Stirling-PDF/src/main/resources/settings.yml.template

#############################################################################################################
#                                         Welcome to settings file from                                     #
#                      ____ _____ ___ ____  _     ___ _   _  ____       ____  ____  _____                   #
#                     / ___|_   _|_ _|  _ \| |   |_ _| \ | |/ ___|     |  _ \|  _ \|  ___|                  #
#                     \___ \ | |  | || |_) | |    | ||  \| | |  _ _____| |_) | | | | |_                     #
#                      ___) || |  | ||  _ <| |___ | || |\  | |_| |_____|  __/| |_| |  _|                    #
#                     |____/ |_| |___|_| \_\_____|___|_| \_|\____|     |_|   |____/|_|                      #
#                                                                                                           #
# Do not comment out any entry, it will be removed on next startup                                          #
# If you want to override with environment parameter follow parameter naming SECURITY_INITIALLOGIN_USERNAME #
#############################################################################################################


security:
  enableLogin: false # set to 'true' to enable login
  csrfDisabled: true # Set to 'true' to disable CSRF protection (not recommended for production)
  loginAttemptCount: 5 # lock user account after 5 tries; when using e.g. Fail2Ban you can deactivate the function with -1
  loginResetTimeMinutes: 120 # lock account for 2 hours after x attempts
  loginMethod: all # 'all' (Login Username/Password and OAuth2[must be enabled and configured]), 'normal'(only Login with Username/Password) or 'oauth2'(only Login with OAuth2)
  initialLogin:
    username: '' # Initial username for the first login
    password: '' # Initial password for the first login
  oauth2:
    enabled: false # set to 'true' to enable login (Note: enableLogin must also be 'true' for this to work)
    client:
      keycloak:
        issuer: '' # URL of the Keycloak realm's OpenID Connect Discovery endpoint
        clientId: '' # Client ID for Keycloak OAuth2
        clientSecret: '' # Client Secret for Keycloak OAuth2
        scopes: openid, profile, email # Scopes for Keycloak OAuth2
        useAsUsername: preferred_username # Field to use as the username for Keycloak OAuth2
      google:
        clientId: '' # Client ID for Google OAuth2
        clientSecret: '' # Client Secret for Google OAuth2
        scopes: https://www.googleapis.com/auth/userinfo.email, https://www.googleapis.com/auth/userinfo.profile # Scopes for Google OAuth2
        useAsUsername: email # Field to use as the username for Google OAuth2
      github:
        clientId: '' # Client ID for GitHub OAuth2
        clientSecret: '' # Client Secret for GitHub OAuth2
        scopes: read:user # Scope for GitHub OAuth2
        useAsUsername: login # Field to use as the username for GitHub OAuth2
    issuer: '' # set to any provider that supports OpenID Connect Discovery (/.well-known/openid-configuration) end-point
    clientId: '' # Client ID from your provider
    clientSecret: '' # Client Secret from your provider
    autoCreateUser: false # set to 'true' to allow auto-creation of non-existing users
    blockRegistration: false # set to 'true' to deny login with SSO without prior registration by an admin
    useAsUsername: email # Default is 'email'; custom fields can be used as the username
    scopes: openid, profile, email # Specify the scopes for which the application will request permissions
    provider: google # Set this to your OAuth provider's name, e.g., 'google' or 'keycloak'

# Enterprise edition settings unused for now please ignore!
enterpriseEdition:
  enabled: false # set to 'true' to enable enterprise edition
  key: 00000000-0000-0000-0000-000000000000
  CustomMetadata:
    autoUpdateMetadata: true # set to 'true' to automatically update metadata with below values
    author: username # Supports text such as 'John Doe' or types such as username
    creator: Stirling-PDF # Supports text such as 'Company-PDF'
    producer: Stirling-PDF # Supports text such as 'Company-PDF'

legal:
  termsAndConditions: '' # URL to the terms and conditions of your application (e.g. https://example.com/terms) Empty string to disable or filename to load from local file in static folder
  privacyPolicy: '' # URL to the privacy policy of your application (e.g. https://example.com/privacy) Empty string to disable or filename to load from local file in static folder
  accessibilityStatement: '' # URL to the accessibility statement of your application (e.g. https://example.com/accessibility) Empty string to disable or filename to load from local file in static folder
  cookiePolicy: '' # URL to the cookie policy of your application (e.g. https://example.com/cookie) Empty string to disable or filename to load from local file in static folder
  impressum: '' # URL to the impressum of your application (e.g. https://example.com/impressum) Empty string to disable or filename to load from local file in static folder

