ACTIVITYLOG_CORS_ALLOW_CREDENTIALS: name: OCIS_CORS_ALLOW_CREDENTIALS;ACTIVITYLOG_CORS_ALLOW_CREDENTIALS defaultValue: "true" type: bool description: 'Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" ACTIVITYLOG_CORS_ALLOW_HEADERS: name: OCIS_CORS_ALLOW_HEADERS;ACTIVITYLOG_CORS_ALLOW_HEADERS defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id Ocs-Apirequest]' type: '[]string' description: 'A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" ACTIVITYLOG_CORS_ALLOW_METHODS: name: OCIS_CORS_ALLOW_METHODS;ACTIVITYLOG_CORS_ALLOW_METHODS defaultValue: '[GET]' type: '[]string' description: 'A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" ACTIVITYLOG_CORS_ALLOW_ORIGINS: name: OCIS_CORS_ALLOW_ORIGINS;ACTIVITYLOG_CORS_ALLOW_ORIGINS defaultValue: '[*]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" ACTIVITYLOG_DEBUG_ADDR: name: ACTIVITYLOG_DEBUG_ADDR defaultValue: 127.0.0.1:9197 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" ACTIVITYLOG_DEBUG_PPROF: name: ACTIVITYLOG_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" ACTIVITYLOG_DEBUG_TOKEN: name: ACTIVITYLOG_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" ACTIVITYLOG_DEBUG_ZPAGES: name: ACTIVITYLOG_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" ACTIVITYLOG_HTTP_ADDR: name: ACTIVITYLOG_HTTP_ADDR defaultValue: 127.0.0.1:0 type: string description: The bind address of the HTTP service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" ACTIVITYLOG_HTTP_ROOT: name: ACTIVITYLOG_HTTP_ROOT defaultValue: / type: string description: Subdirectory that serves as the root for this HTTP service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" ACTIVITYLOG_JWT_SECRET: name: OCIS_JWT_SECRET;ACTIVITYLOG_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" ACTIVITYLOG_LOG_COLOR: name: OCIS_LOG_COLOR;ACTIVITYLOG_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" ACTIVITYLOG_LOG_FILE: name: OCIS_LOG_FILE;ACTIVITYLOG_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" ACTIVITYLOG_LOG_LEVEL: name: OCIS_LOG_LEVEL;ACTIVITYLOG_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" ACTIVITYLOG_LOG_PRETTY: name: OCIS_LOG_PRETTY;ACTIVITYLOG_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" ACTIVITYLOG_SERVICE_ACCOUNT_ID: name: OCIS_SERVICE_ACCOUNT_ID;ACTIVITYLOG_SERVICE_ACCOUNT_ID defaultValue: "" type: string description: The ID of the service account the service should use. See the 'auth-service' service description for more details. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" ACTIVITYLOG_STORE: name: OCIS_PERSISTENT_STORE;ACTIVITYLOG_STORE defaultValue: nats-js-kv type: string description: 'The type of the store. Supported values are: ''memory'', ''ocmem'', ''etcd'', ''redis'', ''redis-sentinel'', ''nats-js'', ''noop''. See the text description for details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" ACTIVITYLOG_STORE_AUTH_PASSWORD: name: OCIS_PERSISTENT_STORE_AUTH_PASSWORD;ACTIVITYLOG_STORE_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" ACTIVITYLOG_STORE_AUTH_USERNAME: name: OCIS_PERSISTENT_STORE_AUTH_USERNAME;ACTIVITYLOG_STORE_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" ACTIVITYLOG_STORE_DATABASE: name: ACTIVITYLOG_STORE_DATABASE defaultValue: activitylog type: string description: The database name the configured store should use. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" ACTIVITYLOG_STORE_NODES: name: OCIS_PERSISTENT_STORE_NODES;ACTIVITYLOG_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. This has no effect when 'memory' or 'ocmem' stores are configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" ACTIVITYLOG_STORE_SIZE: name: OCIS_PERSISTENT_STORE_SIZE;ACTIVITYLOG_STORE_SIZE defaultValue: "0" type: int description: The maximum quantity of items in the store. Only applies when store type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package though not explicitly set as default. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" ACTIVITYLOG_STORE_TABLE: name: ACTIVITYLOG_STORE_TABLE defaultValue: "" type: string description: The database table the store should use. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" ACTIVITYLOG_STORE_TTL: name: OCIS_PERSISTENT_STORE_TTL;ACTIVITYLOG_STORE_TTL defaultValue: 0s type: Duration description: Time to live for events in the store. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" ACTIVITYLOG_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;ACTIVITYLOG_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" ACTIVITYLOG_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;ACTIVITYLOG_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" ACTIVITYLOG_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;ACTIVITYLOG_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" ACTIVITYLOG_TRACING_TYPE: name: OCIS_TRACING_TYPE;ACTIVITYLOG_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" ACTIVITYOG_SERVICE_ACCOUNT_SECRET: name: OCIS_SERVICE_ACCOUNT_SECRET;ACTIVITYOG_SERVICE_ACCOUNT_SECRET defaultValue: "" type: string description: The service account secret. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" ANTIVIRUS_CLAMAV_SOCKET: name: ANTIVIRUS_CLAMAV_SOCKET defaultValue: /run/clamav/clamd.ctl type: string description: The socket clamav is running on. Note the default value is an example which needs adaption according your OS. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" ANTIVIRUS_DEBUG_ADDR: name: ANTIVIRUS_DEBUG_ADDR defaultValue: 127.0.0.1:9277 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" ANTIVIRUS_DEBUG_PPROF: name: ANTIVIRUS_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" ANTIVIRUS_DEBUG_SCAN_OUTCOME: name: ANTIVIRUS_DEBUG_SCAN_OUTCOME defaultValue: "" type: string description: 'A predefined outcome for virus scanning, FOR DEBUG PURPOSES ONLY! (example values: ''found,infected'')' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" ANTIVIRUS_DEBUG_TOKEN: name: ANTIVIRUS_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" ANTIVIRUS_DEBUG_ZPAGES: name: ANTIVIRUS_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" ANTIVIRUS_EVENTS_AUTH_PASSWORD: name: OCIS_EVENTS_AUTH_PASSWORD;ANTIVIRUS_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" ANTIVIRUS_EVENTS_AUTH_USERNAME: name: OCIS_EVENTS_AUTH_USERNAME;ANTIVIRUS_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" ANTIVIRUS_EVENTS_CLUSTER: name: OCIS_EVENTS_CLUSTER;ANTIVIRUS_EVENTS_CLUSTER defaultValue: ocis-cluster type: string description: The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" ANTIVIRUS_EVENTS_ENABLE_TLS: name: OCIS_EVENTS_ENABLE_TLS;ANTIVIRUS_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" ANTIVIRUS_EVENTS_ENDPOINT: name: OCIS_EVENTS_ENDPOINT;ANTIVIRUS_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" ANTIVIRUS_EVENTS_TLS_INSECURE: name: OCIS_INSECURE;ANTIVIRUS_EVENTS_TLS_INSECURE defaultValue: "false" type: bool description: Whether to verify the server TLS certificates. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" ANTIVIRUS_EVENTS_TLS_ROOT_CA_CERTIFICATE: name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;ANTIVIRUS_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. If provided ANTIVIRUS_EVENTS_TLS_INSECURE will be seen as false. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" ANTIVIRUS_ICAP_SCAN_TIMEOUT: name: ANTIVIRUS_ICAP_SCAN_TIMEOUT defaultValue: 5m0s type: Duration description: Scan timeout for the ICAP client. Defaults to '5m' (5 minutes). See the Environment Variable Types description for more details. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" ANTIVIRUS_ICAP_SERVICE: name: ANTIVIRUS_ICAP_SERVICE defaultValue: avscan type: string description: The name of the ICAP service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" ANTIVIRUS_ICAP_TIMEOUT: name: ANTIVIRUS_ICAP_TIMEOUT defaultValue: "0" type: int64 description: Timeout for the ICAP client. introductionVersion: pre5.0 deprecationVersion: "5.0" removalVersion: '%%NEXT_PRODUCTION_VERSION%%' deprecationInfo: Changing the envvar type for consistency reasons. ANTIVIRUS_ICAP_URL: name: ANTIVIRUS_ICAP_URL defaultValue: icap://127.0.0.1:1344 type: string description: URL of the ICAP server. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" ANTIVIRUS_INFECTED_FILE_HANDLING: name: ANTIVIRUS_INFECTED_FILE_HANDLING defaultValue: delete type: string description: 'Defines the behaviour when a virus has been found. Supported options are: ''delete'', ''continue'' and ''abort ''. Delete will delete the file. Continue will mark the file as infected but continues further processing. Abort will keep the file in the uploads folder for further admin inspection and will not move it to its final destination.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" ANTIVIRUS_LOG_COLOR: name: OCIS_LOG_COLOR;ANTIVIRUS_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" ANTIVIRUS_LOG_FILE: name: OCIS_LOG_FILE;ANTIVIRUS_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" ANTIVIRUS_LOG_LEVEL: name: OCIS_LOG_LEVEL;ANTIVIRUS_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" ANTIVIRUS_LOG_PRETTY: name: OCIS_LOG_PRETTY;ANTIVIRUS_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" ANTIVIRUS_MAX_SCAN_SIZE: name: ANTIVIRUS_MAX_SCAN_SIZE defaultValue: "" type: string description: 'The maximum scan size the virus scanner can handle. Only this many bytes of a file will be scanned. 0 means unlimited and is the default. Usable common abbreviations: [KB, KiB, MB, MiB, GB, GiB, TB, TiB, PB, PiB, EB, EiB], example: 2GB.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" ANTIVIRUS_SCANNER_TYPE: name: ANTIVIRUS_SCANNER_TYPE defaultValue: clamav type: string description: The antivirus scanner to use. Supported values are 'clamav' and 'icap'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" ANTIVIRUS_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;ANTIVIRUS_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" ANTIVIRUS_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;ANTIVIRUS_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" ANTIVIRUS_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;ANTIVIRUS_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" ANTIVIRUS_TRACING_TYPE: name: OCIS_TRACING_TYPE;ANTIVIRUS_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_PROVIDER_DEBUG_ADDR: name: APP_PROVIDER_DEBUG_ADDR defaultValue: 127.0.0.1:9165 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_PROVIDER_DEBUG_PPROF: name: APP_PROVIDER_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_PROVIDER_DEBUG_TOKEN: name: APP_PROVIDER_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_PROVIDER_DEBUG_ZPAGES: name: APP_PROVIDER_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing traces in-memory. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_PROVIDER_DRIVER: name: APP_PROVIDER_DRIVER defaultValue: "" type: string description: Driver, the APP PROVIDER services uses. Only 'wopi' is supported as of now. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_PROVIDER_EXTERNAL_ADDR: name: APP_PROVIDER_EXTERNAL_ADDR defaultValue: "" type: string description: Address of the app provider, where the GATEWAY service can reach it. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_PROVIDER_GRPC_ADDR: name: APP_PROVIDER_GRPC_ADDR defaultValue: 127.0.0.1:9164 type: string description: The bind address of the GRPC service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_PROVIDER_GRPC_PROTOCOL: name: APP_PROVIDER_GRPC_PROTOCOL defaultValue: tcp type: string description: The transport protocol of the GPRC service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_PROVIDER_JWT_SECRET: name: OCIS_JWT_SECRET;APP_PROVIDER_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_PROVIDER_LOG_COLOR: name: OCIS_LOG_COLOR;APP_PROVIDER_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_PROVIDER_LOG_FILE: name: OCIS_LOG_FILE;APP_PROVIDER_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_PROVIDER_LOG_LEVEL: name: OCIS_LOG_LEVEL;APP_PROVIDER_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_PROVIDER_LOG_PRETTY: name: OCIS_LOG_PRETTY;APP_PROVIDER_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_PROVIDER_SERVICE_NAME: name: APP_PROVIDER_SERVICE_NAME defaultValue: app-provider type: string description: 'The name of the service. This needs to be changed when using more than one app provider. Each app provider configured needs to be identified by a unique service name. Possible examples are: ''app-provider-collabora'', ''app-provider-onlyoffice'', ''app-provider-office365''.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_PROVIDER_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;APP_PROVIDER_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_PROVIDER_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;APP_PROVIDER_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_PROVIDER_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;APP_PROVIDER_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_PROVIDER_TRACING_TYPE: name: OCIS_TRACING_TYPE;APP_PROVIDER_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_PROVIDER_WOPI_APP_API_KEY: name: APP_PROVIDER_WOPI_APP_API_KEY defaultValue: "" type: string description: API key for the wopi app. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_PROVIDER_WOPI_APP_DESKTOP_ONLY: name: APP_PROVIDER_WOPI_APP_DESKTOP_ONLY defaultValue: "false" type: bool description: Offer this app only on desktop. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_PROVIDER_WOPI_APP_ICON_URI: name: APP_PROVIDER_WOPI_APP_ICON_URI defaultValue: "" type: string description: URI to an app icon to be used by clients. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_PROVIDER_WOPI_APP_INTERNAL_URL: name: APP_PROVIDER_WOPI_APP_INTERNAL_URL defaultValue: "" type: string description: Internal URL to the app, like in your DMZ. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_PROVIDER_WOPI_APP_NAME: name: APP_PROVIDER_WOPI_APP_NAME defaultValue: "" type: string description: Human readable app name. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_PROVIDER_WOPI_APP_URL: name: APP_PROVIDER_WOPI_APP_URL defaultValue: "" type: string description: URL for end users to access the app. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_PROVIDER_WOPI_DISABLE_CHAT: name: APP_PROVIDER_WOPI_DISABLE_CHAT;OCIS_WOPI_DISABLE_CHAT defaultValue: "false" type: bool description: Disable the chat functionality of the office app. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_PROVIDER_WOPI_FOLDER_URL_BASE_URL: name: OCIS_URL;APP_PROVIDER_WOPI_FOLDER_URL_BASE_URL defaultValue: https://localhost:9200/ type: string description: Base url to navigate back from the app to the containing folder in the file list. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_PROVIDER_WOPI_FOLDER_URL_PATH_TEMPLATE: name: APP_PROVIDER_WOPI_FOLDER_URL_PATH_TEMPLATE defaultValue: /f/{{.ResourceID}} type: string description: Path template to navigate back from the app to the containing folder in the file list. Supported template variables are {{.ResourceInfo.ResourceID}}, {{.ResourceInfo.Mtime.Seconds}}, {{.ResourceInfo.Name}}, {{.ResourceInfo.Path}}, {{.ResourceInfo.Type}}, {{.ResourceInfo.Id.SpaceId}}, {{.ResourceInfo.Id.StorageId}}, {{.ResourceInfo.Id.OpaqueId}}, {{.ResourceInfo.MimeType}} introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_PROVIDER_WOPI_INSECURE: name: APP_PROVIDER_WOPI_INSECURE defaultValue: "false" type: bool description: Disable TLS certificate validation for requests to the WOPI server and the web office application. Do not set this in production environments. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_PROVIDER_WOPI_WOPI_SERVER_EXTERNAL_URL: name: APP_PROVIDER_WOPI_WOPI_SERVER_EXTERNAL_URL defaultValue: "" type: string description: External url of the CS3org WOPI server. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_PROVIDER_WOPI_WOPI_SERVER_IOP_SECRET: name: APP_PROVIDER_WOPI_WOPI_SERVER_IOP_SECRET defaultValue: "" type: string description: Shared secret of the CS3org WOPI server. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_REGISTRY_DEBUG_ADDR: name: APP_REGISTRY_DEBUG_ADDR defaultValue: 127.0.0.1:9243 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_REGISTRY_DEBUG_PPROF: name: APP_REGISTRY_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_REGISTRY_DEBUG_TOKEN: name: APP_REGISTRY_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_REGISTRY_DEBUG_ZPAGES: name: APP_REGISTRY_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_REGISTRY_GRPC_ADDR: name: APP_REGISTRY_GRPC_ADDR defaultValue: 127.0.0.1:9242 type: string description: The bind address of the GRPC service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_REGISTRY_GRPC_PROTOCOL: name: APP_REGISTRY_GRPC_PROTOCOL defaultValue: tcp type: string description: The transport protocol of the GRPC service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_REGISTRY_JWT_SECRET: name: OCIS_JWT_SECRET;APP_REGISTRY_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_REGISTRY_LOG_COLOR: name: OCIS_LOG_COLOR;APP_REGISTRY_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_REGISTRY_LOG_FILE: name: OCIS_LOG_FILE;APP_REGISTRY_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_REGISTRY_LOG_LEVEL: name: OCIS_LOG_LEVEL;APP_REGISTRY_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_REGISTRY_LOG_PRETTY: name: OCIS_LOG_PRETTY;APP_REGISTRY_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_REGISTRY_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;APP_REGISTRY_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_REGISTRY_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;APP_REGISTRY_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_REGISTRY_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;APP_REGISTRY_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" APP_REGISTRY_TRACING_TYPE: name: OCIS_TRACING_TYPE;APP_REGISTRY_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUDIT_DEBUG_ADDR: name: AUDIT_DEBUG_ADDR defaultValue: 127.0.0.1:9229 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUDIT_DEBUG_PPROF: name: AUDIT_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUDIT_DEBUG_TOKEN: name: AUDIT_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUDIT_DEBUG_ZPAGES: name: AUDIT_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUDIT_EVENTS_AUTH_PASSWORD: name: OCIS_EVENTS_AUTH_PASSWORD;AUDIT_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUDIT_EVENTS_AUTH_USERNAME: name: OCIS_EVENTS_AUTH_USERNAME;AUDIT_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUDIT_EVENTS_CLUSTER: name: OCIS_EVENTS_CLUSTER;AUDIT_EVENTS_CLUSTER defaultValue: ocis-cluster type: string description: The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUDIT_EVENTS_ENABLE_TLS: name: OCIS_EVENTS_ENABLE_TLS;AUDIT_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUDIT_EVENTS_ENDPOINT: name: OCIS_EVENTS_ENDPOINT;AUDIT_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUDIT_EVENTS_TLS_INSECURE: name: OCIS_INSECURE;AUDIT_EVENTS_TLS_INSECURE defaultValue: "false" type: bool description: Whether to verify the server TLS certificates. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUDIT_EVENTS_TLS_ROOT_CA_CERTIFICATE: name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;AUDIT_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. If provided AUDIT_EVENTS_TLS_INSECURE will be seen as false. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUDIT_FILEPATH: name: AUDIT_FILEPATH defaultValue: "" type: string description: Filepath of the logfile. Mandatory if LOG_TO_FILE is set to 'true'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUDIT_FORMAT: name: AUDIT_FORMAT defaultValue: json type: string description: Log format. Supported values are '' (empty) and 'json'. Using 'json' is advised, '' (empty) renders the 'minimal' format. See the text description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUDIT_LOG_COLOR: name: OCIS_LOG_COLOR;AUDIT_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUDIT_LOG_FILE: name: OCIS_LOG_FILE;AUDIT_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUDIT_LOG_LEVEL: name: OCIS_LOG_LEVEL;AUDIT_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUDIT_LOG_PRETTY: name: OCIS_LOG_PRETTY;AUDIT_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUDIT_LOG_TO_CONSOLE: name: AUDIT_LOG_TO_CONSOLE defaultValue: "true" type: bool description: Logs to stdout if set to 'true'. Independent of the LOG_TO_FILE option. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUDIT_LOG_TO_FILE: name: AUDIT_LOG_TO_FILE defaultValue: "false" type: bool description: Logs to file if set to 'true'. Independent of the LOG_TO_CONSOLE option. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUDIT_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;AUDIT_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUDIT_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;AUDIT_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUDIT_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;AUDIT_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUDIT_TRACING_TYPE: name: OCIS_TRACING_TYPE;AUDIT_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_AUTH_MANAGER: name: AUTH_BASIC_AUTH_MANAGER defaultValue: ldap type: string description: The authentication manager to check if credentials are valid. Supported value is 'ldap'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_DEBUG_ADDR: name: AUTH_BASIC_DEBUG_ADDR defaultValue: 127.0.0.1:9147 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_DEBUG_PPROF: name: AUTH_BASIC_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_DEBUG_TOKEN: name: AUTH_BASIC_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_DEBUG_ZPAGES: name: AUTH_BASIC_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing traces in-memory. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_DISABLE_USER_MECHANISM: name: OCIS_LDAP_DISABLE_USER_MECHANISM;AUTH_BASIC_DISABLE_USER_MECHANISM defaultValue: attribute type: string description: An option to control the behavior for disabling users. Valid options are 'none', 'attribute' and 'group'. If set to 'group', disabling a user via API will add the user to the configured group for disabled users, if set to 'attribute' this will be done in the ldap user entry, if set to 'none' the disable request is not processed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_DISABLED_USERS_GROUP_DN: name: OCIS_LDAP_DISABLED_USERS_GROUP_DN;AUTH_BASIC_DISABLED_USERS_GROUP_DN defaultValue: cn=DisabledUsersGroup,ou=groups,o=libregraph-idm type: string description: The distinguished name of the group to which added users will be classified as disabled when 'disable_user_mechanism' is set to 'group'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_GRPC_ADDR: name: AUTH_BASIC_GRPC_ADDR defaultValue: 127.0.0.1:9146 type: string description: The bind address of the GRPC service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_GRPC_PROTOCOL: name: AUTH_BASIC_GRPC_PROTOCOL defaultValue: tcp type: string description: The transport protocol of the GRPC service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_IDP_URL: name: OCIS_URL;OCIS_OIDC_ISSUER;AUTH_BASIC_IDP_URL defaultValue: https://localhost:9200 type: string description: The identity provider value to set in the userids of the CS3 user objects for users returned by this user provider. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_JWT_SECRET: name: OCIS_JWT_SECRET;AUTH_BASIC_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_BIND_DN: name: OCIS_LDAP_BIND_DN;AUTH_BASIC_LDAP_BIND_DN defaultValue: uid=reva,ou=sysusers,o=libregraph-idm type: string description: LDAP DN to use for simple bind authentication with the target LDAP server. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_BIND_PASSWORD: name: OCIS_LDAP_BIND_PASSWORD;AUTH_BASIC_LDAP_BIND_PASSWORD defaultValue: "" type: string description: Password to use for authenticating the 'bind_dn'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_CACERT: name: OCIS_LDAP_CACERT;AUTH_BASIC_LDAP_CACERT defaultValue: /var/lib/ocis/idm/ldap.crt type: string description: Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/idm. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_GROUP_BASE_DN: name: OCIS_LDAP_GROUP_BASE_DN;AUTH_BASIC_LDAP_GROUP_BASE_DN defaultValue: ou=groups,o=libregraph-idm type: string description: Search base DN for looking up LDAP groups. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_GROUP_FILTER: name: OCIS_LDAP_GROUP_FILTER;AUTH_BASIC_LDAP_GROUP_FILTER defaultValue: "" type: string description: LDAP filter to add to the default filters for group searches. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_GROUP_OBJECTCLASS: name: OCIS_LDAP_GROUP_OBJECTCLASS;AUTH_BASIC_LDAP_GROUP_OBJECTCLASS defaultValue: groupOfNames type: string description: The object class to use for groups in the default group search filter ('groupOfNames'). introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_GROUP_SCHEMA_DISPLAYNAME: name: OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME;AUTH_BASIC_LDAP_GROUP_SCHEMA_DISPLAYNAME defaultValue: cn type: string description: LDAP Attribute to use for the displayname of groups (often the same as groupname attribute). introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_GROUP_SCHEMA_GROUPNAME: name: OCIS_LDAP_GROUP_SCHEMA_GROUPNAME;AUTH_BASIC_LDAP_GROUP_SCHEMA_GROUPNAME defaultValue: cn type: string description: LDAP Attribute to use for the name of groups. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_GROUP_SCHEMA_ID: name: OCIS_LDAP_GROUP_SCHEMA_ID;AUTH_BASIC_LDAP_GROUP_SCHEMA_ID defaultValue: ownclouduuid type: string description: LDAP Attribute to use as the unique id for groups. This should be a stable globally unique id (e.g. a UUID). introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING: name: OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;AUTH_BASIC_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING defaultValue: "false" type: bool description: Set this to true if the defined 'id' attribute for groups is of the 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute of Active Directory for the group IDs. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_GROUP_SCHEMA_MAIL: name: OCIS_LDAP_GROUP_SCHEMA_MAIL;AUTH_BASIC_LDAP_GROUP_SCHEMA_MAIL defaultValue: mail type: string description: LDAP Attribute to use for the email address of groups (can be empty). introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_GROUP_SCHEMA_MEMBER: name: OCIS_LDAP_GROUP_SCHEMA_MEMBER;AUTH_BASIC_LDAP_GROUP_SCHEMA_MEMBER defaultValue: member type: string description: LDAP Attribute that is used for group members. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_GROUP_SCOPE: name: OCIS_LDAP_GROUP_SCOPE;AUTH_BASIC_LDAP_GROUP_SCOPE defaultValue: sub type: string description: LDAP search scope to use when looking up groups. Supported values are 'base', 'one' and 'sub'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_INSECURE: name: OCIS_LDAP_INSECURE;AUTH_BASIC_LDAP_INSECURE defaultValue: "false" type: bool description: Disable TLS certificate validation for the LDAP connections. Do not set this in production environments. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_LOGIN_ATTRIBUTES: name: LDAP_LOGIN_ATTRIBUTES;AUTH_BASIC_LDAP_LOGIN_ATTRIBUTES defaultValue: '[uid]' type: '[]string' description: A list of user object attributes that can be used for login. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_URI: name: OCIS_LDAP_URI;AUTH_BASIC_LDAP_URI defaultValue: ldaps://localhost:9235 type: string description: URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' and 'ldap://' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_USER_BASE_DN: name: OCIS_LDAP_USER_BASE_DN;AUTH_BASIC_LDAP_USER_BASE_DN defaultValue: ou=users,o=libregraph-idm type: string description: Search base DN for looking up LDAP users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_USER_ENABLED_ATTRIBUTE: name: OCIS_LDAP_USER_ENABLED_ATTRIBUTE;AUTH_BASIC_LDAP_USER_ENABLED_ATTRIBUTE defaultValue: ownCloudUserEnabled type: string description: LDAP attribute to use as a flag telling if the user is enabled or disabled. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_USER_FILTER: name: OCIS_LDAP_USER_FILTER;AUTH_BASIC_LDAP_USER_FILTER defaultValue: "" type: string description: LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_USER_OBJECTCLASS: name: OCIS_LDAP_USER_OBJECTCLASS;AUTH_BASIC_LDAP_USER_OBJECTCLASS defaultValue: inetOrgPerson type: string description: The object class to use for users in the default user search filter ('inetOrgPerson'). introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_USER_SCHEMA_DISPLAYNAME: name: OCIS_LDAP_USER_SCHEMA_DISPLAYNAME;AUTH_BASIC_LDAP_USER_SCHEMA_DISPLAYNAME defaultValue: displayname type: string description: LDAP Attribute to use for the displayname of users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_USER_SCHEMA_ID: name: OCIS_LDAP_USER_SCHEMA_ID;AUTH_BASIC_LDAP_USER_SCHEMA_ID defaultValue: ownclouduuid type: string description: LDAP Attribute to use as the unique ID for users. This should be a stable globally unique ID like a UUID. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING: name: OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;AUTH_BASIC_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING defaultValue: "false" type: bool description: Set this to true if the defined 'ID' attribute for users is of the 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute of Active Directory for the user IDs. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_USER_SCHEMA_MAIL: name: OCIS_LDAP_USER_SCHEMA_MAIL;AUTH_BASIC_LDAP_USER_SCHEMA_MAIL defaultValue: mail type: string description: LDAP Attribute to use for the email address of users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_USER_SCHEMA_USERNAME: name: OCIS_LDAP_USER_SCHEMA_USERNAME;AUTH_BASIC_LDAP_USER_SCHEMA_USERNAME defaultValue: uid type: string description: LDAP Attribute to use for username of users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_USER_SCOPE: name: OCIS_LDAP_USER_SCOPE;AUTH_BASIC_LDAP_USER_SCOPE defaultValue: sub type: string description: LDAP search scope to use when looking up users. Supported values are 'base', 'one' and 'sub'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_LOG_COLOR: name: OCIS_LOG_COLOR;AUTH_BASIC_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_LOG_FILE: name: OCIS_LOG_FILE;AUTH_BASIC_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_LOG_LEVEL: name: OCIS_LOG_LEVEL;AUTH_BASIC_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_LOG_PRETTY: name: OCIS_LOG_PRETTY;AUTH_BASIC_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_OWNCLOUDSQL_DB_HOST: name: AUTH_BASIC_OWNCLOUDSQL_DB_HOST defaultValue: mysql type: string description: Hostname of the database server. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_OWNCLOUDSQL_DB_NAME: name: AUTH_BASIC_OWNCLOUDSQL_DB_NAME defaultValue: owncloud type: string description: Name of the owncloud database. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_OWNCLOUDSQL_DB_PASSWORD: name: AUTH_BASIC_OWNCLOUDSQL_DB_PASSWORD defaultValue: "" type: string description: Password for the database user. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_OWNCLOUDSQL_DB_PORT: name: AUTH_BASIC_OWNCLOUDSQL_DB_PORT defaultValue: "3306" type: int description: Network port to use for the database connection. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_OWNCLOUDSQL_DB_USERNAME: name: AUTH_BASIC_OWNCLOUDSQL_DB_USERNAME defaultValue: owncloud type: string description: Database user to use for authenticating with the owncloud database. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_OWNCLOUDSQL_IDP: name: AUTH_BASIC_OWNCLOUDSQL_IDP defaultValue: https://localhost:9200 type: string description: The identity provider value to set in the userids of the CS3 user objects for users returned by this user provider. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_OWNCLOUDSQL_JOIN_OWNCLOUD_UUID: name: AUTH_BASIC_OWNCLOUDSQL_JOIN_OWNCLOUD_UUID defaultValue: "false" type: bool description: Join the user properties table to read user ID's. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_OWNCLOUDSQL_JOIN_USERNAME: name: AUTH_BASIC_OWNCLOUDSQL_JOIN_USERNAME defaultValue: "false" type: bool description: Join the user properties table to read usernames introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_OWNCLOUDSQL_NOBODY: name: AUTH_BASIC_OWNCLOUDSQL_NOBODY defaultValue: "90" type: int64 description: Fallback number if no numeric UID and GID properties are provided. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_SKIP_USER_GROUPS_IN_TOKEN: name: AUTH_BASIC_SKIP_USER_GROUPS_IN_TOKEN defaultValue: "false" type: bool description: Disables the encoding of the user's group memberships in the reva access token. This reduces the token size, especially when users are members of a large number of groups. