nomad

HCL and Docker files for Nomad deployments
git clone https://git.in0rdr.ch/nomad.git
Log | Files | Refs | Pull requests

config.dist.php (9875B)

      1 <?php
      2 
      3 /*******************************************************************/
      4 /* Rename this file to config.php if you want to change the values */
      5 /*                                                                 */
      6 /* Make sure all paths are absolute by using __DIR__ where needed  */
      7 /*******************************************************************/
      8 
      9 // Data folder (must be writeable by the web server user and absolute)
     10 define('DATA_DIR', __DIR__.DIRECTORY_SEPARATOR.'data');
     11 
     12 // Enable/Disable debug
     13 define('DEBUG', false);
     14 
     15 // Available log drivers: syslog, stderr, stdout, system or file
     16 define('LOG_DRIVER', 'system');
     17 
     18 // Log filename if the log driver is "file"
     19 define('LOG_FILE', DATA_DIR.DIRECTORY_SEPARATOR.'debug.log');
     20 
     21 // Plugins directory
     22 define('PLUGINS_DIR', __DIR__.DIRECTORY_SEPARATOR.'plugins');
     23 
     24 // Plugins directory URL
     25 define('PLUGIN_API_URL', 'https://kanboard.org/plugins.json');
     26 
     27 // Enable/Disable plugin installer (Disabled by default for security reasons)
     28 // There is no code review or any approval process to submit a plugin.
     29 // This is up to the Kanboard instance owner to validate if a plugin is legit.
     30 define('PLUGIN_INSTALLER', false);
     31 
     32 // Available cache drivers are "file" and "memory"
     33 define('CACHE_DRIVER', 'memory');
     34 
     35 // Cache folder to use if cache driver is "file" (must be writeable by the web server user)
     36 define('CACHE_DIR', DATA_DIR.DIRECTORY_SEPARATOR.'cache');
     37 
     38 // Folder for uploaded files (must be writeable by the web server user)
     39 define('FILES_DIR', DATA_DIR.DIRECTORY_SEPARATOR.'files');
     40 
     41 // Enable/disable email configuration from the user interface
     42 define('MAIL_CONFIGURATION', true);
     43 
     44 // E-mail address used for the "From" header (notifications)
     45 define('MAIL_FROM', 'replace-me@kanboard.local');
     46 
     47 // E-mail address used for the "Bcc" header to send a copy of all notifications
     48 define('MAIL_BCC', '');
     49 
     50 // Mail transport available: "smtp", "sendmail", "mail" (PHP mail function)
     51 define('MAIL_TRANSPORT', 'mail');
     52 
     53 // SMTP configuration to use when the "smtp" transport is chosen
     54 define('MAIL_SMTP_HOSTNAME', '');
     55 define('MAIL_SMTP_PORT', 25);
     56 define('MAIL_SMTP_USERNAME', '');
     57 define('MAIL_SMTP_PASSWORD', '');
     58 define('MAIL_SMTP_HELO_NAME', null); // valid: null (default), or FQDN
     59 define('MAIL_SMTP_ENCRYPTION', null); // Valid values are null (not a string "null"), "ssl" or "tls"
     60 
     61 // Sendmail command to use when the transport is "sendmail"
     62 define('MAIL_SENDMAIL_COMMAND', '/usr/sbin/sendmail -bs');
     63 
     64 // Run automatically database migrations
     65 // If set to false, you will have to run manually the SQL migrations from the CLI during the next Kanboard upgrade
     66 // Do not run the migrations from multiple processes at the same time (example: web page + background worker)
     67 define('DB_RUN_MIGRATIONS', true);
     68 
     69 // Database driver: sqlite, mysql, postgres, odbc, dblib, or mssql (sqlite by default)
     70 define('DB_DRIVER', 'sqlite');
     71 
     72 // Database username
     73 define('DB_USERNAME', 'root');
     74 
     75 // Database password
     76 define('DB_PASSWORD', '');
     77 
     78 // Database hostname
     79 define('DB_HOSTNAME', 'localhost');
     80 
     81 // Database database name
     82 define('DB_NAME', 'kanboard');
     83 
     84 // Database custom port (null = default port)
     85 define('DB_PORT', null);
     86 
     87 // Mysql SSL key
     88 define('DB_SSL_KEY', null);
     89 
     90 // Mysql SSL certificate
     91 define('DB_SSL_CERT', null);
     92 
     93 // Mysql SSL CA
     94 define('DB_SSL_CA', null);
     95 
     96 // Mysql SSL server verification, set to false if you don't want the Mysql driver to validate the certificate CN
     97 define('DB_VERIFY_SERVER_CERT', null);
     98 
