From 243ffe81c7e5a0f6056bcf990e9392f1a2bd12b0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rn=20Friedrich=20Dreyer?= Date: Thu, 16 Jan 2025 13:26:12 +0100 Subject: [PATCH 1/2] nats cluster name MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jörn Friedrich Dreyer --- services/activitylog/pkg/config/defaults/defaultconfig.go | 2 +- services/antivirus/pkg/config/defaults/defaultconfig.go | 2 +- services/audit/pkg/config/defaults/defaultconfig.go | 2 +- services/clientlog/pkg/config/defaults/defaultconfig.go | 2 +- services/eventhistory/pkg/config/defaults/defaultconfig.go | 2 +- services/frontend/pkg/config/defaults/defaultconfig.go | 2 +- services/graph/pkg/config/defaults/defaultconfig.go | 2 +- services/nats/pkg/config/defaults/defaultconfig.go | 2 +- services/notifications/pkg/config/defaults/defaultconfig.go | 2 +- services/ocm/pkg/config/defaults/defaultconfig.go | 2 +- services/policies/pkg/config/defaults/defaultconfig.go | 2 +- services/postprocessing/pkg/config/defaults/defaultconfig.go | 2 +- services/proxy/pkg/config/defaults/defaultconfig.go | 2 +- services/search/pkg/config/defaults/defaultconfig.go | 2 +- services/sharing/pkg/config/defaults/defaultconfig.go | 2 +- services/sse/pkg/config/defaults/defaultconfig.go | 2 +- services/storage-users/pkg/config/defaults/defaultconfig.go | 2 +- services/userlog/pkg/config/defaults/defaultconfig.go | 2 +- 18 files changed, 18 insertions(+), 18 deletions(-) diff --git a/services/activitylog/pkg/config/defaults/defaultconfig.go b/services/activitylog/pkg/config/defaults/defaultconfig.go index 838689bf3..9500c04c1 100644 --- a/services/activitylog/pkg/config/defaults/defaultconfig.go +++ b/services/activitylog/pkg/config/defaults/defaultconfig.go @@ -28,7 +28,7 @@ func DefaultConfig() *config.Config { }, Events: config.Events{ Endpoint: "127.0.0.1:9233", - Cluster: "ocis-cluster", + Cluster: "opencloud-cluster", EnableTLS: false, }, Store: config.Store{ diff --git a/services/antivirus/pkg/config/defaults/defaultconfig.go b/services/antivirus/pkg/config/defaults/defaultconfig.go index c262d6d2c..f8987a8e1 100644 --- a/services/antivirus/pkg/config/defaults/defaultconfig.go +++ b/services/antivirus/pkg/config/defaults/defaultconfig.go @@ -26,7 +26,7 @@ func DefaultConfig() *config.Config { }, Events: config.Events{ Endpoint: "127.0.0.1:9233", - Cluster: "ocis-cluster", + Cluster: "opencloud-cluster", }, Workers: 10, InfectedFileHandling: "delete", diff --git a/services/audit/pkg/config/defaults/defaultconfig.go b/services/audit/pkg/config/defaults/defaultconfig.go index 5d4282e67..f4bed88ac 100644 --- a/services/audit/pkg/config/defaults/defaultconfig.go +++ b/services/audit/pkg/config/defaults/defaultconfig.go @@ -25,7 +25,7 @@ func DefaultConfig() *config.Config { }, Events: config.Events{ Endpoint: "127.0.0.1:9233", - Cluster: "ocis-cluster", + Cluster: "opencloud-cluster", EnableTLS: false, }, Auditlog: config.Auditlog{ diff --git a/services/clientlog/pkg/config/defaults/defaultconfig.go b/services/clientlog/pkg/config/defaults/defaultconfig.go index d38b80cb2..4f7ba91be 100644 --- a/services/clientlog/pkg/config/defaults/defaultconfig.go +++ b/services/clientlog/pkg/config/defaults/defaultconfig.go @@ -28,7 +28,7 @@ func DefaultConfig() *config.Config { }, Events: config.Events{ Endpoint: "127.0.0.1:9233", - Cluster: "ocis-cluster", + Cluster: "opencloud-cluster", EnableTLS: false, }, RevaGateway: shared.DefaultRevaConfig().Address, diff --git a/services/eventhistory/pkg/config/defaults/defaultconfig.go b/services/eventhistory/pkg/config/defaults/defaultconfig.go index 95f3ef181..82369db88 100644 --- a/services/eventhistory/pkg/config/defaults/defaultconfig.go +++ b/services/eventhistory/pkg/config/defaults/defaultconfig.go @@ -29,7 +29,7 @@ func DefaultConfig() *config.Config { }, Events: config.Events{ Endpoint: "127.0.0.1:9233", - Cluster: "ocis-cluster", + Cluster: "opencloud-cluster", EnableTLS: false, }, Store: config.Store{ diff --git a/services/frontend/pkg/config/defaults/defaultconfig.go b/services/frontend/pkg/config/defaults/defaultconfig.go index 3e91b4456..c48944ced 100644 --- a/services/frontend/pkg/config/defaults/defaultconfig.go +++ b/services/frontend/pkg/config/defaults/defaultconfig.go @@ -127,7 +127,7 @@ func DefaultConfig() *config.Config { AutoAcceptShares: true, Events: config.Events{ Endpoint: "127.0.0.1:9233", - Cluster: "ocis-cluster", + Cluster: "opencloud-cluster", EnableTLS: false, }, MaxConcurrency: 1, diff --git a/services/graph/pkg/config/defaults/defaultconfig.go b/services/graph/pkg/config/defaults/defaultconfig.go index dacde9d33..874ff6c2b 100644 --- a/services/graph/pkg/config/defaults/defaultconfig.go +++ b/services/graph/pkg/config/defaults/defaultconfig.go @@ -118,7 +118,7 @@ func DefaultConfig() *config.Config { }, Events: config.Events{ Endpoint: "127.0.0.1:9233", - Cluster: "ocis-cluster", + Cluster: "opencloud-cluster", EnableTLS: false, }, MaxConcurrency: 20, diff --git a/services/nats/pkg/config/defaults/defaultconfig.go b/services/nats/pkg/config/defaults/defaultconfig.go index e94f9dc9d..af1e0d0c3 100644 --- a/services/nats/pkg/config/defaults/defaultconfig.go +++ b/services/nats/pkg/config/defaults/defaultconfig.go @@ -33,7 +33,7 @@ func DefaultConfig() *config.Config { Nats: config.Nats{ Host: "127.0.0.1", Port: 9233, - ClusterID: "ocis-cluster", + ClusterID: "opencloud-cluster", StoreDir: filepath.Join(defaults.BaseDataPath(), "nats"), TLSCert: filepath.Join(defaults.BaseDataPath(), "nats/tls.crt"), TLSKey: filepath.Join(defaults.BaseDataPath(), "nats/tls.key"), diff --git a/services/notifications/pkg/config/defaults/defaultconfig.go b/services/notifications/pkg/config/defaults/defaultconfig.go index 463d210bb..b4ab58225 100644 --- a/services/notifications/pkg/config/defaults/defaultconfig.go +++ b/services/notifications/pkg/config/defaults/defaultconfig.go @@ -37,7 +37,7 @@ func DefaultConfig() *config.Config { }, Events: config.Events{ Endpoint: "127.0.0.1:9233", - Cluster: "ocis-cluster", + Cluster: "opencloud-cluster", EnableTLS: false, }, RevaGateway: shared.DefaultRevaConfig().Address, diff --git a/services/ocm/pkg/config/defaults/defaultconfig.go b/services/ocm/pkg/config/defaults/defaultconfig.go index 2b3a400ea..ce2f4e5e7 100644 --- a/services/ocm/pkg/config/defaults/defaultconfig.go +++ b/services/ocm/pkg/config/defaults/defaultconfig.go @@ -87,7 +87,7 @@ func DefaultConfig() *config.Config { }, Events: config.Events{ Endpoint: "127.0.0.1:9233", - Cluster: "ocis-cluster", + Cluster: "opencloud-cluster", }, ScienceMesh: config.ScienceMesh{ Prefix: "sciencemesh", diff --git a/services/policies/pkg/config/defaults/defaultconfig.go b/services/policies/pkg/config/defaults/defaultconfig.go index d71666e3f..3dc97bec5 100644 --- a/services/policies/pkg/config/defaults/defaultconfig.go +++ b/services/policies/pkg/config/defaults/defaultconfig.go @@ -33,7 +33,7 @@ func DefaultConfig() *config.Config { }, Events: config.Events{ Endpoint: "127.0.0.1:9233", - Cluster: "ocis-cluster", + Cluster: "opencloud-cluster", EnableTLS: false, }, Engine: config.Engine{ diff --git a/services/postprocessing/pkg/config/defaults/defaultconfig.go b/services/postprocessing/pkg/config/defaults/defaultconfig.go index 90b00f9d5..3510c0969 100644 --- a/services/postprocessing/pkg/config/defaults/defaultconfig.go +++ b/services/postprocessing/pkg/config/defaults/defaultconfig.go @@ -29,7 +29,7 @@ func DefaultConfig() *config.Config { Postprocessing: config.Postprocessing{ Events: config.Events{ Endpoint: "127.0.0.1:9233", - Cluster: "ocis-cluster", + Cluster: "opencloud-cluster", }, Workers: 3, RetryBackoffDuration: 5 * time.Second, diff --git a/services/proxy/pkg/config/defaults/defaultconfig.go b/services/proxy/pkg/config/defaults/defaultconfig.go index 0fd48455c..127b642f4 100644 --- a/services/proxy/pkg/config/defaults/defaultconfig.go +++ b/services/proxy/pkg/config/defaults/defaultconfig.go @@ -97,7 +97,7 @@ func DefaultConfig() *config.Config { CSPConfigFileLocation: "", Events: config.Events{ Endpoint: "127.0.0.1:9233", - Cluster: "ocis-cluster", + Cluster: "opencloud-cluster", EnableTLS: false, }, } diff --git a/services/search/pkg/config/defaults/defaultconfig.go b/services/search/pkg/config/defaults/defaultconfig.go index 425846756..21a5fe9a5 100644 --- a/services/search/pkg/config/defaults/defaultconfig.go +++ b/services/search/pkg/config/defaults/defaultconfig.go @@ -49,7 +49,7 @@ func DefaultConfig() *config.Config { }, Events: config.Events{ Endpoint: "127.0.0.1:9233", - Cluster: "ocis-cluster", + Cluster: "opencloud-cluster", DebounceDuration: 1000, AsyncUploads: true, EnableTLS: false, diff --git a/services/sharing/pkg/config/defaults/defaultconfig.go b/services/sharing/pkg/config/defaults/defaultconfig.go index c733b9622..535634ff5 100644 --- a/services/sharing/pkg/config/defaults/defaultconfig.go +++ b/services/sharing/pkg/config/defaults/defaultconfig.go @@ -73,7 +73,7 @@ func DefaultConfig() *config.Config { }, Events: config.Events{ Addr: "127.0.0.1:9233", - ClusterID: "ocis-cluster", + ClusterID: "opencloud-cluster", EnableTLS: false, }, EnableExpiredSharesCleanup: true, diff --git a/services/sse/pkg/config/defaults/defaultconfig.go b/services/sse/pkg/config/defaults/defaultconfig.go index 6814b6a49..d342cfee4 100644 --- a/services/sse/pkg/config/defaults/defaultconfig.go +++ b/services/sse/pkg/config/defaults/defaultconfig.go @@ -26,7 +26,7 @@ func DefaultConfig() *config.Config { }, Events: config.Events{ Endpoint: "127.0.0.1:9233", - Cluster: "ocis-cluster", + Cluster: "opencloud-cluster", }, HTTP: config.HTTP{ Addr: "127.0.0.1:9135", diff --git a/services/storage-users/pkg/config/defaults/defaultconfig.go b/services/storage-users/pkg/config/defaults/defaultconfig.go index 95e6ad211..1ec2f4702 100644 --- a/services/storage-users/pkg/config/defaults/defaultconfig.go +++ b/services/storage-users/pkg/config/defaults/defaultconfig.go @@ -151,7 +151,7 @@ func DefaultConfig() *config.Config { }, Events: config.Events{ Addr: "127.0.0.1:9233", - ClusterID: "ocis-cluster", + ClusterID: "opencloud-cluster", EnableTLS: false, }, FilemetadataCache: config.FilemetadataCache{ diff --git a/services/userlog/pkg/config/defaults/defaultconfig.go b/services/userlog/pkg/config/defaults/defaultconfig.go index 86cc8a23a..fcdf6bd35 100644 --- a/services/userlog/pkg/config/defaults/defaultconfig.go +++ b/services/userlog/pkg/config/defaults/defaultconfig.go @@ -31,7 +31,7 @@ func DefaultConfig() *config.Config { }, Events: config.Events{ Endpoint: "127.0.0.1:9233", - Cluster: "ocis-cluster", + Cluster: "opencloud-cluster", EnableTLS: false, }, MaxConcurrency: 1, From 3b3a222f8bfcb6ebbe7cb4daec1e2b056b8c1891 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rn=20Friedrich=20Dreyer?= Date: Thu, 16 Jan 2025 16:24:25 +0100 Subject: [PATCH 2/2] regenerate env_vars.yaml MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jörn Friedrich Dreyer --- docs/helpers/env_vars.yaml | 435 +++++++++++++++++++------------------ 1 file changed, 228 insertions(+), 207 deletions(-) diff --git a/docs/helpers/env_vars.yaml b/docs/helpers/env_vars.yaml index 407f4c1d9..cda4a8611 100644 --- a/docs/helpers/env_vars.yaml +++ b/docs/helpers/env_vars.yaml @@ -362,7 +362,7 @@ ANTIVIRUS_EVENTS_AUTH_USERNAME: deprecationInfo: "" ANTIVIRUS_EVENTS_CLUSTER: name: OC_EVENTS_CLUSTER;ANTIVIRUS_EVENTS_CLUSTER - defaultValue: ocis-cluster + defaultValue: opencloud-cluster type: string description: The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. @@ -1042,7 +1042,7 @@ AUDIT_EVENTS_AUTH_USERNAME: deprecationInfo: "" AUDIT_EVENTS_CLUSTER: name: OC_EVENTS_CLUSTER;AUDIT_EVENTS_CLUSTER - defaultValue: ocis-cluster + defaultValue: opencloud-cluster type: string description: The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. @@ -1565,7 +1565,7 @@ AUTH_BASIC_LDAP_BIND_PASSWORD: deprecationInfo: "" AUTH_BASIC_LDAP_CACERT: name: OC_LDAP_CACERT;AUTH_BASIC_LDAP_CACERT - defaultValue: /var/lib/ocis/idm/ldap.crt + defaultValue: /var/lib/opencloud/idm/ldap.crt type: string description: Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root @@ -2539,7 +2539,7 @@ CLIENTLOG_EVENTS_AUTH_USERNAME: deprecationInfo: "" CLIENTLOG_EVENTS_CLUSTER: name: OC_EVENTS_CLUSTER;CLIENTLOG_EVENTS_CLUSTER - defaultValue: ocis-cluster + defaultValue: opencloud-cluster type: string description: The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. @@ -2758,7 +2758,7 @@ COLLABORATION_APP_NAME: deprecationInfo: "" COLLABORATION_APP_PRODUCT: name: COLLABORATION_APP_PRODUCT - defaultValue: Collabora + defaultValue: "" type: string description: The WebOffice app, either Collabora, OnlyOffice, Microsoft365 or MicrosoftOfficeOnline. introductionVersion: 7.0.0 @@ -3027,7 +3027,7 @@ COLLABORATION_WOPI_PROXY_SECRET: defaultValue: "" type: string description: Optional, the secret to authenticate against the OpenCloud WOPI proxy. - This secret can be obtained from ownCloud via the office365 proxy subscription. + This secret can be obtained from OpenCloud via the office365 proxy subscription. introductionVersion: 7.0.0 deprecationVersion: "" removalVersion: "" @@ -3136,7 +3136,7 @@ EVENTHISTORY_EVENTS_AUTH_USERNAME: deprecationInfo: "" EVENTHISTORY_EVENTS_CLUSTER: name: OC_EVENTS_CLUSTER;EVENTHISTORY_EVENTS_CLUSTER - defaultValue: ocis-cluster + defaultValue: opencloud-cluster type: string description: The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. @@ -3610,7 +3610,7 @@ FRONTEND_EVENTS_AUTH_USERNAME: deprecationInfo: "" FRONTEND_EVENTS_CLUSTER: name: OC_EVENTS_CLUSTER;FRONTEND_EVENTS_CLUSTER - defaultValue: ocis-cluster + defaultValue: opencloud-cluster type: string description: The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. @@ -3850,7 +3850,8 @@ FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD: deprecationInfo: FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated | | FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated | FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated | FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD, - the OCS API is deprecated + the OCS API is deprecated | FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD, the + OCS API is deprecated FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD: name: OC_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD defaultValue: "false" @@ -3864,6 +3865,7 @@ FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD: API is deprecated | | FRONTEND_OCS_PUBLIC_WRITABLE_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated | FRONTEND_OCS_PUBLIC_WRITABLE_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated | FRONTEND_OCS_PUBLIC_WRITABLE_SHARE_MUST_HAVE_PASSWORD, + the OCS API is deprecated | FRONTEND_OCS_PUBLIC_WRITABLE_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated FRONTEND_OCS_SHARE_PREFIX: name: FRONTEND_OCS_SHARE_PREFIX @@ -4316,7 +4318,7 @@ GATEWAY_FRONTEND_PUBLIC_URL: name: OC_URL;GATEWAY_FRONTEND_PUBLIC_URL defaultValue: https://localhost:9200 type: string - description: The public facing URL of the oCIS frontend. + description: The public facing URL of the OpenCloud frontend. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -4882,7 +4884,7 @@ GRAPH_EVENTS_AUTH_USERNAME: deprecationInfo: "" GRAPH_EVENTS_CLUSTER: name: OC_EVENTS_CLUSTER;GRAPH_EVENTS_CLUSTER - defaultValue: ocis-cluster + defaultValue: opencloud-cluster type: string description: The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. @@ -5081,7 +5083,7 @@ GRAPH_LDAP_BIND_PASSWORD: deprecationInfo: "" GRAPH_LDAP_CACERT: name: OC_LDAP_CACERT;GRAPH_LDAP_CACERT - defaultValue: /var/lib/ocis/idm/ldap.crt + defaultValue: /var/lib/opencloud/idm/ldap.crt type: string description: Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root @@ -5344,7 +5346,7 @@ GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE: deprecationInfo: LDAP_USER_SCHEMA_DISPLAY_NAME changing name for consistency | | | | LDAP_USER_SCHEMA_DISPLAY_NAME changing name for consistency | LDAP_USER_SCHEMA_DISPLAY_NAME changing name for consistency | LDAP_USER_SCHEMA_DISPLAY_NAME changing name for - consistency + consistency | LDAP_USER_SCHEMA_DISPLAY_NAME changing name for consistency GRAPH_LDAP_USER_EMAIL_ATTRIBUTE: name: OC_LDAP_USER_SCHEMA_MAIL;GRAPH_LDAP_USER_EMAIL_ATTRIBUTE defaultValue: mail @@ -5727,7 +5729,7 @@ GROUPS_LDAP_BIND_PASSWORD: deprecationInfo: "" GROUPS_LDAP_CACERT: name: OC_LDAP_CACERT;GROUPS_LDAP_CACERT - defaultValue: /var/lib/ocis/idm/ldap.crt + defaultValue: /var/lib/opencloud/idm/ldap.crt type: string description: Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root @@ -6149,17 +6151,17 @@ IDM_ADMIN_USER_ID: removalVersion: "" deprecationInfo: "" IDM_CREATE_DEMO_USERS: - name: IDM_CREATE_DEMO_USERS + name: SETTINGS_SETUP_DEFAULT_ASSIGNMENTS;IDM_CREATE_DEMO_USERS defaultValue: "false" type: bool - description: Flag to enable or disable the creation of the demo users. + description: The default role assignments the demo users should be setup. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDM_DATABASE_PATH: name: IDM_DATABASE_PATH - defaultValue: /var/lib/ocis/idm/ocis.boltdb + defaultValue: /var/lib/opencloud/idm/ocis.boltdb type: string description: Full path to the IDM backend database. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idm. @@ -6226,7 +6228,7 @@ IDM_LDAPS_ADDR: deprecationInfo: "" IDM_LDAPS_CERT: name: IDM_LDAPS_CERT - defaultValue: /var/lib/ocis/idm/ldap.crt + defaultValue: /var/lib/opencloud/idm/ldap.crt type: string description: File name of the TLS server certificate for the LDAPS listener. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idm. @@ -6236,7 +6238,7 @@ IDM_LDAPS_CERT: deprecationInfo: "" IDM_LDAPS_KEY: name: IDM_LDAPS_KEY - defaultValue: /var/lib/ocis/idm/ldap.key + defaultValue: /var/lib/opencloud/idm/ldap.key type: string description: File name for the TLS certificate key for the server certificate. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idm. @@ -6353,7 +6355,7 @@ IDP_ALLOW_CLIENT_GUESTS: name: IDP_ALLOW_CLIENT_GUESTS defaultValue: "false" type: bool - description: Allow guest clients to access oCIS. + description: Allow guest clients to access OpenCloud. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -6426,7 +6428,7 @@ IDP_DYNAMIC_CLIENT_SECRET_DURATION: deprecationInfo: "" IDP_ENCRYPTION_SECRET_FILE: name: IDP_ENCRYPTION_SECRET_FILE - defaultValue: /var/lib/ocis/idp/encryption.key + defaultValue: /var/lib/opencloud/idp/encryption.key type: string description: Path to the encryption secret file, if unset, a new certificate will be autogenerated upon each restart, thus invalidating all existing sessions. If @@ -6585,7 +6587,7 @@ IDP_LDAP_SCOPE: deprecationInfo: "" IDP_LDAP_TLS_CACERT: name: OC_LDAP_CACERT;IDP_LDAP_TLS_CACERT - defaultValue: /var/lib/ocis/idm/ldap.crt + defaultValue: /var/lib/opencloud/idm/ldap.crt type: string description: Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root @@ -6736,7 +6738,7 @@ IDP_SIGNING_METHOD: deprecationInfo: "" IDP_SIGNING_PRIVATE_KEY_FILES: name: IDP_SIGNING_PRIVATE_KEY_FILES - defaultValue: '[/var/lib/ocis/idp/private-key.pem]' + defaultValue: '[/var/lib/opencloud/idp/private-key.pem]' type: '[]string' description: A list of private key files for signing IDP requests. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idp. See the Environment Variable @@ -6796,7 +6798,7 @@ IDP_TRACING_TYPE: deprecationInfo: "" IDP_TRANSPORT_TLS_CERT: name: IDP_TRANSPORT_TLS_CERT - defaultValue: /var/lib/ocis/idp/server.crt + defaultValue: /var/lib/opencloud/idp/server.crt type: string description: Path/File name of the TLS server certificate (in PEM format) for the IDP service. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idp. @@ -6806,7 +6808,7 @@ IDP_TRANSPORT_TLS_CERT: deprecationInfo: "" IDP_TRANSPORT_TLS_KEY: name: IDP_TRANSPORT_TLS_KEY - defaultValue: /var/lib/ocis/idp/server.key + defaultValue: /var/lib/opencloud/idp/server.key type: string description: Path/File name for the TLS certificate key (in PEM format) for the server certificate to use for the IDP service. If not defined, the root directory @@ -7113,7 +7115,7 @@ LDAP_USER_SCHEMA_DISPLAY_NAME: deprecationInfo: LDAP_USER_SCHEMA_DISPLAY_NAME changing name for consistency | | | | LDAP_USER_SCHEMA_DISPLAY_NAME changing name for consistency | LDAP_USER_SCHEMA_DISPLAY_NAME changing name for consistency | LDAP_USER_SCHEMA_DISPLAY_NAME changing name for - consistency + consistency | LDAP_USER_SCHEMA_DISPLAY_NAME changing name for consistency LDAP_USER_SUBSTRING_FILTER_TYPE: name: LDAP_USER_SUBSTRING_FILTER_TYPE;USERS_LDAP_USER_SUBSTRING_FILTER_TYPE defaultValue: any @@ -7212,7 +7214,7 @@ NATS_LOG_PRETTY: deprecationInfo: "" NATS_NATS_CLUSTER_ID: name: NATS_NATS_CLUSTER_ID - defaultValue: ocis-cluster + defaultValue: opencloud-cluster type: string description: ID of the NATS cluster. introductionVersion: pre5.0 @@ -7239,7 +7241,7 @@ NATS_NATS_PORT: deprecationInfo: "" NATS_NATS_STORE_DIR: name: NATS_NATS_STORE_DIR - defaultValue: /var/lib/ocis/nats + defaultValue: /var/lib/opencloud/nats type: string description: The directory where the filesystem storage will store NATS JetStream data. If not defined, the root directory derives from $OC_BASE_DATA_PATH/nats. @@ -7249,7 +7251,7 @@ NATS_NATS_STORE_DIR: deprecationInfo: "" NATS_TLS_CERT: name: NATS_TLS_CERT - defaultValue: /var/lib/ocis/nats/tls.crt + defaultValue: /var/lib/opencloud/nats/tls.crt type: string description: Path/File name of the TLS server certificate (in PEM format) for the NATS listener. If not defined, the root directory derives from $OC_BASE_DATA_PATH/nats. @@ -7259,7 +7261,7 @@ NATS_TLS_CERT: deprecationInfo: "" NATS_TLS_KEY: name: NATS_TLS_KEY - defaultValue: /var/lib/ocis/nats/tls.key + defaultValue: /var/lib/opencloud/nats/tls.key type: string description: Path/File name for the TLS certificate key (in PEM format) for the NATS listener. If not defined, the root directory derives from $OC_BASE_DATA_PATH/nats. @@ -7384,7 +7386,7 @@ NOTIFICATIONS_EVENTS_AUTH_USERNAME: deprecationInfo: "" NOTIFICATIONS_EVENTS_CLUSTER: name: OC_EVENTS_CLUSTER;NOTIFICATIONS_EVENTS_CLUSTER - defaultValue: ocis-cluster + defaultValue: opencloud-cluster type: string description: The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. @@ -7705,7 +7707,7 @@ OC_ADMIN_USER_ID: deprecationInfo: "" OC_ASSET_THEMES_PATH: name: OC_ASSET_THEMES_PATH;WEB_ASSET_THEMES_PATH - defaultValue: /var/lib/ocis/web/assets/themes + defaultValue: /var/lib/opencloud/web/assets/themes type: string description: Serve ownCloud themes from a path on the filesystem instead of the builtin assets. If not defined, the root directory derives from $OC_BASE_DATA_PATH/web/assets/themes @@ -7723,7 +7725,7 @@ OC_ASYNC_UPLOADS: removalVersion: "" deprecationInfo: "" OC_CACHE_AUTH_PASSWORD: - name: OC_CACHE_AUTH_PASSWORD;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_PASSWORD + name: OC_CACHE_AUTH_PASSWORD;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the store. Only applies when store @@ -7733,7 +7735,7 @@ OC_CACHE_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" OC_CACHE_AUTH_USERNAME: - name: OC_CACHE_AUTH_USERNAME;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_USERNAME + name: OC_CACHE_AUTH_USERNAME;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the store. Only applies when store @@ -7744,7 +7746,7 @@ OC_CACHE_AUTH_USERNAME: deprecationInfo: "" OC_CACHE_DATABASE: name: OC_CACHE_DATABASE - defaultValue: cache-userinfo + defaultValue: cache-createhome type: string description: The database name the configured store should use. introductionVersion: pre5.0 @@ -7752,28 +7754,27 @@ OC_CACHE_DATABASE: removalVersion: "" deprecationInfo: "" OC_CACHE_DISABLE_PERSISTENCE: - name: OC_CACHE_DISABLE_PERSISTENCE;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_DISABLE_PERSISTENCE - defaultValue: "true" + name: OC_CACHE_DISABLE_PERSISTENCE;GATEWAY_CREATE_HOME_CACHE_DISABLE_PERSISTENCE + defaultValue: "false" type: bool - description: Disables persistence of the store. Only applies when store type 'nats-js-kv' - is configured. Defaults to true. + description: Disables persistence of the create home cache. Only applies when store + type 'nats-js-kv' is configured. Defaults to false. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OC_CACHE_STORE: - name: OC_CACHE_STORE;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE + name: OC_CACHE_STORE;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE defaultValue: nats-js-kv type: string - description: 'The type of the signing key store. Supported values are: ''redis-sentinel'', - ''nats-js-kv'' and ''ocisstoreservice'' (deprecated). See the text description - for details.' + description: 'The type of the signing key store. Supported values are: ''redis-sentinel'' + and ''nats-js-kv''. See the text description for details.' introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OC_CACHE_STORE_NODES: - name: OC_CACHE_STORE_NODES;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES + name: OC_CACHE_STORE_NODES;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. Note that the behaviour @@ -7784,7 +7785,7 @@ OC_CACHE_STORE_NODES: removalVersion: "" deprecationInfo: "" OC_CACHE_TTL: - name: OC_CACHE_TTL;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_TTL + name: OC_CACHE_TTL;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_TTL defaultValue: 12h0m0s type: Duration description: Default time to live for signing keys. See the Environment Variable @@ -7794,46 +7795,45 @@ OC_CACHE_TTL: removalVersion: "" deprecationInfo: "" OC_CORS_ALLOW_CREDENTIALS: - name: OC_CORS_ALLOW_CREDENTIALS;THUMBNAILS_CORS_ALLOW_CREDENTIALS - defaultValue: "true" + name: OC_CORS_ALLOW_CREDENTIALS;WEBFINGER_CORS_ALLOW_CREDENTIALS + defaultValue: "false" type: bool description: 'Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.' - introductionVersion: "6.0" + introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OC_CORS_ALLOW_HEADERS: - name: OC_CORS_ALLOW_HEADERS;THUMBNAILS_CORS_ALLOW_HEADERS - defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id - Cache-Control]' + name: OC_CORS_ALLOW_HEADERS;WEBFINGER_CORS_ALLOW_HEADERS + defaultValue: '[]' type: '[]string' description: 'A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details.' - introductionVersion: "6.0" + introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OC_CORS_ALLOW_METHODS: - name: OC_CORS_ALLOW_METHODS;THUMBNAILS_CORS_ALLOW_METHODS - defaultValue: '[GET POST PUT PATCH DELETE OPTIONS]' + name: OC_CORS_ALLOW_METHODS;WEBFINGER_CORS_ALLOW_METHODS + defaultValue: '[]' type: '[]string' description: 'A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details.' - introductionVersion: "6.0" + introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OC_CORS_ALLOW_ORIGINS: - name: OC_CORS_ALLOW_ORIGINS;THUMBNAILS_CORS_ALLOW_ORIGINS - defaultValue: '[*]' + name: OC_CORS_ALLOW_ORIGINS;WEBFINGER_CORS_ALLOW_ORIGINS + defaultValue: '[https://localhost:9200]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details.' - introductionVersion: "6.0" + introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" @@ -7950,72 +7950,72 @@ OC_ENABLE_OCM: removalVersion: "" deprecationInfo: "" OC_EVENTS_AUTH_PASSWORD: - name: OC_EVENTS_AUTH_PASSWORD;PROXY_EVENTS_AUTH_PASSWORD + name: OC_EVENTS_AUTH_PASSWORD;ANTIVIRUS_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the events broker. The events broker is the OpenCloud service which receives and delivers events between the services. - introductionVersion: 7.0.0 + introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OC_EVENTS_AUTH_USERNAME: - name: OC_EVENTS_AUTH_USERNAME;PROXY_EVENTS_AUTH_USERNAME + name: OC_EVENTS_AUTH_USERNAME;ANTIVIRUS_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the events broker. The events broker is the OpenCloud service which receives and delivers events between the services. - introductionVersion: 7.0.0 + introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OC_EVENTS_CLUSTER: - name: OC_EVENTS_CLUSTER;PROXY_EVENTS_CLUSTER - defaultValue: ocis-cluster + name: OC_EVENTS_CLUSTER;ANTIVIRUS_EVENTS_CLUSTER + defaultValue: opencloud-cluster type: string description: The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. - introductionVersion: 7.0.0 + Mandatory when using NATS as event system. + introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OC_EVENTS_ENABLE_TLS: - name: OC_EVENTS_ENABLE_TLS;PROXY_EVENTS_ENABLE_TLS + name: OC_EVENTS_ENABLE_TLS;ANTIVIRUS_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker is the OpenCloud service which receives and delivers events between the services. - introductionVersion: 7.0.0 + introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OC_EVENTS_ENDPOINT: - name: OC_EVENTS_ENDPOINT;PROXY_EVENTS_ENDPOINT + name: OC_EVENTS_ENDPOINT;ANTIVIRUS_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing - service. It is used as message broker for the microservice architecture. Set to - a empty string to disable emitting events. - introductionVersion: 7.0.0 + service. It is used as message broker for the microservice architecture. + introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OC_EVENTS_TLS_ROOT_CA_CERTIFICATE: - name: OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;PROXY_EVENTS_TLS_ROOT_CA_CERTIFICATE + name: OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;ANTIVIRUS_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. - If provided PROXY_EVENTS_TLS_INSECURE will be seen as false. - introductionVersion: 7.0.0 + If provided ANTIVIRUS_EVENTS_TLS_INSECURE will be seen as false. + introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OC_GATEWAY_GRPC_ADDR: - name: OC_GATEWAY_GRPC_ADDR;STORAGE_USERS_GATEWAY_GRPC_ADDR + name: OC_GATEWAY_GRPC_ADDR;GATEWAY_GRPC_ADDR defaultValue: 127.0.0.1:9142 type: string - description: The bind address of the gateway GRPC address. - introductionVersion: "5.0" + description: The bind address of the GRPC service. + introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" @@ -8043,7 +8043,7 @@ OC_GRPC_CLIENT_TLS_MODE: removalVersion: "" deprecationInfo: "" OC_GRPC_PROTOCOL: - name: OC_GRPC_PROTOCOL;STORAGE_PUBLICLINK_GRPC_PROTOCOL + name: OC_GRPC_PROTOCOL;GROUPS_GRPC_PROTOCOL defaultValue: "" type: string description: The transport protocol of the GRPC service. @@ -8083,16 +8083,16 @@ OC_HTTP_TLS_KEY: removalVersion: "" deprecationInfo: "" OC_INSECURE: - name: OC_INSECURE;PROXY_EVENTS_TLS_INSECURE + name: OC_INSECURE;WEBFINGER_INSECURE defaultValue: "false" type: bool - description: Whether to verify the server TLS certificates. - introductionVersion: 7.0.0 + description: Allow insecure connections to the WEBFINGER service. + introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OC_JWT_SECRET: - name: OC_JWT_SECRET;STORAGE_PUBLICLINK_JWT_SECRET + name: OC_JWT_SECRET;OCS_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. @@ -8101,7 +8101,7 @@ OC_JWT_SECRET: removalVersion: "" deprecationInfo: "" OC_KEYCLOAK_BASE_PATH: - name: OC_KEYCLOAK_BASE_PATH;GRAPH_KEYCLOAK_BASE_PATH + name: OC_KEYCLOAK_BASE_PATH;INVITATIONS_KEYCLOAK_BASE_PATH defaultValue: "" type: string description: The URL to access keycloak. @@ -8110,16 +8110,16 @@ OC_KEYCLOAK_BASE_PATH: removalVersion: "" deprecationInfo: "" OC_KEYCLOAK_CLIENT_ID: - name: OC_KEYCLOAK_CLIENT_ID;GRAPH_KEYCLOAK_CLIENT_ID + name: OC_KEYCLOAK_CLIENT_ID;INVITATIONS_KEYCLOAK_CLIENT_ID defaultValue: "" type: string - description: The client id to authenticate with keycloak. + description: The client ID to authenticate with keycloak. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OC_KEYCLOAK_CLIENT_REALM: - name: OC_KEYCLOAK_CLIENT_REALM;GRAPH_KEYCLOAK_CLIENT_REALM + name: OC_KEYCLOAK_CLIENT_REALM;INVITATIONS_KEYCLOAK_CLIENT_REALM defaultValue: "" type: string description: The realm the client is defined in. @@ -8128,7 +8128,7 @@ OC_KEYCLOAK_CLIENT_REALM: removalVersion: "" deprecationInfo: "" OC_KEYCLOAK_CLIENT_SECRET: - name: OC_KEYCLOAK_CLIENT_SECRET;GRAPH_KEYCLOAK_CLIENT_SECRET + name: OC_KEYCLOAK_CLIENT_SECRET;INVITATIONS_KEYCLOAK_CLIENT_SECRET defaultValue: "" type: string description: The client secret to use in authentication. @@ -8137,7 +8137,7 @@ OC_KEYCLOAK_CLIENT_SECRET: removalVersion: "" deprecationInfo: "" OC_KEYCLOAK_INSECURE_SKIP_VERIFY: - name: OC_KEYCLOAK_INSECURE_SKIP_VERIFY;GRAPH_KEYCLOAK_INSECURE_SKIP_VERIFY + name: OC_KEYCLOAK_INSECURE_SKIP_VERIFY;INVITATIONS_KEYCLOAK_INSECURE_SKIP_VERIFY defaultValue: "false" type: bool description: Disable TLS certificate validation for Keycloak connections. Do not @@ -8147,7 +8147,7 @@ OC_KEYCLOAK_INSECURE_SKIP_VERIFY: removalVersion: "" deprecationInfo: "" OC_KEYCLOAK_USER_REALM: - name: OC_KEYCLOAK_USER_REALM;GRAPH_KEYCLOAK_USER_REALM + name: OC_KEYCLOAK_USER_REALM;INVITATIONS_KEYCLOAK_USER_REALM defaultValue: "" type: string description: The realm users are defined. @@ -8156,7 +8156,7 @@ OC_KEYCLOAK_USER_REALM: removalVersion: "" deprecationInfo: "" OC_LDAP_BIND_DN: - name: OC_LDAP_BIND_DN;USERS_LDAP_BIND_DN + name: OC_LDAP_BIND_DN;GROUPS_LDAP_BIND_DN defaultValue: uid=reva,ou=sysusers,o=libregraph-idm type: string description: LDAP DN to use for simple bind authentication with the target LDAP @@ -8166,7 +8166,7 @@ OC_LDAP_BIND_DN: removalVersion: "" deprecationInfo: "" OC_LDAP_BIND_PASSWORD: - name: OC_LDAP_BIND_PASSWORD;USERS_LDAP_BIND_PASSWORD + name: OC_LDAP_BIND_PASSWORD;GROUPS_LDAP_BIND_PASSWORD defaultValue: "" type: string description: Password to use for authenticating the 'bind_dn'. @@ -8175,8 +8175,8 @@ OC_LDAP_BIND_PASSWORD: removalVersion: "" deprecationInfo: "" OC_LDAP_CACERT: - name: OC_LDAP_CACERT;USERS_LDAP_CACERT - defaultValue: /var/lib/ocis/idm/ldap.crt + name: OC_LDAP_CACERT;GROUPS_LDAP_CACERT + defaultValue: /var/lib/opencloud/idm/ldap.crt type: string description: Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root @@ -8186,20 +8186,20 @@ OC_LDAP_CACERT: removalVersion: "" deprecationInfo: "" OC_LDAP_DISABLE_USER_MECHANISM: - name: OC_LDAP_DISABLE_USER_MECHANISM;USERS_LDAP_DISABLE_USER_MECHANISM + name: OC_LDAP_DISABLE_USER_MECHANISM;GRAPH_DISABLE_USER_MECHANISM defaultValue: attribute type: string - description: An option to control the behavior for disabling users. Valid options + description: An option to control the behavior for disabling users. Supported options are 'none', 'attribute' and 'group'. If set to 'group', disabling a user via API will add the user to the configured group for disabled users, if set to 'attribute' this will be done in the ldap user entry, if set to 'none' the disable request - is not processed. + is not processed. Default is 'attribute'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OC_LDAP_DISABLED_USERS_GROUP_DN: - name: OC_LDAP_DISABLED_USERS_GROUP_DN;USERS_LDAP_DISABLED_USERS_GROUP_DN + name: OC_LDAP_DISABLED_USERS_GROUP_DN;GRAPH_DISABLED_USERS_GROUP_DN defaultValue: cn=DisabledUsersGroup,ou=groups,o=libregraph-idm type: string description: The distinguished name of the group to which added users will be classified @@ -8209,7 +8209,7 @@ OC_LDAP_DISABLED_USERS_GROUP_DN: removalVersion: "" deprecationInfo: "" OC_LDAP_GROUP_BASE_DN: - name: OC_LDAP_GROUP_BASE_DN;USERS_LDAP_GROUP_BASE_DN + name: OC_LDAP_GROUP_BASE_DN;GROUPS_LDAP_GROUP_BASE_DN defaultValue: ou=groups,o=libregraph-idm type: string description: Search base DN for looking up LDAP groups. @@ -8218,7 +8218,7 @@ OC_LDAP_GROUP_BASE_DN: removalVersion: "" deprecationInfo: "" OC_LDAP_GROUP_FILTER: - name: OC_LDAP_GROUP_FILTER;USERS_LDAP_GROUP_FILTER + name: OC_LDAP_GROUP_FILTER;GROUPS_LDAP_GROUP_FILTER defaultValue: "" type: string description: LDAP filter to add to the default filters for group searches. @@ -8227,17 +8227,17 @@ OC_LDAP_GROUP_FILTER: removalVersion: "" deprecationInfo: "" OC_LDAP_GROUP_OBJECTCLASS: - name: OC_LDAP_GROUP_OBJECTCLASS;USERS_LDAP_GROUP_OBJECTCLASS + name: OC_LDAP_GROUP_OBJECTCLASS;GROUPS_LDAP_GROUP_OBJECTCLASS defaultValue: groupOfNames type: string description: The object class to use for groups in the default group search filter - like 'groupOfNames'. + ('groupOfNames'). introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OC_LDAP_GROUP_SCHEMA_DISPLAYNAME: - name: OC_LDAP_GROUP_SCHEMA_DISPLAYNAME;USERS_LDAP_GROUP_SCHEMA_DISPLAYNAME + name: OC_LDAP_GROUP_SCHEMA_DISPLAYNAME;GROUPS_LDAP_GROUP_SCHEMA_DISPLAYNAME defaultValue: cn type: string description: LDAP Attribute to use for the displayname of groups (often the same @@ -8247,7 +8247,7 @@ OC_LDAP_GROUP_SCHEMA_DISPLAYNAME: removalVersion: "" deprecationInfo: "" OC_LDAP_GROUP_SCHEMA_GROUPNAME: - name: OC_LDAP_GROUP_SCHEMA_GROUPNAME;USERS_LDAP_GROUP_SCHEMA_GROUPNAME + name: OC_LDAP_GROUP_SCHEMA_GROUPNAME;GROUPS_LDAP_GROUP_SCHEMA_GROUPNAME defaultValue: cn type: string description: LDAP Attribute to use for the name of groups. @@ -8256,17 +8256,17 @@ OC_LDAP_GROUP_SCHEMA_GROUPNAME: removalVersion: "" deprecationInfo: "" OC_LDAP_GROUP_SCHEMA_ID: - name: OC_LDAP_GROUP_SCHEMA_ID;USERS_LDAP_GROUP_SCHEMA_ID + name: OC_LDAP_GROUP_SCHEMA_ID;GROUPS_LDAP_GROUP_SCHEMA_ID defaultValue: ownclouduuid type: string - description: LDAP Attribute to use as the unique ID for groups. This should be a + description: LDAP Attribute to use as the unique id for groups. This should be a stable globally unique ID like a UUID. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OC_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING: - name: OC_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;USERS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING + name: OC_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;GROUPS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING defaultValue: "false" type: bool description: Set this to true if the defined 'id' attribute for groups is of the @@ -8277,7 +8277,7 @@ OC_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING: removalVersion: "" deprecationInfo: "" OC_LDAP_GROUP_SCHEMA_MAIL: - name: OC_LDAP_GROUP_SCHEMA_MAIL;USERS_LDAP_GROUP_SCHEMA_MAIL + name: OC_LDAP_GROUP_SCHEMA_MAIL;GROUPS_LDAP_GROUP_SCHEMA_MAIL defaultValue: mail type: string description: LDAP Attribute to use for the email address of groups (can be empty). @@ -8286,7 +8286,7 @@ OC_LDAP_GROUP_SCHEMA_MAIL: removalVersion: "" deprecationInfo: "" OC_LDAP_GROUP_SCHEMA_MEMBER: - name: OC_LDAP_GROUP_SCHEMA_MEMBER;USERS_LDAP_GROUP_SCHEMA_MEMBER + name: OC_LDAP_GROUP_SCHEMA_MEMBER;GROUPS_LDAP_GROUP_SCHEMA_MEMBER defaultValue: member type: string description: LDAP Attribute that is used for group members. @@ -8295,17 +8295,17 @@ OC_LDAP_GROUP_SCHEMA_MEMBER: removalVersion: "" deprecationInfo: "" OC_LDAP_GROUP_SCOPE: - name: OC_LDAP_GROUP_SCOPE;USERS_LDAP_GROUP_SCOPE + name: OC_LDAP_GROUP_SCOPE;GROUPS_LDAP_GROUP_SCOPE defaultValue: sub type: string - description: LDAP search scope to use when looking up groups. Supported values are + description: LDAP search scope to use when looking up groups. Supported scopes are 'base', 'one' and 'sub'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OC_LDAP_INSECURE: - name: OC_LDAP_INSECURE;USERS_LDAP_INSECURE + name: OC_LDAP_INSECURE;GROUPS_LDAP_INSECURE defaultValue: "false" type: bool description: Disable TLS certificate validation for the LDAP connections. Do not @@ -8327,7 +8327,7 @@ OC_LDAP_SERVER_WRITE_ENABLED: removalVersion: "" deprecationInfo: "" OC_LDAP_URI: - name: OC_LDAP_URI;USERS_LDAP_URI + name: OC_LDAP_URI;GROUPS_LDAP_URI defaultValue: ldaps://localhost:9235 type: string description: URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' @@ -8337,7 +8337,7 @@ OC_LDAP_URI: removalVersion: "" deprecationInfo: "" OC_LDAP_USER_BASE_DN: - name: OC_LDAP_USER_BASE_DN;USERS_LDAP_USER_BASE_DN + name: OC_LDAP_USER_BASE_DN;GROUPS_LDAP_USER_BASE_DN defaultValue: ou=users,o=libregraph-idm type: string description: Search base DN for looking up LDAP users. @@ -8346,16 +8346,16 @@ OC_LDAP_USER_BASE_DN: removalVersion: "" deprecationInfo: "" OC_LDAP_USER_ENABLED_ATTRIBUTE: - name: OC_LDAP_USER_ENABLED_ATTRIBUTE;USERS_LDAP_USER_ENABLED_ATTRIBUTE + name: OC_LDAP_USER_ENABLED_ATTRIBUTE;GRAPH_USER_ENABLED_ATTRIBUTE defaultValue: ownCloudUserEnabled type: string - description: LDAP attribute to use as a flag telling if the user is enabled or disabled. + description: LDAP Attribute to use as a flag telling if the user is enabled or disabled. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OC_LDAP_USER_FILTER: - name: OC_LDAP_USER_FILTER;USERS_LDAP_USER_FILTER + name: OC_LDAP_USER_FILTER;GROUPS_LDAP_USER_FILTER defaultValue: "" type: string description: LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'. @@ -8364,17 +8364,17 @@ OC_LDAP_USER_FILTER: removalVersion: "" deprecationInfo: "" OC_LDAP_USER_OBJECTCLASS: - name: OC_LDAP_USER_OBJECTCLASS;USERS_LDAP_USER_OBJECTCLASS + name: OC_LDAP_USER_OBJECTCLASS;GROUPS_LDAP_USER_OBJECTCLASS defaultValue: inetOrgPerson type: string description: The object class to use for users in the default user search filter - like 'inetOrgPerson'. + ('inetOrgPerson'). introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OC_LDAP_USER_SCHEMA_DISPLAYNAME: - name: OC_LDAP_USER_SCHEMA_DISPLAYNAME;USERS_LDAP_USER_SCHEMA_DISPLAYNAME + name: OC_LDAP_USER_SCHEMA_DISPLAYNAME;GROUPS_LDAP_USER_SCHEMA_DISPLAYNAME defaultValue: displayname type: string description: LDAP Attribute to use for the displayname of users. @@ -8384,19 +8384,20 @@ OC_LDAP_USER_SCHEMA_DISPLAYNAME: deprecationInfo: 'LDAP_USER_SCHEMA_DISPLAY_NAME changing name for consistency | | | | | | | LDAP_USER_SCHEMA_DISPLAY_NAME changing name for consistency | | | | LDAP_USER_SCHEMA_DISPLAY_NAME changing name for consistency | | | LDAP_USER_SCHEMA_DISPLAY_NAME changing name - for consistency | ' + for consistency | | | | LDAP_USER_SCHEMA_DISPLAY_NAME changing name for consistency + | ' OC_LDAP_USER_SCHEMA_ID: - name: OC_LDAP_USER_SCHEMA_ID;USERS_LDAP_USER_SCHEMA_ID + name: OC_LDAP_USER_SCHEMA_ID;GROUPS_LDAP_USER_SCHEMA_ID defaultValue: ownclouduuid type: string - description: LDAP Attribute to use as the unique ID for users. This should be a - stable globally unique ID like a UUID. + description: LDAP Attribute to use as the unique id for users. This should be a + stable globally unique id like a UUID. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OC_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING: - name: OC_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;USERS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING + name: OC_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;GROUPS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING defaultValue: "false" type: bool description: Set this to true if the defined 'ID' attribute for users is of the @@ -8407,7 +8408,7 @@ OC_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING: removalVersion: "" deprecationInfo: "" OC_LDAP_USER_SCHEMA_MAIL: - name: OC_LDAP_USER_SCHEMA_MAIL;USERS_LDAP_USER_SCHEMA_MAIL + name: OC_LDAP_USER_SCHEMA_MAIL;GROUPS_LDAP_USER_SCHEMA_MAIL defaultValue: mail type: string description: LDAP Attribute to use for the email address of users. @@ -8416,7 +8417,7 @@ OC_LDAP_USER_SCHEMA_MAIL: removalVersion: "" deprecationInfo: "" OC_LDAP_USER_SCHEMA_USER_TYPE: - name: OC_LDAP_USER_SCHEMA_USER_TYPE;USERS_LDAP_USER_TYPE_ATTRIBUTE + name: OC_LDAP_USER_SCHEMA_USER_TYPE;GRAPH_LDAP_USER_TYPE_ATTRIBUTE defaultValue: ownCloudUserType type: string description: LDAP Attribute to distinguish between 'Member' and 'Guest' users. Default @@ -8426,7 +8427,7 @@ OC_LDAP_USER_SCHEMA_USER_TYPE: removalVersion: "" deprecationInfo: "" OC_LDAP_USER_SCHEMA_USERNAME: - name: OC_LDAP_USER_SCHEMA_USERNAME;USERS_LDAP_USER_SCHEMA_USERNAME + name: OC_LDAP_USER_SCHEMA_USERNAME;GROUPS_LDAP_USER_SCHEMA_USERNAME defaultValue: uid type: string description: LDAP Attribute to use for username of users. @@ -8435,17 +8436,17 @@ OC_LDAP_USER_SCHEMA_USERNAME: removalVersion: "" deprecationInfo: "" OC_LDAP_USER_SCOPE: - name: OC_LDAP_USER_SCOPE;USERS_LDAP_USER_SCOPE + name: OC_LDAP_USER_SCOPE;GROUPS_LDAP_USER_SCOPE defaultValue: sub type: string - description: LDAP search scope to use when looking up users. Supported values are + description: LDAP search scope to use when looking up users. Supported scopes are 'base', 'one' and 'sub'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OC_LOG_COLOR: - name: OC_LOG_COLOR;PROXY_LOG_COLOR + name: OC_LOG_COLOR;WEBFINGER_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -8454,7 +8455,7 @@ OC_LOG_COLOR: removalVersion: "" deprecationInfo: "" OC_LOG_FILE: - name: OC_LOG_FILE;PROXY_LOG_FILE + name: OC_LOG_FILE;WEBFINGER_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -8463,7 +8464,7 @@ OC_LOG_FILE: removalVersion: "" deprecationInfo: "" OC_LOG_LEVEL: - name: OC_LOG_LEVEL;PROXY_LOG_LEVEL + name: OC_LOG_LEVEL;WEBFINGER_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -8473,7 +8474,7 @@ OC_LOG_LEVEL: removalVersion: "" deprecationInfo: "" OC_LOG_PRETTY: - name: OC_LOG_PRETTY;PROXY_LOG_PRETTY + name: OC_LOG_PRETTY;WEBFINGER_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -8482,12 +8483,12 @@ OC_LOG_PRETTY: removalVersion: "" deprecationInfo: "" OC_MACHINE_AUTH_API_KEY: - name: OC_MACHINE_AUTH_API_KEY;PROXY_MACHINE_AUTH_API_KEY + name: OC_MACHINE_AUTH_API_KEY;AUTH_APP_MACHINE_AUTH_API_KEY defaultValue: "" type: string - description: Machine auth API key used to validate internal requests necessary to - access resources from other services. - introductionVersion: pre5.0 + description: The machine auth API key used to validate internal requests necessary + to access resources from other services. + introductionVersion: 7.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" @@ -8514,16 +8515,16 @@ OC_OIDC_CLIENT_ID: removalVersion: "" deprecationInfo: "" OC_OIDC_ISSUER: - name: OC_URL;OC_OIDC_ISSUER;PROXY_OIDC_ISSUER + name: OC_URL;OC_OIDC_ISSUER;WEBFINGER_OIDC_ISSUER defaultValue: https://localhost:9200 type: string - description: URL of the OIDC issuer. It defaults to URL of the builtin IDP. + description: The identity provider href for the openid-discovery relation. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OC_PASSWORD_POLICY_BANNED_PASSWORDS_LIST: - name: OC_PASSWORD_POLICY_BANNED_PASSWORDS_LIST;FRONTEND_PASSWORD_POLICY_BANNED_PASSWORDS_LIST + name: OC_PASSWORD_POLICY_BANNED_PASSWORDS_LIST;SHARING_PASSWORD_POLICY_BANNED_PASSWORDS_LIST defaultValue: "" type: string description: Path to the 'banned passwords list' file. This only impacts public @@ -8533,7 +8534,7 @@ OC_PASSWORD_POLICY_BANNED_PASSWORDS_LIST: removalVersion: "" deprecationInfo: "" OC_PASSWORD_POLICY_DISABLED: - name: OC_PASSWORD_POLICY_DISABLED;FRONTEND_PASSWORD_POLICY_DISABLED + name: OC_PASSWORD_POLICY_DISABLED;SHARING_PASSWORD_POLICY_DISABLED defaultValue: "false" type: bool description: Disable the password policy. Defaults to false if not set. @@ -8542,7 +8543,7 @@ OC_PASSWORD_POLICY_DISABLED: removalVersion: "" deprecationInfo: "" OC_PASSWORD_POLICY_MIN_CHARACTERS: - name: OC_PASSWORD_POLICY_MIN_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_CHARACTERS + name: OC_PASSWORD_POLICY_MIN_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_CHARACTERS defaultValue: "8" type: int description: Define the minimum password length. Defaults to 8 if not set. @@ -8551,7 +8552,7 @@ OC_PASSWORD_POLICY_MIN_CHARACTERS: removalVersion: "" deprecationInfo: "" OC_PASSWORD_POLICY_MIN_DIGITS: - name: OC_PASSWORD_POLICY_MIN_DIGITS;FRONTEND_PASSWORD_POLICY_MIN_DIGITS + name: OC_PASSWORD_POLICY_MIN_DIGITS;SHARING_PASSWORD_POLICY_MIN_DIGITS defaultValue: "1" type: int description: Define the minimum number of digits. Defaults to 1 if not set. @@ -8560,7 +8561,7 @@ OC_PASSWORD_POLICY_MIN_DIGITS: removalVersion: "" deprecationInfo: "" OC_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS: - name: OC_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS + name: OC_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS defaultValue: "1" type: int description: Define the minimum number of uppercase letters. Defaults to 1 if not @@ -8570,7 +8571,7 @@ OC_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS: removalVersion: "" deprecationInfo: "" OC_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS: - name: OC_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS + name: OC_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS defaultValue: "1" type: int description: Define the minimum number of characters from the special characters @@ -8580,7 +8581,7 @@ OC_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS: removalVersion: "" deprecationInfo: "" OC_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS: - name: OC_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS + name: OC_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS defaultValue: "1" type: int description: Define the minimum number of lowercase letters. Defaults to 1 if not @@ -8590,17 +8591,17 @@ OC_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS: removalVersion: "" deprecationInfo: "" OC_PERSISTENT_STORE: - name: OC_PERSISTENT_STORE;EVENTHISTORY_STORE + name: OC_PERSISTENT_STORE;POSTPROCESSING_STORE defaultValue: nats-js-kv type: string - description: 'The type of the store. Supported values are: ''memory'', ''nats-js-kv'', - ''redis-sentinel'', ''noop''. See the text description for details.' + description: 'The type of the store. Supported values are: ''memory'', ''redis-sentinel'', + ''nats-js-kv'', ''noop''. See the text description for details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OC_PERSISTENT_STORE_AUTH_PASSWORD: - name: OC_PERSISTENT_STORE_AUTH_PASSWORD;EVENTHISTORY_STORE_AUTH_PASSWORD + name: OC_PERSISTENT_STORE_AUTH_PASSWORD;POSTPROCESSING_STORE_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the store. Only applies when store @@ -8610,7 +8611,7 @@ OC_PERSISTENT_STORE_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" OC_PERSISTENT_STORE_AUTH_USERNAME: - name: OC_PERSISTENT_STORE_AUTH_USERNAME;EVENTHISTORY_STORE_AUTH_USERNAME + name: OC_PERSISTENT_STORE_AUTH_USERNAME;POSTPROCESSING_STORE_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the store. Only applies when store @@ -8620,7 +8621,7 @@ OC_PERSISTENT_STORE_AUTH_USERNAME: removalVersion: "" deprecationInfo: "" OC_PERSISTENT_STORE_NODES: - name: OC_PERSISTENT_STORE_NODES;EVENTHISTORY_STORE_NODES + name: OC_PERSISTENT_STORE_NODES;POSTPROCESSING_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. This has no effect @@ -8632,11 +8633,11 @@ OC_PERSISTENT_STORE_NODES: removalVersion: "" deprecationInfo: "" OC_PERSISTENT_STORE_TTL: - name: OC_PERSISTENT_STORE_TTL;EVENTHISTORY_STORE_TTL - defaultValue: 336h0m0s + name: OC_PERSISTENT_STORE_TTL;POSTPROCESSING_STORE_TTL + defaultValue: 0s type: Duration - description: Time to live for events in the store. Defaults to '336h' (2 weeks). - See the Environment Variable Types description for more details. + description: Time to live for events in the store. See the Environment Variable + Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -8701,31 +8702,35 @@ OC_SERVICE_ACCOUNT_SECRET: removalVersion: "" deprecationInfo: "" OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD: - name: OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD + name: OC_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD;SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD defaultValue: "true" type: bool description: Set this to true if you want to enforce passwords on all public shares. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" - deprecationInfo: FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated + deprecationInfo: 'FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated | | FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated | | | FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated | | FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD, - the OCS API is deprecated + the OCS API is deprecated | FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD, the + OCS API is deprecated | ' OC_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD: - name: OC_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD + name: OC_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD;SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD defaultValue: "false" type: bool - description: Set this to true if you want to enforce passwords for writable shares. - Only effective if the setting for 'passwords on all public shares' is set to false. + description: Set this to true if you want to enforce passwords on Uploader, Editor + or Contributor shares. If not using the global OC_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD, + you must define the FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD (deprecated) + in the frontend service. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" - deprecationInfo: FRONTEND_OCS_PUBLIC_WRITABLE_SHARE_MUST_HAVE_PASSWORD, the OCS + deprecationInfo: 'FRONTEND_OCS_PUBLIC_WRITABLE_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated | | FRONTEND_OCS_PUBLIC_WRITABLE_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated | | | FRONTEND_OCS_PUBLIC_WRITABLE_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated | | FRONTEND_OCS_PUBLIC_WRITABLE_SHARE_MUST_HAVE_PASSWORD, - the OCS API is deprecated + the OCS API is deprecated | FRONTEND_OCS_PUBLIC_WRITABLE_SHARE_MUST_HAVE_PASSWORD, + the OCS API is deprecated | ' OC_SHOW_USER_EMAIL_IN_RESULTS: name: OC_SHOW_USER_EMAIL_IN_RESULTS defaultValue: "false" @@ -8758,10 +8763,10 @@ OC_SYSTEM_USER_API_KEY: removalVersion: "" deprecationInfo: "" OC_SYSTEM_USER_ID: - name: OC_SYSTEM_USER_ID + name: OC_SYSTEM_USER_ID;SETTINGS_SYSTEM_USER_ID defaultValue: "" type: string - description: ID of the oCIS storage-system system user. Admins need to set the ID + description: ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID for the STORAGE-SYSTEM system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format. @@ -8770,7 +8775,7 @@ OC_SYSTEM_USER_ID: removalVersion: "" deprecationInfo: "" OC_SYSTEM_USER_IDP: - name: OC_SYSTEM_USER_IDP;SHARING_PUBLIC_CS3_SYSTEM_USER_IDP + name: OC_SYSTEM_USER_IDP;SETTINGS_SYSTEM_USER_IDP defaultValue: internal type: string description: IDP of the oCIS STORAGE-SYSTEM system user. @@ -8779,7 +8784,7 @@ OC_SYSTEM_USER_IDP: removalVersion: "" deprecationInfo: "" OC_TRACING_COLLECTOR: - name: OC_TRACING_COLLECTOR;PROXY_TRACING_COLLECTOR + name: OC_TRACING_COLLECTOR;WEBFINGER_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -8789,7 +8794,7 @@ OC_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" OC_TRACING_ENABLED: - name: OC_TRACING_ENABLED;PROXY_TRACING_ENABLED + name: OC_TRACING_ENABLED;WEBFINGER_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -8798,7 +8803,7 @@ OC_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" OC_TRACING_ENDPOINT: - name: OC_TRACING_ENDPOINT;PROXY_TRACING_ENDPOINT + name: OC_TRACING_ENDPOINT;WEBFINGER_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -8807,7 +8812,7 @@ OC_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" OC_TRACING_TYPE: - name: OC_TRACING_TYPE;PROXY_TRACING_TYPE + name: OC_TRACING_TYPE;WEBFINGER_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -8820,7 +8825,7 @@ OC_TRANSFER_SECRET: name: OC_TRANSFER_SECRET defaultValue: "" type: string - description: Transfer secret for signing file up- and download requests. + description: The storage transfer secret. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -8837,20 +8842,24 @@ OC_TRANSLATION_PATH: removalVersion: "" deprecationInfo: "" OC_URL: - name: OC_URL;OC_OIDC_ISSUER;PROXY_OIDC_ISSUER + name: OC_URL;WEBFINGER_OPENCLOUD_SERVER_INSTANCE_URL defaultValue: https://localhost:9200 type: string - description: URL of the OIDC issuer. It defaults to URL of the builtin IDP. + description: The URL for the legacy OpenCloud server instance relation (not to be + confused with the product OpenCloud Server). It defaults to the OC_URL but can + be overridden to support some reverse proxy corner cases. To shard the deployment, + multiple instances can be configured in the configuration file. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OC_WOPI_DISABLE_CHAT: - name: APP_PROVIDER_WOPI_DISABLE_CHAT;OC_WOPI_DISABLE_CHAT + name: COLLABORATION_WOPI_DISABLE_CHAT;OC_WOPI_DISABLE_CHAT defaultValue: "false" type: bool - description: Disable the chat functionality of the office app. - introductionVersion: pre5.0 + description: Disable chat in the office web frontend. This feature applies to OnlyOffice + and Microsoft. + introductionVersion: 7.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" @@ -9264,7 +9273,7 @@ OCM_EVENTS_AUTH_USERNAME: deprecationInfo: "" OCM_EVENTS_CLUSTER: name: OC_EVENTS_CLUSTER;OCM_EVENTS_CLUSTER - defaultValue: ocis-cluster + defaultValue: opencloud-cluster type: string description: The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. @@ -9423,7 +9432,7 @@ OCM_OCM_CORE_DRIVER: deprecationInfo: "" OCM_OCM_CORE_JSON_FILE: name: OCM_OCM_CORE_JSON_FILE - defaultValue: /var/lib/ocis/storage/ocm/ocmshares.json + defaultValue: /var/lib/opencloud/storage/ocm/ocmshares.json type: string description: Path to the JSON file where OCM share data will be stored. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage. @@ -9452,7 +9461,7 @@ OCM_OCM_INVITE_MANAGER_INSECURE: deprecationInfo: "" OCM_OCM_INVITE_MANAGER_JSON_FILE: name: OCM_OCM_INVITE_MANAGER_JSON_FILE - defaultValue: /var/lib/ocis/storage/ocm/ocminvites.json + defaultValue: /var/lib/opencloud/storage/ocm/ocminvites.json type: string description: Path to the JSON file where OCM invite data will be stored. This file is maintained by the instance and must not be changed manually. If not defined, @@ -9481,7 +9490,7 @@ OCM_OCM_INVITE_MANAGER_TOKEN_EXPIRATION: deprecationInfo: "" OCM_OCM_PROVIDER_AUTHORIZER_PROVIDERS_FILE: name: OCM_OCM_PROVIDER_AUTHORIZER_PROVIDERS_FILE - defaultValue: /etc/ocis/ocmproviders.json + defaultValue: /etc/opencloud/ocmproviders.json type: string description: Path to the JSON file where ocm invite data will be stored. Defaults to $OC_CONFIG_DIR/ocmproviders.json. @@ -9511,7 +9520,7 @@ OCM_OCM_SHARE_PROVIDER_INSECURE: deprecationInfo: "" OCM_OCM_SHAREPROVIDER_JSON_FILE: name: OCM_OCM_SHAREPROVIDER_JSON_FILE - defaultValue: /var/lib/ocis/storage/ocm/ocmshares.json + defaultValue: /var/lib/opencloud/storage/ocm/ocmshares.json type: string description: Path to the JSON file where OCM share data will be stored. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage. @@ -9541,7 +9550,7 @@ OCM_OCM_STORAGE_PROVIDER_INSECURE: deprecationInfo: "" OCM_OCM_STORAGE_PROVIDER_STORAGE_ROOT: name: OCM_OCM_STORAGE_PROVIDER_STORAGE_ROOT - defaultValue: /var/lib/ocis/storage/ocm + defaultValue: /var/lib/opencloud/storage/ocm type: string description: Directory where the ocm storage provider persists its data like tus upload info files. @@ -9970,7 +9979,7 @@ POLICIES_EVENTS_AUTH_USERNAME: deprecationInfo: "" POLICIES_EVENTS_CLUSTER: name: OC_EVENTS_CLUSTER;POLICIES_EVENTS_CLUSTER - defaultValue: ocis-cluster + defaultValue: opencloud-cluster type: string description: The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. @@ -10187,7 +10196,7 @@ POSTPROCESSING_EVENTS_AUTH_USERNAME: deprecationInfo: "" POSTPROCESSING_EVENTS_CLUSTER: name: OC_EVENTS_CLUSTER;POSTPROCESSING_EVENTS_CLUSTER - defaultValue: ocis-cluster + defaultValue: opencloud-cluster type: string description: The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. @@ -10576,7 +10585,7 @@ PROXY_EVENTS_AUTH_USERNAME: deprecationInfo: "" PROXY_EVENTS_CLUSTER: name: OC_EVENTS_CLUSTER;PROXY_EVENTS_CLUSTER - defaultValue: ocis-cluster + defaultValue: opencloud-cluster type: string description: The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. @@ -11038,7 +11047,7 @@ PROXY_TRACING_TYPE: deprecationInfo: "" PROXY_TRANSPORT_TLS_CERT: name: PROXY_TRANSPORT_TLS_CERT - defaultValue: /var/lib/ocis/proxy/server.crt + defaultValue: /var/lib/opencloud/proxy/server.crt type: string description: Path/File name of the TLS server certificate (in PEM format) for the external http services. If not defined, the root directory derives from $OC_BASE_DATA_PATH/proxy. @@ -11048,7 +11057,7 @@ PROXY_TRANSPORT_TLS_CERT: deprecationInfo: "" PROXY_TRANSPORT_TLS_KEY: name: PROXY_TRANSPORT_TLS_KEY - defaultValue: /var/lib/ocis/proxy/server.key + defaultValue: /var/lib/opencloud/proxy/server.key type: string description: Path/File name for the TLS certificate key (in PEM format) for the server certificate to use for the external http services. If not defined, the @@ -11129,7 +11138,7 @@ SEARCH_DEBUG_ZPAGES: deprecationInfo: "" SEARCH_ENGINE_BLEVE_DATA_PATH: name: SEARCH_ENGINE_BLEVE_DATA_PATH - defaultValue: /var/lib/ocis/search + defaultValue: /var/lib/opencloud/search type: string description: The directory where the filesystem will store search data. If not defined, the root directory derives from $OC_BASE_DATA_PATH/search. @@ -11178,7 +11187,7 @@ SEARCH_EVENTS_AUTH_USERNAME: deprecationInfo: "" SEARCH_EVENTS_CLUSTER: name: OC_EVENTS_CLUSTER;SEARCH_EVENTS_CLUSTER - defaultValue: ocis-cluster + defaultValue: opencloud-cluster type: string description: The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. @@ -11820,7 +11829,7 @@ SHARING_EVENTS_AUTH_USERNAME: deprecationInfo: "" SHARING_EVENTS_CLUSTER: name: OC_EVENTS_CLUSTER;SHARING_EVENTS_CLUSTER - defaultValue: ocis-cluster + defaultValue: opencloud-cluster type: string description: The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. @@ -12059,7 +12068,7 @@ SHARING_PUBLIC_DRIVER: deprecationInfo: "" SHARING_PUBLIC_JSON_FILE: name: SHARING_PUBLIC_JSON_FILE - defaultValue: /var/lib/ocis/storage/publicshares.json + defaultValue: /var/lib/opencloud/storage/publicshares.json type: string description: Path to the JSON file where public share meta-data will be stored. This JSON file contains the information about public shares that have been created. @@ -12227,7 +12236,7 @@ SHARING_USER_DRIVER: deprecationInfo: "" SHARING_USER_JSON_FILE: name: SHARING_USER_JSON_FILE - defaultValue: /var/lib/ocis/storage/shares.json + defaultValue: /var/lib/opencloud/storage/shares.json type: string description: Path to the JSON file where shares will be persisted. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage. @@ -12452,7 +12461,7 @@ SSE_EVENTS_AUTH_USERNAME: deprecationInfo: "" SSE_EVENTS_CLUSTER: name: OC_EVENTS_CLUSTER;SSE_EVENTS_CLUSTER - defaultValue: ocis-cluster + defaultValue: opencloud-cluster type: string description: The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. @@ -13197,7 +13206,7 @@ STORAGE_SYSTEM_OC_MAX_ACQUIRE_LOCK_CYCLES: deprecationInfo: "" STORAGE_SYSTEM_OC_ROOT: name: STORAGE_SYSTEM_OC_ROOT - defaultValue: /var/lib/ocis/storage/metadata + defaultValue: /var/lib/opencloud/storage/metadata type: string description: Path for the directory where the STORAGE-SYSTEM service stores it's persistent data. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage. @@ -13435,7 +13444,7 @@ STORAGE_USERS_EVENTS_AUTH_USERNAME: deprecationInfo: "" STORAGE_USERS_EVENTS_CLUSTER: name: OC_EVENTS_CLUSTER;STORAGE_USERS_EVENTS_CLUSTER - defaultValue: ocis-cluster + defaultValue: opencloud-cluster type: string description: The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. @@ -13857,7 +13866,7 @@ STORAGE_USERS_OCIS_PROPAGATOR: deprecationInfo: "" STORAGE_USERS_OCIS_ROOT: name: STORAGE_USERS_OCIS_ROOT - defaultValue: /var/lib/ocis/storage/users + defaultValue: /var/lib/opencloud/storage/users type: string description: The directory where the filesystem storage will store blobs and metadata. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage/users. @@ -13885,7 +13894,7 @@ STORAGE_USERS_OCIS_USER_LAYOUT: deprecationInfo: "" STORAGE_USERS_OWNCLOUDSQL_DATADIR: name: STORAGE_USERS_OWNCLOUDSQL_DATADIR - defaultValue: /var/lib/ocis/storage/owncloud + defaultValue: /var/lib/opencloud/storage/owncloud type: string description: The directory where the filesystem storage will store SQL migration data. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage/owncloud. @@ -13959,7 +13968,7 @@ STORAGE_USERS_OWNCLOUDSQL_SHARE_FOLDER: deprecationInfo: "" STORAGE_USERS_OWNCLOUDSQL_UPLOADINFO_DIR: name: STORAGE_USERS_OWNCLOUDSQL_UPLOADINFO_DIR - defaultValue: /var/lib/ocis/storage/uploadinfo + defaultValue: /var/lib/opencloud/storage/uploadinfo type: string description: The directory where the filesystem will store uploads temporarily. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage/uploadinfo. @@ -14016,7 +14025,7 @@ STORAGE_USERS_POSIX_PERSONAL_SPACE_PATH_TEMPLATE: deprecationInfo: "" STORAGE_USERS_POSIX_ROOT: name: STORAGE_USERS_POSIX_ROOT - defaultValue: /var/lib/ocis/storage/users + defaultValue: /var/lib/opencloud/storage/users type: string description: The directory where the filesystem storage will store its data. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage/users. @@ -14301,7 +14310,7 @@ STORAGE_USERS_S3NG_REGION: deprecationInfo: "" STORAGE_USERS_S3NG_ROOT: name: STORAGE_USERS_S3NG_ROOT - defaultValue: /var/lib/ocis/storage/users + defaultValue: /var/lib/opencloud/storage/users type: string description: The directory where the filesystem storage will store metadata for blobs. If not defined, the root directory derives from $OC_BASE_DATA_PATH/storage/users. @@ -14536,7 +14545,7 @@ THUMBNAILS_DEBUG_ZPAGES: deprecationInfo: "" THUMBNAILS_FILESYSTEMSTORAGE_ROOT: name: THUMBNAILS_FILESYSTEMSTORAGE_ROOT - defaultValue: /var/lib/ocis/thumbnails + defaultValue: /var/lib/opencloud/thumbnails type: string description: The directory where the filesystem storage will store the thumbnails. If not defined, the root directory derives from $OC_BASE_DATA_PATH/thumbnails. @@ -14828,7 +14837,7 @@ USERLOG_EVENTS_AUTH_USERNAME: deprecationInfo: "" USERLOG_EVENTS_CLUSTER: name: OC_EVENTS_CLUSTER;USERLOG_EVENTS_CLUSTER - defaultValue: ocis-cluster + defaultValue: opencloud-cluster type: string description: The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. @@ -15206,7 +15215,7 @@ USERS_LDAP_BIND_PASSWORD: deprecationInfo: "" USERS_LDAP_CACERT: name: OC_LDAP_CACERT;USERS_LDAP_CACERT - defaultValue: /var/lib/ocis/idm/ldap.crt + defaultValue: /var/lib/opencloud/idm/ldap.crt type: string description: Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root @@ -15649,7 +15658,7 @@ USERS_TRACING_TYPE: deprecationInfo: "" WEB_ASSET_APPS_PATH: name: WEB_ASSET_APPS_PATH - defaultValue: /var/lib/ocis/web/assets/apps + defaultValue: /var/lib/opencloud/web/assets/apps type: string description: Serve ownCloud Web apps assets from a path on the filesystem instead of the builtin assets. If not defined, the root directory derives from $OC_BASE_DATA_PATH/web/assets/apps @@ -15659,7 +15668,7 @@ WEB_ASSET_APPS_PATH: deprecationInfo: "" WEB_ASSET_CORE_PATH: name: WEB_ASSET_CORE_PATH - defaultValue: /var/lib/ocis/web/assets/core + defaultValue: /var/lib/opencloud/web/assets/core type: string description: Serve ownCloud Web assets from a path on the filesystem instead of the builtin assets. If not defined, the root directory derives from $OC_BASE_DATA_PATH/web/assets/core @@ -15669,7 +15678,7 @@ WEB_ASSET_CORE_PATH: deprecationInfo: "" WEB_ASSET_THEMES_PATH: name: OC_ASSET_THEMES_PATH;WEB_ASSET_THEMES_PATH - defaultValue: /var/lib/ocis/web/assets/themes + defaultValue: /var/lib/opencloud/web/assets/themes type: string description: Serve ownCloud themes from a path on the filesystem instead of the builtin assets. If not defined, the root directory derives from $OC_BASE_DATA_PATH/web/assets/themes @@ -16531,6 +16540,18 @@ WEBFINGER_OIDC_ISSUER: deprecationVersion: "" removalVersion: "" deprecationInfo: "" +WEBFINGER_OPENCLOUD_SERVER_INSTANCE_URL: + name: OC_URL;WEBFINGER_OPENCLOUD_SERVER_INSTANCE_URL + defaultValue: https://localhost:9200 + type: string + description: The URL for the legacy OpenCloud server instance relation (not to be + confused with the product OpenCloud Server). It defaults to the OC_URL but can + be overridden to support some reverse proxy corner cases. To shard the deployment, + multiple instances can be configured in the configuration file. + introductionVersion: pre5.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" WEBFINGER_OWNCLOUD_SERVER_INSTANCE_URL: name: OC_URL;WEBFINGER_OWNCLOUD_SERVER_INSTANCE_URL defaultValue: https://localhost:9200