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;AUTH_BASIC_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;AUTH_BASIC_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;AUTH_BASIC_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BASIC_TRACING_TYPE: name: OCIS_TRACING_TYPE;AUTH_BASIC_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BEARER_DEBUG_ADDR: name: AUTH_BEARER_DEBUG_ADDR defaultValue: 127.0.0.1:9149 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BEARER_DEBUG_PPROF: name: AUTH_BEARER_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BEARER_DEBUG_TOKEN: name: AUTH_BEARER_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BEARER_DEBUG_ZPAGES: name: AUTH_BEARER_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BEARER_GRPC_ADDR: name: AUTH_BEARER_GRPC_ADDR defaultValue: 127.0.0.1:9148 type: string description: The bind address of the GRPC service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BEARER_GRPC_PROTOCOL: name: AUTH_BEARER_GRPC_PROTOCOL defaultValue: tcp type: string description: The transport protocol of the GRPC service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BEARER_JWT_SECRET: name: OCIS_JWT_SECRET;AUTH_BEARER_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BEARER_LOG_COLOR: name: OCIS_LOG_COLOR;AUTH_BEARER_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BEARER_LOG_FILE: name: OCIS_LOG_FILE;AUTH_BEARER_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BEARER_LOG_LEVEL: name: OCIS_LOG_LEVEL;AUTH_BEARER_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BEARER_LOG_PRETTY: name: OCIS_LOG_PRETTY;AUTH_BEARER_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BEARER_OIDC_GID_CLAIM: name: AUTH_BEARER_OIDC_GID_CLAIM defaultValue: "" type: string description: Name of the claim, which holds the GID. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BEARER_OIDC_ID_CLAIM: name: AUTH_BEARER_OIDC_ID_CLAIM defaultValue: preferred_username type: string description: Name of the claim, which holds the user identifier. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BEARER_OIDC_INSECURE: name: OCIS_INSECURE;AUTH_BEARER_OIDC_INSECURE defaultValue: "false" type: bool description: Allow insecure connections to the OIDC issuer. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BEARER_OIDC_ISSUER: name: OCIS_URL;OCIS_OIDC_ISSUER;AUTH_BEARER_OIDC_ISSUER defaultValue: https://localhost:9200 type: string description: URL of the OIDC issuer. It defaults to URL of the builtin IDP. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BEARER_OIDC_UID_CLAIM: name: AUTH_BEARER_OIDC_UID_CLAIM defaultValue: "" type: string description: Name of the claim, which holds the UID. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BEARER_SKIP_USER_GROUPS_IN_TOKEN: name: AUTH_BEARER_SKIP_USER_GROUPS_IN_TOKEN defaultValue: "false" type: bool description: Disables the encoding of the user's group memberships in the reva access token. This reduces the token size, especially when users are members of a large number of groups. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BEARER_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;AUTH_BEARER_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BEARER_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;AUTH_BEARER_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BEARER_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;AUTH_BEARER_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_BEARER_TRACING_TYPE: name: OCIS_TRACING_TYPE;AUTH_BEARER_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_MACHINE_API_KEY: name: OCIS_MACHINE_AUTH_API_KEY;AUTH_MACHINE_API_KEY defaultValue: "" type: string description: Machine auth API key used to validate internal requests necessary for the access to resources from other services. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_MACHINE_DEBUG_ADDR: name: AUTH_MACHINE_DEBUG_ADDR defaultValue: 127.0.0.1:9167 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_MACHINE_DEBUG_PPROF: name: AUTH_MACHINE_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_MACHINE_DEBUG_TOKEN: name: AUTH_MACHINE_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_MACHINE_DEBUG_ZPAGES: name: AUTH_MACHINE_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_MACHINE_GRPC_ADDR: name: AUTH_MACHINE_GRPC_ADDR defaultValue: 127.0.0.1:9166 type: string description: The bind address of the GRPC service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_MACHINE_GRPC_PROTOCOL: name: AUTH_MACHINE_GRPC_PROTOCOL defaultValue: tcp type: string description: The transport protocol of the GRPC service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_MACHINE_JWT_SECRET: name: OCIS_JWT_SECRET;AUTH_MACHINE_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_MACHINE_LOG_COLOR: name: OCIS_LOG_COLOR;AUTH_MACHINE_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_MACHINE_LOG_FILE: name: OCIS_LOG_FILE;AUTH_MACHINE_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_MACHINE_LOG_LEVEL: name: OCIS_LOG_LEVEL;AUTH_MACHINE_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_MACHINE_LOG_PRETTY: name: OCIS_LOG_PRETTY;AUTH_MACHINE_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_MACHINE_SKIP_USER_GROUPS_IN_TOKEN: name: AUTH_MACHINE_SKIP_USER_GROUPS_IN_TOKEN defaultValue: "false" type: bool description: Disables the encoding of the user's group memberships in the reva access token. This reduces the token size, especially when users are members of a large number of groups. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_MACHINE_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;AUTH_MACHINE_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_MACHINE_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;AUTH_MACHINE_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_MACHINE_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;AUTH_MACHINE_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_MACHINE_TRACING_TYPE: name: OCIS_TRACING_TYPE;AUTH_MACHINE_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_SERVICE_DEBUG_ADDR: name: AUTH_SERVICE_DEBUG_ADDR defaultValue: 127.0.0.1:9198 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_SERVICE_DEBUG_PPROF: name: AUTH_SERVICE_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_SERVICE_DEBUG_TOKEN: name: AUTH_SERVICE_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_SERVICE_DEBUG_ZPAGES: name: AUTH_SERVICE_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_SERVICE_GRPC_ADDR: name: AUTH_SERVICE_GRPC_ADDR defaultValue: 127.0.0.1:9199 type: string description: The bind address of the GRPC service. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_SERVICE_GRPC_PROTOCOL: name: AUTH_SERVICE_GRPC_PROTOCOL defaultValue: tcp type: string description: The transport protocol of the GRPC service. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_SERVICE_JWT_SECRET: name: OCIS_JWT_SECRET;AUTH_SERVICE_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_SERVICE_LOG_COLOR: name: OCIS_LOG_COLOR;AUTH_SERVICE_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_SERVICE_LOG_FILE: name: OCIS_LOG_FILE;AUTH_SERVICE_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_SERVICE_LOG_LEVEL: name: OCIS_LOG_LEVEL;AUTH_SERVICE_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_SERVICE_LOG_PRETTY: name: OCIS_LOG_PRETTY;AUTH_SERVICE_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_SERVICE_SERVICE_ACCOUNT_ID: name: OCIS_SERVICE_ACCOUNT_ID;AUTH_SERVICE_SERVICE_ACCOUNT_ID defaultValue: "" type: string description: The ID of the service account the service should use. See the 'auth-service' service description for more details. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_SERVICE_SERVICE_ACCOUNT_SECRET: name: OCIS_SERVICE_ACCOUNT_SECRET;AUTH_SERVICE_SERVICE_ACCOUNT_SECRET defaultValue: "" type: string description: The service account secret. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_SERVICE_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;AUTH_SERVICE_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_SERVICE_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;AUTH_SERVICE_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_SERVICE_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;AUTH_SERVICE_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" AUTH_SERVICE_TRACING_TYPE: name: OCIS_TRACING_TYPE;AUTH_SERVICE_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" CLIENTLOG_DEBUG_ADDR: name: CLIENTLOG_DEBUG_ADDR defaultValue: 127.0.0.1:9260 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" CLIENTLOG_DEBUG_PPROF: name: CLIENTLOG_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" CLIENTLOG_DEBUG_TOKEN: name: CLIENTLOG_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" CLIENTLOG_DEBUG_ZPAGES: name: CLIENTLOG_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" CLIENTLOG_EVENTS_AUTH_PASSWORD: name: OCIS_EVENTS_AUTH_PASSWORD;CLIENTLOG_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" CLIENTLOG_EVENTS_AUTH_USERNAME: name: OCIS_EVENTS_AUTH_USERNAME;CLIENTLOG_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" CLIENTLOG_EVENTS_CLUSTER: name: OCIS_EVENTS_CLUSTER;CLIENTLOG_EVENTS_CLUSTER defaultValue: ocis-cluster type: string description: The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" CLIENTLOG_EVENTS_ENABLE_TLS: name: OCIS_EVENTS_ENABLE_TLS;CLIENTLOG_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" CLIENTLOG_EVENTS_ENDPOINT: name: OCIS_EVENTS_ENDPOINT;CLIENTLOG_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" CLIENTLOG_EVENTS_TLS_INSECURE: name: OCIS_INSECURE;CLIENTLOG_EVENTS_TLS_INSECURE defaultValue: "false" type: bool description: Whether to verify the server TLS certificates. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" CLIENTLOG_EVENTS_TLS_ROOT_CA_CERTIFICATE: name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;CLIENTLOG_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" CLIENTLOG_JWT_SECRET: name: OCIS_JWT_SECRET;CLIENTLOG_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" CLIENTLOG_REVA_GATEWAY: name: OCIS_REVA_GATEWAY;CLIENTLOG_REVA_GATEWAY defaultValue: com.owncloud.api.gateway type: string description: CS3 gateway used to look up user metadata introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" CLIENTLOG_SERVICE_ACCOUNT_ID: name: OCIS_SERVICE_ACCOUNT_ID;CLIENTLOG_SERVICE_ACCOUNT_ID defaultValue: "" type: string description: The ID of the service account the service should use. See the 'auth-service' service description for more details. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" CLIENTLOG_SERVICE_ACCOUNT_SECRET: name: OCIS_SERVICE_ACCOUNT_SECRET;CLIENTLOG_SERVICE_ACCOUNT_SECRET defaultValue: "" type: string description: The service account secret. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" CLIENTLOG_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;CLIENTLOG_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" CLIENTLOG_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;CLIENTLOG_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" CLIENTLOG_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;CLIENTLOG_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" CLIENTLOG_TRACING_TYPE: name: OCIS_TRACING_TYPE;CLIENTLOG_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" CLIENTLOG_USERLOG_LOG_COLOR: name: OCIS_LOG_COLOR;CLIENTLOG_USERLOG_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" CLIENTLOG_USERLOG_LOG_FILE: name: OCIS_LOG_FILE;CLIENTLOG_USERLOG_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" CLIENTLOG_USERLOG_LOG_LEVEL: name: OCIS_LOG_LEVEL;CLIENTLOG_USERLOG_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" CLIENTLOG_USERLOG_LOG_PRETTY: name: OCIS_LOG_PRETTY;CLIENTLOG_USERLOG_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" COLLABORATION_APP_ADDR: name: COLLABORATION_APP_ADDR defaultValue: https://127.0.0.1:9980 type: string description: The URL where the WOPI app is located, such as https://127.0.0.1:8080. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" COLLABORATION_APP_DESCRIPTION: name: COLLABORATION_APP_DESCRIPTION defaultValue: Open office documents with Collabora type: string description: App description introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" COLLABORATION_APP_ICON: name: COLLABORATION_APP_ICON defaultValue: image-edit type: string description: Icon for the app introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" COLLABORATION_APP_INSECURE: name: COLLABORATION_APP_INSECURE defaultValue: "false" type: bool description: Skip TLS certificate verification when connecting to the WOPI app introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" COLLABORATION_APP_LOCKNAME: name: COLLABORATION_APP_LOCKNAME defaultValue: com.github.owncloud.collaboration type: string description: Name for the app lock introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" COLLABORATION_APP_NAME: name: COLLABORATION_APP_NAME defaultValue: Collabora type: string description: The name of the app, either Collabora, OnlyOffice or Microsoft365 introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" COLLABORATION_CS3API_DATAGATEWAY_INSECURE: name: COLLABORATION_CS3API_DATAGATEWAY_INSECURE defaultValue: "false" type: bool description: Connect to the CS3API data gateway insecurely. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" COLLABORATION_CS3API_GATEWAY_NAME: name: OCIS_REVA_GATEWAY;COLLABORATION_CS3API_GATEWAY_NAME defaultValue: com.owncloud.api.gateway type: string description: CS3 gateway used to look up user metadata. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" COLLABORATION_DEBUG_ADDR: name: COLLABORATION_DEBUG_ADDR defaultValue: 127.0.0.1:9304 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" COLLABORATION_DEBUG_PPROF: name: COLLABORATION_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" COLLABORATION_DEBUG_TOKEN: name: COLLABORATION_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" COLLABORATION_DEBUG_ZPAGES: name: COLLABORATION_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" COLLABORATION_GRPC_ADDR: name: COLLABORATION_GRPC_ADDR defaultValue: 127.0.0.1:9301 type: string description: The bind address of the GRPC service. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" COLLABORATION_HTTP_ADDR: name: COLLABORATION_HTTP_ADDR defaultValue: 127.0.0.1:9300 type: string description: The bind address of the HTTP service. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" COLLABORATION_JWT_SECRET: name: OCIS_JWT_SECRET;COLLABORATION_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" COLLABORATION_LOG_COLOR: name: OCIS_LOG_COLOR;COLLABORATION_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" COLLABORATION_LOG_FILE: name: OCIS_LOG_FILE;COLLABORATION_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" COLLABORATION_LOG_LEVEL: name: OCIS_LOG_LEVEL;COLLABORATION_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" COLLABORATION_LOG_PRETTY: name: OCIS_LOG_PRETTY;COLLABORATION_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" COLLABORATION_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;COLLABORATION_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" COLLABORATION_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;COLLABORATION_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" COLLABORATION_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;COLLABORATION_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" COLLABORATION_TRACING_TYPE: name: OCIS_TRACING_TYPE;COLLABORATION_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" COLLABORATION_WOPI_DISABLE_CHAT: name: COLLABORATION_WOPI_DISABLE_CHAT;OCIS_WOPI_DISABLE_CHAT defaultValue: "false" type: bool description: Disable chat in the frontend. introductionVersion: '%%NEXT%%' deprecationVersion: "" removalVersion: "" deprecationInfo: "" COLLABORATION_WOPI_SECRET: name: COLLABORATION_WOPI_SECRET defaultValue: "" type: string description: Used to mint and verify WOPI JWT tokens and encrypt and decrypt the REVA JWT token embedded in the WOPI JWT token. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" COLLABORATION_WOPI_SRC: name: COLLABORATION_WOPI_SRC defaultValue: https://localhost:9300 type: string description: The WOPISrc base URL containing schema, host and port. Set this to the schema and domain where the collaboration service is reachable for the wopi app, such as https://office.owncloud.test. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" EVENTHISTORY_DEBUG_ADDR: name: EVENTHISTORY_DEBUG_ADDR defaultValue: 127.0.0.1:9270 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" EVENTHISTORY_DEBUG_PPROF: name: EVENTHISTORY_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" EVENTHISTORY_DEBUG_TOKEN: name: EVENTHISTORY_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" EVENTHISTORY_DEBUG_ZPAGES: name: EVENTHISTORY_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" EVENTHISTORY_EVENTS_AUTH_PASSWORD: name: OCIS_EVENTS_AUTH_PASSWORD;EVENTHISTORY_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" EVENTHISTORY_EVENTS_AUTH_USERNAME: name: OCIS_EVENTS_AUTH_USERNAME;EVENTHISTORY_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" EVENTHISTORY_EVENTS_CLUSTER: name: OCIS_EVENTS_CLUSTER;EVENTHISTORY_EVENTS_CLUSTER defaultValue: ocis-cluster type: string description: The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" EVENTHISTORY_EVENTS_ENABLE_TLS: name: OCIS_EVENTS_ENABLE_TLS;EVENTHISTORY_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" EVENTHISTORY_EVENTS_ENDPOINT: name: OCIS_EVENTS_ENDPOINT;EVENTHISTORY_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" EVENTHISTORY_EVENTS_TLS_INSECURE: name: OCIS_INSECURE;EVENTHISTORY_EVENTS_TLS_INSECURE defaultValue: "false" type: bool description: Whether to verify the server TLS certificates. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" EVENTHISTORY_EVENTS_TLS_ROOT_CA_CERTIFICATE: name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;EVENTHISTORY_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. Will be seen as empty if NOTIFICATIONS_EVENTS_TLS_INSECURE is provided. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" EVENTHISTORY_GRPC_ADDR: name: EVENTHISTORY_GRPC_ADDR defaultValue: 127.0.0.1:0 type: string description: The bind address of the GRPC service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" EVENTHISTORY_LOG_COLOR: name: OCIS_LOG_COLOR;EVENTHISTORY_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" EVENTHISTORY_LOG_FILE: name: OCIS_LOG_FILE;EVENTHISTORY_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" EVENTHISTORY_LOG_LEVEL: name: OCIS_LOG_LEVEL;EVENTHISTORY_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" EVENTHISTORY_LOG_PRETTY: name: OCIS_LOG_PRETTY;EVENTHISTORY_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" EVENTHISTORY_STORE: name: OCIS_PERSISTENT_STORE;EVENTHISTORY_STORE defaultValue: nats-js-kv type: string description: 'The type of the store. Supported values are: ''memory'', ''ocmem'', ''etcd'', ''redis'', ''redis-sentinel'', ''nats-js'', ''noop''. See the text description for details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" EVENTHISTORY_STORE_AUTH_PASSWORD: name: OCIS_PERSISTENT_STORE_AUTH_PASSWORD;EVENTHISTORY_STORE_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" EVENTHISTORY_STORE_AUTH_USERNAME: name: OCIS_PERSISTENT_STORE_AUTH_USERNAME;EVENTHISTORY_STORE_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" EVENTHISTORY_STORE_DATABASE: name: EVENTHISTORY_STORE_DATABASE defaultValue: eventhistory type: string description: The database name the configured store should use. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" EVENTHISTORY_STORE_NODES: name: OCIS_PERSISTENT_STORE_NODES;EVENTHISTORY_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. This has no effect when 'memory' or 'ocmem' stores are configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" EVENTHISTORY_STORE_SIZE: name: OCIS_PERSISTENT_STORE_SIZE;EVENTHISTORY_STORE_SIZE defaultValue: "0" type: int description: The maximum quantity of items in the store. Only applies when store type 'ocmem' is configured. Defaults to 512 which is derived and used from the ocmem package though no explicit default was set. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" EVENTHISTORY_STORE_TABLE: name: EVENTHISTORY_STORE_TABLE defaultValue: "" type: string description: The database table the store should use. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" EVENTHISTORY_STORE_TTL: name: OCIS_PERSISTENT_STORE_TTL;EVENTHISTORY_STORE_TTL defaultValue: 336h0m0s type: Duration description: Time to live for events in the store. Defaults to '336h' (2 weeks). See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" EVENTHISTORY_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;EVENTHISTORY_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" EVENTHISTORY_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;EVENTHISTORY_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" EVENTHISTORY_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;EVENTHISTORY_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" EVENTHISTORY_TRACING_TYPE: name: OCIS_TRACING_TYPE;EVENTHISTORY_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_APP_HANDLER_INSECURE: name: OCIS_INSECURE;FRONTEND_APP_HANDLER_INSECURE defaultValue: "false" type: bool description: Allow insecure connections to the frontend. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_APP_HANDLER_SECURE_VIEW_APP_ADDR: name: FRONTEND_APP_HANDLER_SECURE_VIEW_APP_ADDR defaultValue: com.owncloud.api.collaboration type: string description: Service name or address of the app provider to use for secure view. Should match the service name or address of the registered CS3 app provider. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_ARCHIVER_INSECURE: name: OCIS_INSECURE;FRONTEND_ARCHIVER_INSECURE defaultValue: "false" type: bool description: Allow insecure connections to the archiver. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_ARCHIVER_MAX_NUM_FILES: name: FRONTEND_ARCHIVER_MAX_NUM_FILES defaultValue: "10000" type: int64 description: Max number of files that can be packed into an archive. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_ARCHIVER_MAX_SIZE: name: FRONTEND_ARCHIVER_MAX_SIZE defaultValue: "1073741824" type: int64 description: Max size in bytes of the zip archive the archiver can create. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_AUTO_ACCEPT_SHARES: name: FRONTEND_AUTO_ACCEPT_SHARES defaultValue: "true" type: bool description: Defines if shares should be auto accepted by default. Users can change this setting individually in their profile. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_CHECKSUMS_PREFERRED_UPLOAD_TYPE: name: FRONTEND_CHECKSUMS_PREFERRED_UPLOAD_TYPE defaultValue: sha1 type: string description: The supported checksum type for uploads that indicates to clients supporting multiple hash algorithms which one is preferred by the server. Must be one out of the defined list of SUPPORTED_TYPES. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_CHECKSUMS_SUPPORTED_TYPES: name: FRONTEND_CHECKSUMS_SUPPORTED_TYPES defaultValue: '[sha1 md5 adler32]' type: '[]string' description: A list of checksum types that indicate to clients which hashes the server can use to verify upload integrity. Supported types are 'sha1', 'md5' and 'adler32'. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_CORS_ALLOW_CREDENTIALS: name: OCIS_CORS_ALLOW_CREDENTIALS;FRONTEND_CORS_ALLOW_CREDENTIALS defaultValue: "false" type: bool description: 'Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_CORS_ALLOW_HEADERS: name: OCIS_CORS_ALLOW_HEADERS;FRONTEND_CORS_ALLOW_HEADERS defaultValue: '[Origin Accept Content-Type Depth Authorization Ocs-Apirequest If-None-Match If-Match Destination Overwrite X-Request-Id X-Requested-With Tus-Resumable Tus-Checksum-Algorithm Upload-Concat Upload-Length Upload-Metadata Upload-Defer-Length Upload-Expires Upload-Checksum Upload-Offset X-HTTP-Method-Override Cache-Control]' type: '[]string' description: 'A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_CORS_ALLOW_METHODS: name: OCIS_CORS_ALLOW_METHODS;FRONTEND_CORS_ALLOW_METHODS defaultValue: '[OPTIONS HEAD GET PUT POST PATCH DELETE MKCOL PROPFIND PROPPATCH MOVE COPY REPORT SEARCH]' type: '[]string' description: 'A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_CORS_ALLOW_ORIGINS: name: OCIS_CORS_ALLOW_ORIGINS;FRONTEND_CORS_ALLOW_ORIGINS defaultValue: '[https://localhost:9200]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_DATA_GATEWAY_PREFIX: name: FRONTEND_DATA_GATEWAY_PREFIX defaultValue: data type: string description: Path prefix for the data gateway. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_DEBUG_ADDR: name: FRONTEND_DEBUG_ADDR defaultValue: 127.0.0.1:9141 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_DEBUG_PPROF: name: FRONTEND_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_DEBUG_TOKEN: name: FRONTEND_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_DEBUG_ZPAGES: name: FRONTEND_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_DEFAULT_LINK_PERMISSIONS: name: FRONTEND_DEFAULT_LINK_PERMISSIONS defaultValue: "1" type: int description: Defines the default permissions a link is being created with. Possible values are 0 (= internal link, for instance members only) and 1 (= public link with viewer permissions). Defaults to 1. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_DEFAULT_UPLOAD_PROTOCOL: name: FRONTEND_DEFAULT_UPLOAD_PROTOCOL defaultValue: tus type: string description: The default upload protocol to use in clients. Currently only 'tus' is available. See the developer API documentation for more details about TUS. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_DISABLE_SSE: name: OCIS_DISABLE_SSE;FRONTEND_DISABLE_SSE defaultValue: "false" type: bool description: When set to true, clients are informed that the Server-Sent Events endpoint is not accessible. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_EDITION: name: OCIS_EDITION;FRONTEND_EDITION defaultValue: Community type: string description: Edition of oCIS. Used for branding purposes. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_ENABLE_FAVORITES: name: FRONTEND_ENABLE_FAVORITES defaultValue: "false" type: bool description: Enables the support for favorites in the clients. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_ENABLE_FEDERATED_SHARING_INCOMING: name: FRONTEND_ENABLE_FEDERATED_SHARING_INCOMING defaultValue: "false" type: bool description: Changing this value is NOT supported. Enables support for incoming federated sharing for clients. The backend behaviour is not changed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_ENABLE_FEDERATED_SHARING_OUTGOING: name: FRONTEND_ENABLE_FEDERATED_SHARING_OUTGOING defaultValue: "false" type: bool description: Changing this value is NOT supported. Enables support for outgoing federated sharing for clients. The backend behaviour is not changed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_ENABLE_RESHARING: name: OCIS_ENABLE_RESHARING;FRONTEND_ENABLE_RESHARING defaultValue: "false" type: bool description: Changing this value is NOT supported. Enables the support for re-sharing in the clients. introductionVersion: pre5.0 deprecationVersion: "5.0" removalVersion: "" deprecationInfo: Resharing will be removed in the future. FRONTEND_EVENTS_AUTH_PASSWORD: name: OCIS_EVENTS_AUTH_PASSWORD;FRONTEND_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_EVENTS_AUTH_USERNAME: name: OCIS_EVENTS_AUTH_USERNAME;FRONTEND_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_EVENTS_CLUSTER: name: OCIS_EVENTS_CLUSTER;FRONTEND_EVENTS_CLUSTER defaultValue: ocis-cluster type: string description: The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_EVENTS_ENABLE_TLS: name: OCIS_EVENTS_ENABLE_TLS;FRONTEND_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_EVENTS_ENDPOINT: name: OCIS_EVENTS_ENDPOINT;FRONTEND_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_EVENTS_TLS_INSECURE: name: OCIS_INSECURE;FRONTEND_EVENTS_TLS_INSECURE defaultValue: "false" type: bool description: Whether to verify the server TLS certificates. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_EVENTS_TLS_ROOT_CA_CERTIFICATE: name: FRONTEND_EVENTS_TLS_ROOT_CA_CERTIFICATE;OCS_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_FULL_TEXT_SEARCH_ENABLED: name: FRONTEND_FULL_TEXT_SEARCH_ENABLED defaultValue: "false" type: bool description: Set to true to signal the web client that full-text search is enabled. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_HTTP_ADDR: name: FRONTEND_HTTP_ADDR defaultValue: 127.0.0.1:9140 type: string description: The bind address of the HTTP service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_HTTP_PREFIX: name: FRONTEND_HTTP_PREFIX defaultValue: "" type: string description: The Path prefix where the frontend can be accessed (defaults to /). introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_HTTP_PROTOCOL: name: FRONTEND_HTTP_PROTOCOL defaultValue: tcp type: string description: The transport protocol of the HTTP service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_JWT_SECRET: name: OCIS_JWT_SECRET;FRONTEND_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_LDAP_SERVER_WRITE_ENABLED: name: OCIS_LDAP_SERVER_WRITE_ENABLED;FRONTEND_LDAP_SERVER_WRITE_ENABLED defaultValue: "true" type: bool description: Allow creating, modifying and deleting LDAP users via the GRAPH API. This can only be set to 'true' when keeping default settings for the LDAP user and group attribute types (the 'OCIS_LDAP_USER_SCHEMA_* and 'OCIS_LDAP_GROUP_SCHEMA_* variables). introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_LOG_COLOR: name: OCIS_LOG_COLOR;FRONTEND_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_LOG_FILE: name: OCIS_LOG_FILE;FRONTEND_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_LOG_LEVEL: name: OCIS_LOG_LEVEL;FRONTEND_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_LOG_PRETTY: name: OCIS_LOG_PRETTY;FRONTEND_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_MACHINE_AUTH_API_KEY: name: OCIS_MACHINE_AUTH_API_KEY;FRONTEND_MACHINE_AUTH_API_KEY defaultValue: "" type: string description: The machine auth API key used to validate internal requests necessary to access resources from other services. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_MAX_QUOTA: name: OCIS_SPACES_MAX_QUOTA;FRONTEND_MAX_QUOTA defaultValue: "0" type: uint64 description: Set the global max quota value in bytes. A value of 0 equals unlimited. The value is provided via capabilities. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_OCS_ADDITIONAL_INFO_ATTRIBUTE: name: FRONTEND_OCS_ADDITIONAL_INFO_ATTRIBUTE defaultValue: '{{.Mail}}' type: string description: Additional information attribute for the user like {{.Mail}}. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_OCS_ENABLE_DENIALS: name: FRONTEND_OCS_ENABLE_DENIALS defaultValue: "false" type: bool description: 'EXPERIMENTAL: enable the feature to deny access on folders.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_OCS_INCLUDE_OCM_SHAREES: name: FRONTEND_OCS_INCLUDE_OCM_SHAREES defaultValue: "false" type: bool description: Include OCM sharees when listing sharees. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_OCS_LIST_OCM_SHARES: name: FRONTEND_OCS_LIST_OCM_SHARES defaultValue: "true" type: bool description: Include OCM shares when listing shares. See the OCM service documentation for more details. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_OCS_PERSONAL_NAMESPACE: name: FRONTEND_OCS_PERSONAL_NAMESPACE defaultValue: /users/{{.Id.OpaqueId}} type: string description: Home namespace identifier. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_OCS_PREFIX: name: FRONTEND_OCS_PREFIX defaultValue: ocs type: string description: URL path prefix for the OCS service. Note that the string must not start with '/'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD: name: OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD defaultValue: "true" type: bool description: Set this to true if you want to enforce passwords on all public shares. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD: name: OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD defaultValue: "false" type: bool description: Set this to true if you want to enforce passwords for writable shares. Only effective if the setting for 'passwords on all public shares' is set to false. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_OCS_SHARE_PREFIX: name: FRONTEND_OCS_SHARE_PREFIX defaultValue: /Shares type: string description: Path prefix for shares as part of an ocis resource. Note that the path must start with '/'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_OCS_STAT_CACHE_AUTH_PASSWORD: name: OCIS_CACHE_AUTH_PASSWORD;FRONTEND_OCS_STAT_CACHE_AUTH_PASSWORD defaultValue: "" type: string description: The password to use for authentication. Only applies when using the 'nats-js-kv' store type. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_OCS_STAT_CACHE_AUTH_USERNAME: name: OCIS_CACHE_AUTH_USERNAME;FRONTEND_OCS_STAT_CACHE_AUTH_USERNAME defaultValue: "" type: string description: The username to use for authentication. Only applies when using the 'nats-js-kv' store type. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_OCS_STAT_CACHE_DISABLE_PERSISTENCE: name: OCIS_CACHE_DISABLE_PERSISTENCE;FRONTEND_OCS_STAT_CACHE_DISABLE_PERSISTENCE defaultValue: "false" type: bool description: Disable persistence of the cache. Only applies when using the 'nats-js-kv' store type. Defaults to false. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_OCS_STAT_CACHE_SIZE: name: OCIS_CACHE_SIZE;FRONTEND_OCS_STAT_CACHE_SIZE defaultValue: "0" type: int description: Max number of entries to hold in the cache. