This repository has been archived on 2021-12-12. You can view files and clone it, but cannot push or open issues or pull requests.
kanboard/overlay/etc/templates/config.php.tmpl
Robert Kaussow 0879be2dfc
All checks were successful
continuous-integration/drone/tag Build is passing
[SKIP CI] fix format
2019-08-02 14:39:59 +02:00

246 lines
11 KiB
Cheetah

<?php
// Data folder (must be writeable by the web server user and absolute)
define('DATA_DIR', '/var/www/app/data');
// Enable/Disable debug
define('DEBUG', false);
// Available log drivers: syslog, stderr, stdout, system or file
define('LOG_DRIVER', 'stdout');
// Plugins directory
define('PLUGINS_DIR', '/var/www/app/plugins');
// Plugins directory URL
define('PLUGIN_API_URL', 'https://kanboard.org/plugins.json');
// Enable/Disable plugin installer (Disabled by default for security reasons)
// There is no code review or any approval process to submit a plugin.
// This is up to the Kanboard instance owner to validate if a plugin is legit.
define('PLUGIN_INSTALLER', {{ getenv "KANBOARD_PLUGIN_INSTALLER" "false" }});
// Available cache drivers are "file" and "memory"
define('CACHE_DRIVER', '{{ getenv "KANBOARD_CACHE_DRIVER" "memory" }}');
// Cache folder to use if cache driver is "file" (must be writeable by the web server user)
define('CACHE_DIR', '/var/www/app/data/cache');
// Folder for uploaded files (must be writeable by the web server user)
define('FILES_DIR', '/var/www/app/data/files');
// Enable/disable email configuration from the user interface
define('MAIL_CONFIGURATION', {{ getenv "KANBOARD_MAIL_CONFIGURATION" "true" }});
// E-mail address used for the "From" header (notifications)
define('MAIL_FROM', '{{ getenv "KANBOARD_MAIL_FROM" }}');
// Mail transport available: "smtp", "sendmail", "mail" (PHP mail function), "postmark", "mailgun", "sendgrid"
define('MAIL_TRANSPORT', '{{ getenv "KANBOARD_MAIL_TRANSPORT" "mail" }}');
// SMTP configuration to use when the "smtp" transport is chosen
define('MAIL_SMTP_HOSTNAME', '{{ getenv "KANBOARD_MAIL_SMTP_HOSTNAME" }}');
define('MAIL_SMTP_PORT', {{ getenv "KANBOARD_MAIL_SMTP_PORT" "25" }});
define('MAIL_SMTP_USERNAME', '{{ getenv "KANBOARD_MAIL_SMTP_USERNAME" }}');
define('MAIL_SMTP_PASSWORD', '{{ getenv "KANBOARD_MAIL_SMTP_PASSWORD" }}');
// Valid values are null (not a string "null"), "ssl" or "tls"
define('MAIL_SMTP_ENCRYPTION', {{ getenv "KANBOARD_MAIL_SMTP_ENCRYPTION" "null" }});
// Sendmail command to use when the transport is "sendmail"
define('MAIL_SENDMAIL_COMMAND', '{{ getenv "KANBOARD_MAIL_SENDMAIL_COMMAND" "/usr/sbin/sendmail -bs" }}');
// Run automatically database migrations
// If set to false, you will have to run manually the SQL migrations from the CLI during the next Kanboard upgrade
// Do not run the migrations from multiple processes at the same time (example: web page + background worker)
define('DB_RUN_MIGRATIONS', {{ getenv "KANBOARD_DB_RUN_MIGRATIONS" "true" }});
// Database driver: sqlite, mysql or postgres (sqlite by default)
define('DB_DRIVER', '{{ getenv "KANBOARD_DB_DRIVER" "sqlite" }}');
// Mysql/Postgres username
define('DB_USERNAME', '{{ getenv "KANBOARD_DB_USERNAME" "root" }}');
// Mysql/Postgres password
define('DB_PASSWORD', '{{ getenv "KANBOARD_DB_PASSWORD" "root" }}');
// Mysql/Postgres hostname
define('DB_HOSTNAME', '{{ getenv "KANBOARD_DB_HOSTNAME" "localhost" }}');
// Mysql/Postgres database name
define('DB_NAME', '{{ getenv "KANBOARD_DB_NAME" "kanboard" }}');
// Mysql/Postgres custom port (null = default port)
define('DB_PORT', {{ getenv "KANBOARD_DB_PORT" "null" }});
// Mysql SSL key
define('DB_SSL_KEY', {{ getenv "KANBOARD_DB_SSL_KEY" "null" }});
// Mysql SSL certificate
define('DB_SSL_CERT', {{ getenv "KANBOARD_DB_SSL_CERT" "null" }});
// Mysql SSL CA
