diff options
Diffstat (limited to 'config.default.php')
-rw-r--r-- | config.default.php | 122 |
1 files changed, 42 insertions, 80 deletions
diff --git a/config.default.php b/config.default.php index a790e1ea..52c0c143 100644 --- a/config.default.php +++ b/config.default.php @@ -11,7 +11,7 @@ define('DEBUG', false); define('DEBUG_FILE', __DIR__.DIRECTORY_SEPARATOR.'data'.DIRECTORY_SEPARATOR.'debug.log'); // Plugins directory -define('PLUGINS_DIR', 'data'.DIRECTORY_SEPARATOR.'plugins'); +define('PLUGINS_DIR', 'plugins'); // Folder for uploaded files define('FILES_DIR', 'data'.DIRECTORY_SEPARATOR.'files'); @@ -32,19 +32,6 @@ define('MAIL_SMTP_ENCRYPTION', null); // Valid values are "null", "ssl" or "tls" // Sendmail command to use when the transport is "sendmail" define('MAIL_SENDMAIL_COMMAND', '/usr/sbin/sendmail -bs'); -// Postmark API token (used to send emails through their API) -define('POSTMARK_API_TOKEN', ''); - -// Mailgun API key (used to send emails through their API) -define('MAILGUN_API_TOKEN', ''); - -// Mailgun domain name -define('MAILGUN_DOMAIN', ''); - -// Sendgrid API configuration -define('SENDGRID_API_USER', ''); -define('SENDGRID_API_KEY', ''); - // Database driver: sqlite, mysql or postgres (sqlite by default) define('DB_DRIVER', 'sqlite'); @@ -78,6 +65,10 @@ define('LDAP_SSL_VERIFY', true); // Enable LDAP START_TLS define('LDAP_START_TLS', false); +// By default Kanboard lowercase the ldap username to avoid duplicate users (the database is case sensitive) +// Set to true if you want to preserve the case +define('LDAP_USERNAME_CASE_SENSITIVE', false); + // LDAP bind type: "anonymous", "user" or "proxy" define('LDAP_BIND_TYPE', 'anonymous'); @@ -88,88 +79,56 @@ define('LDAP_USERNAME', null); // LDAP password to use for proxy mode define('LDAP_PASSWORD', null); -// LDAP account base, i.e. root of all user account -// Example: ou=People,dc=example,dc=com -define('LDAP_ACCOUNT_BASE', ''); +// LDAP DN for users +// Example for ActiveDirectory: CN=Users,DC=kanboard,DC=local +// Example for OpenLDAP: ou=People,dc=example,dc=com +define('LDAP_USER_BASE_DN', ''); -// LDAP query pattern to use when searching for a user account +// LDAP pattern to use when searching for a user account // Example for ActiveDirectory: '(&(objectClass=user)(sAMAccountName=%s))' // Example for OpenLDAP: 'uid=%s' -define('LDAP_USER_PATTERN', ''); - -// Name of an attribute of the user account object which should be used as the full name of the user -define('LDAP_ACCOUNT_FULLNAME', 'displayname'); - -// Name of an attribute of the user account object which should be used as the email of the user -define('LDAP_ACCOUNT_EMAIL', 'mail'); +define('LDAP_USER_FILTER', ''); -// Name of an attribute of the user account object which should be used as the id of the user. (optional) +// LDAP attribute for username // Example for ActiveDirectory: 'samaccountname' // Example for OpenLDAP: 'uid' -define('LDAP_ACCOUNT_ID', ''); - -// LDAP Attribute for group membership -define('LDAP_ACCOUNT_MEMBEROF', 'memberof'); - -// DN for administrators -// Example: CN=Kanboard Admins,CN=Users,DC=kanboard,DC=local -define('LDAP_GROUP_ADMIN_DN', ''); +define('LDAP_USER_ATTRIBUTE_USERNAME', 'uid'); -// DN for project administrators -// Example: CN=Kanboard Project Admins,CN=Users,DC=kanboard,DC=local -define('LDAP_GROUP_PROJECT_ADMIN_DN', ''); +// LDAP