diff options
author | Lauri Ojansivu <x@xet7.org> | 2018-11-20 12:11:37 +0200 |
---|---|---|
committer | Lauri Ojansivu <x@xet7.org> | 2018-11-20 12:11:37 +0200 |
commit | 8e3f53021775069dba125efd4b7200d0d70a1ed1 (patch) | |
tree | d20495c8f50060f3fc16d96cb8f65a9f5805b031 | |
parent | f9b272c223fb61d35dbf6cb741df80c96a0f0118 (diff) | |
download | wekan-8e3f53021775069dba125efd4b7200d0d70a1ed1.tar.gz wekan-8e3f53021775069dba125efd4b7200d0d70a1ed1.tar.bz2 wekan-8e3f53021775069dba125efd4b7200d0d70a1ed1.zip |
- Add [LDAP_FULLNAME_FIELD](https://github.com/wekan/wekan-ldap/issues/10). Thanks to alkemyst and xet7.
Closes wekan/wekan-ldap#21,
closes wekan/wekan-ldap#10
-rw-r--r-- | Dockerfile | 2 | ||||
-rw-r--r-- | docker-compose-build.yml | 3 | ||||
-rw-r--r-- | docker-compose-postgresql.yml | 19 | ||||
-rw-r--r-- | docker-compose.yml | 3 | ||||
-rwxr-xr-x | releases/virtualbox/start-wekan.sh | 148 | ||||
-rwxr-xr-x | snap-src/bin/config | 6 | ||||
-rwxr-xr-x | snap-src/bin/wekan-help | 4 | ||||
-rwxr-xr-x | start-wekan.sh | 179 |
8 files changed, 334 insertions, 30 deletions
@@ -59,6 +59,7 @@ ARG LDAP_GROUP_FILTER_GROUP_NAME ARG LDAP_UNIQUE_IDENTIFIER_FIELD ARG LDAP_UTF8_NAMES_SLUGIFY ARG LDAP_USERNAME_FIELD +ARG LDAP_FULLNAME_FIELD ARG LDAP_MERGE_EXISTING_USERS ARG LDAP_SYNC_USER_DATA ARG LDAP_SYNC_USER_DATA_FIELDMAP @@ -126,6 +127,7 @@ ENV BUILD_DEPS="apt-utils bsdtar gnupg gosu wget curl bzip2 build-essential pyth LDAP_UNIQUE_IDENTIFIER_FIELD="" \ LDAP_UTF8_NAMES_SLUGIFY=true \ LDAP_USERNAME_FIELD="" \ + LDAP_FULLNAME_FIELD="" \ LDAP_MERGE_EXISTING_USERS=false \ LDAP_SYNC_USER_DATA=false \ LDAP_SYNC_USER_DATA_FIELDMAP="" \ diff --git a/docker-compose-build.yml b/docker-compose-build.yml index a9b573c4..58c5c525 100644 --- a/docker-compose-build.yml +++ b/docker-compose-build.yml @@ -191,6 +191,9 @@ services: # LDAP_USERNAME_FIELD : Which field contains the ldap username # example : LDAP_USERNAME_FIELD=username #- LDAP_USERNAME_FIELD= + # LDAP_FULLNAME_FIELD : Which field contains the ldap fullname + # example : LDAP_FULLNAME_FIELD=fullname + #- LDAP_FULLNAME_FIELD= # LDAP_MERGE_EXISTING_USERS : # example : LDAP_MERGE_EXISTING_USERS=true #- LDAP_MERGE_EXISTING_USERS=false diff --git a/docker-compose-postgresql.yml b/docker-compose-postgresql.yml index 7689cc71..c8844408 100644 --- a/docker-compose-postgresql.yml +++ b/docker-compose-postgresql.yml @@ -41,15 +41,15 @@ services: - /bin/bash - "-c" - mongo --nodb --eval ' - var db; - while (!db) { - try { - db = new Mongo("mongodb:27017").getDB("local"); - } catch(ex) {} - sleep(3000); - }; + var db; + while (!db) { + try { + db = new Mongo("mongodb:27017").getDB("local"); + } catch(ex) {} + sleep(3000); + }; rs.initiate({_id:"rs1",members:[{_id:0,host:"mongodb:27017"}]}); - ' 1>/dev/null 2>&1 & + ' 1>/dev/null 2>&1 & mongod --replSet rs1 wekan: image: quay.io/wekan/wekan @@ -213,6 +213,9 @@ services: # LDAP_USERNAME_FIELD : Which field contains the ldap username # example : LDAP_USERNAME_FIELD=username #- LDAP_USERNAME_FIELD= + # LDAP_FULLNAME_FIELD : Which field contains the ldap fullname + # example : LDAP_FULLNAME_FIELD=fullname + #- LDAP_FULLNAME_FIELD= # LDAP_MERGE_EXISTING_USERS : # example : LDAP_MERGE_EXISTING_USERS=true #- LDAP_MERGE_EXISTING_USERS=false diff --git a/docker-compose.yml b/docker-compose.yml index 56ca7775..4d3f1c9b 