     99 // Timeout value for PDO attribute
    100 define('DB_TIMEOUT', null);
    101 
    102 // ODBC DSN (default: kanboard)
    103 define('DB_ODBC_DSN', 'kanboard');
    104 
    105 // Enable LDAP authentication (false by default)
    106 define('LDAP_AUTH', false);
    107 
    108 // LDAP server protocol, hostname and port URL (ldap[s]://hostname:port)
    109 define('LDAP_SERVER', '');
    110 
    111 // By default, require certificate to be verified for ldaps:// style URL. Set to false to skip the verification
    112 define('LDAP_SSL_VERIFY', true);
    113 
    114 // Enable LDAP START_TLS
    115 define('LDAP_START_TLS', false);
    116 
    117 // By default Kanboard lowercase the ldap username to avoid duplicate users (the database is case sensitive)
    118 // Set to true if you want to preserve the case
    119 define('LDAP_USERNAME_CASE_SENSITIVE', false);
    120 
    121 // LDAP bind type: "anonymous", "user" or "proxy"
    122 define('LDAP_BIND_TYPE', 'anonymous');
    123 
    124 // LDAP username to use with proxy mode
    125 // LDAP username pattern to use with user mode
    126 define('LDAP_USERNAME', null);
    127 
    128 // LDAP password to use for proxy mode
    129 define('LDAP_PASSWORD', null);
    130 
    131 // LDAP DN for users
    132 // Example for ActiveDirectory: CN=Users,DC=kanboard,DC=local
    133 // Example for OpenLDAP: ou=People,dc=example,dc=com
    134 define('LDAP_USER_BASE_DN', '');
    135 
    136 // LDAP pattern to use when searching for a user account
    137 // Example for ActiveDirectory: '(&(objectClass=user)(sAMAccountName=%s))'
    138 // Example for OpenLDAP: 'uid=%s'
    139 define('LDAP_USER_FILTER', '');
    140 
    141 // LDAP attribute for username
    142 // Example for ActiveDirectory: 'sAMAccountName'
    143 // Example for OpenLDAP: 'uid'
    144 define('LDAP_USER_ATTRIBUTE_USERNAME', 'uid');
    145 
    146 // LDAP attribute for user full name
    147 // Example for ActiveDirectory: 'displayname'
    148 // Example for OpenLDAP: 'cn'
    149 define('LDAP_USER_ATTRIBUTE_FULLNAME', 'cn');
    150 
    151 // LDAP attribute for user email
    152 define('LDAP_USER_ATTRIBUTE_EMAIL', 'mail');
    153 
    154 // LDAP attribute to find groups in user profile
    155 define('LDAP_USER_ATTRIBUTE_GROUPS', 'memberof');
    156 
    157 // LDAP attribute for user avatar image: thumbnailPhoto or jpegPhoto
    158 define('LDAP_USER_ATTRIBUTE_PHOTO', '');
    159 
    160 // LDAP attribute for user language, example: 'preferredlanguage'
    161 // Put an empty string to disable language sync
    162 define('LDAP_USER_ATTRIBUTE_LANGUAGE', '');
    163 
    164 // Automatically create a user profile when a user authenticates via LDAP.
    165 // If set to false, only LDAP users can log in for whom a Kanboard profile already exists.
    166 define('LDAP_USER_CREATION', true);
    167 
    168 // Set new user as Manager
    169 define('LDAP_USER_DEFAULT_ROLE_MANAGER', false);
    170 
    171 // LDAP DN for administrators
    172 // Example: CN=Kanboard-Admins,CN=Users,DC=kanboard,DC=local
    173 define('LDAP_GROUP_ADMIN_DN', '');
    174 
    175 // LDAP DN for managers
    176 // Example: CN=Kanboard Managers,CN=Users,DC=kanboard,DC=local
    177 define('LDAP_GROUP_MANAGER_DN', '');
    178 
    179 // Enable LDAP group provider for project permissions
    180 // The end-user will be able to browse LDAP groups from the user interface and allow access to specified projects
    181 define('LDAP_GROUP_PROVIDER', false);
    182 
    183 // LDAP Base DN for groups
    184 define('LDAP_GROUP_BASE_DN', '');
    185 
    186 // LDAP group filter
    187 // Example for ActiveDirectory: (&(objectClass=group)(sAMAccountName=%s*))
    188 define('LDAP_GROUP_FILTER', '');
    189 
    190 // LDAP user group filter
    191 // If this filter is configured, Kanboard will search user groups in LDAP_GROUP_BASE_DN with this filter
    192 // Example for OpenLDAP: (&(objectClass=posixGroup)(memberUid=%s))
    193 define('LDAP_GROUP_USER_FILTER', '');
    194 
    195 // LDAP attribute for the user in the group filter
    196 // 'username' or 'dn'
    197 define('LDAP_GROUP_USER_ATTRIBUTE', 'username');
    198 
    199 // LDAP attribute for the group name
    200 define('LDAP_GROUP_ATTRIBUTE_NAME', 'cn');
    201 
    202 // Enable/Disable groups synchronization when external authentication is used.