define('DB_SSL_CA', {{ getenv "KANBOARD_DB_SSL_CA" "null" }});
// Mysql SSL server verification, set to false if you dont want the Mysql driver to validate the certificate CN
define('DB_VERIFY_SERVER_CERT', {{ getenv "KANBOARD_DB_VERIFY_SERVER_CERT" "null" }});
// Timeout value for PDO attribute
define('DB_TIMEOUT', {{ getenv "KANBOARD_DB_TIMEOUT" "null" }});
// Enable LDAP authentication (false by default)
define('LDAP_AUTH', {{ getenv "KANBOARD_LDAP_AUTH" "false" }});
// LDAP server hostname
define('LDAP_SERVER', '{{ getenv "KANBOARD_LDAP_SERVER" }}');
// LDAP server port (389 by default)
define('LDAP_PORT', {{ getenv "KANBOARD_LDAP_PORT" "389" }});
// By default, require certificate to be verified for ldaps:// style URL. Set to false to skip the verification
define('LDAP_SSL_VERIFY', {{ getenv "KANBOARD_LDAP_SSL_VERIFY" "true" }});
// Enable LDAP START_TLS
define('LDAP_START_TLS', {{ getenv "KANBOARD_LDAP_START_TLS" "false" }});
// By default Kanboard lowercase the ldap username to avoid duplicate users (the database is case sensitive)
// Set to true if you want to preserve the case
define('LDAP_USERNAME_CASE_SENSITIVE', {{ getenv "KANBOARD_LDAP_USERNAME_CASE_SENSITIVE" "false" }});
// LDAP bind type: "anonymous", "user" or "proxy"
define('LDAP_BIND_TYPE', '{{ getenv "KANBOARD_LDAP_BIND_TYPE" "anonymous" }}');
// LDAP username to use with proxy mode
// LDAP username pattern to use with user mode
define('LDAP_USERNAME', '{{ getenv "KANBOARD_LDAP_USERNAME" }}');
// LDAP password to use for proxy mode
define('LDAP_PASSWORD', '{{ getenv "KANBOARD_LDAP_PASSWORD" }}');
// LDAP DN for users
// Example for ActiveDirectory: CN=Users,DC=kanboard,DC=local
// Example for OpenLDAP: ou=People,dc=example,dc=com
define('LDAP_USER_BASE_DN', '{{ getenv "KANBOARD_LDAP_USER_BASE_DN"}}');
// LDAP pattern to use when searching for a user account
// Example for ActiveDirectory: '(&(objectClass=user)(sAMAccountName=%s))'
// Example for OpenLDAP: 'uid=%s'
define('LDAP_USER_FILTER', '{{ getenv "KANBOARD_LDAP_USER_FILTER"}}');
// LDAP attribute for username
// Example for ActiveDirectory: 'samaccountname'
// Example for OpenLDAP: 'uid'
define('LDAP_USER_ATTRIBUTE_USERNAME', '{{ getenv "KANBOARD_LDAP_USER_ATTRIBUTE_USERNAME" "uid" }}');
// LDAP attribute for user full name
// Example for ActiveDirectory: 'displayname'
// Example for OpenLDAP: 'cn'
define('LDAP_USER_ATTRIBUTE_FULLNAME', '{{ getenv "KANBOARD_LDAP_USER_ATTRIBUTE_FULLNAME" "cn" }}');
// LDAP attribute for user email
define('LDAP_USER_ATTRIBUTE_EMAIL', '{{ getenv "KANBOARD_LDAP_USER_ATTRIBUTE_EMAIL" "mail" }}');
// LDAP attribute to find groups in user profile
define('LDAP_USER_ATTRIBUTE_GROUPS', '{{ getenv "KANBOARD_LDAP_USER_ATTRIBUTE_GROUPS" "memberof" }}');
// LDAP attribute for user avatar image: thumbnailPhoto or jpegPhoto
define('LDAP_USER_ATTRIBUTE_PHOTO', '{{ getenv "KANBOARD_LDAP_USER_ATTRIBUTE_PHOTO" }}');
// LDAP attribute for user language, example: 'preferredlanguage'
// Put an empty string to disable language sync
define('LDAP_USER_ATTRIBUTE_LANGUAGE', '{{ getenv "KANBOARD_LDAP_USER_ATTRIBUTE_LANGUAGE" }}');
// Allow automatic LDAP user creation
define('LDAP_USER_CREATION', {{ getenv "KANBOARD_LDAP_USER_CREATION" "true" }});
// LDAP DN for administrators
// Example: CN=Kanboard-Admins,CN=Users,DC=kanboard,DC=local
define('LDAP_GROUP_ADMIN_DN', '{{ getenv "KANBOARD_LDAP_GROUP_ADMIN_DN" }}');
// LDAP DN for managers
// Example: CN=Kanboard Managers,CN=Users,DC=kanboard,DC=local
define('LDAP_GROUP_MANAGER_DN', '{{ getenv "KANBOARD_LDAP_GROUP_MANAGER_DN" }}');
// Enable LDAP group provider for project permissions
// The end-user will be able to browse LDAP groups from the user interface and allow access to specified projects
define('LDAP_GROUP_PROVIDER', {{ getenv "KANBOARD_LDAP_GROUP_PROVIDER" "false" }});