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -180,6 +180,9 @@ services: # LDAP_USERNAME_FIELD : Which field contains the ldap username # example : LDAP_USERNAME_FIELD=username #- LDAP_USERNAME_FIELD= + # LDAP_FULLNAME_FIELD : Which field contains the ldap fullname + # example : LDAP_FULLNAME_FIELD=fullname + #- LDAP_FULLNAME_FIELD= # LDAP_MERGE_EXISTING_USERS : # example : LDAP_MERGE_EXISTING_USERS=true #- LDAP_MERGE_EXISTING_USERS=false diff --git a/releases/virtualbox/start-wekan.sh b/releases/virtualbox/start-wekan.sh index 67f52dc0..388e3066 100755 --- a/releases/virtualbox/start-wekan.sh +++ b/releases/virtualbox/start-wekan.sh @@ -24,17 +24,17 @@ #--------------------------------------------- ## Optional: Integration with Matomo https://matomo.org that is installed to your server ## The address of the server where Matomo is hosted: - # export MATOMO_ADDRESS='https://example.com/matomo' - export MATOMO_ADDRESS='' + ##export MATOMO_ADDRESS=https://example.com/matomo + #export MATOMO_ADDRESS= ## The value of the site ID given in Matomo server for Wekan - # export MATOMO_SITE_ID='123456789' - export MATOMO_SITE_ID='' + # Example: export MATOMO_SITE_ID=123456789 + #export MATOMO_SITE_ID='' ## The option do not track which enables users to not be tracked by matomo" - # export MATOMO_DO_NOT_TRACK='false' - export MATOMO_DO_NOT_TRACK='true' + #Example: export MATOMO_DO_NOT_TRACK=false + #export MATOMO_DO_NOT_TRACK=true ## The option that allows matomo to retrieve the username: - # export MATOMO_WITH_USERNAME='true' - export MATOMO_WITH_USERNAME='false' + # Example: export MATOMO_WITH_USERNAME=true + #export MATOMO_WITH_USERNAME='false' # Enable browser policy and allow one trusted URL that can have iframe that has Wekan embedded inside. # Setting this to false is not recommended, it also disables all other browser policy protections # and allows all iframing etc. See wekan/server/policy.js @@ -50,23 +50,143 @@ # OAuth2 docs: https://github.com/wekan/wekan/wiki/OAuth2 # OAuth2 Client ID, for example from Rocket.Chat. Example: abcde12345 # example: export OAUTH2_CLIENT_ID=abcde12345 - export OAUTH2_CLIENT_ID='' + #export OAUTH2_CLIENT_ID='' # OAuth2 Secret, for example from Rocket.Chat: Example: 54321abcde # example: export OAUTH2_SECRET=54321abcde - export OAUTH2_SECRET='' + #export OAUTH2_SECRET='' # OAuth2 Server URL, for example Rocket.Chat. Example: https://chat.example.com # example: export OAUTH2_SERVER_URL=https://chat.example.com - export OAUTH2_SERVER_URL='' + #export OAUTH2_SERVER_URL='' # OAuth2 Authorization Endpoint. Example: /oauth/authorize # example: export OAUTH2_AUTH_ENDPOINT=/oauth/authorize - export OAUTH2_AUTH_ENDPOINT='' + #export OAUTH2_AUTH_ENDPOINT='' # OAuth2 Userinfo Endpoint. Example: /oauth/userinfo # example: export OAUTH2_USERINFO_ENDPOINT=/oauth/userinfo - export OAUTH2_USERINFO_ENDPOINT='' + #export OAUTH2_USERINFO_ENDPOINT='' # OAuth2 Token Endpoint. Example: /oauth/token # example: export OAUTH2_TOKEN_ENDPOINT=/oauth/token - export OAUTH2_TOKEN_ENDPOINT='' + #export OAUTH2_TOKEN_ENDPOINT='' #--------------------------------------------- + # LDAP_ENABLE : Enable or not the connection by the LDAP + # example : export LDAP_ENABLE=true + #export LDAP_ENABLE=false + # LDAP_PORT : The port of the LDAP server + # example : export LDAP_PORT=389 + #export