system:
  defaultLocale: en-US # Set the default language (e.g. 'de-DE', 'fr-FR', etc)
  googlevisibility: false # 'true' to allow Google visibility (via robots.txt), 'false' to disallow
  enableAlphaFunctionality: false # Set to enable functionality which might need more testing before it fully goes live (This feature might make no changes)
  showUpdate: false # see when a new update is available
  showUpdateOnlyAdmin: false # Only admins can see when a new update is available, depending on showUpdate it must be set to 'true'
  customHTMLFiles: false # enable to have files placed in /customFiles/templates override the existing template html files
  tessdataDir: /usr/share/tessdata # Path to the directory containing the Tessdata files. This setting is relevant for Windows systems. For Windows users, this path should be adjusted to point to the appropriate directory where the Tessdata files are stored.
  enableAnalytics: undefined # Set to 'true' to enable analytics, set to 'false' to disable analytics, for enterprise users this is set to true

ui:
  appName: '' # Application's visible name
  homeDescription: '' # Short description or tagline shown on homepage.
  appNameNavbar: '' # Name displayed on the navigation bar

endpoints:
  toRemove: [] # List endpoints to disable (e.g. ['img-to-pdf', 'remove-pages'])
  groupsToRemove: [] # List groups to disable (e.g. ['LibreOffice'])

metrics:
  enabled: true # 'true' to enable Info APIs (`/api/*`) endpoints, 'false' to disable

# Automatically Generated Settings (Do Not Edit Directly)
AutomaticallyGenerated:
  key: example
  UUID: example
Change: method write and read `settings.yml` #1441 (#1463) Co-authored-by: Anthony Stirling <77850077+Frooodle@users.noreply.github.com> 2024-06-15 10:05:31 +02:00			`#############################################################################################################`
			`# Welcome to settings file from #`
			`# ____ _____ ___ ____ _ ___ _ _ ____ ____ ____ _____ #`
			`# / ___\|_ _\|_ _\| _ \\| \| \|_ _\| \ \| \|/ ___\| \| _ \\| _ \\| ___\| #`
			`# \___ \ \| \| \| \|\| \|_) \| \| \| \|\| \\| \| \| _ _____\| \|_) \| \| \| \| \|_ #`
			`# ___) \|\| \| \| \|\| _ <\| \|___ \| \|\| \|\ \| \|_\| \|_____\| __/\| \|_\| \| _\| #`
			`# \|____/ \|_\| \|___\|_\| \_\_____\|___\|_\| \_\|\____\| \|_\| \|____/\|_\| #`
			`# #`
			`# Do not comment out any entry, it will be removed on next startup #`
			`# If you want to override with environment parameter follow parameter naming SECURITY_INITIALLOGIN_USERNAME #`
			`#############################################################################################################`