    203 define('LDAP_GROUP_SYNC', true);
    204 
    205 // Enable/disable the reverse proxy authentication
    206 define('REVERSE_PROXY_AUTH', false);
    207 
    208 // Header name to use for the username
    209 define('REVERSE_PROXY_USER_HEADER', 'REMOTE_USER');
    210 
    211 // Username of the admin, by default blank
    212 define('REVERSE_PROXY_DEFAULT_ADMIN', '');
    213 
    214 // Header name to use for the user email
    215 define('REVERSE_PROXY_EMAIL_HEADER', 'REMOTE_EMAIL');
    216 
    217 // Header name to use for the user full name
    218 define('REVERSE_PROXY_FULLNAME_HEADER', 'REMOTE_NAME');
    219 
    220 // Default domain to use for setting the email address
    221 define('REVERSE_PROXY_DEFAULT_DOMAIN', '');
    222 
    223 // Enable/disable remember me authentication
    224 define('REMEMBER_ME_AUTH', true);
    225 
    226 // Enable or disable "Strict-Transport-Security" HTTP header
    227 define('ENABLE_HSTS', true);
    228 
    229 // Enable or disable "X-Frame-Options: DENY" HTTP header
    230 define('ENABLE_XFRAME', true);
    231 
    232 // Escape html inside markdown text
    233 define('MARKDOWN_ESCAPE_HTML', true);
    234 
    235 // API alternative authentication header, the default is HTTP Basic Authentication defined in RFC2617
    236 define('API_AUTHENTICATION_HEADER', '');
    237 
    238 // Enable/disable url rewrite
    239 define('ENABLE_URL_REWRITE', false);
    240 
    241 // Hide login form, useful if all your users use Google/Github/ReverseProxy authentication
    242 define('HIDE_LOGIN_FORM', false);
    243 
    244 // Disabling logout (useful for external SSO authentication)
    245 define('DISABLE_LOGOUT', false);
    246 
    247 // Enable captcha after 3 authentication failure
    248 define('BRUTEFORCE_CAPTCHA', 3);
    249 
    250 // Lock the account after 6 authentication failure
    251 define('BRUTEFORCE_LOCKDOWN', 6);
    252 
    253 // Lock account duration in minute
    254 define('BRUTEFORCE_LOCKDOWN_DURATION', 15);
    255 
    256 // Session duration in second (0 = until the browser is closed)
    257 // See http://php.net/manual/en/session.configuration.php#ini.session.cookie-lifetime
    258 define('SESSION_DURATION', 0);
    259 
    260 // Session handler: db or php
    261 define('SESSION_HANDLER', 'db');
    262 
    263 // HTTP client proxy
    264 define('HTTP_PROXY_HOSTNAME', '');
    265 define('HTTP_PROXY_PORT', '3128');
    266 define('HTTP_PROXY_USERNAME', '');
    267 define('HTTP_PROXY_PASSWORD', '');
    268 define('HTTP_PROXY_EXCLUDE', 'localhost');
    269 
    270 // Set to false to allow self-signed certificates
    271 define('HTTP_VERIFY_SSL_CERTIFICATE', true);
    272 
    273 // TOTP (2FA) issuer name
    274 define('TOTP_ISSUER', 'Kanboard');
    275 
    276 // Comma separated list of fields to not synchronize when using external authentication providers
    277 define('EXTERNAL_AUTH_EXCLUDE_FIELDS', 'username');
    278 
    279 // Enable or disable displaying group-memberships in userlist (true by default)
    280 define('SHOW_GROUP_MEMBERSHIPS_IN_USERLIST', true);
    281 
    282 // Limit number of groups to display in userlist (The full list of group-memberships is always shown, ...
    283 // ... when hovering the mouse over the group-icon of a given user!)
    284 // If set to 0 ALL group-memberships will be listed (7 by default)
    285 define('SHOW_GROUP_MEMBERSHIPS_IN_USERLIST_WITH_LIMIT', 7);
    286