LDAP_PORT=389 + # LDAP_HOST : The host server for the LDAP server + # example : export LDAP_HOST=localhost + #export LDAP_HOST= + # LDAP_BASEDN : The base DN for the LDAP Tree + # example : export LDAP_BASEDN=ou=user,dc=example,dc=org + #export LDAP_BASEDN= + # LDAP_LOGIN_FALLBACK : Fallback on the default authentication method + # example : export LDAP_LOGIN_FALLBACK=true + #export LDAP_LOGIN_FALLBACK=false + # LDAP_RECONNECT : Reconnect to the server if the connection is lost + # example : export LDAP_RECONNECT=false + #export LDAP_RECONNECT=true + # LDAP_TIMEOUT : Overall timeout, in milliseconds + # example : export LDAP_TIMEOUT=12345 + #export LDAP_TIMEOUT=10000 + # LDAP_IDLE_TIMEOUT : Specifies the timeout for idle LDAP connections in milliseconds + # example : export LDAP_IDLE_TIMEOUT=12345 + #export LDAP_IDLE_TIMEOUT=10000 + # LDAP_CONNECT_TIMEOUT : Connection timeout, in milliseconds + # example : export LDAP_CONNECT_TIMEOUT=12345 + #export LDAP_CONNECT_TIMEOUT=10000 + # LDAP_AUTHENTIFICATION : If the LDAP needs a user account to search + # example : export LDAP_AUTHENTIFICATION=true + #export LDAP_AUTHENTIFICATION=false + # LDAP_AUTHENTIFICATION_USERDN : The search user DN + # example : export LDAP_AUTHENTIFICATION_USERDN=cn=admin,dc=example,dc=org + #export LDAP_AUTHENTIFICATION_USERDN= + # LDAP_AUTHENTIFICATION_PASSWORD : The password for the search user + # example : AUTHENTIFICATION_PASSWORD=admin + #export LDAP_AUTHENTIFICATION_PASSWORD= + # LDAP_LOG_ENABLED : Enable logs for the module + # example : export LDAP_LOG_ENABLED=true + #export LDAP_LOG_ENABLED=false + # LDAP_BACKGROUND_SYNC : If the sync of the users should be done in the background + # example : export LDAP_BACKGROUND_SYNC=true + #export LDAP_BACKGROUND_SYNC=false + # LDAP_BACKGROUND_SYNC_INTERVAL : At which interval does the background task sync in milliseconds + # example : export LDAP_BACKGROUND_SYNC_INTERVAL=12345 + #export LDAP_BACKGROUND_SYNC_INTERVAL=100 + # LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED : + # example : export LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=true + #export LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=false + # LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS : + # example : export LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=true + #export LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=false + # LDAP_ENCRYPTION : If using LDAPS + # example : export LDAP_ENCRYPTION=ssl + #export LDAP_ENCRYPTION=false + # LDAP_CA_CERT : The certification for the LDAPS server. Certificate needs to be included in this docker-compose.yml file. + # example : export LDAP_CA_CERT=-----BEGIN CERTIFICATE-----MIIE+zCCA+OgAwIBAgIkAhwR/6TVLmdRY6hHxvUFWc0+Enmu/Hu6cj+G2FIdAgIC...-----END CERTIFICATE----- + #export LDAP_CA_CERT= + # LDAP_REJECT_UNAUTHORIZED : Reject Unauthorized Certificate + # example : export LDAP_REJECT_UNAUTHORIZED=true + #export LDAP_REJECT_UNAUTHORIZED=false + # LDAP_USER_SEARCH_FILTER : Optional extra LDAP filters. Don't forget the outmost enclosing parentheses if needed + # example : export LDAP_USER_SEARCH_FILTER= + #export LDAP_USER_SEARCH_FILTER= + # LDAP_USER_SEARCH_SCOPE : base (search only in the provided DN), one (search only in the provided DN and one level deep), or sub (search the whole subtree) + # example : export