1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
|
#!/bin/sh
# All supported keys are defined here together with descriptions and default values
# list of supported keys
keys="MONGODB_BIND_UNIX_SOCKET MONGODB_BIND_IP MONGODB_PORT MAIL_URL MAIL_FROM ROOT_URL PORT DISABLE_MONGODB CADDY_ENABLED CADDY_BIND_PORT WITH_API MATOMO_ADDRESS MATOMO_SITE_ID MATOMO_DO_NOT_TRACK MATOMO_WITH_USERNAME BROWSER_POLICY_ENABLED TRUSTED_URL WEBHOOKS_ATTRIBUTES OAUTH2_ENABLED OAUTH2_CLIENT_ID OAUTH2_SECRET OAUTH2_SERVER_URL OAUTH2_AUTH_ENDPOINT OAUTH2_USERINFO_ENDPOINT OAUTH2_TOKEN_ENDPOINT LDAP_ENABLE LDAP_PORT LDAP_HOST LDAP_BASEDN LDAP_LOGIN_FALLBACK LDAP_RECONNECT LDAP_TIMEOUT LDAP_IDLE_TIMEOUT LDAP_CONNECT_TIMEOUT LDAP_AUTHENTIFICATION LDAP_AUTHENTIFICATION_USERDN LDAP_AUTHENTIFICATION_PASSWORD LDAP_LOG_ENABLED LDAP_BACKGROUND_SYNC LDAP_BACKGROUND_SYNC_INTERVAL LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS LDAP_ENCRYPTION LDAP_CA_CERT LDAP_REJECT_UNAUTHORIZED LDAP_USER_SEARCH_FILTER LDAP_USER_SEARCH_SCOPE LDAP_USER_SEARCH_FIELD LDAP_SEARCH_PAGE_SIZE LDAP_SEARCH_SIZE_LIMIT LDAP_GROUP_FILTER_ENABLE LDAP_GROUP_FILTER_OBJECTCLASS LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT LDAP_GROUP_FILTER_GROUP_NAME LDAP_UNIQUE_IDENTIFIER_FIELD LDAP_UTF8_NAMES_SLUGIFY LDAP_USERNAME_FIELD LDAP_MERGE_EXISTING_USERS LDAP_SYNC_USER_DATA LDAP_SYNC_USER_DATA_FIELDMAP LDAP_SYNC_GROUP_ROLES LDAP_DEFAULT_DOMAIN LOGOUT_WITH_TIMER, LOGOUT_IN, LOGOUT_ON_HOURS, LOGOUT_ON_MINUTES"
# default values
DESCRIPTION_MONGODB_BIND_UNIX_SOCKET="mongodb binding unix socket:\n"\
"\t\t\t Default behaviour will preffer binding over unix socket, to disable unix socket binding set value to 'nill' string\n"\
"\t\t\t To bind to instance of mongodb provided through content interface,set value to relative path to the socket inside '$SNAP_DATA/shared' directory"
DEFAULT_MONGODB_BIND_UNIX_SOCKET="/var/snap/wekan/current/share"
KEY_MONGODB_BIND_UNIX_SOCKET="mongodb-bind-unix-socket"
DESCRIPTION_MONGODB_PORT="mongodb binding port: eg 27017 when using localhost"
DEFAULT_MONGODB_PORT="27019"
KEY_MONGODB_PORT='mongodb-port'
DESCRIPTION_MONGODB_BIND_IP="mongodb binding ip address: eg 127.0.0.1 for localhost\n\t\tIf not defined default unix socket is used instead"
DEFAULT_MONGODB_BIND_IP="127.0.0.1"
KEY_MONGODB_BIND_IP="mongodb-bind-ip"
DESCRIPTION_MAIL_URL="wekan mail binding"
DEFAULT_MAIL_URL="smtp://user:pass@mailserver.examples.com:25/"
KEY_MAIL_URL="mail-url"
DESCRIPTION_MAIL_FROM="wekan's admin mail from name email address"
DEFAULT_MAIL_FROM="wekan-admin@example.com"