name changes 2023-08-27 01:38:17 +02:00
config template 2023-08-26 13:27:52 +02:00			`security:`
			`enableLogin: false # set to 'true' to enable login`
adds all available settings to settings.yml 2024-05-19 11:35:46 +02:00			`csrfDisabled: true # Set to 'true' to disable CSRF protection (not recommended for production)`
Add: Make Login Attempt Service deactivatable (#1747) 2024-08-23 15:46:09 +02:00			`loginAttemptCount: 5 # lock user account after 5 tries; when using e.g. Fail2Ban you can deactivate the function with -1`
Amended typo: trailing space Trailing space before colon in the `settings.yml` has been fixed. 2024-05-21 00:50:03 +02:00			`loginResetTimeMinutes: 120 # lock account for 2 hours after x attempts`
Change: method write and read `settings.yml` #1441 (#1463) Co-authored-by: Anthony Stirling <77850077+Frooodle@users.noreply.github.com> 2024-06-15 10:05:31 +02:00			`loginMethod: all # 'all' (Login Username/Password and OAuth2[must be enabled and configured]), 'normal'(only Login with Username/Password) or 'oauth2'(only Login with OAuth2)`
			`initialLogin:`
			`username: '' # Initial username for the first login`
			`password: '' # Initial password for the first login`
			`oauth2:`
			`enabled: false # set to 'true' to enable login (Note: enableLogin must also be 'true' for this to work)`
			`client:`
			`keycloak:`
			`issuer: '' # URL of the Keycloak realm's OpenID Connect Discovery endpoint`
			`clientId: '' # Client ID for Keycloak OAuth2`
			`clientSecret: '' # Client Secret for Keycloak OAuth2`
			`scopes: openid, profile, email # Scopes for Keycloak OAuth2`
			`useAsUsername: preferred_username # Field to use as the username for Keycloak OAuth2`
			`google:`
			`clientId: '' # Client ID for Google OAuth2`
			`clientSecret: '' # Client Secret for Google OAuth2`
			`scopes: https://www.googleapis.com/auth/userinfo.email, https://www.googleapis.com/auth/userinfo.profile # Scopes for Google OAuth2`
			`useAsUsername: email # Field to use as the username for Google OAuth2`
			`github:`
			`clientId: '' # Client ID for GitHub OAuth2`
			`clientSecret: '' # Client Secret for GitHub OAuth2`
			`scopes: read:user # Scope for GitHub OAuth2`
			`useAsUsername: login # Field to use as the username for GitHub OAuth2`
			`issuer: '' # set to any provider that supports OpenID Connect Discovery (/.well-known/openid-configuration) end-point`
			`clientId: '' # Client ID from your provider`
			`clientSecret: '' # Client Secret from your provider`
			`autoCreateUser: false # set to 'true' to allow auto-creation of non-existing users`
Admin panel - Enhanced User Management & Fix: #1630 (#1658) * Prevents SSO login due to faulty verification * add translation & fix show error message * Update settings.yml.template --------- Co-authored-by: Anthony Stirling <77850077+Frooodle@users.noreply.github.com> 2024-08-16 12:57:37 +02:00			`blockRegistration: false # set to 'true' to deny login with SSO without prior registration by an admin`
Change: method write and read `settings.yml` #1441 (#1463) Co-authored-by: Anthony Stirling <77850077+Frooodle@users.noreply.github.com> 2024-06-15 10:05:31 +02:00			`useAsUsername: email # Default is 'email'; custom fields can be used as the username`
			`scopes: openid, profile, email # Specify the scopes for which the application will request permissions`
			`provider: google # Set this to your OAuth provider's name, e.g., 'google' or 'keycloak'`
refactor: normalize files 2024-02-11 17:47:00 +01:00
Lots of changes (#1889) * Add image support to multi-tool page Related to #278 * changes to support image types * final touches * final touches * final touches Signed-off-by: a <a> * final touches Signed-off-by: a <a> * final touches Signed-off-by: a <a> * final touches Signed-off-by: a <a> * final touches Signed-off-by: a <a> * final touches Signed-off-by: a <a> * final touches Signed-off-by: a <a> * Update translation files (#1888) Signed-off-by: GitHub Action <action@github.com> Co-authored-by: GitHub Action <action@github.com> --------- Signed-off-by: a <a> Signed-off-by: GitHub Action <action@github.com> Co-authored-by: a <a> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: GitHub Action <action@github.com> 2024-09-13 17:42:38 +02:00			`# Enterprise edition settings unused for now please ignore!`
Frooodle/license (#1994) 2024-10-14 23:34:41 +02:00			`enterpriseEdition:`
			`enabled: false # set to 'true' to enable enterprise edition`
Lots of changes (#1889) * Add image support to multi-tool page Related to #278 * changes to support image types * final touches * final touches * final touches Signed-off-by: a <a> * final touches Signed-off-by: a <a> * final touches Signed-off-by: a <a> * final touches Signed-off-by: a <a> * final touches Signed-off-by: a <a> * final touches Signed-off-by: a <a> * final touches Signed-off-by: a <a> * Update translation files (#1888) Signed-off-by: GitHub Action <action@github.com> Co-authored-by: GitHub Action <action@github.com> --------- Signed-off-by: a <a> Signed-off-by: GitHub Action <action@github.com> Co-authored-by: a <a> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: GitHub Action <action@github.com> 2024-09-13 17:42:38 +02:00			`key: 00000000-0000-0000-0000-000000000000`
			`CustomMetadata:`
			`autoUpdateMetadata: true # set to 'true' to automatically update metadata with below values`
			`author: username # Supports text such as 'John Doe' or types such as username`
			`creator: Stirling-PDF # Supports text such as 'Company-PDF'`
			`producer: Stirling-PDF # Supports text such as 'Company-PDF'`