LDAP_USER_SEARCH_SCOPE=one + #export LDAP_USER_SEARCH_SCOPE= + # LDAP_USER_SEARCH_FIELD : Which field is used to find the user + # example : export LDAP_USER_SEARCH_FIELD=uid + #export LDAP_USER_SEARCH_FIELD= + # LDAP_SEARCH_PAGE_SIZE : Used for pagination (0=unlimited) + # example : export LDAP_SEARCH_PAGE_SIZE=12345 + #export LDAP_SEARCH_PAGE_SIZE=0 + # LDAP_SEARCH_SIZE_LIMIT : The limit number of entries (0=unlimited) + # example : export LDAP_SEARCH_SIZE_LIMIT=12345 + #export LDAP_SEARCH_SIZE_LIMIT=0 + # LDAP_GROUP_FILTER_ENABLE : Enable group filtering + # example : export LDAP_GROUP_FILTER_ENABLE=true + #export LDAP_GROUP_FILTER_ENABLE=false + # LDAP_GROUP_FILTER_OBJECTCLASS : The object class for filtering + # example : export LDAP_GROUP_FILTER_OBJECTCLASS=group + #export LDAP_GROUP_FILTER_OBJECTCLASS= + # LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE : + # example : + #export LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE= + # LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE : + # example : + #export LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE= + # LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT : + # example : + #export LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT= + # LDAP_GROUP_FILTER_GROUP_NAME : + # example : + #export LDAP_GROUP_FILTER_GROUP_NAME= + # LDAP_UNIQUE_IDENTIFIER_FIELD : This field is sometimes class GUID (Globally Unique Identifier) + # example : export LDAP_UNIQUE_IDENTIFIER_FIELD=guid + #export LDAP_UNIQUE_IDENTIFIER_FIELD= + # LDAP_UTF8_NAMES_SLUGIFY : Convert the username to utf8 + # example : export LDAP_UTF8_NAMES_SLUGIFY=false + #export LDAP_UTF8_NAMES_SLUGIFY=true + # LDAP_USERNAME_FIELD : Which field contains the ldap username + # example : export LDAP_USERNAME_FIELD=username + #export LDAP_USERNAME_FIELD= + # LDAP_FULLNAME_FIELD : Which field contains the ldap fullname + # example : export LDAP_FULLNAME_FIELD=fullname + #export LDAP_FULLNAME_FIELD= + # LDAP_MERGE_EXISTING_USERS : + # example : export LDAP_MERGE_EXISTING_USERS=true + #export LDAP_MERGE_EXISTING_USERS=false + # LDAP_SYNC_USER_DATA : + # example : export LDAP_SYNC_USER_DATA=true + #export LDAP_SYNC_USER_DATA=false + # LDAP_SYNC_USER_DATA_FIELDMAP : + # example : export LDAP_SYNC_USER_DATA_FIELDMAP={"cn":"name", "mail":"email"} + #export LDAP_SYNC_USER_DATA_FIELDMAP= + # LDAP_SYNC_GROUP_ROLES : + # example : + #export LDAP_SYNC_GROUP_ROLES= + # LDAP_DEFAULT_DOMAIN : The default domain of the ldap it is used to create email if the field is not map correctly with the LDAP_SYNC_USER_DATA_FIELDMAP + # example : + #export LDAP_DEFAULT_DOMAIN= node main.js & >> ~/repos/wekan.log cd ~/repos #done diff --git a/snap-src/bin/config b/snap-src/bin/config index a19baf7d..0472f4f9 100755 --- a/snap-src/bin/config +++ b/snap-src/bin/config @@ -3,7 +3,7 @@ # All supported keys are defined here together with descriptions and default values # list of supported keys -keys="MONGODB_BIND_UNIX_SOCKET MONGODB_BIND_IP MONGODB_PORT MAIL_URL MAIL_FROM ROOT_URL PORT DISABLE_MONGODB CADDY_ENABLED CADDY_BIND_PORT WITH_API MATOMO_ADDRESS MATOMO_SITE_ID MATOMO_DO_NOT_TRACK MATOMO_WITH_USERNAME BROWSER_POLICY_ENABLED TRUSTED_URL WEBHOOKS_ATTRIBUTES OAUTH2_ENABLED OAUTH2_CLIENT_ID OAUTH2_SECRET OAUTH2_SERVER_URL OAUTH2_AUTH_ENDPOINT OAUTH2_USERINFO_ENDPOINT