KEY_MAIL_FROM="mail-from"
DESCRIPTION_ROOT_URL="wekan's root url, eg http://127.0.0.1, https://example.com, https://wekan.example.com, http://example.com/wekan"
DEFAULT_ROOT_URL="http://127.0.0.1"
KEY_ROOT_URL="root-url"
DESCRIPTION_PORT="port wekan is exposed at"
DEFAULT_PORT="8080"
KEY_PORT="port"
DESCRIPTION_DISABLE_MONGODB="Disable mongodb service: use only if binding to database outside of the ${SNAP_NAME} snap. Valid values: [true,false]"
DEFAULT_DISABLE_MONGODB="false"
KEY_DISABLE_MONGODB="disable-mongodb"
DESCRIPTION_CADDY_ENABLED="Enable caddy service (caddy - Every Site on HTTPS) personal license for non-commercial use only, see https://caddyserver.com/products/licenses . Set to 'true' to enable caddy\n\t\tcaddy settings are handled through $SNAP_COMMON/Caddyfile"
DEFAULT_CADDY_ENABLED="false"
KEY_CADDY_ENABLED="caddy-enabled"
DESCRIPTION_CADDY_BIND_PORT="Port on which caddy will expect proxy, value set here will be set in $SNAP_COMMON/Caddyfile"
DEFAULT_CADDY_BIND_PORT="3001"
KEY_CADDY_BIND_PORT="caddy-bind-port"
DESCRIPTION_WITH_API="Enable/disable the api of wekan"
DEFAULT_WITH_API="true"
KEY_WITH_API="with-api"
DESCRIPTION_MATOMO_ADDRESS="The address of the server where matomo is hosted"
DEFAULT_MATOMO_ADDRESS=""
KEY_MATOMO_ADDRESS="matomo-address"
DESCRIPTION_MATOMO_SITE_ID="The value of the site ID given in matomo server for wekan"
DEFAULT_MATOMO_SITE_ID=""
KEY_MATOMO_SITE_ID="matomo-site-id"
DESCRIPTION_MATOMO_DO_NOT_TRACK="The option do not track which enables users to not be tracked by matomo"
DEFAULT_MATOMO_DO_NOT_TRACK="true"
KEY_MATOMO_DO_NOT_TRACK="matomo-do-not-track"
DESCRIPTION_MATOMO_WITH_USERNAME="The option that allows matomo to retrieve the username"
DEFAULT_MATOMO_WITH_USERNAME="false"
KEY_MATOMO_WITH_USERNAME="matomo-with-username"
DESCRIPTION_BROWSER_POLICY_ENABLED="Enable browser policy and allow one trusted URL that can have iframe that has Wekan embedded inside.\n"\
"\t\t\t Setting this to false is not recommended, it also disables all other browser policy protections\n"\
"\t\t\t and allows all iframing etc. See wekan/server/policy.js"
DEFAULT_BROWSER_POLICY_ENABLED="true"
KEY_BROWSER_POLICY_ENABLED="browser-policy-enabled"
DESCRIPTION_TRUSTED_URL="When browser policy is enabled, HTML code at this Trusted URL can have iframe that embeds Wekan inside."
DEFAULT_TRUSTED_URL=""
KEY_TRUSTED_URL="trusted-url"
DESCRIPTION_WEBHOOKS_ATTRIBUTES="What to send to Outgoing Webhook, or leave out. Example, that includes all that are default: cardId,listId,oldListId,boardId,comment,user,card,commentId ."