			`legal:`
			`termsAndConditions: '' # URL to the terms and conditions of your application (e.g. https://example.com/terms) Empty string to disable or filename to load from local file in static folder`
			`privacyPolicy: '' # URL to the privacy policy of your application (e.g. https://example.com/privacy) Empty string to disable or filename to load from local file in static folder`
			`accessibilityStatement: '' # URL to the accessibility statement of your application (e.g. https://example.com/accessibility) Empty string to disable or filename to load from local file in static folder`
			`cookiePolicy: '' # URL to the cookie policy of your application (e.g. https://example.com/cookie) Empty string to disable or filename to load from local file in static folder`
			`impressum: '' # URL to the impressum of your application (e.g. https://example.com/impressum) Empty string to disable or filename to load from local file in static folder`

config template 2023-08-26 13:27:52 +02:00			`system:`
Change: method write and read `settings.yml` #1441 (#1463) Co-authored-by: Anthony Stirling <77850077+Frooodle@users.noreply.github.com> 2024-06-15 10:05:31 +02:00			`defaultLocale: en-US # Set the default language (e.g. 'de-DE', 'fr-FR', etc)`
Update settings docs 2023-09-02 12:30:27 +02:00			`googlevisibility: false # 'true' to allow Google visibility (via robots.txt), 'false' to disallow`
enableAlphaFunctionality 2023-12-26 21:10:37 +01:00			`enableAlphaFunctionality: false # Set to enable functionality which might need more testing before it fully goes live (This feature might make no changes)`
changes 2024-05-26 16:31:34 +02:00			`showUpdate: false # see when a new update is available`
UI: settings show/hide update display (#1072) * UI: settings show/hide update display This PR replaces the PR #1003 In this PR, the visual for available update is added to the foreground. There are new settings to generally show/hide the update display, and only administrators receive the update display. * change to `Bean` * Update AppUpdateShowService.java * add update message * revision service * change shouldShow * Update githubVersion.js * rm folder * Update AppUpdateService.java 2024-04-21 13:15:18 +02:00			`showUpdateOnlyAdmin: false # Only admins can see when a new update is available, depending on showUpdate it must be set to 'true'`
adds all available settings to settings.yml 2024-05-19 11:35:46 +02:00			`customHTMLFiles: false # enable to have files placed in /customFiles/templates override the existing template html files`
tessdata available to local Windows users (#1677) tessdata available to local Windows users 2024-08-15 11:43:56 +02:00			`tessdataDir: /usr/share/tessdata # Path to the directory containing the Tessdata files. This setting is relevant for Windows systems. For Windows users, this path should be adjusted to point to the appropriate directory where the Tessdata files are stored.`
Frooodle/license (#1994) 2024-10-14 23:34:41 +02:00			`enableAnalytics: undefined # Set to 'true' to enable analytics, set to 'false' to disable analytics, for enterprise users this is set to true`
extends the functionality of oauth in Stirling PDF 2. 2024-05-18 23:47:05 +02:00
lets try this again (Config fix) (#1159) * Introducing a custom settings file * formats * chnages * Update README.md * fixes --------- Co-authored-by: a <a> 2024-05-03 23:23:21 +02:00			`ui:`
Change: method write and read `settings.yml` #1441 (#1463) Co-authored-by: Anthony Stirling <77850077+Frooodle@users.noreply.github.com> 2024-06-15 10:05:31 +02:00			`appName: '' # Application's visible name`
			`homeDescription: '' # Short description or tagline shown on homepage.`
			`appNameNavbar: '' # Name displayed on the navigation bar`
config template 2023-08-26 13:27:52 +02:00
			`endpoints:`
			`toRemove: [] # List endpoints to disable (e.g. ['img-to-pdf', 'remove-pages'])`
			`groupsToRemove: [] # List groups to disable (e.g. ['LibreOffice'])`

			`metrics:`
Update settings docs 2023-09-02 12:30:27 +02:00			enabled: true # 'true' to enable Info APIs (`/api/*`) endpoints, 'false' to disable
introduces custom settings file (#1158) * Introducing a custom settings file * formats * chnages * Update README.md 2024-05-03 21:43:48 +02:00
			`# Automatically Generated Settings (Do Not Edit Directly)`
			`AutomaticallyGenerated:`
tessdata available to local Windows users (#1677) tessdata available to local Windows users 2024-08-15 11:43:56 +02:00			`key: example`
Frooodle/license (#1994) 2024-10-14 23:34:41 +02:00			`UUID: example`