OAUTH2_TOKEN_ENDPOINT LDAP_ENABLE LDAP_PORT LDAP_HOST LDAP_BASEDN LDAP_LOGIN_FALLBACK LDAP_RECONNECT LDAP_TIMEOUT LDAP_IDLE_TIMEOUT LDAP_CONNECT_TIMEOUT LDAP_AUTHENTIFICATION LDAP_AUTHENTIFICATION_USERDN LDAP_AUTHENTIFICATION_PASSWORD LDAP_LOG_ENABLED LDAP_BACKGROUND_SYNC LDAP_BACKGROUND_SYNC_INTERVAL LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS LDAP_ENCRYPTION LDAP_CA_CERT LDAP_REJECT_UNAUTHORIZED LDAP_USER_SEARCH_FILTER LDAP_USER_SEARCH_SCOPE LDAP_USER_SEARCH_FIELD LDAP_SEARCH_PAGE_SIZE LDAP_SEARCH_SIZE_LIMIT LDAP_GROUP_FILTER_ENABLE LDAP_GROUP_FILTER_OBJECTCLASS LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT LDAP_GROUP_FILTER_GROUP_NAME LDAP_UNIQUE_IDENTIFIER_FIELD LDAP_UTF8_NAMES_SLUGIFY LDAP_USERNAME_FIELD LDAP_MERGE_EXISTING_USERS LDAP_SYNC_USER_DATA LDAP_SYNC_USER_DATA_FIELDMAP LDAP_SYNC_GROUP_ROLES LDAP_DEFAULT_DOMAIN" +keys="MONGODB_BIND_UNIX_SOCKET MONGODB_BIND_IP MONGODB_PORT MAIL_URL MAIL_FROM ROOT_URL PORT DISABLE_MONGODB CADDY_ENABLED CADDY_BIND_PORT WITH_API MATOMO_ADDRESS MATOMO_SITE_ID MATOMO_DO_NOT_TRACK MATOMO_WITH_USERNAME BROWSER_POLICY_ENABLED TRUSTED_URL WEBHOOKS_ATTRIBUTES OAUTH2_ENABLED OAUTH2_CLIENT_ID OAUTH2_SECRET OAUTH2_SERVER_URL OAUTH2_AUTH_ENDPOINT OAUTH2_USERINFO_ENDPOINT OAUTH2_TOKEN_ENDPOINT LDAP_ENABLE LDAP_PORT LDAP_HOST LDAP_BASEDN LDAP_LOGIN_FALLBACK LDAP_RECONNECT LDAP_TIMEOUT LDAP_IDLE_TIMEOUT LDAP_CONNECT_TIMEOUT LDAP_AUTHENTIFICATION LDAP_AUTHENTIFICATION_USERDN LDAP_AUTHENTIFICATION_PASSWORD LDAP_LOG_ENABLED LDAP_BACKGROUND_SYNC LDAP_BACKGROUND_SYNC_INTERVAL LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS LDAP_ENCRYPTION LDAP_CA_CERT LDAP_REJECT_UNAUTHORIZED LDAP_USER_SEARCH_FILTER LDAP_USER_SEARCH_SCOPE LDAP_USER_SEARCH_FIELD LDAP_SEARCH_PAGE_SIZE LDAP_SEARCH_SIZE_LIMIT LDAP_GROUP_FILTER_ENABLE LDAP_GROUP_FILTER_OBJECTCLASS LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT LDAP_GROUP_FILTER_GROUP_NAME LDAP_UNIQUE_IDENTIFIER_FIELD LDAP_UTF8_NAMES_SLUGIFY LDAP_USERNAME_FIELD LDAP_FULLNAME_FIELD LDAP_MERGE_EXISTING_USERS LDAP_SYNC_USER_DATA LDAP_SYNC_USER_DATA_FIELDMAP LDAP_SYNC_GROUP_ROLES LDAP_DEFAULT_DOMAIN" # default values DESCRIPTION_MONGODB_BIND_UNIX_SOCKET="mongodb binding unix socket:\n"\ @@ -246,6 +246,10 @@ DESCRIPTION_LDAP_USERNAME_FIELD="Which field contains the ldap username" DEFAULT_LDAP_USERNAME_FIELD="" KEY_LDAP_USERNAME_FIELD="ldap-username-field" +DESCRIPTION_LDAP_FULLNAME_FIELD="Which field contains the ldap fullname" +DEFAULT_LDAP_FULLNAME_FIELD="" +KEY_LDAP_FULLNAME_FIELD="ldap-fullname-field" + DESCRIPTION_LDAP_MERGE_EXISTING_USERS="ldap-merge-existing-users . Default: false" DEFAULT_LDAP_MERGE_EXISTING_USERS="false" KEY_LDAP_MERGE_EXISTING_USERS="ldap-merge-existing-users" diff --git a/snap-src/bin/wekan-help b/snap-src/bin/wekan-help index c488a538..f28f8f9d 100755 --- a/snap-src/bin/wekan-help +++ b/snap-src/bin/wekan-help @@ -227,6 +227,10 @@ echo -e "Ldap Username Field." echo -e "Which field contains the ldap username:" echo -e "\t$ snap set $SNAP_NAME LDAP_USERNAME_FIELD='username'" echo -e "\n" +echo -e "Ldap Fullname Field." +echo -e "Which field contains the ldap fullname:" +echo -e "\t$ snap set $SNAP_NAME LDAP_FULLNAME_FIELD='fullname'" +echo -e "\n" echo -e "Ldap Merge Existing Users." echo -e "\t$ snap set $SNAP_NAME LDAP_MERGE_EXISTING_USERS='true'" echo -e "\n" diff --git