DEFAULT_WEBHOOKS_ATTRIBUTES=""
KEY_WEBHOOKS_ATTRIBUTES="webhooks-attributes"
DESCRIPTION_OAUTH2_ENABLED="Enable the OAuth2 connection"
DEFAULT_OAUTH2_ENABLED="false"
KEY_OAUTH2_ENABLED="oauth2-enabled"
DESCRIPTION_OAUTH2_CLIENT_ID="OAuth2 Client ID, for example from Rocket.Chat. Example: abcde12345"
DEFAULT_OAUTH2_CLIENT_ID=""
KEY_OAUTH2_CLIENT_ID="oauth2-client-id"
DESCRIPTION_OAUTH2_SECRET="OAuth2 Secret, for example from Rocket.Chat: Example: 54321abcde"
DEFAULT_OAUTH2_SECRET=""
KEY_OAUTH2_SECRET="oauth2-secret"
DESCRIPTION_OAUTH2_SERVER_URL="OAuth2 Server URL, for example Rocket.Chat. Example: https://chat.example.com"
DEFAULT_OAUTH2_SERVER_URL=""
KEY_OAUTH2_SERVER_URL="oauth2-server-url"
DESCRIPTION_OAUTH2_AUTH_ENDPOINT="OAuth2 authorization endpoint. Example: /oauth/authorize"
DEFAULT_OAUTH2_AUTH_ENDPOINT=""
KEY_OAUTH2_AUTH_ENDPOINT="oauth2-auth-endpoint"
DESCRIPTION_OAUTH2_USERINFO_ENDPOINT="OAuth2 userinfo endpoint. Example: /oauth/userinfo"
DEFAULT_OAUTH2_USERINFO_ENDPOINT=""
KEY_OAUTH2_USERINFO_ENDPOINT="oauth2-userinfo-endpoint"
DESCRIPTION_OAUTH2_TOKEN_ENDPOINT="OAuth2 token endpoint. Example: /oauth/token"
DEFAULT_OAUTH2_TOKEN_ENDPOINT=""
KEY_OAUTH2_TOKEN_ENDPOINT="oauth2-token-endpoint"
DESCRIPTION_LDAP_ENABLE="Enable or not the connection by the LDAP"
DEFAULT_LDAP_ENABLE="false"
KEY_LDAP_ENABLE="ldap-enable"
DESCRIPTION_LDAP_PORT="The port of the LDAP server"
DEFAULT_LDAP_PORT="389"
KEY_LDAP_PORT="ldap-port"
DESCRIPTION_LDAP_HOST="The host server for the LDAP server"
DEFAULT_LDAP_HOST=""
KEY_LDAP_HOST="ldap-host"
DESCRIPTION_LDAP_BASEDN="The base DN for the LDAP Tree"
DEFAULT_LDAP_BASEDN=""
KEY_LDAP_BASEDN="ldap-basedn"
DESCRIPTION_LDAP_LOGIN_FALLBACK="Fallback on the default authentication method"
DEFAULT_LDAP_LOGIN_FALLBACK="false"
KEY_LDAP_LOGIN_FALLBACK="ldap-login-fallback"
DESCRIPTION_LDAP_RECONNECT="Reconnect to the server if the connection is lost"
DEFAULT_LDAP_RECONNECT="true"
KEY_LDAP_RECONNECT="ldap-reconnect"
DESCRIPTION_LDAP_TIMEOUT="Overall timeout, in milliseconds."
DEFAULT_LDAP_TIMEOUT="10000"
KEY_LDAP_TIMEOUT="ldap-timeout"
DESCRIPTION_LDAP_IDLE_TIMEOUT="Specifies the timeout for idle LDAP connections in milliseconds"
DEFAULT_LDAP_IDLE_TIMEOUT="10000"
KEY_LDAP_IDLE_TIMEOUT="ldap-idle-timeout"
DESCRIPTION_LDAP_CONNECT_TIMEOUT="Connection timeout, in milliseconds."
