############################################################################################################# # Welcome to settings file from # # ____ _____ ___ ____ _ ___ _ _ ____ ____ ____ _____ # # / ___|_ _|_ _| _ \| | |_ _| \ | |/ ___| | _ \| _ \| ___| # # \___ \ | | | || |_) | | | || \| | | _ _____| |_) | | | | |_ # # ___) || | | || _ <| |___ | || |\ | |_| |_____| __/| |_| | _| # # |____/ |_| |___|_| \_\_____|___|_| \_|\____| |_| |____/|_| # # # # Do not comment out any entry, it will be removed on next startup # # If you want to override with environment parameter follow parameter naming SECURITY_INITIALLOGIN_USERNAME # ############################################################################################################# security: enableLogin: false # set to 'true' to enable login csrfDisabled: true # Set to 'true' to disable CSRF protection (not recommended for production) loginAttemptCount: 5 # lock user account after 5 tries loginResetTimeMinutes: 120 # lock account for 2 hours after x attempts loginMethod: all # 'all' (Login Username/Password and OAuth2[must be enabled and configured]), 'normal'(only Login with Username/Password) or 'oauth2'(only Login with OAuth2) initialLogin: username: '' # Initial username for the first login password: '' # Initial password for the first login oauth2: enabled: false # set to 'true' to enable login (Note: enableLogin must also be 'true' for this to work) client: keycloak: issuer: '' # URL of the Keycloak realm's OpenID Connect Discovery endpoint clientId: '' # Client ID for Keycloak OAuth2 clientSecret: '' # Client Secret for Keycloak OAuth2 scopes: openid, profile, email # Scopes for Keycloak OAuth2 useAsUsername: preferred_username # Field to use as the username for Keycloak OAuth2 google: clientId: '' # Client ID for Google OAuth2 clientSecret: '' # Client Secret for Google OAuth2 scopes: https://www.googleapis.com/auth/userinfo.email, https://www.googleapis.com/auth/userinfo.profile # Scopes for Google OAuth2 useAsUsername: email # Field to use as the username for Google OAuth2 github: clientId: '' # Client ID for GitHub OAuth2 clientSecret: '' # Client Secret for GitHub OAuth2 scopes: read:user # Scope for GitHub OAuth2 useAsUsername: login # Field to use as the username for GitHub OAuth2 issuer: '' # set to any provider that supports OpenID Connect Discovery (/.well-known/openid-configuration) end-point clientId: '' # Client ID from your provider clientSecret: '' # Client Secret from your provider autoCreateUser: false # set to 'true' to allow auto-creation of non-existing users useAsUsername: email # Default is 'email'; custom fields can be used as the username scopes: openid, profile, email # Specify the scopes for which the application will request permissions provider: google # Set this to your OAuth provider's name, e.g., 'google' or 'keycloak' system: defaultLocale: en-US # Set the default language (e.g. 'de-DE', 'fr-FR', etc) googlevisibility: false # 'true' to allow Google visibility (via robots.txt), 'false' to disallow enableAlphaFunctionality: false # Set to enable functionality which might need more testing before it fully goes live (This feature might make no changes) showUpdate: false # see when a new update is available showUpdateOnlyAdmin: false # Only admins can see when a new update is available, depending on showUpdate it must be set to 'true' customHTMLFiles: false # enable to have files placed in /customFiles/templates override the existing template html files ui: appName: '' # Application's visible name homeDescription: '' # Short description or tagline shown on homepage. appNameNavbar: '' # Name displayed on the navigation bar endpoints: toRemove: [] # List endpoints to disable (e.g. ['img-to-pdf', 'remove-pages']) groupsToRemove: [] # List groups to disable (e.g. ['LibreOffice']) metrics: enabled: true # 'true' to enable Info APIs (`/api/*`) endpoints, 'false' to disable # Automatically Generated Settings (Do Not Edit Directly) AutomaticallyGenerated: key: example