a/start-wekan.sh b/start-wekan.sh index 3584ac6d..dd8bf9eb 100755 --- a/start-wekan.sh +++ b/start-wekan.sh @@ -20,9 +20,7 @@ function wekan_repo_check(){ #while true; do wekan_repo_check cd .build/bundle - #export MONGO_URL='mongodb://127.0.0.1:27019/wekantest' - #export MONGO_URL='mongodb://127.0.0.1:27019/wekan' - export MONGO_URL='mongodb://127.0.0.1:27019/wekantest' + export MONGO_URL='mongodb://127.0.0.1:27019/wekan' # Production: https://example.com/wekan # Local: http://localhost:2000 #export ipaddress=$(ifdata -pa eth0) @@ -30,12 +28,179 @@ function wekan_repo_check(){ # https://github.com/wekan/wekan/wiki/Troubleshooting-Mail # https://github.com/wekan/wekan-mongodb/blob/master/docker-compose.yml export MAIL_URL='smtp://user:pass@mailserver.example.com:25/' + #export KADIRA_OPTIONS_ENDPOINT=http://127.0.0.1:11011 # This is local port where Wekan Node.js runs, same as below on Caddyfile settings. - export WITH_API=true - export KADIRA_OPTIONS_ENDPOINT=http://127.0.0.1:11011 export PORT=2000 - #export LDAP_ENABLE=true + # Wekan Export Board works when WITH_API=true. + # If you disable Wekan API with false, Export Board does not work. + export WITH_API='true' + #--------------------------------------------- + ## Optional: Integration with Matomo https://matomo.org that is installed to your server + ## The address of the server where Matomo is hosted: + ##export MATOMO_ADDRESS=https://example.com/matomo + #export MATOMO_ADDRESS= + ## The value of the site ID given in Matomo server for Wekan + # Example: export MATOMO_SITE_ID=123456789 + #export MATOMO_SITE_ID='' + ## The option do not track which enables users to not be tracked by matomo" + #Example: export MATOMO_DO_NOT_TRACK=false + #export MATOMO_DO_NOT_TRACK=true + ## The option that allows matomo to retrieve the username: + # Example: export MATOMO_WITH_USERNAME=true + #export MATOMO_WITH_USERNAME='false' + # Enable browser policy and allow one trusted URL that can have iframe that has Wekan embedded inside. + # Setting this to false is not recommended, it also disables all other browser policy protections + # and allows all iframing etc. See wekan/server/policy.js + # Default value: true + export BROWSER_POLICY_ENABLED=true + # When browser policy is enabled, HTML code at this Trusted URL can have iframe that embeds Wekan inside. + # Example: export TRUSTED_URL=http://example.com + export TRUSTED_URL='' + # What to send to Outgoing Webhook, or leave out. Example, that includes all that are default: cardId,listId,oldListId,boardId,comment,user,card,commentId . + # Example: export WEBHOOKS_ATTRIBUTES=cardId,listId,oldListId,boardId,comment,user,card,commentId + export WEBHOOKS_ATTRIBUTES='' + #--------------------------------------------- + # OAuth2 docs: https://github.com/wekan/wekan/wiki/OAuth2 + # OAuth2 Client ID, for example from Rocket.Chat. Example: abcde12345 + # example: export OAUTH2_CLIENT_ID=abcde12345 + #export OAUTH2_CLIENT_ID='' + # OAuth2 Secret, for example from Rocket.Chat: Example: 54321abcde + # example: export OAUTH2_SECRET=54321abcde + #export OAUTH2_SECRET='' + # OAuth2 Server URL, for example Rocket.Chat. Example: https://chat.example.com + # example: export OAUTH2_SERVER_URL=https://chat.example.com + #export OAUTH2_SERVER_URL='' + # OAuth2 Authorization Endpoint. Example: /oauth/authorize + # example: export