attribute for user full name +// Example for ActiveDirectory: 'displayname' +// Example for OpenLDAP: 'cn' +define('LDAP_USER_ATTRIBUTE_FULLNAME', 'cn'); -// By default Kanboard lowercase the ldap username to avoid duplicate users (the database is case sensitive) -// Set to true if you want to preserve the case -define('LDAP_USERNAME_CASE_SENSITIVE', false); - -// Automatically create user account -define('LDAP_ACCOUNT_CREATION', true); - -// Enable/disable Google authentication -define('GOOGLE_AUTH', false); - -// Google client id (Get this value from the Google developer console) -define('GOOGLE_CLIENT_ID', ''); - -// Google client secret key (Get this value from the Google developer console) -define('GOOGLE_CLIENT_SECRET', ''); +// LDAP attribute for user email +define('LDAP_USER_ATTRIBUTE_EMAIL', 'mail'); -// Enable/disable GitHub authentication -define('GITHUB_AUTH', false); +// LDAP attribute to find groups in user profile +define('LDAP_USER_ATTRIBUTE_GROUPS', 'memberof'); -// GitHub client id (Copy it from your settings -> Applications -> Developer applications) -define('GITHUB_CLIENT_ID', ''); +// Allow automatic LDAP user creation +define('LDAP_USER_CREATION', true); -// GitHub client secret key (Copy it from your settings -> Applications -> Developer applications) -define('GITHUB_CLIENT_SECRET', ''); - -// Github oauth2 authorize url -define('GITHUB_OAUTH_AUTHORIZE_URL', 'https://github.com/login/oauth/authorize'); - -// Github oauth2 token url -define('GITHUB_OAUTH_TOKEN_URL', 'https://github.com/login/oauth/access_token'); - -// Github API url (don't forget the trailing slash) -define('GITHUB_API_URL', 'https://api.github.com/'); - -// Enable/disable Gitlab authentication -define('GITLAB_AUTH', false); +// LDAP DN for administrators +// Example: CN=Kanboard-Admins,CN=Users,DC=kanboard,DC=local +define('LDAP_GROUP_ADMIN_DN', ''); -// Gitlab application id -define('GITLAB_CLIENT_ID', ''); +// LDAP DN for managers +// Example: CN=Kanboard Managers,CN=Users,DC=kanboard,DC=local +define('LDAP_GROUP_MANAGER_DN', ''); -// Gitlab application secret -define('GITLAB_CLIENT_SECRET', ''); +// Enable LDAP group provider for project permissions +// The end-user will be able to browse LDAP groups from the user interface and allow access to specified projects +define('LDAP_GROUP_PROVIDER', false); -// Gitlab oauth2 authorize url -define('GITLAB_OAUTH_AUTHORIZE_URL', 'https://gitlab.com/oauth/authorize'); +// LDAP Base DN for groups +define('LDAP_GROUP_BASE_DN', ''); -// Gitlab oauth2 token url -define('GITLAB_OAUTH_TOKEN_URL', 'https://gitlab.com/oauth/token'); +// LDAP group filter +// Example for ActiveDirectory: (&(objectClass=group)(sAMAccountName=%s*)) +define('LDAP_GROUP_FILTER', ''); -// Gitlab API url endpoint (don't forget the trailing slash) -define('GITLAB_API_URL', 'https://gitlab.com/api/v3/'); +// LDAP attribute for the group name +define('LDAP_GROUP_ATTRIBUTE_NAME', 'cn'); // Enable/disable the reverse proxy authentication define('REVERSE_PROXY_AUTH', false); @@ -207,6 +166,9 @@ define('ENABLE_URL_REWRITE', false); // Hide login form, useful if all your users use Google/Github/ReverseProxy authentication define('HIDE_LOGIN_FORM', false); +// Disabling logout (for external SSO authentication) +define('DISABLE_LOGOUT', false); + // Enable captcha after 3 authentication failure define('BRUTEFORCE_CAPTCHA', 3); |