// LDAP Base DN for groups
define('LDAP_GROUP_BASE_DN', '{{ getenv "KANBOARD_LDAP_GROUP_BASE_DN" }}');
// LDAP group filter
// Example for ActiveDirectory: (&(objectClass=group)(sAMAccountName=%s*))
define('LDAP_GROUP_FILTER', '{{ getenv "KANBOARD_LDAP_GROUP_FILTER" }}');
// LDAP user group filter
// If this filter is configured, Kanboard will search user groups in LDAP_GROUP_BASE_DN with this filter
// Example for OpenLDAP: (&(objectClass=posixGroup)(memberUid=%s))
define('LDAP_GROUP_USER_FILTER', '{{ getenv "KANBOARD_LDAP_GROUP_USER_FILTER" }}');
// LDAP attribute for the group name
define('LDAP_GROUP_ATTRIBUTE_NAME', '{{ getenv "KANBOARD_LDAP_GROUP_ATTRIBUTE_NAME" "cn" }}');
// Enable/disable the reverse proxy authentication
define('REVERSE_PROXY_AUTH', {{ getenv "KANBOARD_REVERSE_PROXY_AUTH" "false" }});
// Header name to use for the username
define('REVERSE_PROXY_USER_HEADER', '{{ getenv "KANBOARD_REVERSE_PROXY_USER_HEADER" "REMOTE_USER" }}');
// Username of the admin, by default blank
define('REVERSE_PROXY_DEFAULT_ADMIN', '{{ getenv "KANBOARD_REVERSE_PROXY_DEFAULT_ADMIN" }}');
// Default domain to use for setting the email address
define('REVERSE_PROXY_DEFAULT_DOMAIN', '{{ getenv "KANBOARD_REVERSE_PROXY_DEFAULT_DOMAIN" }}');
// Enable/disable remember me authentication
define('REMEMBER_ME_AUTH', {{ getenv "KANBOARD_REMEMBER_ME_AUTH" "true" }});
// Enable or disable "Strict-Transport-Security" HTTP header
define('ENABLE_HSTS', false);
// Enable or disable "X-Frame-Options: DENY" HTTP header
define('ENABLE_XFRAME', false);
// Escape html inside markdown text
define('MARKDOWN_ESCAPE_HTML', {{ getenv "KANBOARD_MARKDOWN_ESCAPE_HTML" "true" }});
// API alternative authentication header, the default is HTTP Basic Authentication defined in RFC2617
define('API_AUTHENTICATION_HEADER', '{{ getenv "KANBOARD_API_AUTHENTICATION_HEADER" }}');
// Enable/disable url rewrite
define('ENABLE_URL_REWRITE', {{ getenv "KANBOARD_ENABLE_URL_REWRITE" "false" }});
// Hide login form, useful if all your users use Google/Github/ReverseProxy authentication
define('HIDE_LOGIN_FORM', {{ getenv "KANBOARD_HIDE_LOGIN_FORM" "false" }});
// Disabling logout (useful for external SSO authentication)
define('DISABLE_LOGOUT', {{ getenv "KANBOARD_DISABLE_LOGOUT" "false" }});
// Enable captcha after 3 authentication failure
define('BRUTEFORCE_CAPTCHA', {{ getenv "KANBOARD_BRUTEFORCE_CAPTCHA" "3" }});
// Lock the account after 6 authentication failure
define('BRUTEFORCE_LOCKDOWN', {{ getenv "KANBOARD_BRUTEFORCE_LOCKDOWN" "6" }});
// Lock account duration in minute
define('BRUTEFORCE_LOCKDOWN_DURATION', {{ getenv "KANBOARD_BRUTEFORCE_LOCKDOWN_DURATION" "15" }});
// Session duration in second (0 = until the browser is closed)
// See http://php.net/manual/en/session.configuration.php#ini.session.cookie-lifetime
define('SESSION_DURATION', {{ getenv "KANBOARD_SESSION_DURATION" "0" }});
// HTTP client proxy
define('HTTP_PROXY_HOSTNAME', '{{ getenv "KANBOARD_HTTP_PROXY_HOSTNAME" }}');
define('HTTP_PROXY_PORT', '{{ getenv "KANBOARD_HTTP_PROXY_PORT" "3128" }}');
define('HTTP_PROXY_USERNAME', '{{ getenv "KANBOARD_HTTP_PROXY_USERNAME" }}');
define('HTTP_PROXY_PASSWORD', '{{ getenv "KANBOARD_HTTP_PROXY_PASSWORD" }}');
define('HTTP_PROXY_EXCLUDE', '{{ getenv "KANBOARD_HTTP_PROXY_EXCLUDE" "localhost" }}');
// Set to false to allow self-signed certificates
define('HTTP_VERIFY_SSL_CERTIFICATE', {{ getenv "KANBOARD_HTTP_VERIFY_SSL_CERTIFICATE" "true" }});
// TOTP (2FA) issuer name
define('TOTP_ISSUER', '{{ getenv "KANBOARD_TOTP_ISSUER" "Kanboard" }}');
// Comma separated list of fields to not synchronize when using external authentication providers
define('EXTERNAL_AUTH_EXCLUDE_FIELDS', '{{ getenv "KANBOARD_EXTERNAL_AUTH_EXCLUDE_FIELDS" "username" }}');