OAUTH2_AUTH_ENDPOINT=/oauth/authorize + #export OAUTH2_AUTH_ENDPOINT='' + # OAuth2 Userinfo Endpoint. Example: /oauth/userinfo + # example: export OAUTH2_USERINFO_ENDPOINT=/oauth/userinfo + #export OAUTH2_USERINFO_ENDPOINT='' + # OAuth2 Token Endpoint. Example: /oauth/token + # example: export OAUTH2_TOKEN_ENDPOINT=/oauth/token + #export OAUTH2_TOKEN_ENDPOINT='' + #--------------------------------------------- + # LDAP_ENABLE : Enable or not the connection by the LDAP + # example : export LDAP_ENABLE=true + #export LDAP_ENABLE=false + # LDAP_PORT : The port of the LDAP server + # example : export LDAP_PORT=389 + #export LDAP_PORT=389 + # LDAP_HOST : The host server for the LDAP server + # example : export LDAP_HOST=localhost + #export LDAP_HOST= + # LDAP_BASEDN : The base DN for the LDAP Tree + # example : export LDAP_BASEDN=ou=user,dc=example,dc=org + #export LDAP_BASEDN= + # LDAP_LOGIN_FALLBACK : Fallback on the default authentication method + # example : export LDAP_LOGIN_FALLBACK=true + #export LDAP_LOGIN_FALLBACK=false + # LDAP_RECONNECT : Reconnect to the server if the connection is lost + # example : export LDAP_RECONNECT=false + #export LDAP_RECONNECT=true + # LDAP_TIMEOUT : Overall timeout, in milliseconds + # example : export LDAP_TIMEOUT=12345 + #export LDAP_TIMEOUT=10000 + # LDAP_IDLE_TIMEOUT : Specifies the timeout for idle LDAP connections in milliseconds + # example : export LDAP_IDLE_TIMEOUT=12345 + #export LDAP_IDLE_TIMEOUT=10000 + # LDAP_CONNECT_TIMEOUT : Connection timeout, in milliseconds + # example : export LDAP_CONNECT_TIMEOUT=12345 + #export LDAP_CONNECT_TIMEOUT=10000 + # LDAP_AUTHENTIFICATION : If the LDAP needs a user account to search + # example : export LDAP_AUTHENTIFICATION=true + #export LDAP_AUTHENTIFICATION=false + # LDAP_AUTHENTIFICATION_USERDN : The search user DN + # example : export LDAP_AUTHENTIFICATION_USERDN=cn=admin,dc=example,dc=org + #export LDAP_AUTHENTIFICATION_USERDN= + # LDAP_AUTHENTIFICATION_PASSWORD : The password for the search user + # example : AUTHENTIFICATION_PASSWORD=admin + #export LDAP_AUTHENTIFICATION_PASSWORD= + # LDAP_LOG_ENABLED : Enable logs for the module + # example : export LDAP_LOG_ENABLED=true + #export LDAP_LOG_ENABLED=false + # LDAP_BACKGROUND_SYNC : If the sync of the users should be done in the background + # example : export LDAP_BACKGROUND_SYNC=true + #export LDAP_BACKGROUND_SYNC=false + # LDAP_BACKGROUND_SYNC_INTERVAL : At which interval does the background task sync in milliseconds + # example : export LDAP_BACKGROUND_SYNC_INTERVAL=12345 + #export LDAP_BACKGROUND_SYNC_INTERVAL=100 + # LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED : + # example : export LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=true + #export LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=false + # LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS : + # example : export LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=true + #export LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=false + # LDAP_ENCRYPTION : If using LDAPS + # example : export LDAP_ENCRYPTION=ssl + #export LDAP_ENCRYPTION=false + # LDAP_CA_CERT : The certification for the LDAPS server. Certificate needs to be included in this docker-compose.yml file. + # example : export LDAP_CA_CERT=-----BEGIN CERTIFICATE-----MIIE+zCCA+OgAwIBAgIkAhwR/6TVLmdRY6hHxvUFWc0+Enmu/Hu6cj+G2FIdAgIC...