DEFAULT_LDAP_CONNECT_TIMEOUT="10000"
KEY_LDAP_CONNECT_TIMEOUT="ldap-connect-timeout"
DESCRIPTION_LDAP_AUTHENTIFICATION="If the LDAP needs a user account to search"
DEFAULT_LDAP_AUTHENTIFICATION="false"
KEY_LDAP_AUTHENTIFICATION="ldap-authentication"
DESCRIPTION_LDAP_AUTHENTIFICATION_USERDN="The search user DN"
DEFAULT_LDAP_AUTHENTIFICATION_USERDN=""
KEY_LDAP_AUTHENTIFICATION_USERDN="ldap-authentication-userdn"
DESCRIPTION_LDAP_AUTHENTIFICATION_PASSWORD="The password for the search user"
DEFAULT_LDAP_AUTHENTIFICATION_PASSWORD=""
KEY_LDAP_AUTHENTIFICATION_PASSWORD="ldap-authentication-password"
DESCRIPTION_LDAP_LOG_ENABLED="Enable logs for the module"
DEFAULT_LDAP_LOG_ENABLED="false"
KEY_LDAP_LOG_ENABLED="ldap-log-enabled"
DESCRIPTION_LDAP_BACKGROUND_SYNC="If the sync of the users should be done in the background"
DEFAULT_LDAP_BACKGROUND_SYNC="false"
KEY_LDAP_BACKGROUND_SYNC="ldap-background-sync"
DESCRIPTION_LDAP_BACKGROUND_SYNC_INTERVAL="At which interval does the background task sync in milliseconds"
DEFAULT_LDAP_BACKGROUND_SYNC_INTERVAL="100"
KEY_LDAP_BACKGROUND_SYNC_INTERVAL="ldap-background-sync-interval"
DESCRIPTION_LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=""
DEFAULT_LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED="false"
KEY_LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED="ldap-background-sync-keep-existant-users-updated"
DESCRIPTION_LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=""
DEFAULT_LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS="false"
KEY_LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS="ldap-background-sync-import-new-users"
DESCRIPTION_LDAP_ENCRYPTION="If using LDAPS, use LDAP_ENCRYPTION=ssl"
DEFAULT_LDAP_ENCRYPTION="false"
KEY_LDAP_ENCRYPTION="ldap-encryption"
DESCRIPTION_LDAP_CA_CERT="The certification for the LDAPS server"
DEFAULT_LDAP_CA_CERT=""
KEY_LDAP_CA_CERT="ldap-ca-cert"
DESCRIPTION_LDAP_REJECT_UNAUTHORIZED="Reject Unauthorized Certificate"
DEFAULT_LDAP_REJECT_UNAUTHORIZED="false"
KEY_LDAP_REJECT_UNAUTHORIZED="ldap-reject-unauthorized"
DESCRIPTION_LDAP_USER_SEARCH_FILTER="Optional extra LDAP filters. Don't forget the outmost enclosing parentheses if needed"
DEFAULT_LDAP_USER_SEARCH_FILTER=""
KEY_LDAP_USER_SEARCH_FILTER="ldap-user-search-filter"
DESCRIPTION_LDAP_USER_SEARCH_SCOPE="base (search only in the provided DN), one (search only in the provided DN and one level deep), or sub (search the whole subtree). Example: one"
DEFAULT_LDAP_USER_SEARCH_SCOPE=""
KEY_LDAP_USER_SEARCH_SCOPE="ldap-user-search-scope"
DESCRIPTION_LDAP_USER_SEARCH_FIELD="Which field is used to find the user"
DEFAULT_LDAP_USER_SEARCH_FIELD=""
KEY_LDAP_USER_SEARCH_FIELD="ldap-user-search-field"
DESCRIPTION_LDAP_SEARCH_PAGE_SIZE="Used for pagination (0=unlimited)"
DEFAULT_LDAP_SEARCH_PAGE_SIZE="0"
KEY_LDAP_SEARCH_PAGE_SIZE="ldap-search-page-size"
DESCRIPTION_LDAP_SEARCH_SIZE_LIMIT="The limit number of entries (0=unlimited)"
DEFAULT_LDAP_SEARCH_SIZE_LIMIT="0"
KEY_LDAP_SEARCH_SIZE_LIMIT="ldap-search-size-limit"
DESCRIPTION_LDAP_GROUP_FILTER_ENABLE="Enable group filtering"
DEFAULT_LDAP_GROUP_FILTER_ENABLE="false"
KEY_LDAP_GROUP_FILTER_ENABLE="ldap-group-filter-enable"
