY_ADDRESS type: string @@ -69,7 +69,7 @@ variables: description: "" do_ignore: true - rawname: _registryPasswordEnv - path: ocis-pkg/natsjsregistry/registry.go:163 + path: ocis-pkg/natsjsregistry/registry.go:193 foundincode: true name: MICRO_REGISTRY_AUTH_PASSWORD type: string @@ -77,7 +77,7 @@ variables: description: Optional when using nats to authenticate with the nats cluster. do_ignore: false - rawname: _registryUsernameEnv - path: ocis-pkg/natsjsregistry/registry.go:163 + path: ocis-pkg/natsjsregistry/registry.go:193 foundincode: true name: MICRO_REGISTRY_AUTH_USERNAME type: string