-----END CERTIFICATE----- + #export LDAP_CA_CERT= + # LDAP_REJECT_UNAUTHORIZED : Reject Unauthorized Certificate + # example : export LDAP_REJECT_UNAUTHORIZED=true + #export LDAP_REJECT_UNAUTHORIZED=false + # LDAP_USER_SEARCH_FILTER : Optional extra LDAP filters. Don't forget the outmost enclosing parentheses if needed + # example : export LDAP_USER_SEARCH_FILTER= + #export LDAP_USER_SEARCH_FILTER= + # LDAP_USER_SEARCH_SCOPE : base (search only in the provided DN), one (search only in the provided DN and one level deep), or sub (search the whole subtree) + # example : export LDAP_USER_SEARCH_SCOPE=one + #export LDAP_USER_SEARCH_SCOPE= + # LDAP_USER_SEARCH_FIELD : Which field is used to find the user + # example : export LDAP_USER_SEARCH_FIELD=uid + #export LDAP_USER_SEARCH_FIELD= + # LDAP_SEARCH_PAGE_SIZE : Used for pagination (0=unlimited) + # example : export LDAP_SEARCH_PAGE_SIZE=12345 + #export LDAP_SEARCH_PAGE_SIZE=0 + # LDAP_SEARCH_SIZE_LIMIT : The limit number of entries (0=unlimited) + # example : export LDAP_SEARCH_SIZE_LIMIT=12345 + #export LDAP_SEARCH_SIZE_LIMIT=0 + # LDAP_GROUP_FILTER_ENABLE : Enable group filtering + # example : export LDAP_GROUP_FILTER_ENABLE=true + #export LDAP_GROUP_FILTER_ENABLE=false + # LDAP_GROUP_FILTER_OBJECTCLASS : The object class for filtering + # example : export LDAP_GROUP_FILTER_OBJECTCLASS=group + #export LDAP_GROUP_FILTER_OBJECTCLASS= + # LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE : + # example : + #export LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE= + # LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE : + # example : + #export LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE= + # LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT : + # example : + #export LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT= + # LDAP_GROUP_FILTER_GROUP_NAME : + # example : + #export LDAP_GROUP_FILTER_GROUP_NAME= + # LDAP_UNIQUE_IDENTIFIER_FIELD : This field is sometimes class GUID (Globally Unique Identifier) + # example : export LDAP_UNIQUE_IDENTIFIER_FIELD=guid + #export LDAP_UNIQUE_IDENTIFIER_FIELD= + # LDAP_UTF8_NAMES_SLUGIFY : Convert the username to utf8 + # example : export LDAP_UTF8_NAMES_SLUGIFY=false + #export LDAP_UTF8_NAMES_SLUGIFY=true + # LDAP_USERNAME_FIELD : Which field contains the ldap username + # example : export LDAP_USERNAME_FIELD=username + #export LDAP_USERNAME_FIELD= + # LDAP_FULLNAME_FIELD : Which field contains the ldap fullname + # example : export LDAP_FULLNAME_FIELD=fullname + #export LDAP_FULLNAME_FIELD= + # LDAP_MERGE_EXISTING_USERS : + # example : export LDAP_MERGE_EXISTING_USERS=true + #export LDAP_MERGE_EXISTING_USERS=false + # LDAP_SYNC_USER_DATA : + # example : export LDAP_SYNC_USER_DATA=true + #export LDAP_SYNC_USER_DATA=false + # LDAP_SYNC_USER_DATA_FIELDMAP : + # example : export LDAP_SYNC_USER_DATA_FIELDMAP={"cn":"name", "mail":"email"} + #export LDAP_SYNC_USER_DATA_FIELDMAP= + # LDAP_SYNC_GROUP_ROLES : + # example : + #export LDAP_SYNC_GROUP_ROLES= + # LDAP_DEFAULT_DOMAIN : The default domain of the ldap it is used to create email if the field is not map correctly with the LDAP_SYNC_USER_DATA_FIELDMAP + # example : + #export LDAP_DEFAULT_DOMAIN= node main.js - # & >> ../../wekan.log + # & >> ../../wekan.log cd ../.. #done |