DESCRIPTION_LDAP_GROUP_FILTER_OBJECTCLASS="The object class for filtering"
DEFAULT_LDAP_GROUP_FILTER_OBJECTCLASS=""
KEY_LDAP_GROUP_FILTER_OBJECTCLASS="ldap-group-filter-objectclass"
DESCRIPTION_LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE="ldap-group-filter-id-attribute. Default: ''"
DEFAULT_LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE=""
KEY_LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE="ldap-group-filter-id-attribute"
DESCRIPTION_LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE="ldap-group-filter-member-attibute. Default: ''"
DEFAULT_LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE=""
KEY_LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE="ldap-group-filter-member-attribute"
DESCRIPTION_LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT="ldap-group-filter-group-member-format. Default: ''"
DEFAULT_LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT=""
KEY_LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT="ldap-group-filter-member-format"
DESCRIPTION_LDAP_GROUP_FILTER_GROUP_NAME="ldap-group-filter-group-name. Default: ''"
DEFAULT_LDAP_GROUP_FILTER_GROUP_NAME=""
KEY_LDAP_GROUP_FILTER_GROUP_NAME="ldap-group-filter-member-format"
DESCRIPTION_LDAP_UNIQUE_IDENTIFIER_FIELD="This field is sometimes class GUID (Globally Unique Identifier)"
DEFAULT_LDAP_UNIQUE_IDENTIFIER_FIELD=""
KEY_LDAP_UNIQUE_IDENTIFIER_FIELD="ldap-unique-identifier-field"
DESCRIPTION_LDAP_UTF8_NAMES_SLUGIFY="Convert the username to utf8"
DEFAULT_LDAP_UTF8_NAMES_SLUGIFY="true"
KEY_LDAP_UTF8_NAMES_SLUGIFY="ldap-utf8-names-slugify"
DESCRIPTION_LDAP_USERNAME_FIELD="Which field contains the ldap username"
DEFAULT_LDAP_USERNAME_FIELD=""
KEY_LDAP_USERNAME_FIELD="ldap-username-field"
DESCRIPTION_LDAP_MERGE_EXISTING_USERS="ldap-merge-existing-users . Default: false"
DEFAULT_LDAP_MERGE_EXISTING_USERS="false"
KEY_LDAP_MERGE_EXISTING_USERS="ldap-merge-existing-users"
DESCRIPTION_LDAP_SYNC_USER_DATA="ldap-sync-user-data . Default: false"
DEFAULT_LDAP_SYNC_USER_DATA="false"
KEY_LDAP_SYNC_USER_DATA="ldap-sync-user-data"
DESCRIPTION_LDAP_SYNC_USER_DATA_FIELDMAP="LDAP Sync User Data Fieldmap. Example: ldap-sync-user-data-fieldmap='{\"cn\":\"name\", \"mail\":\"email\"}'"
DEFAULT_LDAP_SYNC_USER_DATA_FIELDMAP=""
KEY_LDAP_SYNC_USER_DATA_FIELDMAP="ldap-sync-user-data-fieldmap"
DESCRIPTION_LDAP_SYNC_GROUP_ROLES="ldap-sync-group-roles . Default: '' (empty)."
DEFAULT_LDAP_SYNC_GROUP_ROLES=""
KEY_LDAP_SYNC_GROUP_ROLES="ldap-sync-group-roles"
DESCRIPTION_LDAP_DEFAULT_DOMAIN="The default domain of the ldap it is used to create email if the field is not map correctly with the LDAP_SYNC_USER_DATA_FIELDMAP"
DEFAULT_LDAP_DEFAULT_DOMAIN=""
KEY_LDAP_DEFAULT_DOMAIN="ldap-default-domain"
DESCRIPTION_LOGOUT_WITH_TIMER="Enables or not the option logout with timer"
DEFAULT_LOGOUT_WITH_TIMER="false"
KEY_LOGOUT_WITH_TIMER="logout-with-timer"
DESCRIPTION_LOGOUT_IN="The number of days"
DEFAULT_LOGOUT_IN=""
KEY_LOGOUT_IN="logout-in"
DESCRIPTION_LOGOUT_ON_HOURS="The number of hours"
DEFAULT_LOGOUT_ON_HOURS=""
KEY_LOGOUT_ON_HOURS="logout-on-hours"
DESCRIPTION_LOGOUT_ON_MINUTES="The number of minutes"
DEFAULT_LOGOUT_ON_MINUTES=""
KEY_LOGOUT_ON_MINUTES="logout-on-minutes"
|