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_OCS_STAT_CACHE_STORE: name: OCIS_CACHE_STORE;FRONTEND_OCS_STAT_CACHE_STORE defaultValue: memory type: string description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'', ''nats-js-kv'', ''noop''. See the text description for details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_OCS_STAT_CACHE_STORE_NODES: name: OCIS_CACHE_STORE_NODES;FRONTEND_OCS_STAT_CACHE_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. This has no effect when 'memory' or 'ocmem' stores are configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_OCS_STAT_CACHE_TABLE: name: FRONTEND_OCS_STAT_CACHE_TABLE defaultValue: "" type: string description: The database table the store should use. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_OCS_STAT_CACHE_TTL: name: OCIS_CACHE_TTL;FRONTEND_OCS_STAT_CACHE_TTL defaultValue: 5m0s type: Duration description: Default time to live for user info in the cache. Only applied when access tokens has no expiration. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_PASSWORD_POLICY_BANNED_PASSWORDS_LIST: name: OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST;FRONTEND_PASSWORD_POLICY_BANNED_PASSWORDS_LIST defaultValue: "" type: string description: Path to the 'banned passwords list' file. This only impacts public link password validation. See the documentation for more details. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_PASSWORD_POLICY_DISABLED: name: OCIS_PASSWORD_POLICY_DISABLED;FRONTEND_PASSWORD_POLICY_DISABLED defaultValue: "false" type: bool description: Disable the password policy. Defaults to false if not set. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_PASSWORD_POLICY_MIN_CHARACTERS: name: OCIS_PASSWORD_POLICY_MIN_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_CHARACTERS defaultValue: "8" type: int description: Define the minimum password length. Defaults to 8 if not set. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_PASSWORD_POLICY_MIN_DIGITS: name: OCIS_PASSWORD_POLICY_MIN_DIGITS;FRONTEND_PASSWORD_POLICY_MIN_DIGITS defaultValue: "1" type: int description: Define the minimum number of digits. Defaults to 1 if not set. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS: name: OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS defaultValue: "1" type: int description: Define the minimum number of uppercase letters. Defaults to 1 if not set. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS: name: OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS defaultValue: "1" type: int description: Define the minimum number of characters from the special characters list to be present. Defaults to 1 if not set. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS: name: OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS defaultValue: "1" type: int description: Define the minimum number of lowercase letters. Defaults to 1 if not set. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_PUBLIC_URL: name: OCIS_URL;FRONTEND_PUBLIC_URL defaultValue: https://localhost:9200 type: string description: The public facing URL of the oCIS frontend. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_READONLY_USER_ATTRIBUTES: name: FRONTEND_READONLY_USER_ATTRIBUTES defaultValue: '[]' type: '[]string' description: 'A list of user attributes to indicate as read-only. Supported values: ''user.onPremisesSamAccountName'' (username), ''user.displayName'', ''user.mail'', ''user.passwordProfile'' (password), ''user.appRoleAssignments'' (role), ''user.memberOf'' (groups), ''user.accountEnabled'' (login allowed), ''drive.quota'' (quota). See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_SEARCH_MIN_LENGTH: name: FRONTEND_SEARCH_MIN_LENGTH defaultValue: "3" type: int description: Minimum number of characters to enter before a client should start a search for Share receivers. This setting can be used to customize the user experience if e.g too many results are displayed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_SERVICE_ACCOUNT_ID: name: OCIS_SERVICE_ACCOUNT_ID;FRONTEND_SERVICE_ACCOUNT_ID defaultValue: "" type: string description: The ID of the service account the service should use. See the 'auth-service' service description for more details. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_SERVICE_ACCOUNT_SECRET: name: OCIS_SERVICE_ACCOUNT_SECRET;FRONTEND_SERVICE_ACCOUNT_SECRET defaultValue: "" type: string description: The service account secret. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_SKIP_USER_GROUPS_IN_TOKEN: name: FRONTEND_SKIP_USER_GROUPS_IN_TOKEN defaultValue: "false" type: bool description: Disables the loading of user's group memberships from the reva access token. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;FRONTEND_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;FRONTEND_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;FRONTEND_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_TRACING_TYPE: name: OCIS_TRACING_TYPE;FRONTEND_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_UPLOAD_HTTP_METHOD_OVERRIDE: name: FRONTEND_UPLOAD_HTTP_METHOD_OVERRIDE defaultValue: "" type: string description: Advise TUS to replace PATCH requests by POST requests. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" FRONTEND_UPLOAD_MAX_CHUNK_SIZE: name: FRONTEND_UPLOAD_MAX_CHUNK_SIZE defaultValue: "10000000" type: int description: Sets the max chunk sizes in bytes for uploads via the clients. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GATEWAY_COMMIT_SHARE_TO_STORAGE_GRANT: name: GATEWAY_COMMIT_SHARE_TO_STORAGE_GRANT defaultValue: "true" type: bool description: Commit shares to storage grants. This grants access to shared resources for the share receiver directly on the storage. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GATEWAY_CREATE_HOME_CACHE_AUTH_PASSWORD: name: OCIS_CACHE_AUTH_PASSWORD;GATEWAY_CREATE_HOME_CACHE_AUTH_PASSWORD defaultValue: "" type: string description: The password to use for authentication. Only applies when store type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" GATEWAY_CREATE_HOME_CACHE_AUTH_USERNAME: name: OCIS_CACHE_AUTH_USERNAME;GATEWAY_CREATE_HOME_CACHE_AUTH_USERNAME defaultValue: "" type: string description: The username to use for authentication. Only applies when store type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" GATEWAY_CREATE_HOME_CACHE_DISABLE_PERSISTENCE: name: OCIS_CACHE_DISABLE_PERSISTENCE;GATEWAY_CREATE_HOME_CACHE_DISABLE_PERSISTENCE defaultValue: "false" type: bool description: Disables persistence of the create home cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" GATEWAY_CREATE_HOME_CACHE_SIZE: name: OCIS_CACHE_SIZE;GATEWAY_CREATE_HOME_CACHE_SIZE defaultValue: "0" type: int description: The maximum quantity of items in the cache. Only applies when store type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package though not explicitly set as default. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GATEWAY_CREATE_HOME_CACHE_STORE: name: OCIS_CACHE_STORE;GATEWAY_CREATE_HOME_CACHE_STORE defaultValue: memory type: string description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'', ''nats-js-kv'', ''noop''. See the text description for details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GATEWAY_CREATE_HOME_CACHE_STORE_NODES: name: OCIS_CACHE_STORE_NODES;GATEWAY_CREATE_HOME_CACHE_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. This has no effect when 'memory' or 'ocmem' stores are configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GATEWAY_CREATE_HOME_CACHE_TTL: name: OCIS_CACHE_TTL;GATEWAY_CREATE_HOME_CACHE_TTL defaultValue: 5m0s type: Duration description: Default time to live for user info in the cache. Only applied when access tokens has no expiration. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GATEWAY_DEBUG_ADDR: name: GATEWAY_DEBUG_ADDR defaultValue: 127.0.0.1:9143 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GATEWAY_DEBUG_PPROF: name: GATEWAY_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GATEWAY_DEBUG_TOKEN: name: GATEWAY_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GATEWAY_DEBUG_ZPAGES: name: GATEWAY_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GATEWAY_DISABLE_HOME_CREATION_ON_LOGIN: name: GATEWAY_DISABLE_HOME_CREATION_ON_LOGIN defaultValue: "true" type: bool description: Disable creation of the home space on login. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GATEWAY_FRONTEND_PUBLIC_URL: name: OCIS_URL;GATEWAY_FRONTEND_PUBLIC_URL defaultValue: https://localhost:9200 type: string description: The public facing URL of the oCIS frontend. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GATEWAY_GRPC_ADDR: name: OCIS_GATEWAY_GRPC_ADDR;GATEWAY_GRPC_ADDR defaultValue: 127.0.0.1:9142 type: string description: The bind address of the GRPC service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GATEWAY_GRPC_PROTOCOL: name: GATEWAY_GRPC_PROTOCOL defaultValue: tcp type: string description: The transport protocol of the GRPC service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GATEWAY_JWT_SECRET: name: OCIS_JWT_SECRET;GATEWAY_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GATEWAY_LOG_COLOR: name: OCIS_LOG_COLOR;GATEWAY_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GATEWAY_LOG_FILE: name: OCIS_LOG_FILE;GATEWAY_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GATEWAY_LOG_LEVEL: name: OCIS_LOG_LEVEL;GATEWAY_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GATEWAY_LOG_PRETTY: name: OCIS_LOG_PRETTY;GATEWAY_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GATEWAY_PROVIDER_CACHE_AUTH_PASSWORD: name: OCIS_CACHE_AUTH_PASSWORD;GATEWAY_PROVIDER_CACHE_AUTH_PASSWORD defaultValue: "" type: string description: The password to use for authentication. Only applies when store type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" GATEWAY_PROVIDER_CACHE_AUTH_USERNAME: name: OCIS_CACHE_AUTH_USERNAME;GATEWAY_PROVIDER_CACHE_AUTH_USERNAME defaultValue: "" type: string description: The username to use for authentication. Only applies when store type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" GATEWAY_PROVIDER_CACHE_DISABLE_PERSISTENCE: name: OCIS_CACHE_DISABLE_PERSISTENCE;GATEWAY_PROVIDER_CACHE_DISABLE_PERSISTENCE defaultValue: "false" type: bool description: Disables persistence of the provider cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" GATEWAY_PROVIDER_CACHE_SIZE: name: OCIS_CACHE_SIZE;GATEWAY_PROVIDER_CACHE_SIZE defaultValue: "0" type: int description: The maximum quantity of items in the cache. Only applies when store type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package though not explicitly set as default. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GATEWAY_PROVIDER_CACHE_STORE: name: OCIS_CACHE_STORE;GATEWAY_PROVIDER_CACHE_STORE defaultValue: noop type: string description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'', ''nats-js-kv'', ''noop''. See the text description for details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GATEWAY_PROVIDER_CACHE_STORE_NODES: name: OCIS_CACHE_STORE_NODES;GATEWAY_PROVIDER_CACHE_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. This has no effect when 'memory' or 'ocmem' stores are configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GATEWAY_PROVIDER_CACHE_TTL: name: OCIS_CACHE_TTL;GATEWAY_PROVIDER_CACHE_TTL defaultValue: 5m0s type: Duration description: Default time to live for user info in the cache. Only applied when access tokens has no expiration. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GATEWAY_SHARE_FOLDER_NAME: name: GATEWAY_SHARE_FOLDER_NAME defaultValue: Shares type: string description: Name of the share folder in users' home space. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GATEWAY_SKIP_USER_GROUPS_IN_TOKEN: name: GATEWAY_SKIP_USER_GROUPS_IN_TOKEN defaultValue: "false" type: bool description: Disables the loading of user's group memberships from the reva access token. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GATEWAY_STORAGE_REGISTRY_CONFIG_JSON: name: GATEWAY_STORAGE_REGISTRY_CONFIG_JSON defaultValue: "" type: string description: Additional configuration for the storage registry in json format. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GATEWAY_STORAGE_REGISTRY_DRIVER: name: GATEWAY_STORAGE_REGISTRY_DRIVER defaultValue: spaces type: string description: The driver name of the storage registry to use. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GATEWAY_STORAGE_REGISTRY_RULES: name: GATEWAY_STORAGE_REGISTRY_RULES defaultValue: '[]' type: '[]string' description: The rules for the storage registry. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GATEWAY_STORAGE_USERS_MOUNT_ID: name: GATEWAY_STORAGE_USERS_MOUNT_ID defaultValue: "" type: string description: Mount ID of this storage. Admins can set the ID for the storage in this config option manually which is then used to reference the storage. Any reasonable long string is possible, preferably this would be an UUIDv4 format. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GATEWAY_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;GATEWAY_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GATEWAY_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;GATEWAY_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GATEWAY_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;GATEWAY_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GATEWAY_TRACING_TYPE: name: OCIS_TRACING_TYPE;GATEWAY_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GATEWAY_TRANSFER_EXPIRES: name: GATEWAY_TRANSFER_EXPIRES defaultValue: "86400" type: int description: Expiry for the gateway tokens. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_APPLICATION_DISPLAYNAME: name: GRAPH_APPLICATION_DISPLAYNAME defaultValue: ownCloud Infinite Scale type: string description: The ocis application name. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_APPLICATION_ID: name: GRAPH_APPLICATION_ID defaultValue: "" type: string description: The ocis application ID shown in the graph. All app roles are tied to this ID. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_ASSIGN_DEFAULT_USER_ROLE: name: GRAPH_ASSIGN_DEFAULT_USER_ROLE defaultValue: "true" type: bool description: Whether to assign newly created users the default role 'User'. Set this to 'false' if you want to assign roles manually, or if the role assignment should happen at first login. Set this to 'true' (the default) to assign the role 'User' when creating a new user. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_CACHE_AUTH_PASSWORD: name: OCIS_CACHE_AUTH_PASSWORD;GRAPH_CACHE_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_CACHE_AUTH_USERNAME: name: OCIS_CACHE_AUTH_USERNAME;GRAPH_CACHE_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_CACHE_DISABLE_PERSISTENCE: name: OCIS_CACHE_DISABLE_PERSISTENCE;GRAPH_CACHE_DISABLE_PERSISTENCE defaultValue: "false" type: bool description: Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_CACHE_SIZE: name: OCIS_CACHE_SIZE;GRAPH_CACHE_SIZE defaultValue: "0" type: int description: The maximum quantity of items in the store. Only applies when store type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package though not explicitly set as default. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_CACHE_STORE: name: OCIS_CACHE_STORE;GRAPH_CACHE_STORE defaultValue: memory type: string description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'', ''nats-js-kv'', ''noop''. See the text description for details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_CACHE_STORE_DATABASE: name: GRAPH_CACHE_STORE_DATABASE defaultValue: cache-roles type: string description: The database name the configured store should use. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_CACHE_STORE_NODES: name: OCIS_CACHE_STORE_NODES;GRAPH_CACHE_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. This has no effect when 'memory' or 'ocmem' stores are configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_CACHE_STORE_TABLE: name: GRAPH_CACHE_STORE_TABLE defaultValue: "" type: string description: The database table the store should use. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_CACHE_TTL: name: OCIS_CACHE_TTL;GRAPH_CACHE_TTL defaultValue: 336h0m0s type: Duration description: Time to live for cache records in the graph. Defaults to '336h' (2 weeks). See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_CORS_ALLOW_CREDENTIALS: name: OCIS_CORS_ALLOW_CREDENTIALS;GRAPH_CORS_ALLOW_CREDENTIALS defaultValue: "true" type: bool description: 'Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_CORS_ALLOW_HEADERS: name: OCIS_CORS_ALLOW_HEADERS;GRAPH_CORS_ALLOW_HEADERS defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id Purge Restore]' type: '[]string' description: 'A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_CORS_ALLOW_METHODS: name: OCIS_CORS_ALLOW_METHODS;GRAPH_CORS_ALLOW_METHODS defaultValue: '[GET POST PUT PATCH DELETE OPTIONS]' type: '[]string' description: 'A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_CORS_ALLOW_ORIGINS: name: OCIS_CORS_ALLOW_ORIGINS;GRAPH_CORS_ALLOW_ORIGINS defaultValue: '[*]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_DEBUG_ADDR: name: GRAPH_DEBUG_ADDR defaultValue: 127.0.0.1:9124 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_DEBUG_PPROF: name: GRAPH_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_DEBUG_TOKEN: name: GRAPH_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_DEBUG_ZPAGES: name: GRAPH_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_DISABLE_USER_MECHANISM: name: OCIS_LDAP_DISABLE_USER_MECHANISM;GRAPH_DISABLE_USER_MECHANISM defaultValue: attribute type: string description: An option to control the behavior for disabling users. Supported options are 'none', 'attribute' and 'group'. If set to 'group', disabling a user via API will add the user to the configured group for disabled users, if set to 'attribute' this will be done in the ldap user entry, if set to 'none' the disable request is not processed. Default is 'attribute'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_DISABLED_USERS_GROUP_DN: name: OCIS_LDAP_DISABLED_USERS_GROUP_DN;GRAPH_DISABLED_USERS_GROUP_DN defaultValue: cn=DisabledUsersGroup,ou=groups,o=libregraph-idm type: string description: The distinguished name of the group to which added users will be classified as disabled when 'disable_user_mechanism' is set to 'group'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_ENABLE_RESHARING: name: OCIS_ENABLE_RESHARING;GRAPH_ENABLE_RESHARING defaultValue: "false" type: bool description: Changing this value is NOT supported. Enables the support for re-sharing. introductionVersion: "5.0" deprecationVersion: "5.0" removalVersion: "" deprecationInfo: Resharing will be removed in the future. GRAPH_EVENTS_AUTH_PASSWORD: name: OCIS_EVENTS_AUTH_PASSWORD;GRAPH_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_EVENTS_AUTH_USERNAME: name: OCIS_EVENTS_AUTH_USERNAME;GRAPH_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_EVENTS_CLUSTER: name: OCIS_EVENTS_CLUSTER;GRAPH_EVENTS_CLUSTER defaultValue: ocis-cluster type: string description: The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_EVENTS_ENABLE_TLS: name: OCIS_EVENTS_ENABLE_TLS;GRAPH_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_EVENTS_ENDPOINT: name: OCIS_EVENTS_ENDPOINT;GRAPH_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Set to a empty string to disable emitting events. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_EVENTS_TLS_INSECURE: name: OCIS_INSECURE;GRAPH_EVENTS_TLS_INSECURE defaultValue: "false" type: bool description: Whether to verify the server TLS certificates. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_EVENTS_TLS_ROOT_CA_CERTIFICATE: name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;GRAPH_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. If provided GRAPH_EVENTS_TLS_INSECURE will be seen as false. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_GROUP_MEMBERS_PATCH_LIMIT: name: GRAPH_GROUP_MEMBERS_PATCH_LIMIT defaultValue: "20" type: int description: The amount of group members allowed to be added with a single patch request. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_HTTP_ADDR: name: GRAPH_HTTP_ADDR defaultValue: 127.0.0.1:9120 type: string description: The bind address of the HTTP service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_HTTP_API_TOKEN: name: GRAPH_HTTP_API_TOKEN defaultValue: "" type: string description: An optional API bearer token introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_HTTP_ROOT: name: GRAPH_HTTP_ROOT defaultValue: /graph type: string description: Subdirectory that serves as the root for this HTTP service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_IDENTITY_BACKEND: name: GRAPH_IDENTITY_BACKEND defaultValue: ldap type: string description: The user identity backend to use. Supported backend types are 'ldap' and 'cs3'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_IDENTITY_SEARCH_MIN_LENGTH: name: GRAPH_IDENTITY_SEARCH_MIN_LENGTH defaultValue: "3" type: int description: The minimum length the search term needs to have for unprivileged users when searching for users or groups. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_INCLUDE_OCM_SHAREES: name: GRAPH_INCLUDE_OCM_SHAREES defaultValue: "false" type: bool description: Include OCM sharees when listing users. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_JWT_SECRET: name: OCIS_JWT_SECRET;GRAPH_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_KEYCLOAK_BASE_PATH: name: OCIS_KEYCLOAK_BASE_PATH;GRAPH_KEYCLOAK_BASE_PATH defaultValue: "" type: string description: The URL to access keycloak. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_KEYCLOAK_CLIENT_ID: name: OCIS_KEYCLOAK_CLIENT_ID;GRAPH_KEYCLOAK_CLIENT_ID defaultValue: "" type: string description: The client id to authenticate with keycloak. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_KEYCLOAK_CLIENT_REALM: name: OCIS_KEYCLOAK_CLIENT_REALM;GRAPH_KEYCLOAK_CLIENT_REALM defaultValue: "" type: string description: The realm the client is defined in. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_KEYCLOAK_CLIENT_SECRET: name: OCIS_KEYCLOAK_CLIENT_SECRET;GRAPH_KEYCLOAK_CLIENT_SECRET defaultValue: "" type: string description: The client secret to use in authentication. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_KEYCLOAK_INSECURE_SKIP_VERIFY: name: OCIS_KEYCLOAK_INSECURE_SKIP_VERIFY;GRAPH_KEYCLOAK_INSECURE_SKIP_VERIFY defaultValue: "false" type: bool description: Disable TLS certificate validation for Keycloak connections. Do not set this in production environments. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_KEYCLOAK_USER_REALM: name: OCIS_KEYCLOAK_USER_REALM;GRAPH_KEYCLOAK_USER_REALM defaultValue: "" type: string description: The realm users are defined. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_BIND_DN: name: OCIS_LDAP_BIND_DN;GRAPH_LDAP_BIND_DN defaultValue: uid=libregraph,ou=sysusers,o=libregraph-idm type: string description: LDAP DN to use for simple bind authentication with the target LDAP server. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_BIND_PASSWORD: name: OCIS_LDAP_BIND_PASSWORD;GRAPH_LDAP_BIND_PASSWORD defaultValue: "" type: string description: Password to use for authenticating the 'bind_dn'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_CACERT: name: OCIS_LDAP_CACERT;GRAPH_LDAP_CACERT defaultValue: /var/lib/ocis/idm/ldap.crt type: string description: Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/idm. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_EDUCATION_RESOURCES_ENABLED: name: GRAPH_LDAP_EDUCATION_RESOURCES_ENABLED defaultValue: "false" type: bool description: Enable LDAP support for managing education related resources. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_GROUP_BASE_DN: name: OCIS_LDAP_GROUP_BASE_DN;GRAPH_LDAP_GROUP_BASE_DN defaultValue: ou=groups,o=libregraph-idm type: string description: Search base DN for looking up LDAP groups. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_GROUP_CREATE_BASE_DN: name: GRAPH_LDAP_GROUP_CREATE_BASE_DN defaultValue: ou=groups,o=libregraph-idm type: string description: Parent DN under which new groups are created. This DN needs to be subordinate to the 'GRAPH_LDAP_GROUP_BASE_DN'. This setting is only relevant when 'GRAPH_LDAP_SERVER_WRITE_ENABLED' is 'true'. It defaults to the value of 'GRAPH_LDAP_GROUP_BASE_DN'. All groups outside of this subtree are treated as readonly groups and cannot be updated. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_GROUP_FILTER: name: OCIS_LDAP_GROUP_FILTER;GRAPH_LDAP_GROUP_FILTER defaultValue: "" type: string description: LDAP filter to add to the default filters for group searches. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_GROUP_ID_ATTRIBUTE: name: OCIS_LDAP_GROUP_SCHEMA_ID;GRAPH_LDAP_GROUP_ID_ATTRIBUTE defaultValue: owncloudUUID type: string description: LDAP Attribute to use as the unique id for groups. This should be a stable globally unique ID like a UUID. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_GROUP_MEMBER_ATTRIBUTE: name: OCIS_LDAP_GROUP_SCHEMA_MEMBER;GRAPH_LDAP_GROUP_MEMBER_ATTRIBUTE defaultValue: member type: string description: LDAP Attribute that is used for group members. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_GROUP_NAME_ATTRIBUTE: name: OCIS_LDAP_GROUP_SCHEMA_GROUPNAME;GRAPH_LDAP_GROUP_NAME_ATTRIBUTE defaultValue: cn type: string description: LDAP Attribute to use for the name of groups. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_GROUP_OBJECTCLASS: name: OCIS_LDAP_GROUP_OBJECTCLASS;GRAPH_LDAP_GROUP_OBJECTCLASS defaultValue: groupOfNames type: string description: The object class to use for groups in the default group search filter ('groupOfNames'). introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING: name: OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;GRAPH_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING defaultValue: "false" type: bool description: Set this to true if the defined 'ID' attribute for groups is of the 'OCTETSTRING' syntax. This is required when using the 'objectGUID' attribute of Active Directory for the group ID's. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_GROUP_SEARCH_SCOPE: name: OCIS_LDAP_GROUP_SCOPE;GRAPH_LDAP_GROUP_SEARCH_SCOPE defaultValue: sub type: string description: LDAP search scope to use when looking up groups. Supported scopes are 'base', 'one' and 'sub'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_INSECURE: name: OCIS_LDAP_INSECURE;GRAPH_LDAP_INSECURE defaultValue: "false" type: bool description: Disable TLS certificate validation for the LDAP connections. Do not set this in production environments. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_REFINT_ENABLED: name: GRAPH_LDAP_REFINT_ENABLED defaultValue: "false" type: bool description: Signals that the server has the refint plugin enabled, which makes some actions not needed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_SCHOOL_BASE_DN: name: GRAPH_LDAP_SCHOOL_BASE_DN defaultValue: "" type: string description: Search base DN for looking up LDAP schools. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_SCHOOL_FILTER: name: GRAPH_LDAP_SCHOOL_FILTER defaultValue: "" type: string description: LDAP filter to add to the default filters for school searches. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_SCHOOL_ID_ATTRIBUTE: name: GRAPH_LDAP_SCHOOL_ID_ATTRIBUTE defaultValue: "" type: string description: LDAP Attribute to use as the unique id for schools. This should be a stable globally unique ID like a UUID. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_SCHOOL_NAME_ATTRIBUTE: name: GRAPH_LDAP_SCHOOL_NAME_ATTRIBUTE defaultValue: "" type: string description: LDAP Attribute to use for the name of a school. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_SCHOOL_NUMBER_ATTRIBUTE: name: GRAPH_LDAP_SCHOOL_NUMBER_ATTRIBUTE defaultValue: "" type: string description: LDAP Attribute to use for the number of a school. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_SCHOOL_OBJECTCLASS: name: GRAPH_LDAP_SCHOOL_OBJECTCLASS defaultValue: "" type: string description: The object class to use for schools in the default school search filter. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_SCHOOL_SEARCH_SCOPE: name: GRAPH_LDAP_SCHOOL_SEARCH_SCOPE defaultValue: "" type: string description: LDAP search scope to use when looking up schools. Supported scopes are 'base', 'one' and 'sub'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_SCHOOL_TERMINATION_MIN_GRACE_DAYS: name: GRAPH_LDAP_SCHOOL_TERMINATION_MIN_GRACE_DAYS defaultValue: "0" type: int description: When setting a 'terminationDate' for a school, require the date to be at least this number of days in the future. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_SERVER_USE_PASSWORD_MODIFY_EXOP: name: GRAPH_LDAP_SERVER_USE_PASSWORD_MODIFY_EXOP defaultValue: "true" type: bool description: Use the 'Password Modify Extended Operation' for updating user passwords. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_SERVER_UUID: name: GRAPH_LDAP_SERVER_UUID defaultValue: "false" type: bool description: If set to true, rely on the LDAP Server to generate a unique ID for users and groups, like when using 'entryUUID' as the user ID attribute. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_SERVER_WRITE_ENABLED: name: OCIS_LDAP_SERVER_WRITE_ENABLED;GRAPH_LDAP_SERVER_WRITE_ENABLED defaultValue: "true" type: bool description: Allow creating, modifying and deleting LDAP users via the GRAPH API. This can only be set to 'true' when keeping default settings for the LDAP user and group attribute types (the 'OCIS_LDAP_USER_SCHEMA_* and 'OCIS_LDAP_GROUP_SCHEMA_* variables). introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_URI: name: OCIS_LDAP_URI;GRAPH_LDAP_URI defaultValue: ldaps://localhost:9235 type: string description: URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' and 'ldap://' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_USER_BASE_DN: name: OCIS_LDAP_USER_BASE_DN;GRAPH_LDAP_USER_BASE_DN defaultValue: ou=users,o=libregraph-idm type: string description: Search base DN for looking up LDAP users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE: name: LDAP_USER_SCHEMA_DISPLAY_NAME;GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE defaultValue: displayName type: string description: LDAP Attribute to use for the display name of users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_USER_EMAIL_ATTRIBUTE: name: OCIS_LDAP_USER_SCHEMA_MAIL;GRAPH_LDAP_USER_EMAIL_ATTRIBUTE defaultValue: mail type: string description: LDAP Attribute to use for the email address of users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_USER_FILTER: name: OCIS_LDAP_USER_FILTER;GRAPH_LDAP_USER_FILTER defaultValue: "" type: string description: LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_USER_NAME_ATTRIBUTE: name: OCIS_LDAP_USER_SCHEMA_USERNAME;GRAPH_LDAP_USER_NAME_ATTRIBUTE defaultValue: uid type: string description: LDAP Attribute to use for username of users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_USER_OBJECTCLASS: name: OCIS_LDAP_USER_OBJECTCLASS;GRAPH_LDAP_USER_OBJECTCLASS defaultValue: inetOrgPerson type: string description: The object class to use for users in the default user search filter ('inetOrgPerson'). introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING: name: OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;GRAPH_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING defaultValue: "false" type: bool description: Set this to true if the defined 'ID' attribute for users is of the 'OCTETSTRING' syntax. This is required when using the 'objectGUID' attribute of Active Directory for the user ID's. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_USER_SCOPE: name: OCIS_LDAP_USER_SCOPE;GRAPH_LDAP_USER_SCOPE defaultValue: sub type: string description: LDAP search scope to use when looking up users. Supported scopes are 'base', 'one' and 'sub'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_USER_TYPE_ATTRIBUTE: name: OCIS_LDAP_USER_SCHEMA_USER_TYPE;GRAPH_LDAP_USER_TYPE_ATTRIBUTE defaultValue: ownCloudUserType type: string description: LDAP Attribute to distinguish between 'Member' and 'Guest' users. Default is 'ownCloudUserType'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_USER_UID_ATTRIBUTE: name: OCIS_LDAP_USER_SCHEMA_ID;GRAPH_LDAP_USER_UID_ATTRIBUTE defaultValue: owncloudUUID type: string description: LDAP Attribute to use as the unique ID for users. This should be a stable globally unique ID like a UUID. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LOG_COLOR: name: OCIS_LOG_COLOR;GRAPH_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LOG_FILE: name: OCIS_LOG_FILE;GRAPH_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LOG_LEVEL: name: OCIS_LOG_LEVEL;GRAPH_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LOG_PRETTY: name: OCIS_LOG_PRETTY;GRAPH_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_SERVICE_ACCOUNT_ID: name: OCIS_SERVICE_ACCOUNT_ID;GRAPH_SERVICE_ACCOUNT_ID defaultValue: "" type: string description: The ID of the service account the service should use. See the 'auth-service' service description for more details. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_SERVICE_ACCOUNT_SECRET: name: OCIS_SERVICE_ACCOUNT_SECRET;GRAPH_SERVICE_ACCOUNT_SECRET defaultValue: "" type: string description: The service account secret. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_SPACES_DEFAULT_QUOTA: name: GRAPH_SPACES_DEFAULT_QUOTA defaultValue: "1000000000" type: string description: The default quota in bytes. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_SPACES_EXTENDED_SPACE_PROPERTIES_CACHE_TTL: name: GRAPH_SPACES_EXTENDED_SPACE_PROPERTIES_CACHE_TTL defaultValue: "60000000000" type: int description: Max TTL in seconds for the spaces property cache. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_SPACES_GROUPS_CACHE_TTL: name: GRAPH_SPACES_GROUPS_CACHE_TTL defaultValue: "60000000000" type: int description: Max TTL in seconds for the spaces groups cache. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_SPACES_STORAGE_USERS_ADDRESS: name: GRAPH_SPACES_STORAGE_USERS_ADDRESS defaultValue: com.owncloud.api.storage-users type: string description: The address of the storage-users service. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_SPACES_USERS_CACHE_TTL: name: GRAPH_SPACES_USERS_CACHE_TTL defaultValue: "60000000000" type: int description: Max TTL in seconds for the spaces users cache. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_SPACES_WEBDAV_BASE: name: OCIS_URL;GRAPH_SPACES_WEBDAV_BASE defaultValue: https://localhost:9200 type: string description: The public facing URL of WebDAV. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_SPACES_WEBDAV_PATH: name: GRAPH_SPACES_WEBDAV_PATH defaultValue: /dav/spaces/ type: string description: The WebDAV sub-path for spaces. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;GRAPH_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;GRAPH_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;GRAPH_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_TRACING_TYPE: name: OCIS_TRACING_TYPE;GRAPH_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_USER_ENABLED_ATTRIBUTE: name: OCIS_LDAP_USER_ENABLED_ATTRIBUTE;GRAPH_USER_ENABLED_ATTRIBUTE defaultValue: ownCloudUserEnabled type: string description: LDAP Attribute to use as a flag telling if the user is enabled or disabled. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_USERNAME_MATCH: name: GRAPH_USERNAME_MATCH defaultValue: default type: string description: Apply restrictions to usernames. Supported values are 'default' and 'none'. When set to 'default', user names must not start with a number and are restricted to ASCII characters. When set to 'none', no restrictions are applied. The default value is 'default'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_DEBUG_ADDR: name: GROUPS_DEBUG_ADDR defaultValue: 127.0.0.1:9161 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_DEBUG_PPROF: name: GROUPS_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_DEBUG_TOKEN: name: GROUPS_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_DEBUG_ZPAGES: name: GROUPS_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_DRIVER: name: GROUPS_DRIVER defaultValue: ldap type: string description: The driver which should be used by the groups service. Supported values are 'ldap' and 'owncloudsql'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_GRPC_ADDR: name: GROUPS_GRPC_ADDR defaultValue: 127.0.0.1:9160 type: string description: The bind address of the GRPC service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_GRPC_PROTOCOL: name: GROUPS_GRPC_PROTOCOL defaultValue: tcp type: string description: The transport protocol of the GRPC service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_IDP_URL: name: OCIS_URL;OCIS_OIDC_ISSUER;GROUPS_IDP_URL defaultValue: https://localhost:9200 type: string description: The identity provider value to set in the group IDs of the CS3 group objects for groups returned by this group provider. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_JWT_SECRET: name: OCIS_JWT_SECRET;GROUPS_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_LDAP_BIND_DN: name: OCIS_LDAP_BIND_DN;GROUPS_LDAP_BIND_DN defaultValue: uid=reva,ou=sysusers,o=libregraph-idm type: string description: LDAP DN to use for simple bind authentication with the target LDAP server. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_LDAP_BIND_PASSWORD: name: OCIS_LDAP_BIND_PASSWORD;GROUPS_LDAP_BIND_PASSWORD defaultValue: "" type: string description: Password to use for authenticating the 'bind_dn'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_LDAP_CACERT: name: OCIS_LDAP_CACERT;GROUPS_LDAP_CACERT defaultValue: /var/lib/ocis/idm/ldap.crt type: string description: Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/idm. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_LDAP_GROUP_BASE_DN: name: OCIS_LDAP_GROUP_BASE_DN;GROUPS_LDAP_GROUP_BASE_DN defaultValue: ou=groups,o=libregraph-idm type: string description: Search base DN for looking up LDAP groups. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_LDAP_GROUP_FILTER: name: OCIS_LDAP_GROUP_FILTER;GROUPS_LDAP_GROUP_FILTER defaultValue: "" type: string description: LDAP filter to add to the default filters for group searches. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_LDAP_GROUP_OBJECTCLASS: name: OCIS_LDAP_GROUP_OBJECTCLASS;GROUPS_LDAP_GROUP_OBJECTCLASS defaultValue: groupOfNames type: string description: The object class to use for groups in the default group search filter ('groupOfNames'). introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_LDAP_GROUP_SCHEMA_DISPLAYNAME: name: OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME;GROUPS_LDAP_GROUP_SCHEMA_DISPLAYNAME defaultValue: cn type: string description: LDAP Attribute to use for the displayname of groups (often the same as groupname attribute). introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_LDAP_GROUP_SCHEMA_GROUPNAME: name: OCIS_LDAP_GROUP_SCHEMA_GROUPNAME;GROUPS_LDAP_GROUP_SCHEMA_GROUPNAME defaultValue: cn type: string description: LDAP Attribute to use for the name of groups. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_LDAP_GROUP_SCHEMA_ID: name: OCIS_LDAP_GROUP_SCHEMA_ID;GROUPS_LDAP_GROUP_SCHEMA_ID defaultValue: ownclouduuid type: string description: LDAP Attribute to use as the unique id for groups. This should be a stable globally unique ID like a UUID. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING: name: OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;GROUPS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING defaultValue: "false" type: bool description: Set this to true if the defined 'id' attribute for groups is of the 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute of Active Directory for the group ID's. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_LDAP_GROUP_SCHEMA_MAIL: name: OCIS_LDAP_GROUP_SCHEMA_MAIL;GROUPS_LDAP_GROUP_SCHEMA_MAIL defaultValue: mail type: string description: LDAP Attribute to use for the email address of groups (can be empty). introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_LDAP_GROUP_SCHEMA_MEMBER: name: OCIS_LDAP_GROUP_SCHEMA_MEMBER;GROUPS_LDAP_GROUP_SCHEMA_MEMBER defaultValue: member type: string description: LDAP Attribute that is used for group members. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_LDAP_GROUP_SCOPE: name: OCIS_LDAP_GROUP_SCOPE;GROUPS_LDAP_GROUP_SCOPE defaultValue: sub type: string description: LDAP search scope to use when looking up groups. Supported scopes are 'base', 'one' and 'sub'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_LDAP_GROUP_SUBSTRING_FILTER_TYPE: name: LDAP_GROUP_SUBSTRING_FILTER_TYPE;GROUPS_LDAP_GROUP_SUBSTRING_FILTER_TYPE defaultValue: any type: string description: Type of substring search filter to use for substring searches for groups. Supported values are 'initial', 'final' and 'any'. The value 'initial' is used for doing prefix only searches, 'final' for doing suffix only searches or 'any' for doing full substring searches introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_LDAP_INSECURE: name: OCIS_LDAP_INSECURE;GROUPS_LDAP_INSECURE defaultValue: "false" type: bool description: Disable TLS certificate validation for the LDAP connections. Do not set this in production environments. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_LDAP_URI: name: OCIS_LDAP_URI;GROUPS_LDAP_URI defaultValue: ldaps://localhost:9235 type: string description: URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' and 'ldap://' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_LDAP_USER_BASE_DN: name: OCIS_LDAP_USER_BASE_DN;GROUPS_LDAP_USER_BASE_DN defaultValue: ou=users,o=libregraph-idm type: string description: Search base DN for looking up LDAP users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_LDAP_USER_FILTER: name: OCIS_LDAP_USER_FILTER;GROUPS_LDAP_USER_FILTER defaultValue: "" type: string description: LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_LDAP_USER_OBJECTCLASS: name: OCIS_LDAP_USER_OBJECTCLASS;GROUPS_LDAP_USER_OBJECTCLASS defaultValue: inetOrgPerson type: string description: The object class to use for users in the default user search filter ('inetOrgPerson'). introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_LDAP_USER_SCHEMA_DISPLAYNAME: name: OCIS_LDAP_USER_SCHEMA_DISPLAYNAME;GROUPS_LDAP_USER_SCHEMA_DISPLAYNAME defaultValue: displayname type: string description: LDAP Attribute to use for the displayname of users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_LDAP_USER_SCHEMA_ID: name: OCIS_LDAP_USER_SCHEMA_ID;GROUPS_LDAP_USER_SCHEMA_ID defaultValue: ownclouduuid type: string description: LDAP Attribute to use as the unique id for users. This should be a stable globally unique id like a UUID. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING: name: OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;GROUPS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING defaultValue: "false" type: bool description: Set this to true if the defined 'ID' attribute for users is of the 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute of Active Directory for the user ID's. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_LDAP_USER_SCHEMA_MAIL: name: OCIS_LDAP_USER_SCHEMA_MAIL;GROUPS_LDAP_USER_SCHEMA_MAIL defaultValue: mail type: string description: LDAP Attribute to use for the email address of users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_LDAP_USER_SCHEMA_USERNAME: name: OCIS_LDAP_USER_SCHEMA_USERNAME;GROUPS_LDAP_USER_SCHEMA_USERNAME defaultValue: uid type: string description: LDAP Attribute to use for username of users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_LDAP_USER_SCOPE: name: OCIS_LDAP_USER_SCOPE;GROUPS_LDAP_USER_SCOPE defaultValue: sub type: string description: LDAP search scope to use when looking up users. Supported scopes are 'base', 'one' and 'sub'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_LOG_COLOR: name: OCIS_LOG_COLOR;GROUPS_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_LOG_FILE: name: OCIS_LOG_FILE;GROUPS_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_LOG_LEVEL: name: OCIS_LOG_LEVEL;GROUPS_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_LOG_PRETTY: name: OCIS_LOG_PRETTY;GROUPS_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_OWNCLOUDSQL_DB_HOST: name: GROUPS_OWNCLOUDSQL_DB_HOST defaultValue: mysql type: string description: Hostname of the database server. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_OWNCLOUDSQL_DB_NAME: name: GROUPS_OWNCLOUDSQL_DB_NAME defaultValue: owncloud type: string description: Name of the owncloud database. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_OWNCLOUDSQL_DB_PASSWORD: name: GROUPS_OWNCLOUDSQL_DB_PASSWORD defaultValue: "" type: string description: Password for the database user. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_OWNCLOUDSQL_DB_PORT: name: GROUPS_OWNCLOUDSQL_DB_PORT defaultValue: "3306" type: int description: Network port to use for the database connection. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_OWNCLOUDSQL_DB_USERNAME: name: GROUPS_OWNCLOUDSQL_DB_USERNAME defaultValue: owncloud type: string description: Database user to use for authenticating with the owncloud database. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_OWNCLOUDSQL_ENABLE_MEDIAL_SEARCH: name: GROUPS_OWNCLOUDSQL_ENABLE_MEDIAL_SEARCH defaultValue: "false" type: bool description: Allow 'medial search' when searching for users instead of just doing a prefix search. This allows finding 'Alice' when searching for 'lic'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_OWNCLOUDSQL_IDP: name: GROUPS_OWNCLOUDSQL_IDP defaultValue: https://localhost:9200 type: string description: The identity provider value to set in the userids of the CS3 user objects for users returned by this user provider. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_OWNCLOUDSQL_JOIN_OWNCLOUD_UUID: name: GROUPS_OWNCLOUDSQL_JOIN_OWNCLOUD_UUID defaultValue: "false" type: bool description: Join the user properties table to read user IDs. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_OWNCLOUDSQL_JOIN_USERNAME: name: GROUPS_OWNCLOUDSQL_JOIN_USERNAME defaultValue: "false" type: bool description: Join the user properties table to read usernames. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_OWNCLOUDSQL_NOBODY: name: GROUPS_OWNCLOUDSQL_NOBODY defaultValue: "90" type: int64 description: Fallback number if no numeric UID and GID properties are provided. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_SKIP_USER_GROUPS_IN_TOKEN: name: GROUPS_SKIP_USER_GROUPS_IN_TOKEN defaultValue: "false" type: bool description: Disables the loading of user's group memberships from the reva access token. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;GROUPS_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;GROUPS_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;GROUPS_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GROUPS_TRACING_TYPE: name: OCIS_TRACING_TYPE;GROUPS_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDM_ADMIN_PASSWORD: name: IDM_ADMIN_PASSWORD defaultValue: "" type: string description: Password to set for the oCIS 'admin' user. Either cleartext or an argon2id hash. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDM_ADMIN_USER_ID: name: OCIS_ADMIN_USER_ID;IDM_ADMIN_USER_ID defaultValue: "" type: string description: ID of the user that should receive admin privileges. Consider that the UUID can be encoded in some LDAP deployment configurations like in .ldif files. These need to be decoded beforehand. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDM_CREATE_DEMO_USERS: name: IDM_CREATE_DEMO_USERS defaultValue: "false" type: bool description: Flag to enable or disable the creation of the demo users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDM_DATABASE_PATH: name: IDM_DATABASE_PATH defaultValue: /var/lib/ocis/idm/ocis.boltdb type: string description: Full path to the IDM backend database. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/idm. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDM_DEBUG_ADDR: name: IDM_DEBUG_ADDR defaultValue: 127.0.0.1:9239 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDM_DEBUG_PPROF: name: IDM_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDM_DEBUG_TOKEN: name: IDM_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDM_DEBUG_ZPAGES: name: IDM_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDM_IDPSVC_PASSWORD: name: IDM_IDPSVC_PASSWORD defaultValue: "" type: string description: Password to set for the 'idp' service user. Either cleartext or an argon2id hash. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDM_LDAPS_ADDR: name: IDM_LDAPS_ADDR defaultValue: 127.0.0.1:9235 type: string description: Listen address for the LDAPS listener (ip-addr:port). introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDM_LDAPS_CERT: name: IDM_LDAPS_CERT defaultValue: /var/lib/ocis/idm/ldap.crt type: string description: File name of the TLS server certificate for the LDAPS listener. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/idm. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDM_LDAPS_KEY: name: IDM_LDAPS_KEY defaultValue: /var/lib/ocis/idm/ldap.key type: string description: File name for the TLS certificate key for the server certificate. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/idm. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDM_LOG_COLOR: name: OCIS_LOG_COLOR;IDM_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDM_LOG_FILE: name: OCIS_LOG_FILE;IDM_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDM_LOG_LEVEL: name: OCIS_LOG_LEVEL;IDM_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDM_LOG_PRETTY: name: OCIS_LOG_PRETTY;IDM_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDM_REVASVC_PASSWORD: name: IDM_REVASVC_PASSWORD defaultValue: "" type: string description: Password to set for the 'reva' service user. Either cleartext or an argon2id hash. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDM_SVC_PASSWORD: name: IDM_SVC_PASSWORD defaultValue: "" type: string description: Password to set for the 'idm' service user. Either cleartext or an argon2id hash. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDM_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;IDM_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDM_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;IDM_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDM_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;IDM_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDM_TRACING_TYPE: name: OCIS_TRACING_TYPE;IDM_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_ACCESS_TOKEN_EXPIRATION: name: IDP_ACCESS_TOKEN_EXPIRATION defaultValue: "300" type: uint64 description: '''Access token lifespan in seconds (time before an access token is expired).''' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_ALLOW_CLIENT_GUESTS: name: IDP_ALLOW_CLIENT_GUESTS defaultValue: "false" type: bool description: Allow guest clients to access oCIS. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_ALLOW_DYNAMIC_CLIENT_REGISTRATION: name: IDP_ALLOW_DYNAMIC_CLIENT_REGISTRATION defaultValue: "false" type: bool description: Allow dynamic client registration. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_ASSET_PATH: name: IDP_ASSET_PATH defaultValue: "" type: string description: Serve IDP assets from a path on the filesystem instead of the builtin assets. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_DEBUG_ADDR: name: IDP_DEBUG_ADDR defaultValue: 127.0.0.1:9134 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_DEBUG_PPROF: name: IDP_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_DEBUG_TOKEN: name: IDP_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_DEBUG_ZPAGES: name: IDP_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_DYNAMIC_CLIENT_SECRET_DURATION: name: IDP_DYNAMIC_CLIENT_SECRET_DURATION defaultValue: "0" type: uint64 description: Lifespan in seconds of a dynamically registered OIDC client. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_ENCRYPTION_SECRET_FILE: name: IDP_ENCRYPTION_SECRET_FILE defaultValue: /var/lib/ocis/idp/encryption.key type: string description: Path to the encryption secret file, if unset, a new certificate will be autogenerated upon each restart, thus invalidating all existing sessions. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/idp. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_ENDPOINT_URI: name: IDP_ENDPOINT_URI defaultValue: "" type: string description: URL of the IDP endpoint. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_HTTP_ADDR: name: IDP_HTTP_ADDR defaultValue: 127.0.0.1:9130 type: string description: The bind address of the HTTP service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_HTTP_ROOT: name: IDP_HTTP_ROOT defaultValue: / type: string description: Subdirectory that serves as the root for this HTTP service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_ID_TOKEN_EXPIRATION: name: IDP_ID_TOKEN_EXPIRATION defaultValue: "300" type: uint64 description: ID token lifespan in seconds (time before an ID token is expired). introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_IDENTITY_MANAGER: name: IDP_IDENTITY_MANAGER defaultValue: ldap type: string description: The identity manager implementation to use. Supported identity managers are 'ldap', 'cs3', 'libregraph' and 'guest'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_INSECURE: name: OCIS_LDAP_INSECURE;IDP_INSECURE defaultValue: "false" type: bool description: Disable TLS certificate validation for the LDAP connections. Do not set this in production environments. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_ISS: name: OCIS_URL;OCIS_OIDC_ISSUER;IDP_ISS defaultValue: https://localhost:9200 type: string description: The OIDC issuer URL to use. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_LDAP_BASE_DN: name: OCIS_LDAP_USER_BASE_DN;IDP_LDAP_BASE_DN defaultValue: ou=users,o=libregraph-idm type: string description: Search base DN for looking up LDAP users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_LDAP_BIND_DN: name: OCIS_LDAP_BIND_DN;IDP_LDAP_BIND_DN defaultValue: uid=idp,ou=sysusers,o=libregraph-idm type: string description: LDAP DN to use for simple bind authentication with the target LDAP server. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_LDAP_BIND_PASSWORD: name: OCIS_LDAP_BIND_PASSWORD;IDP_LDAP_BIND_PASSWORD defaultValue: "" type: string description: Password to use for authenticating the 'bind_dn'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_LDAP_EMAIL_ATTRIBUTE: name: OCIS_LDAP_USER_SCHEMA_MAIL;IDP_LDAP_EMAIL_ATTRIBUTE defaultValue: mail type: string description: LDAP User email attribute like 'mail'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_LDAP_FILTER: name: OCIS_LDAP_USER_FILTER;IDP_LDAP_FILTER defaultValue: "" type: string description: LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_LDAP_LOGIN_ATTRIBUTE: name: IDP_LDAP_LOGIN_ATTRIBUTE defaultValue: uid type: string description: LDAP User attribute to use for login like 'uid'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_LDAP_NAME_ATTRIBUTE: name: OCIS_LDAP_USER_SCHEMA_USERNAME;IDP_LDAP_NAME_ATTRIBUTE defaultValue: displayName type: string description: LDAP User name attribute like 'displayName'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_LDAP_OBJECTCLASS: name: OCIS_LDAP_USER_OBJECTCLASS;IDP_LDAP_OBJECTCLASS defaultValue: inetOrgPerson type: string description: LDAP User ObjectClass like 'inetOrgPerson'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_LDAP_SCOPE: name: OCIS_LDAP_USER_SCOPE;IDP_LDAP_SCOPE defaultValue: sub type: string description: LDAP search scope to use when looking up users. Supported scopes are 'base', 'one' and 'sub'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_LDAP_TLS_CACERT: name: OCIS_LDAP_CACERT;IDP_LDAP_TLS_CACERT defaultValue: /var/lib/ocis/idm/ldap.crt type: string description: Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/idp. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_LDAP_URI: name: OCIS_LDAP_URI;IDP_LDAP_URI defaultValue: ldaps://localhost:9235 type: string description: Url of the LDAP service to use as IDP. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_LDAP_UUID_ATTRIBUTE: name: OCIS_LDAP_USER_SCHEMA_ID;IDP_LDAP_UUID_ATTRIBUTE defaultValue: ownCloudUUID type: string description: LDAP User UUID attribute like 'uid'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_LDAP_UUID_ATTRIBUTE_TYPE: name: IDP_LDAP_UUID_ATTRIBUTE_TYPE defaultValue: text type: string description: LDAP User uuid attribute type like 'text'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_LOG_COLOR: name: OCIS_LOG_COLOR;IDP_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_LOG_FILE: name: OCIS_LOG_FILE;IDP_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_LOG_LEVEL: name: OCIS_LOG_LEVEL;IDP_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_LOG_PRETTY: name: OCIS_LOG_PRETTY;IDP_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_LOGIN_BACKGROUND_URL: name: IDP_LOGIN_BACKGROUND_URL defaultValue: "" type: string description: Configure an alternative URL to the background image for the login page. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_MACHINE_AUTH_API_KEY: name: OCIS_MACHINE_AUTH_API_KEY;IDP_MACHINE_AUTH_API_KEY defaultValue: "" type: string description: Machine auth API key used to validate internal requests necessary for the access to resources from other services. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_PASSWORD_RESET_URI: name: IDP_PASSWORD_RESET_URI defaultValue: "" type: string description: The URI where a user can reset their password. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_REFRESH_TOKEN_EXPIRATION: name: IDP_REFRESH_TOKEN_EXPIRATION defaultValue: "2592000" type: uint64 description: Refresh token lifespan in seconds (time before an refresh token is expired). This also limits the duration of an idle offline session. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_SIGN_IN_URI: name: IDP_SIGN_IN_URI defaultValue: "" type: string description: IDP sign-in url. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_SIGN_OUT_URI: name: IDP_SIGN_OUT_URI defaultValue: "" type: string description: IDP sign-out url. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_SIGNING_KID: name: IDP_SIGNING_KID defaultValue: private-key type: string description: Value of the KID (Key ID) field which is used in created tokens to uniquely identify the signing-private-key. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_SIGNING_METHOD: name: IDP_SIGNING_METHOD defaultValue: PS256 type: string description: Signing method of IDP requests like 'PS256' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_SIGNING_PRIVATE_KEY_FILES: name: IDP_SIGNING_PRIVATE_KEY_FILES defaultValue: '[/var/lib/ocis/idp/private-key.pem]' type: '[]string' description: A list of private key files for signing IDP requests. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/idp. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_TLS: name: IDP_TLS defaultValue: "false" type: bool description: Disable or Enable HTTPS for the communication between the Proxy service and the IDP service. If set to 'true', the key and cert files need to be configured and present. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;IDP_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;IDP_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;IDP_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_TRACING_TYPE: name: OCIS_TRACING_TYPE;IDP_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_TRANSPORT_TLS_CERT: name: IDP_TRANSPORT_TLS_CERT defaultValue: /var/lib/ocis/idp/server.crt type: string description: Path/File name of the TLS server certificate (in PEM format) for the IDP service. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/idp. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_TRANSPORT_TLS_KEY: name: IDP_TRANSPORT_TLS_KEY defaultValue: /var/lib/ocis/idp/server.key type: string description: Path/File name for the TLS certificate key (in PEM format) for the server certificate to use for the IDP service. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/idp. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_URI_BASE_PATH: name: IDP_URI_BASE_PATH defaultValue: "" type: string description: IDP uri base path (defaults to ''). introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_USER_ENABLED_ATTRIBUTE: name: OCIS_LDAP_USER_ENABLED_ATTRIBUTE;IDP_USER_ENABLED_ATTRIBUTE defaultValue: ownCloudUserEnabled type: string description: LDAP Attribute to use as a flag telling if the user is enabled or disabled. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" IDP_VALIDATION_KEYS_PATH: name: IDP_VALIDATION_KEYS_PATH defaultValue: "" type: string description: Path to validation keys for IDP requests. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" INVITATIONS_CORS_ALLOW_CREDENTIALS: name: OCIS_CORS_ALLOW_CREDENTIALS;INVITATIONS_CORS_ALLOW_CREDENTIALS defaultValue: "false" type: bool description: 'Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" INVITATIONS_CORS_ALLOW_HEADERS: name: OCIS_CORS_ALLOW_HEADERS;INVITATIONS_CORS_ALLOW_HEADERS defaultValue: '[]' type: '[]string' description: 'A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" INVITATIONS_CORS_ALLOW_METHODS: name: OCIS_CORS_ALLOW_METHODS;INVITATIONS_CORS_ALLOW_METHODS defaultValue: '[]' type: '[]string' description: 'A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" INVITATIONS_CORS_ALLOW_ORIGINS: name: OCIS_CORS_ALLOW_ORIGINS;INVITATIONS_CORS_ALLOW_ORIGINS defaultValue: '[https://localhost:9200]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" INVITATIONS_DEBUG_ADDR: name: INVITATIONS_DEBUG_ADDR defaultValue: 127.0.0.1:0 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" INVITATIONS_DEBUG_PPROF: name: INVITATIONS_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" INVITATIONS_DEBUG_TOKEN: name: INVITATIONS_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" INVITATIONS_DEBUG_ZPAGES: name: INVITATIONS_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" INVITATIONS_HTTP_ADDR: name: INVITATIONS_HTTP_ADDR defaultValue: 127.0.0.1:0 type: string description: The bind address of the HTTP service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" INVITATIONS_HTTP_ROOT: name: INVITATIONS_HTTP_ROOT defaultValue: /graph/v1.0 type: string description: Subdirectory that serves as the root for this HTTP service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" INVITATIONS_JWT_SECRET: name: OCIS_JWT_SECRET;INVITATIONS_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" INVITATIONS_KEYCLOAK_BASE_PATH: name: OCIS_KEYCLOAK_BASE_PATH;INVITATIONS_KEYCLOAK_BASE_PATH defaultValue: "" type: string description: The URL to access keycloak. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" INVITATIONS_KEYCLOAK_CLIENT_ID: name: OCIS_KEYCLOAK_CLIENT_ID;INVITATIONS_KEYCLOAK_CLIENT_ID defaultValue: "" type: string description: The client ID to authenticate with keycloak. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" INVITATIONS_KEYCLOAK_CLIENT_REALM: name: OCIS_KEYCLOAK_CLIENT_REALM;INVITATIONS_KEYCLOAK_CLIENT_REALM defaultValue: "" type: string description: The realm the client is defined in. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" INVITATIONS_KEYCLOAK_CLIENT_SECRET: name: OCIS_KEYCLOAK_CLIENT_SECRET;INVITATIONS_KEYCLOAK_CLIENT_SECRET defaultValue: "" type: string description: The client secret to use in authentication. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" INVITATIONS_KEYCLOAK_INSECURE_SKIP_VERIFY: name: OCIS_KEYCLOAK_INSECURE_SKIP_VERIFY;INVITATIONS_KEYCLOAK_INSECURE_SKIP_VERIFY defaultValue: "false" type: bool description: Disable TLS certificate validation for Keycloak connections. Do not set this in production environments. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" INVITATIONS_KEYCLOAK_USER_REALM: name: OCIS_KEYCLOAK_USER_REALM;INVITATIONS_KEYCLOAK_USER_REALM defaultValue: "" type: string description: The realm users are defined. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" INVITATIONS_LOG_COLOR: name: OCIS_LOG_COLOR;INVITATIONS_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" INVITATIONS_LOG_FILE: name: OCIS_LOG_FILE;INVITATIONS_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" INVITATIONS_LOG_LEVEL: name: OCIS_LOG_LEVEL;INVITATIONS_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" INVITATIONS_LOG_PRETTY: name: OCIS_LOG_PRETTY;INVITATIONS_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" INVITATIONS_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;INVITATIONS_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" INVITATIONS_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;INVITATIONS_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" INVITATIONS_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;INVITATIONS_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" INVITATIONS_TRACING_TYPE: name: OCIS_TRACING_TYPE;INVITATIONS_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" LDAP_GROUP_SUBSTRING_FILTER_TYPE: name: LDAP_GROUP_SUBSTRING_FILTER_TYPE;GROUPS_LDAP_GROUP_SUBSTRING_FILTER_TYPE defaultValue: any type: string description: Type of substring search filter to use for substring searches for groups. Supported values are 'initial', 'final' and 'any'. The value 'initial' is used for doing prefix only searches, 'final' for doing suffix only searches or 'any' for doing full substring searches introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" LDAP_LOGIN_ATTRIBUTES: name: LDAP_LOGIN_ATTRIBUTES;AUTH_BASIC_LDAP_LOGIN_ATTRIBUTES defaultValue: '[uid]' type: '[]string' description: A list of user object attributes that can be used for login. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" LDAP_USER_SCHEMA_DISPLAY_NAME: name: LDAP_USER_SCHEMA_DISPLAY_NAME;GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE defaultValue: displayName type: string description: LDAP Attribute to use for the display name of users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" LDAP_USER_SUBSTRING_FILTER_TYPE: name: LDAP_USER_SUBSTRING_FILTER_TYPE;USERS_LDAP_USER_SUBSTRING_FILTER_TYPE defaultValue: any type: string description: 'Type of substring search filter to use for substring searches for users. Possible values: ''initial'' for doing prefix only searches, ''final'' for doing suffix only searches or ''any'' for doing full substring searches' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NATS_DEBUG_ADDR: name: NATS_DEBUG_ADDR defaultValue: 127.0.0.1:9234 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NATS_DEBUG_PPROF: name: NATS_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NATS_DEBUG_TOKEN: name: NATS_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NATS_DEBUG_ZPAGES: name: NATS_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NATS_EVENTS_ENABLE_TLS: name: OCIS_EVENTS_ENABLE_TLS;NATS_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NATS_LOG_COLOR: name: OCIS_LOG_COLOR;NATS_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NATS_LOG_FILE: name: OCIS_LOG_FILE;NATS_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NATS_LOG_LEVEL: name: OCIS_LOG_LEVEL;NATS_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NATS_LOG_PRETTY: name: OCIS_LOG_PRETTY;NATS_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NATS_NATS_CLUSTER_ID: name: NATS_NATS_CLUSTER_ID defaultValue: ocis-cluster type: string description: ID of the NATS cluster. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NATS_NATS_HOST: name: NATS_NATS_HOST defaultValue: 127.0.0.1 type: string description: Bind address. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NATS_NATS_PORT: name: NATS_NATS_PORT defaultValue: "9233" type: int description: Bind port. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NATS_NATS_STORE_DIR: name: NATS_NATS_STORE_DIR defaultValue: /var/lib/ocis/nats type: string description: The directory where the filesystem storage will store NATS JetStream data. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/nats. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NATS_TLS_CERT: name: NATS_TLS_CERT defaultValue: /var/lib/ocis/nats/tls.crt type: string description: Path/File name of the TLS server certificate (in PEM format) for the NATS listener. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/nats. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NATS_TLS_KEY: name: NATS_TLS_KEY defaultValue: /var/lib/ocis/nats/tls.key type: string description: Path/File name for the TLS certificate key (in PEM format) for the NATS listener. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/nats. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NATS_TLS_SKIP_VERIFY_CLIENT_CERT: name: OCIS_INSECURE;NATS_TLS_SKIP_VERIFY_CLIENT_CERT defaultValue: "false" type: bool description: Whether the NATS server should skip the client certificate verification during the TLS handshake. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NATS_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;NATS_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NATS_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;NATS_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NATS_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;NATS_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NATS_TRACING_TYPE: name: OCIS_TRACING_TYPE;NATS_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NOTIFICATIONS_DEBUG_ADDR: name: NOTIFICATIONS_DEBUG_ADDR defaultValue: 127.0.0.1:9174 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NOTIFICATIONS_DEBUG_PPROF: name: NOTIFICATIONS_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NOTIFICATIONS_DEBUG_TOKEN: name: NOTIFICATIONS_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NOTIFICATIONS_DEBUG_ZPAGES: name: NOTIFICATIONS_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NOTIFICATIONS_EMAIL_TEMPLATE_PATH: name: OCIS_EMAIL_TEMPLATE_PATH;NOTIFICATIONS_EMAIL_TEMPLATE_PATH defaultValue: "" type: string description: Path to Email notification templates overriding embedded ones. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NOTIFICATIONS_EVENTS_AUTH_PASSWORD: name: OCIS_EVENTS_AUTH_PASSWORD;NOTIFICATIONS_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" NOTIFICATIONS_EVENTS_AUTH_USERNAME: name: OCIS_EVENTS_AUTH_USERNAME;NOTIFICATIONS_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" NOTIFICATIONS_EVENTS_CLUSTER: name: OCIS_EVENTS_CLUSTER;NOTIFICATIONS_EVENTS_CLUSTER defaultValue: ocis-cluster type: string description: The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NOTIFICATIONS_EVENTS_ENABLE_TLS: name: OCIS_EVENTS_ENABLE_TLS;NOTIFICATIONS_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NOTIFICATIONS_EVENTS_ENDPOINT: name: OCIS_EVENTS_ENDPOINT;NOTIFICATIONS_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NOTIFICATIONS_EVENTS_TLS_INSECURE: name: OCIS_INSECURE;NOTIFICATIONS_EVENTS_TLS_INSECURE defaultValue: "false" type: bool description: Whether to verify the server TLS certificates. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NOTIFICATIONS_EVENTS_TLS_ROOT_CA_CERTIFICATE: name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;NOTIFICATIONS_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NOTIFICATIONS_LOG_COLOR: name: OCIS_LOG_COLOR;NOTIFICATIONS_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NOTIFICATIONS_LOG_FILE: name: OCIS_LOG_FILE;NOTIFICATIONS_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NOTIFICATIONS_LOG_LEVEL: name: OCIS_LOG_LEVEL;NOTIFICATIONS_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NOTIFICATIONS_LOG_PRETTY: name: OCIS_LOG_PRETTY;NOTIFICATIONS_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NOTIFICATIONS_SERVICE_ACCOUNT_ID: name: OCIS_SERVICE_ACCOUNT_ID;NOTIFICATIONS_SERVICE_ACCOUNT_ID defaultValue: "" type: string description: The ID of the service account the service should use. See the 'auth-service' service description for more details. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" NOTIFICATIONS_SERVICE_ACCOUNT_SECRET: name: OCIS_SERVICE_ACCOUNT_SECRET;NOTIFICATIONS_SERVICE_ACCOUNT_SECRET defaultValue: "" type: string description: The service account secret. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" NOTIFICATIONS_SMTP_AUTHENTICATION: name: NOTIFICATIONS_SMTP_AUTHENTICATION defaultValue: "" type: string description: Authentication method for the SMTP communication. Possible values are 'login', 'plain', 'crammd5', 'none' or 'auto'. If set to 'auto' or unset, the authentication method is automatically negotiated with the server. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NOTIFICATIONS_SMTP_ENCRYPTION: name: NOTIFICATIONS_SMTP_ENCRYPTION defaultValue: none type: string description: Encryption method for the SMTP communication. Possible values are 'starttls', 'ssl', 'ssltls', 'tls' and 'none'. introductionVersion: pre5.0 deprecationVersion: 5.0.0 removalVersion: 7.0.0 deprecationInfo: The NOTIFICATIONS_SMTP_ENCRYPTION values 'ssl' and 'tls' are deprecated and will be removed in the future. NOTIFICATIONS_SMTP_HOST: name: NOTIFICATIONS_SMTP_HOST defaultValue: "" type: string description: SMTP host to connect to. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NOTIFICATIONS_SMTP_INSECURE: name: NOTIFICATIONS_SMTP_INSECURE defaultValue: "false" type: bool description: Allow insecure connections to the SMTP server. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NOTIFICATIONS_SMTP_PASSWORD: name: NOTIFICATIONS_SMTP_PASSWORD defaultValue: "" type: string description: Password for the SMTP host to connect to. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NOTIFICATIONS_SMTP_PORT: name: NOTIFICATIONS_SMTP_PORT defaultValue: "0" type: int description: Port of the SMTP host to connect to. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NOTIFICATIONS_SMTP_SENDER: name: NOTIFICATIONS_SMTP_SENDER defaultValue: "" type: string description: Sender address of emails that will be sent (e.g. 'ownCloud '. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NOTIFICATIONS_SMTP_USERNAME: name: NOTIFICATIONS_SMTP_USERNAME defaultValue: "" type: string description: Username for the SMTP host to connect to. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NOTIFICATIONS_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;NOTIFICATIONS_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NOTIFICATIONS_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;NOTIFICATIONS_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NOTIFICATIONS_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;NOTIFICATIONS_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NOTIFICATIONS_TRACING_TYPE: name: OCIS_TRACING_TYPE;NOTIFICATIONS_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NOTIFICATIONS_TRANSLATION_PATH: name: OCIS_TRANSLATION_PATH;NOTIFICATIONS_TRANSLATION_PATH defaultValue: "" type: string description: (optional) Set this to a path with custom translations to overwrite the builtin translations. Note that file and folder naming rules apply, see the documentation for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" NOTIFICATIONS_WEB_UI_URL: name: OCIS_URL;NOTIFICATIONS_WEB_UI_URL defaultValue: https://localhost:9200 type: string description: The public facing URL of the oCIS Web UI, used e.g. when sending notification eMails introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCDAV_ALLOW_PROPFIND_DEPTH_INFINITY: name: OCDAV_ALLOW_PROPFIND_DEPTH_INFINITY defaultValue: "false" type: bool description: Allow the use of depth infinity in PROPFINDS. When enabled, a propfind will traverse through all subfolders. If many subfolders are expected, depth infinity can cause heavy server load and/or delayed response times. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCDAV_CORS_ALLOW_CREDENTIALS: name: OCIS_CORS_ALLOW_CREDENTIALS;OCDAV_CORS_ALLOW_CREDENTIALS defaultValue: "false" type: bool description: 'Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCDAV_CORS_ALLOW_HEADERS: name: OCIS_CORS_ALLOW_HEADERS;OCDAV_CORS_ALLOW_HEADERS defaultValue: '[Origin Accept Content-Type Depth Authorization Ocs-Apirequest If-None-Match If-Match Destination Overwrite X-Request-Id X-Requested-With Tus-Resumable Tus-Checksum-Algorithm Upload-Concat Upload-Length Upload-Metadata Upload-Defer-Length Upload-Expires Upload-Checksum Upload-Offset X-HTTP-Method-Override Cache-Control]' type: '[]string' description: 'A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCDAV_CORS_ALLOW_METHODS: name: OCIS_CORS_ALLOW_METHODS;OCDAV_CORS_ALLOW_METHODS defaultValue: '[OPTIONS HEAD GET PUT POST DELETE MKCOL PROPFIND PROPPATCH MOVE COPY REPORT SEARCH]' type: '[]string' description: 'A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCDAV_CORS_ALLOW_ORIGINS: name: OCIS_CORS_ALLOW_ORIGINS;OCDAV_CORS_ALLOW_ORIGINS defaultValue: '[https://localhost:9200]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCDAV_DEBUG_ADDR: name: OCDAV_DEBUG_ADDR defaultValue: 127.0.0.1:9163 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCDAV_DEBUG_PPROF: name: OCDAV_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCDAV_DEBUG_TOKEN: name: OCDAV_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCDAV_DEBUG_ZPAGES: name: OCDAV_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCDAV_EDITION: name: OCIS_EDITION;OCDAV_EDITION defaultValue: Community type: string description: Edition of oCIS. Used for branding purposes. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCDAV_FILES_NAMESPACE: name: OCDAV_FILES_NAMESPACE defaultValue: /users/{{.Id.OpaqueId}} type: string description: Jail requests to /dav/files/{username} into this CS3 namespace. Supports template layouting with CS3 User properties. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCDAV_GATEWAY_REQUEST_TIMEOUT: name: OCDAV_GATEWAY_REQUEST_TIMEOUT defaultValue: "84300" type: int64 description: Request timeout in seconds for requests from the oCDAV service to the GATEWAY service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCDAV_HTTP_ADDR: name: OCDAV_HTTP_ADDR defaultValue: 127.0.0.1:0 type: string description: The bind address of the HTTP service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCDAV_HTTP_PREFIX: name: OCDAV_HTTP_PREFIX defaultValue: "" type: string description: A URL path prefix for the handler. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCDAV_HTTP_PROTOCOL: name: OCDAV_HTTP_PROTOCOL defaultValue: tcp type: string description: The transport protocol of the HTTP service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCDAV_INSECURE: name: OCIS_INSECURE;OCDAV_INSECURE defaultValue: "false" type: bool description: Allow insecure connections to the GATEWAY service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCDAV_JWT_SECRET: name: OCIS_JWT_SECRET;OCDAV_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCDAV_LOG_COLOR: name: OCIS_LOG_COLOR;OCDAV_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCDAV_LOG_FILE: name: OCIS_LOG_FILE;OCDAV_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCDAV_LOG_LEVEL: name: OCIS_LOG_LEVEL;OCDAV_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCDAV_LOG_PRETTY: name: OCIS_LOG_PRETTY;OCDAV_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCDAV_MACHINE_AUTH_API_KEY: name: OCIS_MACHINE_AUTH_API_KEY;OCDAV_MACHINE_AUTH_API_KEY defaultValue: "" type: string description: Machine auth API key used to validate internal requests necessary for the access to resources from other services. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCDAV_OCM_NAMESPACE: name: OCDAV_OCM_NAMESPACE defaultValue: /public type: string description: The human readable path prefix for the ocm shares. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCDAV_PUBLIC_URL: name: OCIS_URL;OCDAV_PUBLIC_URL defaultValue: https://localhost:9200 type: string description: URL where oCIS is reachable for users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCDAV_SHARES_NAMESPACE: name: OCDAV_SHARES_NAMESPACE defaultValue: /Shares type: string description: The human readable path for the share jail. Relative to a users personal space root. Upcased intentionally. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCDAV_SKIP_USER_GROUPS_IN_TOKEN: name: OCDAV_SKIP_USER_GROUPS_IN_TOKEN defaultValue: "false" type: bool description: Disables the loading of user's group memberships from the reva access token. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCDAV_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;OCDAV_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCDAV_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;OCDAV_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCDAV_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;OCDAV_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCDAV_TRACING_TYPE: name: OCIS_TRACING_TYPE;OCDAV_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCDAV_WEBDAV_NAMESPACE: name: OCDAV_WEBDAV_NAMESPACE defaultValue: /users/{{.Id.OpaqueId}} type: string description: Jail requests to /dav/webdav into this CS3 namespace. Supports template layouting with CS3 User properties. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_ADMIN_USER_ID: name: OCIS_ADMIN_USER_ID;IDM_ADMIN_USER_ID defaultValue: "" type: string description: ID of the user that should receive admin privileges. Consider that the UUID can be encoded in some LDAP deployment configurations like in .ldif files. These need to be decoded beforehand. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_ASSET_THEMES_PATH: name: OCIS_ASSET_THEMES_PATH;WEB_ASSET_THEMES_PATH defaultValue: /var/lib/ocis/web/assets/themes type: string description: Serve ownCloud themes from a path on the filesystem instead of the builtin assets. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/web/assets/themes introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_ASYNC_UPLOADS: name: OCIS_ASYNC_UPLOADS;SEARCH_EVENTS_ASYNC_UPLOADS defaultValue: "true" type: bool description: Enable asynchronous file uploads. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_CACHE_AUTH_PASSWORD: name: OCIS_CACHE_AUTH_PASSWORD;GRAPH_CACHE_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_CACHE_AUTH_USERNAME: name: OCIS_CACHE_AUTH_USERNAME;GRAPH_CACHE_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_CACHE_DATABASE: name: OCIS_CACHE_DATABASE defaultValue: cache-createhome type: string description: The database name the configured store should use. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_CACHE_DISABLE_PERSISTENCE: name: OCIS_CACHE_DISABLE_PERSISTENCE;GRAPH_CACHE_DISABLE_PERSISTENCE defaultValue: "false" type: bool description: Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_CACHE_SIZE: name: OCIS_CACHE_SIZE;GRAPH_CACHE_SIZE defaultValue: "0" type: int description: The maximum quantity of items in the store. Only applies when store type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package though not explicitly set as default. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_CACHE_STORE: name: OCIS_CACHE_STORE;GRAPH_CACHE_STORE defaultValue: memory type: string description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'', ''nats-js-kv'', ''noop''. See the text description for details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_CACHE_STORE_NODES: name: OCIS_CACHE_STORE_NODES;GRAPH_CACHE_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. This has no effect when 'memory' or 'ocmem' stores are configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_CACHE_TTL: name: OCIS_CACHE_TTL;GRAPH_CACHE_TTL defaultValue: 336h0m0s type: Duration description: Time to live for cache records in the graph. Defaults to '336h' (2 weeks). See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_CORS_ALLOW_CREDENTIALS: name: OCIS_CORS_ALLOW_CREDENTIALS;OCDAV_CORS_ALLOW_CREDENTIALS defaultValue: "false" type: bool description: 'Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_CORS_ALLOW_HEADERS: name: OCIS_CORS_ALLOW_HEADERS;OCDAV_CORS_ALLOW_HEADERS defaultValue: '[Origin Accept Content-Type Depth Authorization Ocs-Apirequest If-None-Match If-Match Destination Overwrite X-Request-Id X-Requested-With Tus-Resumable Tus-Checksum-Algorithm Upload-Concat Upload-Length Upload-Metadata Upload-Defer-Length Upload-Expires Upload-Checksum Upload-Offset X-HTTP-Method-Override Cache-Control]' type: '[]string' description: 'A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_CORS_ALLOW_METHODS: name: OCIS_CORS_ALLOW_METHODS;OCDAV_CORS_ALLOW_METHODS defaultValue: '[OPTIONS HEAD GET PUT POST DELETE MKCOL PROPFIND PROPPATCH MOVE COPY REPORT SEARCH]' type: '[]string' description: 'A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_CORS_ALLOW_ORIGINS: name: OCIS_CORS_ALLOW_ORIGINS;OCDAV_CORS_ALLOW_ORIGINS defaultValue: '[https://localhost:9200]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_CORS_EXPOSE_HEADERS: name: OCIS_CORS_EXPOSE_HEADERS;STORAGE_USERS_CORS_EXPOSE_HEADERS defaultValue: '[Upload-Offset Location Upload-Length Tus-Version Tus-Resumable Tus-Max-Size Tus-Extension Upload-Metadata Upload-Defer-Length Upload-Concat Upload-Incomplete Upload-Draft-Interop-Version]' type: '[]string' description: 'A list of exposed CORS headers. See following chapter for more details: *Access-Control-Expose-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_CORS_MAX_AGE: name: OCIS_CORS_MAX_AGE;STORAGE_USERS_CORS_MAX_AGE defaultValue: "86400" type: uint description: 'The max cache duration of preflight headers. See following chapter for more details: *Access-Control-Max-Age* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_DECOMPOSEDFS_METADATA_BACKEND: name: OCIS_DECOMPOSEDFS_METADATA_BACKEND;STORAGE_SYSTEM_OCIS_METADATA_BACKEND defaultValue: messagepack type: string description: The backend to use for storing metadata. Supported values are 'messagepack' and 'xattrs'. The setting 'messagepack' uses a dedicated file to store file metadata while 'xattrs' uses extended attributes to store file metadata. Defaults to 'messagepack'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_DECOMPOSEDFS_PROPAGATOR: name: OCIS_DECOMPOSEDFS_PROPAGATOR;STORAGE_USERS_S3NG_PROPAGATOR defaultValue: sync type: string description: The propagator used for decomposedfs. At the moment, only 'sync' is fully supported, 'async' is available as an experimental option. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_DEFAULT_LANGUAGE: name: OCIS_DEFAULT_LANGUAGE defaultValue: "" type: string description: The default language used by services and the WebUI. If not defined, English will be used as default. See the documentation for more details. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_DISABLE_PREVIEWS: name: OCIS_DISABLE_PREVIEWS;WEB_OPTION_DISABLE_PREVIEWS defaultValue: "false" type: bool description: Set this option to 'true' to disable previews in all the different web file listing views. This can speed up file listings in folders with many files. The only list view that is not affected by this setting is the trash bin, as it does not allow previewing at all. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_DISABLE_SSE: name: OCIS_DISABLE_SSE;FRONTEND_DISABLE_SSE defaultValue: "false" type: bool description: When set to true, clients are informed that the Server-Sent Events endpoint is not accessible. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_DISABLE_SSE,USERLOG_DISABLE_SSE: name: OCIS_DISABLE_SSE,USERLOG_DISABLE_SSE defaultValue: "false" type: bool description: Disables server-sent events (sse). When disabled, clients will no longer receive sse notifications. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_DISABLE_VERSIONING: name: OCIS_DISABLE_VERSIONING defaultValue: "false" type: bool description: Disables versioning of files. When set to true, new uploads with the same filename will overwrite existing files instead of creating a new version. introductionVersion: '%%NEXT%%' deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_EDITION: name: OCIS_EDITION;OCDAV_EDITION defaultValue: Community type: string description: Edition of oCIS. Used for branding purposes. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_EMAIL_TEMPLATE_PATH: name: OCIS_EMAIL_TEMPLATE_PATH;NOTIFICATIONS_EMAIL_TEMPLATE_PATH defaultValue: "" type: string description: Path to Email notification templates overriding embedded ones. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_ENABLE_RESHARING: name: OCIS_ENABLE_RESHARING;FRONTEND_ENABLE_RESHARING defaultValue: "false" type: bool description: Changing this value is NOT supported. Enables the support for re-sharing in the clients. introductionVersion: pre5.0 deprecationVersion: "5.0" removalVersion: "" deprecationInfo: Resharing will be removed in the future. OCIS_EVENTS_AUTH_PASSWORD: name: OCIS_EVENTS_AUTH_PASSWORD;GRAPH_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_EVENTS_AUTH_USERNAME: name: OCIS_EVENTS_AUTH_USERNAME;GRAPH_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_EVENTS_CLUSTER: name: OCIS_EVENTS_CLUSTER;GRAPH_EVENTS_CLUSTER defaultValue: ocis-cluster type: string description: The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_EVENTS_ENABLE_TLS: name: OCIS_EVENTS_ENABLE_TLS;NATS_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_EVENTS_ENDPOINT: name: OCIS_EVENTS_ENDPOINT;GRAPH_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Set to a empty string to disable emitting events. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE: name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;GRAPH_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. If provided GRAPH_EVENTS_TLS_INSECURE will be seen as false. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_GATEWAY_GRPC_ADDR: name: OCIS_GATEWAY_GRPC_ADDR;GATEWAY_GRPC_ADDR defaultValue: 127.0.0.1:9142 type: string description: The bind address of the GRPC service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_GRPC_CLIENT_TLS_CACERT: name: OCIS_GRPC_CLIENT_TLS_CACERT defaultValue: "" type: string description: Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the go-micro based grpc services. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_GRPC_CLIENT_TLS_MODE: name: OCIS_GRPC_CLIENT_TLS_MODE defaultValue: "" type: string description: 'TLS mode for grpc connection to the go-micro based grpc services. Possible values are ''off'', ''insecure'' and ''on''. ''off'': disables transport security for the clients. ''insecure'' allows using transport security, but disables certificate verification (to be used with the autogenerated self-signed certificates). ''on'' enables transport security, including server certificate verification.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_HTTP_TLS_CERTIFICATE: name: OCIS_HTTP_TLS_CERTIFICATE defaultValue: "" type: string description: Path/File name of the TLS server certificate (in PEM format) for the http services. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_HTTP_TLS_ENABLED: name: OCIS_HTTP_TLS_ENABLED defaultValue: "false" type: bool description: Activates TLS for the http based services using the server certifcate and key configured via OCIS_HTTP_TLS_CERTIFICATE and OCIS_HTTP_TLS_KEY. If OCIS_HTTP_TLS_CERTIFICATE is not set a temporary server certificate is generated - to be used with PROXY_INSECURE_BACKEND=true. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_HTTP_TLS_KEY: name: OCIS_HTTP_TLS_KEY defaultValue: "" type: string description: Path/File name for the TLS certificate key (in PEM format) for the server certificate to use for the http services. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_INSECURE: name: OCIS_INSECURE;OCDAV_INSECURE defaultValue: "false" type: bool description: Allow insecure connections to the GATEWAY service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_JWT_SECRET: name: OCIS_JWT_SECRET;OCDAV_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_KEYCLOAK_BASE_PATH: name: OCIS_KEYCLOAK_BASE_PATH;GRAPH_KEYCLOAK_BASE_PATH defaultValue: "" type: string description: The URL to access keycloak. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_KEYCLOAK_CLIENT_ID: name: OCIS_KEYCLOAK_CLIENT_ID;GRAPH_KEYCLOAK_CLIENT_ID defaultValue: "" type: string description: The client id to authenticate with keycloak. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_KEYCLOAK_CLIENT_REALM: name: OCIS_KEYCLOAK_CLIENT_REALM;GRAPH_KEYCLOAK_CLIENT_REALM defaultValue: "" type: string description: The realm the client is defined in. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_KEYCLOAK_CLIENT_SECRET: name: OCIS_KEYCLOAK_CLIENT_SECRET;GRAPH_KEYCLOAK_CLIENT_SECRET defaultValue: "" type: string description: The client secret to use in authentication. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_KEYCLOAK_INSECURE_SKIP_VERIFY: name: OCIS_KEYCLOAK_INSECURE_SKIP_VERIFY;GRAPH_KEYCLOAK_INSECURE_SKIP_VERIFY defaultValue: "false" type: bool description: Disable TLS certificate validation for Keycloak connections. Do not set this in production environments. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_KEYCLOAK_USER_REALM: name: OCIS_KEYCLOAK_USER_REALM;GRAPH_KEYCLOAK_USER_REALM defaultValue: "" type: string description: The realm users are defined. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_BIND_DN: name: OCIS_LDAP_BIND_DN;GROUPS_LDAP_BIND_DN defaultValue: uid=reva,ou=sysusers,o=libregraph-idm type: string description: LDAP DN to use for simple bind authentication with the target LDAP server. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_BIND_PASSWORD: name: OCIS_LDAP_BIND_PASSWORD;GROUPS_LDAP_BIND_PASSWORD defaultValue: "" type: string description: Password to use for authenticating the 'bind_dn'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_CACERT: name: OCIS_LDAP_CACERT;GROUPS_LDAP_CACERT defaultValue: /var/lib/ocis/idm/ldap.crt type: string description: Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/idm. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_DISABLE_USER_MECHANISM: name: OCIS_LDAP_DISABLE_USER_MECHANISM;GRAPH_DISABLE_USER_MECHANISM defaultValue: attribute type: string description: An option to control the behavior for disabling users. Supported options are 'none', 'attribute' and 'group'. If set to 'group', disabling a user via API will add the user to the configured group for disabled users, if set to 'attribute' this will be done in the ldap user entry, if set to 'none' the disable request is not processed. Default is 'attribute'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_DISABLED_USERS_GROUP_DN: name: OCIS_LDAP_DISABLED_USERS_GROUP_DN;GRAPH_DISABLED_USERS_GROUP_DN defaultValue: cn=DisabledUsersGroup,ou=groups,o=libregraph-idm type: string description: The distinguished name of the group to which added users will be classified as disabled when 'disable_user_mechanism' is set to 'group'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_BASE_DN: name: OCIS_LDAP_GROUP_BASE_DN;GROUPS_LDAP_GROUP_BASE_DN defaultValue: ou=groups,o=libregraph-idm type: string description: Search base DN for looking up LDAP groups. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_FILTER: name: OCIS_LDAP_GROUP_FILTER;GROUPS_LDAP_GROUP_FILTER defaultValue: "" type: string description: LDAP filter to add to the default filters for group searches. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_OBJECTCLASS: name: OCIS_LDAP_GROUP_OBJECTCLASS;GROUPS_LDAP_GROUP_OBJECTCLASS defaultValue: groupOfNames type: string description: The object class to use for groups in the default group search filter ('groupOfNames'). introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME: name: OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME;GROUPS_LDAP_GROUP_SCHEMA_DISPLAYNAME defaultValue: cn type: string description: LDAP Attribute to use for the displayname of groups (often the same as groupname attribute). introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_SCHEMA_GROUPNAME: name: OCIS_LDAP_GROUP_SCHEMA_GROUPNAME;GROUPS_LDAP_GROUP_SCHEMA_GROUPNAME defaultValue: cn type: string description: LDAP Attribute to use for the name of groups. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_SCHEMA_ID: name: OCIS_LDAP_GROUP_SCHEMA_ID;GROUPS_LDAP_GROUP_SCHEMA_ID defaultValue: ownclouduuid type: string description: LDAP Attribute to use as the unique id for groups. This should be a stable globally unique ID like a UUID. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING: name: OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;GROUPS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING defaultValue: "false" type: bool description: Set this to true if the defined 'id' attribute for groups is of the 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute of Active Directory for the group ID's. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_SCHEMA_MAIL: name: OCIS_LDAP_GROUP_SCHEMA_MAIL;GROUPS_LDAP_GROUP_SCHEMA_MAIL defaultValue: mail type: string description: LDAP Attribute to use for the email address of groups (can be empty). introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_SCHEMA_MEMBER: name: OCIS_LDAP_GROUP_SCHEMA_MEMBER;GROUPS_LDAP_GROUP_SCHEMA_MEMBER defaultValue: member type: string description: LDAP Attribute that is used for group members. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_SCOPE: name: OCIS_LDAP_GROUP_SCOPE;GROUPS_LDAP_GROUP_SCOPE defaultValue: sub type: string description: LDAP search scope to use when looking up groups. Supported scopes are 'base', 'one' and 'sub'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_INSECURE: name: OCIS_LDAP_INSECURE;GROUPS_LDAP_INSECURE defaultValue: "false" type: bool description: Disable TLS certificate validation for the LDAP connections. Do not set this in production environments. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_SERVER_WRITE_ENABLED: name: OCIS_LDAP_SERVER_WRITE_ENABLED;GRAPH_LDAP_SERVER_WRITE_ENABLED defaultValue: "true" type: bool description: Allow creating, modifying and deleting LDAP users via the GRAPH API. This can only be set to 'true' when keeping default settings for the LDAP user and group attribute types (the 'OCIS_LDAP_USER_SCHEMA_* and 'OCIS_LDAP_GROUP_SCHEMA_* variables). introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_URI: name: OCIS_LDAP_URI;GROUPS_LDAP_URI defaultValue: ldaps://localhost:9235 type: string description: URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' and 'ldap://' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_BASE_DN: name: OCIS_LDAP_USER_BASE_DN;GROUPS_LDAP_USER_BASE_DN defaultValue: ou=users,o=libregraph-idm type: string description: Search base DN for looking up LDAP users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_ENABLED_ATTRIBUTE: name: OCIS_LDAP_USER_ENABLED_ATTRIBUTE;GRAPH_USER_ENABLED_ATTRIBUTE defaultValue: ownCloudUserEnabled type: string description: LDAP Attribute to use as a flag telling if the user is enabled or disabled. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_FILTER: name: OCIS_LDAP_USER_FILTER;GROUPS_LDAP_USER_FILTER defaultValue: "" type: string description: LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_OBJECTCLASS: name: OCIS_LDAP_USER_OBJECTCLASS;GROUPS_LDAP_USER_OBJECTCLASS defaultValue: inetOrgPerson type: string description: The object class to use for users in the default user search filter ('inetOrgPerson'). introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_SCHEMA_DISPLAYNAME: name: OCIS_LDAP_USER_SCHEMA_DISPLAYNAME;GROUPS_LDAP_USER_SCHEMA_DISPLAYNAME defaultValue: displayname type: string description: LDAP Attribute to use for the displayname of users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_SCHEMA_ID: name: OCIS_LDAP_USER_SCHEMA_ID;GROUPS_LDAP_USER_SCHEMA_ID defaultValue: ownclouduuid type: string description: LDAP Attribute to use as the unique id for users. This should be a stable globally unique id like a UUID. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING: name: OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;GROUPS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING defaultValue: "false" type: bool description: Set this to true if the defined 'ID' attribute for users is of the 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute of Active Directory for the user ID's. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_SCHEMA_MAIL: name: OCIS_LDAP_USER_SCHEMA_MAIL;GROUPS_LDAP_USER_SCHEMA_MAIL defaultValue: mail type: string description: LDAP Attribute to use for the email address of users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_SCHEMA_USER_TYPE: name: OCIS_LDAP_USER_SCHEMA_USER_TYPE;GRAPH_LDAP_USER_TYPE_ATTRIBUTE defaultValue: ownCloudUserType type: string description: LDAP Attribute to distinguish between 'Member' and 'Guest' users. Default is 'ownCloudUserType'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_SCHEMA_USERNAME: name: OCIS_LDAP_USER_SCHEMA_USERNAME;GROUPS_LDAP_USER_SCHEMA_USERNAME defaultValue: uid type: string description: LDAP Attribute to use for username of users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_SCOPE: name: OCIS_LDAP_USER_SCOPE;GROUPS_LDAP_USER_SCOPE defaultValue: sub type: string description: LDAP search scope to use when looking up users. Supported scopes are 'base', 'one' and 'sub'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LOG_COLOR: name: OCIS_LOG_COLOR;OCDAV_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LOG_FILE: name: OCIS_LOG_FILE;OCDAV_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LOG_LEVEL: name: OCIS_LOG_LEVEL;OCDAV_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LOG_PRETTY: name: OCIS_LOG_PRETTY;OCDAV_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_MACHINE_AUTH_API_KEY: name: OCIS_MACHINE_AUTH_API_KEY;OCDAV_MACHINE_AUTH_API_KEY defaultValue: "" type: string description: Machine auth API key used to validate internal requests necessary for the access to resources from other services. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_OIDC_CLIENT_ID: name: OCIS_OIDC_CLIENT_ID;WEB_OIDC_CLIENT_ID defaultValue: web type: string description: The OIDC client ID which ownCloud Web uses. This client needs to be set up in your IDP. Note that this setting has no effect when using the builtin IDP. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_OIDC_ISSUER: name: OCIS_URL;OCIS_OIDC_ISSUER;GROUPS_IDP_URL defaultValue: https://localhost:9200 type: string description: The identity provider value to set in the group IDs of the CS3 group objects for groups returned by this group provider. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST: name: OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST;SHARING_PASSWORD_POLICY_BANNED_PASSWORDS_LIST defaultValue: "" type: string description: Path to the 'banned passwords list' file. This only impacts public link password validation. See the documentation for more details. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_PASSWORD_POLICY_DISABLED: name: OCIS_PASSWORD_POLICY_DISABLED;SHARING_PASSWORD_POLICY_DISABLED defaultValue: "false" type: bool description: Disable the password policy. Defaults to false if not set. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_PASSWORD_POLICY_MIN_CHARACTERS: name: OCIS_PASSWORD_POLICY_MIN_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_CHARACTERS defaultValue: "8" type: int description: Define the minimum password length. Defaults to 8 if not set. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_PASSWORD_POLICY_MIN_DIGITS: name: OCIS_PASSWORD_POLICY_MIN_DIGITS;SHARING_PASSWORD_POLICY_MIN_DIGITS defaultValue: "1" type: int description: Define the minimum number of digits. Defaults to 1 if not set. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS: name: OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS defaultValue: "1" type: int description: Define the minimum number of uppercase letters. Defaults to 1 if not set. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS: name: OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS defaultValue: "1" type: int description: Define the minimum number of characters from the special characters list to be present. Defaults to 1 if not set. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS: name: OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS defaultValue: "1" type: int description: Define the minimum number of lowercase letters. Defaults to 1 if not set. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_PERSISTENT_STORE: name: OCIS_PERSISTENT_STORE;ACTIVITYLOG_STORE defaultValue: nats-js-kv type: string description: 'The type of the store. Supported values are: ''memory'', ''ocmem'', ''etcd'', ''redis'', ''redis-sentinel'', ''nats-js'', ''noop''. See the text description for details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_PERSISTENT_STORE_AUTH_PASSWORD: name: OCIS_PERSISTENT_STORE_AUTH_PASSWORD;ACTIVITYLOG_STORE_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_PERSISTENT_STORE_AUTH_USERNAME: name: OCIS_PERSISTENT_STORE_AUTH_USERNAME;ACTIVITYLOG_STORE_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_PERSISTENT_STORE_NODES: name: OCIS_PERSISTENT_STORE_NODES;ACTIVITYLOG_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. This has no effect when 'memory' or 'ocmem' stores are configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_PERSISTENT_STORE_SIZE: name: OCIS_PERSISTENT_STORE_SIZE;ACTIVITYLOG_STORE_SIZE defaultValue: "0" type: int description: The maximum quantity of items in the store. Only applies when store type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package though not explicitly set as default. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_PERSISTENT_STORE_TTL: name: OCIS_PERSISTENT_STORE_TTL;ACTIVITYLOG_STORE_TTL defaultValue: 0s type: Duration description: Time to live for events in the store. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_PUBLIC_URL: name: OCIS_URL;OCIS_PUBLIC_URL defaultValue: https://127.0.0.1:9200 type: string description: URL, where oCIS is reachable for users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_REVA_GATEWAY: name: OCIS_REVA_GATEWAY defaultValue: com.owncloud.api.gateway type: string description: The CS3 gateway endpoint. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_REVA_GATEWAY_TLS_CACERT: name: OCIS_REVA_GATEWAY_TLS_CACERT defaultValue: "" type: string description: The root CA certificate used to validate the gateway's TLS certificate. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_REVA_GATEWAY_TLS_MODE: name: OCIS_REVA_GATEWAY_TLS_MODE defaultValue: "" type: string description: 'TLS mode for grpc connection to the CS3 gateway endpoint. Possible values are ''off'', ''insecure'' and ''on''. ''off'': disables transport security for the clients. ''insecure'' allows using transport security, but disables certificate verification (to be used with the autogenerated self-signed certificates). ''on'' enables transport security, including server certificate verification.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_SERVICE_ACCOUNT_ID: name: OCIS_SERVICE_ACCOUNT_ID;GRAPH_SERVICE_ACCOUNT_ID defaultValue: "" type: string description: The ID of the service account the service should use. See the 'auth-service' service description for more details. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_SERVICE_ACCOUNT_SECRET: name: OCIS_SERVICE_ACCOUNT_SECRET;GRAPH_SERVICE_ACCOUNT_SECRET defaultValue: "" type: string description: The service account secret. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD: name: OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD;SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD defaultValue: "true" type: bool description: Set this to true if you want to enforce passwords on all public shares. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD: name: OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD;SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD defaultValue: "false" type: bool description: Set this to true if you want to enforce passwords on Uploader, Editor or Contributor shares. If not using the global OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD, you must define the FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD in the frontend service. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_SHOW_USER_EMAIL_IN_RESULTS: name: OCIS_SHOW_USER_EMAIL_IN_RESULTS defaultValue: "false" type: bool description: Mask user email addresses in responses. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_SPACES_MAX_QUOTA: name: OCIS_SPACES_MAX_QUOTA;FRONTEND_MAX_QUOTA defaultValue: "0" type: uint64 description: Set the global max quota value in bytes. A value of 0 equals unlimited. The value is provided via capabilities. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_SYSTEM_USER_API_KEY: name: OCIS_SYSTEM_USER_API_KEY;SHARING_PUBLIC_CS3_SYSTEM_USER_API_KEY defaultValue: "" type: string description: API key for the STORAGE-SYSTEM system user. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_SYSTEM_USER_ID: name: OCIS_SYSTEM_USER_ID;SHARING_PUBLIC_CS3_SYSTEM_USER_ID defaultValue: "" type: string description: ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID for the STORAGE-SYSTEM system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_SYSTEM_USER_IDP: name: OCIS_SYSTEM_USER_IDP;SHARING_PUBLIC_CS3_SYSTEM_USER_IDP defaultValue: internal type: string description: IDP of the oCIS STORAGE-SYSTEM system user. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;OCDAV_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;OCDAV_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;OCDAV_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_TRACING_TYPE: name: OCIS_TRACING_TYPE;OCDAV_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_TRANSFER_SECRET: name: OCIS_TRANSFER_SECRET defaultValue: "" type: string description: The storage transfer secret. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_TRANSLATION_PATH: name: OCIS_TRANSLATION_PATH;USERLOG_TRANSLATION_PATH defaultValue: "" type: string description: (optional) Set this to a path with custom translations to overwrite the builtin translations. Note that file and folder naming rules apply, see the documentation for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_URL: name: OCIS_URL;OCDAV_PUBLIC_URL defaultValue: https://localhost:9200 type: string description: URL where oCIS is reachable for users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_WOPI_DISABLE_CHAT: name: COLLABORATION_WOPI_DISABLE_CHAT;OCIS_WOPI_DISABLE_CHAT defaultValue: "false" type: bool description: Disable chat in the frontend. introductionVersion: '%%NEXT%%' deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_CORS_ALLOW_CREDENTIALS: name: OCIS_CORS_ALLOW_CREDENTIALS;OCM_CORS_ALLOW_CREDENTIALS defaultValue: "false" type: bool description: 'Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.' introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_CORS_ALLOW_HEADERS: name: OCIS_CORS_ALLOW_HEADERS;OCM_CORS_ALLOW_HEADERS defaultValue: '[Origin Accept Content-Type Depth Authorization Ocs-Apirequest If-None-Match If-Match Destination Overwrite X-Request-Id X-Requested-With Tus-Resumable Tus-Checksum-Algorithm Upload-Concat Upload-Length Upload-Metadata Upload-Defer-Length Upload-Expires Upload-Checksum Upload-Offset X-HTTP-Method-Override Cache-Control]' type: '[]string' description: 'A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details.' introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_CORS_ALLOW_METHODS: name: OCIS_CORS_ALLOW_METHODS;OCM_CORS_ALLOW_METHODS defaultValue: '[OPTIONS HEAD GET PUT POST DELETE MKCOL PROPFIND PROPPATCH MOVE COPY REPORT SEARCH]' type: '[]string' description: 'A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details.' introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_CORS_ALLOW_ORIGINS: name: OCIS_CORS_ALLOW_ORIGINS;OCM_CORS_ALLOW_ORIGINS defaultValue: '[https://localhost:9200]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details.' introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_DEBUG_ADDR: name: OCM_DEBUG_ADDR defaultValue: 127.0.0.1:9281 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_DEBUG_PPROF: name: OCM_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_DEBUG_TOKEN: name: OCM_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_DEBUG_ZPAGES: name: OCM_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_GRPC_ADDR: name: OCM_GRPC_ADDR defaultValue: 127.0.0.1:9282 type: string description: The bind address of the GRPC service. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_GRPC_PROTOCOL: name: OCM_GRPC_PROTOCOL defaultValue: "" type: string description: The transport protocol of the GRPC service. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_HTTP_ADDR: name: OCM_HTTP_ADDR defaultValue: 127.0.0.1:9280 type: string description: The bind address of the HTTP service. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_HTTP_PREFIX: name: OCM_HTTP_PREFIX defaultValue: "" type: string description: The path prefix where OCM can be accessed (defaults to /). introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_HTTP_PROTOCOL: name: OCM_HTTP_PROTOCOL defaultValue: tcp type: string description: The transport protocol of the HTTP service. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_LOG_COLOR: name: OCIS_LOG_COLOR;OCM_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_LOG_FILE: name: OCIS_LOG_FILE;OCM_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_LOG_LEVEL: name: OCIS_LOG_LEVEL;OCM_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_LOG_PRETTY: name: OCIS_LOG_PRETTY;OCM_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_MESH_DIRECTORY_URL: name: OCM_MESH_DIRECTORY_URL defaultValue: "" type: string description: URL of the mesh directory service. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_OCM_CORE_DRIVER: name: OCM_OCM_CORE_DRIVER defaultValue: json type: string description: Driver to be used for the OCM core. Supported value is only 'json'. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_OCM_CORE_JSON_FILE: name: OCM_OCM_CORE_JSON_FILE defaultValue: /var/lib/ocis/storage/ocm/ocmshares.json type: string description: Path to the JSON file where OCM share data will be stored. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_OCM_INVITE_MANAGER_DRIVER: name: OCM_OCM_INVITE_MANAGER_DRIVER defaultValue: json type: string description: Driver to be used to persist OCM invites. Supported value is only 'json'. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_OCM_INVITE_MANAGER_INSECURE: name: OCM_OCM_INVITE_MANAGER_INSECURE defaultValue: "false" type: bool description: Disable TLS certificate validation for the OCM connections. Do not set this in production environments. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_OCM_INVITE_MANAGER_JSON_FILE: name: OCM_OCM_INVITE_MANAGER_JSON_FILE defaultValue: /var/lib/ocis/storage/ocm/ocminvites.json type: string description: Path to the JSON file where OCM invite data will be stored. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_OCM_INVITE_MANAGER_TIMEOUT: name: OCM_OCM_INVITE_MANAGER_TIMEOUT defaultValue: 30s type: Duration description: Timeout specifies a time limit for requests made to OCM endpoints. introductionVersion: 6.0.1 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_OCM_INVITE_MANAGER_TOKEN_EXPIRATION: name: OCM_OCM_INVITE_MANAGER_TOKEN_EXPIRATION defaultValue: 24h0m0s type: Duration description: Expiry duration for invite tokens. introductionVersion: 6.0.1 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_OCM_PROVIDER_AUTHORIZER_PROVIDERS_FILE: name: OCM_OCM_PROVIDER_AUTHORIZER_PROVIDERS_FILE defaultValue: /var/lib/ocis/storage/ocm/ocmproviders.json type: string description: Path to the JSON file where ocm invite data will be stored. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_OCM_PROVIDER_AUTHORIZER_VERIFY_REQUEST_HOSTNAME: name: OCM_OCM_PROVIDER_AUTHORIZER_VERIFY_REQUEST_HOSTNAME defaultValue: "false" type: bool description: Verify the hostname of the incoming request against the hostname of the OCM provider. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_OCM_SHARE_PROVIDER_DRIVER: name: OCM_OCM_SHARE_PROVIDER_DRIVER defaultValue: json type: string description: Driver to be used for the OCM share provider. Supported value is only 'json'. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_OCM_SHARE_PROVIDER_INSECURE: name: OCM_OCM_SHARE_PROVIDER_INSECURE defaultValue: "false" type: bool description: Disable TLS certificate validation for the OCM connections. Do not set this in production environments. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_OCM_SHAREPROVIDER_JSON_FILE: name: OCM_OCM_SHAREPROVIDER_JSON_FILE defaultValue: /var/lib/ocis/storage/ocm/ocmshares.json type: string description: Path to the JSON file where OCM share data will be stored. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_OCM_STORAGE_PROVIDER_INSECURE: name: OCM_OCM_STORAGE_PROVIDER_INSECURE defaultValue: "false" type: bool description: Disable TLS certificate validation for the OCM connections. Do not set this in production environments. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_OCM_STORAGE_PROVIDER_STORAGE_ROOT: name: OCM_OCM_STORAGE_PROVIDER_STORAGE_ROOT defaultValue: /var/lib/ocis/storage/ocm type: string description: Directory where the ocm storage provider persists its data like tus upload info files. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_OCMD_EXPOSE_RECIPIENT_DISPLAY_NAME: name: OCM_OCMD_EXPOSE_RECIPIENT_DISPLAY_NAME defaultValue: "false" type: bool description: Expose the display name of OCM share recipients. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_OCMD_PREFIX: name: OCM_OCMD_PREFIX defaultValue: ocm type: string description: URL path prefix for the OCMD service. Note that the string must not start with '/'. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_SCIENCEMESH_PREFIX: name: OCM_SCIENCEMESH_PREFIX defaultValue: sciencemesh type: string description: URL path prefix for the ScienceMesh service. Note that the string must not start with '/'. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_SERVICE_ACCOUNT_ID: name: OCIS_SERVICE_ACCOUNT_ID;OCM_SERVICE_ACCOUNT_ID defaultValue: "" type: string description: The ID of the service account the service should use. See the 'auth-service' service description for more details. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_SERVICE_ACCOUNT_SECRET: name: OCIS_SERVICE_ACCOUNT_SECRET;OCM_SERVICE_ACCOUNT_SECRET defaultValue: "" type: string description: The service account secret. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;OCM_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;OCM_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;OCM_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_TRACING_TYPE: name: OCIS_TRACING_TYPE;OCM_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCM_WEBAPP_TEMPLATE: name: OCM_WEBAPP_TEMPLATE defaultValue: "" type: string description: Template for the webapp url. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCS_CORS_ALLOW_CREDENTIALS: name: OCIS_CORS_ALLOW_CREDENTIALS;OCS_CORS_ALLOW_CREDENTIALS defaultValue: "true" type: bool description: 'Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCS_CORS_ALLOW_HEADERS: name: OCIS_CORS_ALLOW_HEADERS;OCS_CORS_ALLOW_HEADERS defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id Cache-Control]' type: '[]string' description: 'A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCS_CORS_ALLOW_METHODS: name: OCIS_CORS_ALLOW_METHODS;OCS_CORS_ALLOW_METHODS defaultValue: '[GET POST PUT PATCH DELETE OPTIONS]' type: '[]string' description: 'A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCS_CORS_ALLOW_ORIGINS: name: OCIS_CORS_ALLOW_ORIGINS;OCS_CORS_ALLOW_ORIGINS defaultValue: '[*]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCS_DEBUG_ADDR: name: OCS_DEBUG_ADDR defaultValue: 127.0.0.1:9114 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCS_DEBUG_PPROF: name: OCS_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCS_DEBUG_TOKEN: name: OCS_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCS_DEBUG_ZPAGES: name: OCS_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCS_EVENTS_TLS_ROOT_CA_CERTIFICATE: name: FRONTEND_EVENTS_TLS_ROOT_CA_CERTIFICATE;OCS_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCS_HTTP_ADDR: name: OCS_HTTP_ADDR defaultValue: 127.0.0.1:9110 type: string description: The bind address of the HTTP service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCS_HTTP_ROOT: name: OCS_HTTP_ROOT defaultValue: /ocs type: string description: Subdirectory that serves as the root for this HTTP service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCS_JWT_SECRET: name: OCIS_JWT_SECRET;OCS_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCS_LOG_COLOR: name: OCIS_LOG_COLOR;OCS_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCS_LOG_FILE: name: OCIS_LOG_FILE;OCS_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCS_LOG_LEVEL: name: OCIS_LOG_LEVEL;OCS_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCS_LOG_PRETTY: name: OCIS_LOG_PRETTY;OCS_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCS_PRESIGNEDURL_SIGNING_KEYS_STORE: name: OCIS_CACHE_STORE;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE defaultValue: nats-js-kv type: string description: 'The type of the signing key store. Supported values are: ''redis-sentinel'' and ''nats-js-kv''. See the text description for details.' introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_PASSWORD: name: OCIS_CACHE_AUTH_PASSWORD;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_USERNAME: name: OCIS_CACHE_AUTH_USERNAME;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES: name: OCIS_CACHE_STORE_NODES;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_TTL: name: OCIS_CACHE_TTL;OCS_PRESIGNEDURL_SIGNING_KEYS_STORE_TTL defaultValue: 12h0m0s type: Duration description: Default time to live for signing keys. See the Environment Variable Types description for more details. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCS_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;OCS_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCS_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;OCS_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCS_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;OCS_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCS_TRACING_TYPE: name: OCIS_TRACING_TYPE;OCS_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POLICIES_DEBUG_ADDR: name: POLICIES_DEBUG_ADDR defaultValue: 127.0.0.1:9129 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POLICIES_DEBUG_PPROF: name: POLICIES_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POLICIES_DEBUG_TOKEN: name: POLICIES_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POLICIES_DEBUG_ZPAGES: name: POLICIES_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POLICIES_ENGINE_MIMES: name: POLICIES_ENGINE_MIMES defaultValue: "" type: string description: Sets the mimes file path which maps mimetypes to associated file extensions. See the text description for details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POLICIES_ENGINE_TIMEOUT: name: POLICIES_ENGINE_TIMEOUT defaultValue: 10s type: Duration description: Sets the timeout the rego expression evaluation can take. Rules default to deny if the timeout was reached. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POLICIES_EVENTS_AUTH_PASSWORD: name: OCIS_EVENTS_AUTH_PASSWORD;POLICIES_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" POLICIES_EVENTS_AUTH_USERNAME: name: OCIS_EVENTS_AUTH_USERNAME;POLICIES_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" POLICIES_EVENTS_CLUSTER: name: OCIS_EVENTS_CLUSTER;POLICIES_EVENTS_CLUSTER defaultValue: ocis-cluster type: string description: The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POLICIES_EVENTS_ENABLE_TLS: name: OCIS_EVENTS_ENABLE_TLS;POLICIES_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POLICIES_EVENTS_ENDPOINT: name: OCIS_EVENTS_ENDPOINT;POLICIES_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POLICIES_EVENTS_TLS_INSECURE: name: OCIS_INSECURE;POLICIES_EVENTS_TLS_INSECURE defaultValue: "false" type: bool description: Whether the server should skip the client certificate verification during the TLS handshake. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POLICIES_EVENTS_TLS_ROOT_CA_CERTIFICATE: name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;POLICIES_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. If provided POLICIES_EVENTS_TLS_INSECURE will be seen as false. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POLICIES_GRPC_ADDR: name: POLICIES_GRPC_ADDR defaultValue: 127.0.0.1:9125 type: string description: The bind address of the GRPC service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POLICIES_LOG_COLOR: name: OCIS_LOG_COLOR;POLICIES_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POLICIES_LOG_FILE: name: OCIS_LOG_FILE;POLICIES_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POLICIES_LOG_LEVEL: name: OCIS_LOG_LEVEL;POLICIES_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POLICIES_LOG_PRETTY: name: OCIS_LOG_PRETTY;POLICIES_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POLICIES_POSTPROCESSING_QUERY: name: POLICIES_POSTPROCESSING_QUERY defaultValue: "" type: string description: Defines the 'Complete Rules' variable defined in the rego rule set this step uses for its evaluation. Defaults to deny if the variable was not found. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POLICIES_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;POLICIES_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" POLICIES_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;POLICIES_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" POLICIES_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;POLICIES_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" POLICIES_TRACING_TYPE: name: OCIS_TRACING_TYPE;POLICIES_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" POSTPROCESSING_DEBUG_ADDR: name: POSTPROCESSING_DEBUG_ADDR defaultValue: 127.0.0.1:9255 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POSTPROCESSING_DEBUG_PPROF: name: POSTPROCESSING_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POSTPROCESSING_DEBUG_TOKEN: name: POSTPROCESSING_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POSTPROCESSING_DEBUG_ZPAGES: name: POSTPROCESSING_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POSTPROCESSING_DELAY: name: POSTPROCESSING_DELAY defaultValue: 0s type: Duration description: After uploading a file but before making it available for download, a delay step can be added. Intended for developing purposes only. If a duration is set but the keyword 'delay' is not explicitely added to 'POSTPROCESSING_STEPS', the delay step will be processed as last step. In such a case, a log entry will be written on service startup to remind the admin about that situation. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POSTPROCESSING_EVENTS_AUTH_PASSWORD: name: OCIS_EVENTS_AUTH_PASSWORD;POSTPROCESSING_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" POSTPROCESSING_EVENTS_AUTH_USERNAME: name: OCIS_EVENTS_AUTH_USERNAME;POSTPROCESSING_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" POSTPROCESSING_EVENTS_CLUSTER: name: OCIS_EVENTS_CLUSTER;POSTPROCESSING_EVENTS_CLUSTER defaultValue: ocis-cluster type: string description: The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POSTPROCESSING_EVENTS_ENABLE_TLS: name: OCIS_EVENTS_ENABLE_TLS;POSTPROCESSING_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POSTPROCESSING_EVENTS_ENDPOINT: name: OCIS_EVENTS_ENDPOINT;POSTPROCESSING_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POSTPROCESSING_EVENTS_TLS_INSECURE: name: OCIS_INSECURE;POSTPROCESSING_EVENTS_TLS_INSECURE defaultValue: "false" type: bool description: Whether the ocis server should skip the client certificate verification during the TLS handshake. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POSTPROCESSING_EVENTS_TLS_ROOT_CA_CERTIFICATE: name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;POSTPROCESSING_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. If provided POSTPROCESSING_EVENTS_TLS_INSECURE will be seen as false. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POSTPROCESSING_LOG_COLOR: name: OCIS_LOG_COLOR;POSTPROCESSING_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POSTPROCESSING_LOG_FILE: name: OCIS_LOG_FILE;POSTPROCESSING_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POSTPROCESSING_LOG_LEVEL: name: OCIS_LOG_LEVEL;POSTPROCESSING_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POSTPROCESSING_LOG_PRETTY: name: OCIS_LOG_PRETTY;POSTPROCESSING_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POSTPROCESSING_MAX_RETRIES: name: POSTPROCESSING_MAX_RETRIES defaultValue: "14" type: int description: The maximum number of retries for a failed postprocessing step. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" POSTPROCESSING_RETRY_BACKOFF_DURATION: name: POSTPROCESSING_RETRY_BACKOFF_DURATION defaultValue: 5s type: Duration description: The base for the exponential backoff duration before retrying a failed postprocessing step. See the Environment Variable Types description for more details. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" POSTPROCESSING_STEPS: name: POSTPROCESSING_STEPS defaultValue: '[]' type: '[]string' description: 'A list of postprocessing steps processed in order of their appearance. Currently supported values by the system are: ''virusscan'', ''policies'' and ''delay''. Custom steps are allowed. See the documentation for instructions. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POSTPROCESSING_STORE: name: OCIS_PERSISTENT_STORE;POSTPROCESSING_STORE defaultValue: nats-js-kv type: string description: 'The type of the store. Supported values are: ''memory'', ''ocmem'', ''etcd'', ''redis'', ''redis-sentinel'', ''nats-js'', ''noop''. See the text description for details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POSTPROCESSING_STORE_AUTH_PASSWORD: name: OCIS_PERSISTENT_STORE_AUTH_PASSWORD;POSTPROCESSING_STORE_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" POSTPROCESSING_STORE_AUTH_USERNAME: name: OCIS_PERSISTENT_STORE_AUTH_USERNAME;POSTPROCESSING_STORE_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" POSTPROCESSING_STORE_DATABASE: name: POSTPROCESSING_STORE_DATABASE defaultValue: postprocessing type: string description: The database name the configured store should use. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POSTPROCESSING_STORE_NODES: name: OCIS_PERSISTENT_STORE_NODES;POSTPROCESSING_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. This has no effect when 'memory' or 'ocmem' stores are configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POSTPROCESSING_STORE_SIZE: name: OCIS_PERSISTENT_STORE_SIZE;POSTPROCESSING_STORE_SIZE defaultValue: "0" type: int description: The maximum quantity of items in the store. Only applies when store type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package though not exclicitly set as default. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POSTPROCESSING_STORE_TABLE: name: POSTPROCESSING_STORE_TABLE defaultValue: "" type: string description: The database table the store should use. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POSTPROCESSING_STORE_TTL: name: OCIS_PERSISTENT_STORE_TTL;POSTPROCESSING_STORE_TTL defaultValue: 0s type: Duration description: Time to live for events in the store. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POSTPROCESSING_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;POSTPROCESSING_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" POSTPROCESSING_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;POSTPROCESSING_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" POSTPROCESSING_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;POSTPROCESSING_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" POSTPROCESSING_TRACING_TYPE: name: OCIS_TRACING_TYPE;POSTPROCESSING_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_ACCOUNT_BACKEND_TYPE: name: PROXY_ACCOUNT_BACKEND_TYPE defaultValue: cs3 type: string description: Account backend the PROXY service should use. Currently only 'cs3' is possible here. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_AUTOPROVISION_ACCOUNTS: name: PROXY_AUTOPROVISION_ACCOUNTS defaultValue: "false" type: bool description: Set this to 'true' to automatically provision users that do not yet exist in the users service on-demand upon first sign-in. To use this a write-enabled libregraph user backend needs to be setup an running. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_AUTOPROVISION_CLAIM_DISPLAYNAME: name: PROXY_AUTOPROVISION_CLAIM_DISPLAYNAME defaultValue: name type: string description: The name of the OIDC claim that holds the display name. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_AUTOPROVISION_CLAIM_EMAIL: name: PROXY_AUTOPROVISION_CLAIM_EMAIL defaultValue: email type: string description: The name of the OIDC claim that holds the email. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_AUTOPROVISION_CLAIM_GROUPS: name: PROXY_AUTOPROVISION_CLAIM_GROUPS defaultValue: groups type: string description: The name of the OIDC claim that holds the groups. introductionVersion: 6.1.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_AUTOPROVISION_CLAIM_USERNAME: name: PROXY_AUTOPROVISION_CLAIM_USERNAME defaultValue: preferred_username type: string description: The name of the OIDC claim that holds the username. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_CSP_CONFIG_FILE_LOCATION: name: PROXY_CSP_CONFIG_FILE_LOCATION defaultValue: "" type: string description: The location of the CSP configuration file. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_DEBUG_ADDR: name: PROXY_DEBUG_ADDR defaultValue: 127.0.0.1:9205 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_DEBUG_PPROF: name: PROXY_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_DEBUG_TOKEN: name: PROXY_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_DEBUG_ZPAGES: name: PROXY_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_ENABLE_BASIC_AUTH: name: PROXY_ENABLE_BASIC_AUTH defaultValue: "false" type: bool description: Set this to true to enable 'basic authentication' (username/password). introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_ENABLE_PRESIGNEDURLS: name: PROXY_ENABLE_PRESIGNEDURLS defaultValue: "true" type: bool description: Allow OCS to get a signing key to sign requests. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_EVENTS_AUTH_PASSWORD: name: OCIS_EVENTS_AUTH_PASSWORD;PROXY_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: '%%NEXT%%' deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_EVENTS_AUTH_USERNAME: name: OCIS_EVENTS_AUTH_USERNAME;PROXY_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: '%%NEXT%%' deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_EVENTS_CLUSTER: name: OCIS_EVENTS_CLUSTER;PROXY_EVENTS_CLUSTER defaultValue: ocis-cluster type: string description: The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. introductionVersion: '%%NEXT%%' deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_EVENTS_ENABLE_TLS: name: OCIS_EVENTS_ENABLE_TLS;PROXY_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: '%%NEXT%%' deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_EVENTS_ENDPOINT: name: OCIS_EVENTS_ENDPOINT;PROXY_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Set to a empty string to disable emitting events. introductionVersion: '%%NEXT%%' deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_EVENTS_TLS_INSECURE: name: OCIS_INSECURE;PROXY_EVENTS_TLS_INSECURE defaultValue: "false" type: bool description: Whether to verify the server TLS certificates. introductionVersion: '%%NEXT%%' deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_EVENTS_TLS_ROOT_CA_CERTIFICATE: name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;PROXY_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. If provided PROXY_EVENTS_TLS_INSECURE will be seen as false. introductionVersion: '%%NEXT%%' deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_HTTP_ADDR: name: PROXY_HTTP_ADDR defaultValue: 0.0.0.0:9200 type: string description: The bind address of the HTTP service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_HTTP_ROOT: name: PROXY_HTTP_ROOT defaultValue: / type: string description: Subdirectory that serves as the root for this HTTP service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_HTTPS_CACERT: name: PROXY_HTTPS_CACERT defaultValue: "" type: string description: Path/File for the root CA certificate used to validate the server’s TLS certificate for https enabled backend services. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_INSECURE_BACKENDS: name: PROXY_INSECURE_BACKENDS defaultValue: "false" type: bool description: Disable TLS certificate validation for all HTTP backend connections. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_LOG_COLOR: name: OCIS_LOG_COLOR;PROXY_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_LOG_FILE: name: OCIS_LOG_FILE;PROXY_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_LOG_LEVEL: name: OCIS_LOG_LEVEL;PROXY_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_LOG_PRETTY: name: OCIS_LOG_PRETTY;PROXY_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_MACHINE_AUTH_API_KEY: name: OCIS_MACHINE_AUTH_API_KEY;PROXY_MACHINE_AUTH_API_KEY defaultValue: "" type: string description: Machine auth API key used to validate internal requests necessary to access resources from other services. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_OIDC_ACCESS_TOKEN_VERIFY_METHOD: name: PROXY_OIDC_ACCESS_TOKEN_VERIFY_METHOD defaultValue: jwt type: string description: Sets how OIDC access tokens should be verified. Possible values are 'none' and 'jwt'. When using 'none', no special validation apart from using it for accessing the IPD's userinfo endpoint will be done. When using 'jwt', it tries to parse the access token as a jwt token and verifies the signature using the keys published on the IDP's 'jwks_uri'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_OIDC_INSECURE: name: OCIS_INSECURE;PROXY_OIDC_INSECURE defaultValue: "false" type: bool description: Disable TLS certificate validation for connections to the IDP. Note that this is not recommended for production environments. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_OIDC_ISSUER: name: OCIS_URL;OCIS_OIDC_ISSUER;PROXY_OIDC_ISSUER defaultValue: https://localhost:9200 type: string description: URL of the OIDC issuer. It defaults to URL of the builtin IDP. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_OIDC_JWKS_REFRESH_INTERVAL: name: PROXY_OIDC_JWKS_REFRESH_INTERVAL defaultValue: "60" type: uint64 description: The interval for refreshing the JWKS (JSON Web Key Set) in minutes in the background via a new HTTP request to the IDP. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_OIDC_JWKS_REFRESH_RATE_LIMIT: name: PROXY_OIDC_JWKS_REFRESH_RATE_LIMIT defaultValue: "60" type: uint64 description: Limits the rate in seconds at which refresh requests are performed for unknown keys. This is used to prevent malicious clients from imposing high network load on the IDP via ocis. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_OIDC_JWKS_REFRESH_TIMEOUT: name: PROXY_OIDC_JWKS_REFRESH_TIMEOUT defaultValue: "10" type: uint64 description: The timeout in seconds for an outgoing JWKS request. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_OIDC_JWKS_REFRESH_UNKNOWN_KID: name: PROXY_OIDC_JWKS_REFRESH_UNKNOWN_KID defaultValue: "true" type: bool description: If set to 'true', the JWKS refresh request will occur every time an unknown KEY ID (KID) is seen. Always set a 'refresh_limit' when enabling this. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_OIDC_REWRITE_WELLKNOWN: name: PROXY_OIDC_REWRITE_WELLKNOWN defaultValue: "false" type: bool description: Enables rewriting the /.well-known/openid-configuration to the configured OIDC issuer. Needed by the Desktop Client, Android Client and iOS Client to discover the OIDC provider. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_OIDC_SKIP_USER_INFO: name: PROXY_OIDC_SKIP_USER_INFO defaultValue: "false" type: bool description: Do not look up user claims at the userinfo endpoint and directly read them from the access token. Incompatible with 'PROXY_OIDC_ACCESS_TOKEN_VERIFY_METHOD=none'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_OIDC_USERINFO_CACHE_AUTH_PASSWORD: name: OCIS_CACHE_AUTH_PASSWORD;PROXY_OIDC_USERINFO_CACHE_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_OIDC_USERINFO_CACHE_AUTH_USERNAME: name: OCIS_CACHE_AUTH_USERNAME;PROXY_OIDC_USERINFO_CACHE_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_OIDC_USERINFO_CACHE_DISABLE_PERSISTENCE: name: OCIS_CACHE_DISABLE_PERSISTENCE;PROXY_OIDC_USERINFO_CACHE_DISABLE_PERSISTENCE defaultValue: "false" type: bool description: Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_OIDC_USERINFO_CACHE_SIZE: name: OCIS_CACHE_SIZE;PROXY_OIDC_USERINFO_CACHE_SIZE defaultValue: "0" type: int description: The maximum quantity of items in the user info cache. Only applies when store type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package though not explicitly set as default. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_OIDC_USERINFO_CACHE_STORE: name: OCIS_CACHE_STORE;PROXY_OIDC_USERINFO_CACHE_STORE defaultValue: memory type: string description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'', ''nats-js-kv'', ''noop''. See the text description for details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_OIDC_USERINFO_CACHE_STORE_NODES: name: OCIS_CACHE_STORE_NODES;PROXY_OIDC_USERINFO_CACHE_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. This has no effect when 'memory' or 'ocmem' stores are configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_OIDC_USERINFO_CACHE_TABLE: name: PROXY_OIDC_USERINFO_CACHE_TABLE defaultValue: "" type: string description: The database table the store should use. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_OIDC_USERINFO_CACHE_TTL: name: OCIS_CACHE_TTL;PROXY_OIDC_USERINFO_CACHE_TTL defaultValue: 10s type: Duration description: Default time to live for user info in the user info cache. Only applied when access tokens has no expiration. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_POLICIES_QUERY: name: PROXY_POLICIES_QUERY defaultValue: "" type: string description: Defines the 'Complete Rules' variable defined in the rego rule set this step uses for its evaluation. Rules default to deny if the variable was not found. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE: name: OCIS_CACHE_STORE;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE defaultValue: nats-js-kv type: string description: 'The type of the signing key store. Supported values are: ''redis-sentinel'', ''nats-js-kv'' and ''ocisstoreservice'' (deprecated). See the text description for details.' introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_PASSWORD: name: OCIS_CACHE_AUTH_PASSWORD;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_USERNAME: name: OCIS_CACHE_AUTH_USERNAME;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_DISABLE_PERSISTENCE: name: OCIS_CACHE_DISABLE_PERSISTENCE;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_DISABLE_PERSISTENCE defaultValue: "true" type: bool description: Disables persistence of the store. Only applies when store type 'nats-js-kv' is configured. Defaults to true. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES: name: OCIS_CACHE_STORE_NODES;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_TTL: name: OCIS_CACHE_TTL;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_TTL defaultValue: 12h0m0s type: Duration description: Default time to live for signing keys. See the Environment Variable Types description for more details. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_ROLE_ASSIGNMENT_DRIVER: name: PROXY_ROLE_ASSIGNMENT_DRIVER defaultValue: default type: string description: 'The mechanism that should be used to assign roles to user upon login. Supported values: ''default'' or ''oidc''. ''default'' will assign the role ''user'' to users which don''t have a role assigned at the time they login. ''oidc'' will assign the role based on the value of a claim (configured via PROXY_ROLE_ASSIGNMENT_OIDC_CLAIM) from the users OIDC claims.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_ROLE_ASSIGNMENT_OIDC_CLAIM: name: PROXY_ROLE_ASSIGNMENT_OIDC_CLAIM defaultValue: roles type: string description: The OIDC claim used to create the users role assignment. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_SERVICE_ACCOUNT_ID: name: OCIS_SERVICE_ACCOUNT_ID;PROXY_SERVICE_ACCOUNT_ID defaultValue: "" type: string description: The ID of the service account the service should use. See the 'auth-service' service description for more details. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_SERVICE_ACCOUNT_SECRET: name: OCIS_SERVICE_ACCOUNT_SECRET;PROXY_SERVICE_ACCOUNT_SECRET defaultValue: "" type: string description: The service account secret. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_TLS: name: PROXY_TLS defaultValue: "true" type: bool description: Enable/Disable HTTPS for external HTTP services. Must be set to 'true' if the built-in IDP service an no reverse proxy is used. See the text description for details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;PROXY_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;PROXY_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;PROXY_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_TRACING_TYPE: name: OCIS_TRACING_TYPE;PROXY_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_TRANSPORT_TLS_CERT: name: PROXY_TRANSPORT_TLS_CERT defaultValue: /var/lib/ocis/proxy/server.crt type: string description: Path/File name of the TLS server certificate (in PEM format) for the external http services. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/proxy. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_TRANSPORT_TLS_KEY: name: PROXY_TRANSPORT_TLS_KEY defaultValue: /var/lib/ocis/proxy/server.key type: string description: Path/File name for the TLS certificate key (in PEM format) for the server certificate to use for the external http services. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/proxy. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_USER_CS3_CLAIM: name: PROXY_USER_CS3_CLAIM defaultValue: username type: string description: The name of a CS3 user attribute (claim) that should be mapped to the 'user_oidc_claim'. Supported values are 'username', 'mail' and 'userid'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" PROXY_USER_OIDC_CLAIM: name: PROXY_USER_OIDC_CLAIM defaultValue: preferred_username type: string description: The name of an OpenID Connect claim that is used for resolving users with the account backend. The value of the claim must hold a per user unique, stable and non re-assignable identifier. The availability of claims depends on your Identity Provider. There are common claims available for most Identity providers like 'email' or 'preferred_username' but you can also add your own claim. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SEARCH_CONTENT_EXTRACTION_SIZE_LIMIT: name: SEARCH_CONTENT_EXTRACTION_SIZE_LIMIT defaultValue: "20971520" type: uint64 description: Maximum file size in bytes that is allowed for content extraction. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SEARCH_DEBUG_ADDR: name: SEARCH_DEBUG_ADDR defaultValue: 127.0.0.1:9224 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SEARCH_DEBUG_PPROF: name: SEARCH_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SEARCH_DEBUG_TOKEN: name: SEARCH_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SEARCH_DEBUG_ZPAGES: name: SEARCH_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SEARCH_ENGINE_BLEVE_DATA_PATH: name: SEARCH_ENGINE_BLEVE_DATA_PATH defaultValue: /var/lib/ocis/search type: string description: The directory where the filesystem will store search data. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/search. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SEARCH_ENGINE_TYPE: name: SEARCH_ENGINE_TYPE defaultValue: bleve type: string description: 'Defines which search engine to use. Defaults to ''bleve''. Supported values are: ''bleve''.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SEARCH_EVENTS_ASYNC_UPLOADS: name: OCIS_ASYNC_UPLOADS;SEARCH_EVENTS_ASYNC_UPLOADS defaultValue: "true" type: bool description: Enable asynchronous file uploads. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SEARCH_EVENTS_AUTH_PASSWORD: name: OCIS_EVENTS_AUTH_PASSWORD;SEARCH_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SEARCH_EVENTS_AUTH_USERNAME: name: OCIS_EVENTS_AUTH_USERNAME;SEARCH_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SEARCH_EVENTS_CLUSTER: name: OCIS_EVENTS_CLUSTER;SEARCH_EVENTS_CLUSTER defaultValue: ocis-cluster type: string description: The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SEARCH_EVENTS_ENABLE_TLS: name: OCIS_EVENTS_ENABLE_TLS;SEARCH_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SEARCH_EVENTS_ENDPOINT: name: OCIS_EVENTS_ENDPOINT;SEARCH_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SEARCH_EVENTS_NUM_CONSUMERS: name: SEARCH_EVENTS_NUM_CONSUMERS defaultValue: "0" type: int description: The amount of concurrent event consumers to start. Event consumers are used for searching files. Multiple consumers increase parallelisation, but will also increase CPU and memory demands. The default value is 0. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SEARCH_EVENTS_REINDEX_DEBOUNCE_DURATION: name: SEARCH_EVENTS_REINDEX_DEBOUNCE_DURATION defaultValue: "1000" type: int description: The duration in milliseconds the reindex debouncer waits before triggering a reindex of a space that was modified. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SEARCH_EVENTS_TLS_INSECURE: name: OCIS_INSECURE;SEARCH_EVENTS_TLS_INSECURE defaultValue: "false" type: bool description: Whether to verify the server TLS certificates. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SEARCH_EVENTS_TLS_ROOT_CA_CERTIFICATE: name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;SEARCH_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. If provided SEARCH_EVENTS_TLS_INSECURE will be seen as false. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SEARCH_EXTRACTOR_CS3SOURCE_INSECURE: name: OCIS_INSECURE;SEARCH_EXTRACTOR_CS3SOURCE_INSECURE defaultValue: "false" type: bool description: Ignore untrusted SSL certificates when connecting to the CS3 source. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SEARCH_EXTRACTOR_TIKA_CLEAN_STOP_WORDS: name: SEARCH_EXTRACTOR_TIKA_CLEAN_STOP_WORDS defaultValue: "true" type: bool description: Defines if stop words should be cleaned or not. See the documentation for more details. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SEARCH_EXTRACTOR_TIKA_TIKA_URL: name: SEARCH_EXTRACTOR_TIKA_TIKA_URL defaultValue: http://127.0.0.1:9998 type: string description: URL of the tika server. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SEARCH_EXTRACTOR_TYPE: name: SEARCH_EXTRACTOR_TYPE defaultValue: basic type: string description: 'Defines the content extraction engine. Defaults to ''basic''. Supported values are: ''basic'' and ''tika''.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SEARCH_GRPC_ADDR: name: SEARCH_GRPC_ADDR defaultValue: 127.0.0.1:9220 type: string description: The bind address of the GRPC service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SEARCH_JWT_SECRET: name: OCIS_JWT_SECRET;SEARCH_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SEARCH_LOG_COLOR: name: OCIS_LOG_COLOR;SEARCH_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SEARCH_LOG_FILE: name: OCIS_LOG_FILE;SEARCH_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SEARCH_LOG_LEVEL: name: OCIS_LOG_LEVEL;SEARCH_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SEARCH_LOG_PRETTY: name: OCIS_LOG_PRETTY;SEARCH_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SEARCH_SERVICE_ACCOUNT_ID: name: OCIS_SERVICE_ACCOUNT_ID;SEARCH_SERVICE_ACCOUNT_ID defaultValue: "" type: string description: The ID of the service account the service should use. See the 'auth-service' service description for more details. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SEARCH_SERVICE_ACCOUNT_SECRET: name: OCIS_SERVICE_ACCOUNT_SECRET;SEARCH_SERVICE_ACCOUNT_SECRET defaultValue: "" type: string description: The service account secret. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SEARCH_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;SEARCH_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SEARCH_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;SEARCH_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SEARCH_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;SEARCH_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SEARCH_TRACING_TYPE: name: OCIS_TRACING_TYPE;SEARCH_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SETTINGS_ADMIN_USER_ID: name: OCIS_ADMIN_USER_ID;SETTINGS_ADMIN_USER_ID defaultValue: "" type: string description: ID of the user that should receive admin privileges. Consider that the UUID can be encoded in some LDAP deployment configurations like in .ldif files. These need to be decoded beforehand. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SETTINGS_BUNDLES_PATH: name: SETTINGS_BUNDLES_PATH defaultValue: "" type: string description: The path to a JSON file with a list of bundles. If not defined, the default bundles will be loaded. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SETTINGS_CACHE_AUTH_PASSWORD: name: OCIS_CACHE_AUTH_PASSWORD;SETTINGS_CACHE_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SETTINGS_CACHE_AUTH_USERNAME: name: OCIS_CACHE_AUTH_USERNAME;SETTINGS_CACHE_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the cache. Only applies when store type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SETTINGS_CACHE_DISABLE_PERSISTENCE: name: OCIS_CACHE_DISABLE_PERSISTENCE;SETTINGS_CACHE_DISABLE_PERSISTENCE defaultValue: "false" type: bool description: Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SETTINGS_CACHE_SIZE: name: OCIS_CACHE_SIZE;SETTINGS_CACHE_SIZE defaultValue: "0" type: int description: The maximum quantity of items in the cache. Only applies when store type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package though not exclicitly set as default. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SETTINGS_CACHE_STORE: name: OCIS_CACHE_STORE;SETTINGS_CACHE_STORE defaultValue: memory type: string description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'', ''nats-js-kv'', ''noop''. See the text description for details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SETTINGS_CACHE_STORE_NODES: name: OCIS_CACHE_STORE_NODES;SETTINGS_CACHE_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. This has no effect when 'memory' or 'ocmem' stores are configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SETTINGS_CACHE_TTL: name: OCIS_CACHE_TTL;SETTINGS_CACHE_TTL defaultValue: 10m0s type: Duration description: Default time to live for entries in the cache. Only applied when access tokens has no expiration. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SETTINGS_CORS_ALLOW_CREDENTIALS: name: OCIS_CORS_ALLOW_CREDENTIALS;SETTINGS_CORS_ALLOW_CREDENTIALS defaultValue: "true" type: bool description: 'Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SETTINGS_CORS_ALLOW_HEADERS: name: OCIS_CORS_ALLOW_HEADERS;SETTINGS_CORS_ALLOW_HEADERS defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id]' type: '[]string' description: 'A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SETTINGS_CORS_ALLOW_METHODS: name: OCIS_CORS_ALLOW_METHODS;SETTINGS_CORS_ALLOW_METHODS defaultValue: '[GET POST PUT PATCH DELETE OPTIONS]' type: '[]string' description: 'A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SETTINGS_CORS_ALLOW_ORIGINS: name: OCIS_CORS_ALLOW_ORIGINS;SETTINGS_CORS_ALLOW_ORIGINS defaultValue: '[*]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SETTINGS_DATA_PATH: name: SETTINGS_DATA_PATH defaultValue: /var/lib/ocis/settings type: string description: The directory where the filesystem storage will store ocis settings. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/settings. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SETTINGS_DEBUG_ADDR: name: SETTINGS_DEBUG_ADDR defaultValue: 127.0.0.1:9194 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SETTINGS_DEBUG_PPROF: name: SETTINGS_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SETTINGS_DEBUG_TOKEN: name: SETTINGS_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SETTINGS_DEBUG_ZPAGES: name: SETTINGS_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SETTINGS_DIRECTORY_CACHE_TABLE: name: SETTINGS_DIRECTORY_CACHE_TABLE defaultValue: settings_dirs type: string description: The database table the store should use for the directory cache. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SETTINGS_FILE_CACHE_TABLE: name: SETTINGS_FILE_CACHE_TABLE defaultValue: settings_files type: string description: The database table the store should use for the file cache. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SETTINGS_GRPC_ADDR: name: SETTINGS_GRPC_ADDR defaultValue: 127.0.0.1:9191 type: string description: The bind address of the GRPC service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SETTINGS_HTTP_ADDR: name: SETTINGS_HTTP_ADDR defaultValue: 127.0.0.1:9190 type: string description: The bind address of the HTTP service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SETTINGS_HTTP_ROOT: name: SETTINGS_HTTP_ROOT defaultValue: / type: string description: Subdirectory that serves as the root for this HTTP service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SETTINGS_JWT_SECRET: name: OCIS_JWT_SECRET;SETTINGS_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SETTINGS_LOG_COLOR: name: OCIS_LOG_COLOR;SETTINGS_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SETTINGS_LOG_FILE: name: OCIS_LOG_FILE;SETTINGS_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SETTINGS_LOG_LEVEL: name: OCIS_LOG_LEVEL;SETTINGS_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SETTINGS_LOG_PRETTY: name: OCIS_LOG_PRETTY;SETTINGS_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SETTINGS_SERVICE_ACCOUNT_IDS: name: SETTINGS_SERVICE_ACCOUNT_IDS;OCIS_SERVICE_ACCOUNT_ID defaultValue: '[service-user-id]' type: '[]string' description: 'The list of all service account IDs. These will be assigned the hidden ''service-account'' role. Note: When using ''OCIS_SERVICE_ACCOUNT_ID'' this will contain only one value while ''SETTINGS_SERVICE_ACCOUNT_IDS'' can have multiple. See the ''auth-service'' service description for more details about service accounts.' introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SETTINGS_SETUP_DEFAULT_ASSIGNMENTS: name: SETTINGS_SETUP_DEFAULT_ASSIGNMENTS;IDM_CREATE_DEMO_USERS defaultValue: "false" type: bool description: The default role assignments the demo users should be setup. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SETTINGS_STORE_TYPE: name: SETTINGS_STORE_TYPE defaultValue: metadata type: string description: Store type configures the persistency driver. Supported values are 'metadata' and 'filesystem'. Note that the value 'filesystem' is considered deprecated. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SETTINGS_SYSTEM_USER_ID: name: OCIS_SYSTEM_USER_ID;SETTINGS_SYSTEM_USER_ID defaultValue: "" type: string description: ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID for the STORAGE-SYSTEM system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SETTINGS_SYSTEM_USER_IDP: name: OCIS_SYSTEM_USER_IDP;SETTINGS_SYSTEM_USER_IDP defaultValue: internal type: string description: IDP of the oCIS STORAGE-SYSTEM system user. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SETTINGS_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;SETTINGS_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SETTINGS_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;SETTINGS_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SETTINGS_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;SETTINGS_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SETTINGS_TRACING_TYPE: name: OCIS_TRACING_TYPE;SETTINGS_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_DEBUG_ADDR: name: SHARING_DEBUG_ADDR defaultValue: 127.0.0.1:9151 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_DEBUG_PPROF: name: SHARING_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_DEBUG_TOKEN: name: SHARING_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_DEBUG_ZPAGES: name: SHARING_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_ENABLE_RESHARING: name: OCIS_ENABLE_RESHARING;SHARING_ENABLE_RESHARING defaultValue: "false" type: bool description: Changing this value is NOT supported. Enables the support for resharing. introductionVersion: "5.0" deprecationVersion: "5.0" removalVersion: "" deprecationInfo: Resharing will be removed in the future. SHARING_EVENTS_AUTH_PASSWORD: name: OCIS_EVENTS_AUTH_PASSWORD;SHARING_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: Password for the events broker. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_EVENTS_AUTH_USERNAME: name: OCIS_EVENTS_AUTH_USERNAME;SHARING_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: Username for the events broker. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_EVENTS_CLUSTER: name: OCIS_EVENTS_CLUSTER;SHARING_EVENTS_CLUSTER defaultValue: ocis-cluster type: string description: The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_EVENTS_ENABLE_TLS: name: OCIS_EVENTS_ENABLE_TLS;SHARING_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_EVENTS_ENDPOINT: name: OCIS_EVENTS_ENDPOINT;SHARING_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_EVENTS_TLS_INSECURE: name: OCIS_INSECURE;SHARING_EVENTS_TLS_INSECURE defaultValue: "false" type: bool description: Whether to verify the server TLS certificates. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_EVENTS_TLS_ROOT_CA_CERTIFICATE: name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;SHARING_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. If provided SHARING_EVENTS_TLS_INSECURE will be seen as false. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_GRPC_ADDR: name: SHARING_GRPC_ADDR defaultValue: 127.0.0.1:9150 type: string description: The bind address of the GRPC service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_GRPC_PROTOCOL: name: SHARING_GRPC_PROTOCOL defaultValue: tcp type: string description: The transport protocol of the GRPC service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_JWT_SECRET: name: OCIS_JWT_SECRET;SHARING_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_LOG_COLOR: name: OCIS_LOG_COLOR;SHARING_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_LOG_FILE: name: OCIS_LOG_FILE;SHARING_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_LOG_LEVEL: name: OCIS_LOG_LEVEL;SHARING_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_LOG_PRETTY: name: OCIS_LOG_PRETTY;SHARING_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_OCM_PROVIDER_AUTHORIZER_DRIVER: name: SHARING_OCM_PROVIDER_AUTHORIZER_DRIVER defaultValue: json type: string description: Driver to be used to persist ocm invites. Supported value is only 'json'. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_PASSWORD_POLICY_BANNED_PASSWORDS_LIST: name: OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST;SHARING_PASSWORD_POLICY_BANNED_PASSWORDS_LIST defaultValue: "" type: string description: Path to the 'banned passwords list' file. This only impacts public link password validation. See the documentation for more details. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_PASSWORD_POLICY_DISABLED: name: OCIS_PASSWORD_POLICY_DISABLED;SHARING_PASSWORD_POLICY_DISABLED defaultValue: "false" type: bool description: Disable the password policy. Defaults to false if not set. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_PASSWORD_POLICY_MIN_CHARACTERS: name: OCIS_PASSWORD_POLICY_MIN_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_CHARACTERS defaultValue: "8" type: int description: Define the minimum password length. Defaults to 8 if not set. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_PASSWORD_POLICY_MIN_DIGITS: name: OCIS_PASSWORD_POLICY_MIN_DIGITS;SHARING_PASSWORD_POLICY_MIN_DIGITS defaultValue: "1" type: int description: Define the minimum number of digits. Defaults to 1 if not set. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS: name: OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS defaultValue: "1" type: int description: Define the minimum number of uppercase letters. Defaults to 1 if not set. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS: name: OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS defaultValue: "1" type: int description: Define the minimum number of characters from the special characters list to be present. Defaults to 1 if not set. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS: name: OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS defaultValue: "1" type: int description: Define the minimum number of lowercase letters. Defaults to 1 if not set. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_PUBLIC_CS3_PROVIDER_ADDR: name: SHARING_PUBLIC_CS3_PROVIDER_ADDR defaultValue: com.owncloud.api.storage-system type: string description: GRPC address of the STORAGE-SYSTEM service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_PUBLIC_CS3_SYSTEM_USER_API_KEY: name: OCIS_SYSTEM_USER_API_KEY;SHARING_PUBLIC_CS3_SYSTEM_USER_API_KEY defaultValue: "" type: string description: API key for the STORAGE-SYSTEM system user. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_PUBLIC_CS3_SYSTEM_USER_ID: name: OCIS_SYSTEM_USER_ID;SHARING_PUBLIC_CS3_SYSTEM_USER_ID defaultValue: "" type: string description: ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID for the STORAGE-SYSTEM system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_PUBLIC_CS3_SYSTEM_USER_IDP: name: OCIS_SYSTEM_USER_IDP;SHARING_PUBLIC_CS3_SYSTEM_USER_IDP defaultValue: internal type: string description: IDP of the oCIS STORAGE-SYSTEM system user. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_PUBLIC_DRIVER: name: SHARING_PUBLIC_DRIVER defaultValue: jsoncs3 type: string description: Driver to be used to persist public shares. Supported values are 'jsoncs3', 'json' and 'cs3' (deprecated). introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_PUBLIC_JSON_FILE: name: SHARING_PUBLIC_JSON_FILE defaultValue: /var/lib/ocis/storage/publicshares.json type: string description: Path to the JSON file where public share meta-data will be stored. This JSON file contains the information about public shares that have been created. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_PUBLIC_JSONCS3_PROVIDER_ADDR: name: SHARING_PUBLIC_JSONCS3_PROVIDER_ADDR defaultValue: com.owncloud.api.storage-system type: string description: GRPC address of the STORAGE-SYSTEM service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_PUBLIC_JSONCS3_SYSTEM_USER_API_KEY: name: OCIS_SYSTEM_USER_API_KEY;SHARING_PUBLIC_JSONCS3_SYSTEM_USER_API_KEY defaultValue: "" type: string description: API key for the STORAGE-SYSTEM system user. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_PUBLIC_JSONCS3_SYSTEM_USER_ID: name: OCIS_SYSTEM_USER_ID;SHARING_PUBLIC_JSONCS3_SYSTEM_USER_ID defaultValue: "" type: string description: ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID for the STORAGE-SYSTEM system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_PUBLIC_JSONCS3_SYSTEM_USER_IDP: name: OCIS_SYSTEM_USER_IDP;SHARING_PUBLIC_JSONCS3_SYSTEM_USER_IDP defaultValue: internal type: string description: IDP of the oCIS STORAGE-SYSTEM system user. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD: name: OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD;SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD defaultValue: "true" type: bool description: Set this to true if you want to enforce passwords on all public shares. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD: name: OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD;SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD defaultValue: "false" type: bool description: Set this to true if you want to enforce passwords on Uploader, Editor or Contributor shares. If not using the global OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD, you must define the FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD in the frontend service. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_SKIP_USER_GROUPS_IN_TOKEN: name: SHARING_SKIP_USER_GROUPS_IN_TOKEN defaultValue: "false" type: bool description: Disables the loading of user's group memberships from the reva access token. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;SHARING_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;SHARING_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;SHARING_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_TRACING_TYPE: name: OCIS_TRACING_TYPE;SHARING_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_USER_CS3_PROVIDER_ADDR: name: SHARING_USER_CS3_PROVIDER_ADDR defaultValue: com.owncloud.api.storage-system type: string description: GRPC address of the STORAGE-SYSTEM service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_USER_CS3_SYSTEM_USER_API_KEY: name: OCIS_SYSTEM_USER_API_KEY;SHARING_USER_CS3_SYSTEM_USER_API_KEY defaultValue: "" type: string description: API key for the STORAGE-SYSTEM system user. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_USER_CS3_SYSTEM_USER_ID: name: OCIS_SYSTEM_USER_ID;SHARING_USER_CS3_SYSTEM_USER_ID defaultValue: "" type: string description: ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID for the STORAGE-SYSTEM system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_USER_CS3_SYSTEM_USER_IDP: name: OCIS_SYSTEM_USER_IDP;SHARING_USER_CS3_SYSTEM_USER_IDP defaultValue: internal type: string description: IDP of the oCIS STORAGE-SYSTEM system user. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_USER_DRIVER: name: SHARING_USER_DRIVER defaultValue: jsoncs3 type: string description: Driver to be used to persist shares. Supported values are 'jsoncs3', 'json', 'cs3' (deprecated) and 'owncloudsql'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_USER_JSON_FILE: name: SHARING_USER_JSON_FILE defaultValue: /var/lib/ocis/storage/shares.json type: string description: Path to the JSON file where shares will be persisted. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_USER_JSONCS3_CACHE_TTL: name: SHARING_USER_JSONCS3_CACHE_TTL defaultValue: "0" type: int description: TTL for the internal caches in seconds. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_USER_JSONCS3_PROVIDER_ADDR: name: SHARING_USER_JSONCS3_PROVIDER_ADDR defaultValue: com.owncloud.api.storage-system type: string description: GRPC address of the STORAGE-SYSTEM service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_USER_JSONCS3_SYSTEM_USER_API_KEY: name: OCIS_SYSTEM_USER_API_KEY;SHARING_USER_JSONCS3_SYSTEM_USER_API_KEY defaultValue: "" type: string description: API key for the STORAGE-SYSTEM system user. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_USER_JSONCS3_SYSTEM_USER_ID: name: OCIS_SYSTEM_USER_ID;SHARING_USER_JSONCS3_SYSTEM_USER_ID defaultValue: "" type: string description: ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID for the STORAGE-SYSTEM system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_USER_JSONCS3_SYSTEM_USER_IDP: name: OCIS_SYSTEM_USER_IDP;SHARING_USER_JSONCS3_SYSTEM_USER_IDP defaultValue: internal type: string description: IDP of the oCIS STORAGE-SYSTEM system user. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_USER_OWNCLOUDSQL_DB_HOST: name: SHARING_USER_OWNCLOUDSQL_DB_HOST defaultValue: mysql type: string description: Hostname or IP of the database server. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_USER_OWNCLOUDSQL_DB_NAME: name: SHARING_USER_OWNCLOUDSQL_DB_NAME defaultValue: owncloud type: string description: Name of the database to be used. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_USER_OWNCLOUDSQL_DB_PASSWORD: name: SHARING_USER_OWNCLOUDSQL_DB_PASSWORD defaultValue: "" type: string description: Password for the database. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_USER_OWNCLOUDSQL_DB_PORT: name: SHARING_USER_OWNCLOUDSQL_DB_PORT defaultValue: "3306" type: int description: Port that the database server is listening on. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_USER_OWNCLOUDSQL_DB_USERNAME: name: SHARING_USER_OWNCLOUDSQL_DB_USERNAME defaultValue: owncloud type: string description: Username for the database. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SHARING_USER_OWNCLOUDSQL_USER_STORAGE_MOUNT_ID: name: SHARING_USER_OWNCLOUDSQL_USER_STORAGE_MOUNT_ID defaultValue: "" type: string description: Mount ID of the ownCloudSQL users storage for mapping ownCloud 10 shares. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" SSE_CORS_ALLOW_CREDENTIALS: name: OCIS_CORS_ALLOW_CREDENTIALS;SSE_CORS_ALLOW_CREDENTIALS defaultValue: "true" type: bool description: 'Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.' introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SSE_CORS_ALLOW_HEADERS: name: OCIS_CORS_ALLOW_HEADERS;SSE_CORS_ALLOW_HEADERS defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id Ocs-Apirequest]' type: '[]string' description: 'A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details.' introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SSE_CORS_ALLOW_METHODS: name: OCIS_CORS_ALLOW_METHODS;SSE_CORS_ALLOW_METHODS defaultValue: '[GET]' type: '[]string' description: 'A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details.' introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SSE_CORS_ALLOW_ORIGINS: name: OCIS_CORS_ALLOW_ORIGINS;SSE_CORS_ALLOW_ORIGINS defaultValue: '[*]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details.' introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SSE_DEBUG_ADDR: name: SSE_DEBUG_ADDR defaultValue: 127.0.0.1:9135 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SSE_DEBUG_PPROF: name: SSE_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SSE_DEBUG_TOKEN: name: SSE_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SSE_DEBUG_ZPAGES: name: SSE_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SSE_EVENTS_AUTH_PASSWORD: name: OCIS_EVENTS_AUTH_PASSWORD;SSE_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SSE_EVENTS_AUTH_USERNAME: name: OCIS_EVENTS_AUTH_USERNAME;SSE_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SSE_EVENTS_CLUSTER: name: OCIS_EVENTS_CLUSTER;SSE_EVENTS_CLUSTER defaultValue: ocis-cluster type: string description: The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SSE_EVENTS_ENABLE_TLS: name: OCIS_EVENTS_ENABLE_TLS;SSE_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SSE_EVENTS_ENDPOINT: name: OCIS_EVENTS_ENDPOINT;SSE_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SSE_EVENTS_TLS_INSECURE: name: OCIS_INSECURE;SSE_EVENTS_TLS_INSECURE defaultValue: "false" type: bool description: Whether to verify the server TLS certificates. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SSE_EVENTS_TLS_ROOT_CA_CERTIFICATE: name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;SSE_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. If provided SSE_EVENTS_TLS_INSECURE will be seen as false. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SSE_HTTP_ADDR: name: SSE_HTTP_ADDR defaultValue: 127.0.0.1:0 type: string description: The bind address of the HTTP service. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SSE_HTTP_ROOT: name: SSE_HTTP_ROOT defaultValue: / type: string description: Subdirectory that serves as the root for this HTTP service. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SSE_JWT_SECRET: name: OCIS_JWT_SECRET;SSE_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SSE_LOG_COLOR: name: OCIS_LOG_COLOR;SSE_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SSE_LOG_FILE: name: OCIS_LOG_FILE;SSE_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SSE_LOG_LEVEL: name: OCIS_LOG_LEVEL;SSE_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SSE_LOG_PRETTY: name: OCIS_LOG_PRETTY;SSE_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SSE_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;SSE_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SSE_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;SSE_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SSE_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;SSE_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" SSE_TRACING_TYPE: name: OCIS_TRACING_TYPE;SSE_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_GATEWAY_GRPC_ADDR: name: STORAGE_GATEWAY_GRPC_ADDR defaultValue: com.owncloud.api.storage-system type: string description: GRPC address of the STORAGE-SYSTEM service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_GRPC_ADDR: name: STORAGE_GRPC_ADDR defaultValue: com.owncloud.api.storage-system type: string description: GRPC address of the STORAGE-SYSTEM service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_PUBLICLINK_DEBUG_ADDR: name: STORAGE_PUBLICLINK_DEBUG_ADDR defaultValue: 127.0.0.1:9179 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_PUBLICLINK_DEBUG_PPROF: name: STORAGE_PUBLICLINK_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_PUBLICLINK_DEBUG_TOKEN: name: STORAGE_PUBLICLINK_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_PUBLICLINK_DEBUG_ZPAGES: name: STORAGE_PUBLICLINK_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_PUBLICLINK_GRPC_ADDR: name: STORAGE_PUBLICLINK_GRPC_ADDR defaultValue: 127.0.0.1:9178 type: string description: The bind address of the GRPC service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_PUBLICLINK_GRPC_PROTOCOL: name: STORAGE_PUBLICLINK_GRPC_PROTOCOL defaultValue: tcp type: string description: The transport protocol of the GRPC service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_PUBLICLINK_JWT_SECRET: name: OCIS_JWT_SECRET;STORAGE_PUBLICLINK_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_PUBLICLINK_LOG_COLOR: name: OCIS_LOG_COLOR;STORAGE_PUBLICLINK_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_PUBLICLINK_LOG_FILE: name: OCIS_LOG_FILE;STORAGE_PUBLICLINK_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_PUBLICLINK_LOG_LEVEL: name: OCIS_LOG_LEVEL;STORAGE_PUBLICLINK_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_PUBLICLINK_LOG_PRETTY: name: OCIS_LOG_PRETTY;STORAGE_PUBLICLINK_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_PUBLICLINK_SKIP_USER_GROUPS_IN_TOKEN: name: STORAGE_PUBLICLINK_SKIP_USER_GROUPS_IN_TOKEN defaultValue: "false" type: bool description: Disables the loading of user's group memberships from the reva access token. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_PUBLICLINK_STORAGE_PROVIDER_MOUNT_ID: name: STORAGE_PUBLICLINK_STORAGE_PROVIDER_MOUNT_ID defaultValue: 7993447f-687f-490d-875c-ac95e89a62a4 type: string description: Mount ID of this storage. Admins can set the ID for the storage in this config option manually which is then used to reference the storage. Any reasonable long string is possible, preferably this would be an UUIDv4 format. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_PUBLICLINK_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;STORAGE_PUBLICLINK_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_PUBLICLINK_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;STORAGE_PUBLICLINK_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_PUBLICLINK_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;STORAGE_PUBLICLINK_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_PUBLICLINK_TRACING_TYPE: name: OCIS_TRACING_TYPE;STORAGE_PUBLICLINK_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SHARES_DEBUG_ADDR: name: STORAGE_SHARES_DEBUG_ADDR defaultValue: 127.0.0.1:9156 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SHARES_DEBUG_PPROF: name: STORAGE_SHARES_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SHARES_DEBUG_TOKEN: name: STORAGE_SHARES_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SHARES_DEBUG_ZPAGES: name: STORAGE_SHARES_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SHARES_GRPC_ADDR: name: STORAGE_SHARES_GRPC_ADDR defaultValue: 127.0.0.1:9154 type: string description: The bind address of the GRPC service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SHARES_GRPC_PROTOCOL: name: STORAGE_SHARES_GRPC_PROTOCOL defaultValue: tcp type: string description: The transport protocol of the GRPC service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SHARES_JWT_SECRET: name: OCIS_JWT_SECRET;STORAGE_SHARES_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SHARES_LOG_COLOR: name: OCIS_LOG_COLOR;STORAGE_SHARES_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SHARES_LOG_FILE: name: OCIS_LOG_FILE;STORAGE_SHARES_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SHARES_LOG_LEVEL: name: OCIS_LOG_LEVEL;STORAGE_SHARES_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SHARES_LOG_PRETTY: name: OCIS_LOG_PRETTY;STORAGE_SHARES_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SHARES_MOUNT_ID: name: STORAGE_SHARES_MOUNT_ID defaultValue: 7639e57c-4433-4a12-8201-722fd0009154 type: string description: Mount ID of this storage. Admins can set the ID for the storage in this config option manually which is then used to reference the storage. Any reasonable long string is possible, preferably this would be an UUIDv4 format. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SHARES_READ_ONLY: name: STORAGE_SHARES_READ_ONLY defaultValue: "false" type: bool description: Set this storage to be read-only. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SHARES_SKIP_USER_GROUPS_IN_TOKEN: name: STORAGE_SHARES_SKIP_USER_GROUPS_IN_TOKEN defaultValue: "false" type: bool description: Disables the loading of user's group memberships from the reva access token. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SHARES_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;STORAGE_SHARES_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SHARES_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;STORAGE_SHARES_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SHARES_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;STORAGE_SHARES_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SHARES_TRACING_TYPE: name: OCIS_TRACING_TYPE;STORAGE_SHARES_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SHARES_USER_SHARE_PROVIDER_ENDPOINT: name: STORAGE_SHARES_USER_SHARE_PROVIDER_ENDPOINT defaultValue: com.owncloud.api.sharing type: string description: GRPC endpoint of the SHARING service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_CACHE_AUTH_PASSWORD: name: OCIS_CACHE_AUTH_PASSWORD;STORAGE_SYSTEM_CACHE_AUTH_PASSWORD defaultValue: "" type: string description: Password for the configured store. Only applies when store type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_CACHE_AUTH_USERNAME: name: OCIS_CACHE_AUTH_USERNAME;STORAGE_SYSTEM_CACHE_AUTH_USERNAME defaultValue: "" type: string description: Username for the configured store. Only applies when store type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_CACHE_DISABLE_PERSISTENCE: name: OCIS_CACHE_DISABLE_PERSISTENCE;STORAGE_SYSTEM_CACHE_DISABLE_PERSISTENCE defaultValue: "false" type: bool description: Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_CACHE_SIZE: name: OCIS_CACHE_SIZE;STORAGE_SYSTEM_CACHE_SIZE defaultValue: "0" type: int description: The maximum quantity of items in the user info cache. Only applies when store type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package though not exclicitly set as default. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_CACHE_STORE: name: OCIS_CACHE_STORE;STORAGE_SYSTEM_CACHE_STORE defaultValue: memory type: string description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'', ''nats-js-kv'', ''noop''. See the text description for details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_CACHE_STORE_NODES: name: OCIS_CACHE_STORE_NODES;STORAGE_SYSTEM_CACHE_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. This has no effect when 'memory' or 'ocmem' stores are configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_CACHE_TTL: name: OCIS_CACHE_TTL;STORAGE_SYSTEM_CACHE_TTL defaultValue: 24m0s type: Duration description: Default time to live for user info in the user info cache. Only applied when access tokens has no expiration. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_DATA_SERVER_URL: name: STORAGE_SYSTEM_DATA_SERVER_URL defaultValue: http://localhost:9216/data type: string description: URL of the data server, needs to be reachable by other services using this service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_DEBUG_ADDR: name: STORAGE_SYSTEM_DEBUG_ADDR defaultValue: 127.0.0.1:9217 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_DEBUG_PPROF: name: STORAGE_SYSTEM_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_DEBUG_TOKEN: name: STORAGE_SYSTEM_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_DEBUG_ZPAGES: name: STORAGE_SYSTEM_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_DRIVER: name: STORAGE_SYSTEM_DRIVER defaultValue: ocis type: string description: The driver which should be used by the service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_GRPC_ADDR: name: STORAGE_SYSTEM_GRPC_ADDR defaultValue: 127.0.0.1:9215 type: string description: The bind address of the GRPC service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_GRPC_PROTOCOL: name: STORAGE_SYSTEM_GRPC_PROTOCOL defaultValue: tcp type: string description: The transport protocol of the GPRC service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_HTTP_ADDR: name: STORAGE_SYSTEM_HTTP_ADDR defaultValue: 127.0.0.1:9216 type: string description: The bind address of the HTTP service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_HTTP_PROTOCOL: name: STORAGE_SYSTEM_HTTP_PROTOCOL defaultValue: tcp type: string description: The transport protocol of the HTTP service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_JWT_SECRET: name: OCIS_JWT_SECRET;STORAGE_SYSTEM_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_LOG_COLOR: name: OCIS_LOG_COLOR;STORAGE_SYSTEM_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_LOG_FILE: name: OCIS_LOG_FILE;STORAGE_SYSTEM_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_LOG_LEVEL: name: OCIS_LOG_LEVEL;STORAGE_SYSTEM_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_LOG_PRETTY: name: OCIS_LOG_PRETTY;STORAGE_SYSTEM_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_OCIS_LOCK_CYCLE_DURATION_FACTOR: name: STORAGE_SYSTEM_OCIS_LOCK_CYCLE_DURATION_FACTOR defaultValue: "30" type: int description: When trying to lock files, ocis will multiply the cycle with this factor and use it as a millisecond timeout. Values of 0 or below will be ignored and the default value of 30 will be used. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_OCIS_MAX_ACQUIRE_LOCK_CYCLES: name: STORAGE_SYSTEM_OCIS_MAX_ACQUIRE_LOCK_CYCLES defaultValue: "20" type: int description: When trying to lock files, ocis will try this amount of times to acquire the lock before failing. After each try it will wait for an increasing amount of time. Values of 0 or below will be ignored and the default value of 20 will be used. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_OCIS_METADATA_BACKEND: name: OCIS_DECOMPOSEDFS_METADATA_BACKEND;STORAGE_SYSTEM_OCIS_METADATA_BACKEND defaultValue: messagepack type: string description: The backend to use for storing metadata. Supported values are 'messagepack' and 'xattrs'. The setting 'messagepack' uses a dedicated file to store file metadata while 'xattrs' uses extended attributes to store file metadata. Defaults to 'messagepack'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_OCIS_ROOT: name: STORAGE_SYSTEM_OCIS_ROOT defaultValue: /var/lib/ocis/storage/metadata type: string description: Path for the directory where the STORAGE-SYSTEM service stores it's persistent data. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_SKIP_USER_GROUPS_IN_TOKEN: name: STORAGE_SYSTEM_SKIP_USER_GROUPS_IN_TOKEN defaultValue: "false" type: bool description: Disables the loading of user's group memberships from the reva access token. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;STORAGE_SYSTEM_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;STORAGE_SYSTEM_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;STORAGE_SYSTEM_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_SYSTEM_TRACING_TYPE: name: OCIS_TRACING_TYPE;STORAGE_SYSTEM_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_ASYNC_PROPAGATOR_PROPAGATION_DELAY: name: STORAGE_USERS_ASYNC_PROPAGATOR_PROPAGATION_DELAY defaultValue: 0s type: Duration description: The delay between a change made to a tree and the propagation start on treesize and treetime. Multiple propagations are computed to a single one. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_CLI_MAX_ATTEMPTS_RENAME_FILE: name: STORAGE_USERS_CLI_MAX_ATTEMPTS_RENAME_FILE defaultValue: "0" type: int description: The maximum number of attempts to rename a file when a user restores a file to an existing destination with the same name. The minimum value is 100. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_CORS_ALLOW_CREDENTIALS: name: OCIS_CORS_ALLOW_CREDENTIALS;STORAGE_USERS_CORS_ALLOW_CREDENTIALS defaultValue: "false" type: bool description: 'Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_CORS_ALLOW_HEADERS: name: OCIS_CORS_ALLOW_HEADERS;STORAGE_USERS_CORS_ALLOW_HEADERS defaultValue: '[Authorization Origin X-Requested-With X-Request-Id X-HTTP-Method-Override Content-Type Upload-Length Upload-Offset Tus-Resumable Upload-Metadata Upload-Defer-Length Upload-Concat Upload-Incomplete Upload-Draft-Interop-Version]' type: '[]string' description: 'A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_CORS_ALLOW_METHODS: name: OCIS_CORS_ALLOW_METHODS;STORAGE_USERS_CORS_ALLOW_METHODS defaultValue: '[POST HEAD PATCH OPTIONS GET DELETE]' type: '[]string' description: 'A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_CORS_ALLOW_ORIGINS: name: OCIS_CORS_ALLOW_ORIGINS;STORAGE_USERS_CORS_ALLOW_ORIGINS defaultValue: '[https://localhost:9200]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_CORS_EXPOSE_HEADERS: name: OCIS_CORS_EXPOSE_HEADERS;STORAGE_USERS_CORS_EXPOSE_HEADERS defaultValue: '[Upload-Offset Location Upload-Length Tus-Version Tus-Resumable Tus-Max-Size Tus-Extension Upload-Metadata Upload-Defer-Length Upload-Concat Upload-Incomplete Upload-Draft-Interop-Version]' type: '[]string' description: 'A list of exposed CORS headers. See following chapter for more details: *Access-Control-Expose-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_CORS_MAX_AGE: name: OCIS_CORS_MAX_AGE;STORAGE_USERS_CORS_MAX_AGE defaultValue: "86400" type: uint description: 'The max cache duration of preflight headers. See following chapter for more details: *Access-Control-Max-Age* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_DATA_GATEWAY_URL: name: STORAGE_USERS_DATA_GATEWAY_URL defaultValue: https://localhost:9200/data type: string description: URL of the data gateway server introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_DATA_SERVER_URL: name: STORAGE_USERS_DATA_SERVER_URL defaultValue: http://localhost:9158/data type: string description: URL of the data server, needs to be reachable by the data gateway provided by the frontend service or the user if directly exposed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_DEBUG_ADDR: name: STORAGE_USERS_DEBUG_ADDR defaultValue: 127.0.0.1:9159 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_DEBUG_PPROF: name: STORAGE_USERS_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_DEBUG_TOKEN: name: STORAGE_USERS_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_DEBUG_ZPAGES: name: STORAGE_USERS_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_DRIVER: name: STORAGE_USERS_DRIVER defaultValue: ocis type: string description: 'The storage driver which should be used by the service. Defaults to ''ocis'', Supported values are: ''ocis'', ''s3ng'' and ''owncloudsql''. The ''ocis'' driver stores all data (blob and meta data) in an POSIX compliant volume. The ''s3ng'' driver stores metadata in a POSIX compliant volume and uploads blobs to the s3 bucket.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_EVENTS_AUTH_PASSWORD: name: OCIS_EVENTS_AUTH_PASSWORD;STORAGE_USERS_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_EVENTS_AUTH_USERNAME: name: OCIS_EVENTS_AUTH_USERNAME;STORAGE_USERS_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_EVENTS_CLUSTER: name: OCIS_EVENTS_CLUSTER;STORAGE_USERS_EVENTS_CLUSTER defaultValue: ocis-cluster type: string description: The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_EVENTS_ENABLE_TLS: name: OCIS_EVENTS_ENABLE_TLS;STORAGE_USERS_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_EVENTS_ENDPOINT: name: OCIS_EVENTS_ENDPOINT;STORAGE_USERS_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_EVENTS_NUM_CONSUMERS: name: STORAGE_USERS_EVENTS_NUM_CONSUMERS defaultValue: "0" type: int description: The amount of concurrent event consumers to start. Event consumers are used for post-processing files. Multiple consumers increase parallelisation, but will also increase CPU and memory demands. The setting has no effect when the OCIS_ASYNC_UPLOADS is set to false. The default and minimum value is 1. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_EVENTS_TLS_INSECURE: name: OCIS_INSECURE;STORAGE_USERS_EVENTS_TLS_INSECURE defaultValue: "false" type: bool description: Whether to verify the server TLS certificates. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_EVENTS_TLS_ROOT_CA_CERTIFICATE: name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;STORAGE_USERS_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. If provided STORAGE_USERS_EVENTS_TLS_INSECURE will be seen as false. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_EXPOSE_DATA_SERVER: name: STORAGE_USERS_EXPOSE_DATA_SERVER defaultValue: "false" type: bool description: Exposes the data server directly to users and bypasses the data gateway. Ensure that the data server address is reachable by users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_FILEMETADATA_CACHE_AUTH_PASSWORD: name: OCIS_CACHE_AUTH_PASSWORD;STORAGE_USERS_FILEMETADATA_CACHE_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the cache store. Only applies when store type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_FILEMETADATA_CACHE_AUTH_USERNAME: name: OCIS_CACHE_AUTH_USERNAME;STORAGE_USERS_FILEMETADATA_CACHE_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the cache store. Only applies when store type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_FILEMETADATA_CACHE_DISABLE_PERSISTENCE: name: OCIS_CACHE_DISABLE_PERSISTENCE;STORAGE_USERS_FILEMETADATA_CACHE_DISABLE_PERSISTENCE defaultValue: "false" type: bool description: Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_FILEMETADATA_CACHE_SIZE: name: OCIS_CACHE_SIZE;STORAGE_USERS_FILEMETADATA_CACHE_SIZE defaultValue: "0" type: int description: The maximum quantity of items in the user info cache. Only applies when store type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package though not exclicitly set as default. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_FILEMETADATA_CACHE_STORE: name: OCIS_CACHE_STORE;STORAGE_USERS_FILEMETADATA_CACHE_STORE defaultValue: memory type: string description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'', ''nats-js-kv'', ''noop''. See the text description for details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_FILEMETADATA_CACHE_STORE_NODES: name: OCIS_CACHE_STORE_NODES;STORAGE_USERS_FILEMETADATA_CACHE_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. This has no effect when 'memory' or 'ocmem' stores are configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_FILEMETADATA_CACHE_TTL: name: OCIS_CACHE_TTL;STORAGE_USERS_FILEMETADATA_CACHE_TTL defaultValue: 24m0s type: Duration description: Default time to live for user info in the user info cache. Only applied when access tokens has no expiration. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_GATEWAY_GRPC_ADDR: name: OCIS_GATEWAY_GRPC_ADDR;STORAGE_USERS_GATEWAY_GRPC_ADDR defaultValue: 127.0.0.1:9142 type: string description: The bind address of the gateway GRPC address. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_GRACEFUL_SHUTDOWN_TIMEOUT: name: STORAGE_USERS_GRACEFUL_SHUTDOWN_TIMEOUT defaultValue: "30" type: int description: 'The number of seconds to wait for the ''storage-users'' service to shutdown cleanly before exiting with an error that gets logged. Note: This setting is only applicable when running the ''storage-users'' service as a standalone service. See the text description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_GRPC_ADDR: name: STORAGE_USERS_GRPC_ADDR defaultValue: 127.0.0.1:9157 type: string description: The bind address of the GRPC service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_GRPC_PROTOCOL: name: STORAGE_USERS_GRPC_PROTOCOL defaultValue: tcp type: string description: The transport protocol of the GPRC service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_HTTP_ADDR: name: STORAGE_USERS_HTTP_ADDR defaultValue: 127.0.0.1:9158 type: string description: The bind address of the HTTP service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_HTTP_PROTOCOL: name: STORAGE_USERS_HTTP_PROTOCOL defaultValue: tcp type: string description: The transport protocol of the HTTP service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_ID_CACHE_AUTH_PASSWORD: name: OCIS_CACHE_AUTH_PASSWORD;STORAGE_USERS_ID_CACHE_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the cache store. Only applies when store type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_ID_CACHE_AUTH_USERNAME: name: OCIS_CACHE_AUTH_USERNAME;STORAGE_USERS_ID_CACHE_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the cache store. Only applies when store type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_ID_CACHE_DISABLE_PERSISTENCE: name: OCIS_CACHE_DISABLE_PERSISTENCE;STORAGE_USERS_ID_CACHE_DISABLE_PERSISTENCE defaultValue: "false" type: bool description: Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_ID_CACHE_SIZE: name: OCIS_CACHE_SIZE;STORAGE_USERS_ID_CACHE_SIZE defaultValue: "0" type: int description: The maximum quantity of items in the user info cache. Only applies when store type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package though not exclicitly set as default. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_ID_CACHE_STORE: name: OCIS_CACHE_STORE;STORAGE_USERS_ID_CACHE_STORE defaultValue: memory type: string description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'', ''nats-js-kv'', ''noop''. See the text description for details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_ID_CACHE_STORE_NODES: name: OCIS_CACHE_STORE_NODES;STORAGE_USERS_ID_CACHE_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. This has no effect when 'memory' or 'ocmem' stores are configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_ID_CACHE_TTL: name: OCIS_CACHE_TTL;STORAGE_USERS_ID_CACHE_TTL defaultValue: 24m0s type: Duration description: Default time to live for user info in the user info cache. Only applied when access tokens have no expiration. Defaults to 300s which is derived from the underlaying package though not explicitly set as default. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_JWT_SECRET: name: OCIS_JWT_SECRET;STORAGE_USERS_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_LOG_COLOR: name: OCIS_LOG_COLOR;STORAGE_USERS_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_LOG_FILE: name: OCIS_LOG_FILE;STORAGE_USERS_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_LOG_LEVEL: name: OCIS_LOG_LEVEL;STORAGE_USERS_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_LOG_PRETTY: name: OCIS_LOG_PRETTY;STORAGE_USERS_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_MACHINE_AUTH_API_KEY: name: OCIS_MACHINE_AUTH_API_KEY;STORAGE_USERS_MACHINE_AUTH_API_KEY defaultValue: "" type: string description: Machine auth API key used to validate internal requests necessary for the access to resources from other services. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_MOUNT_ID: name: STORAGE_USERS_MOUNT_ID defaultValue: "" type: string description: Mount ID of this storage. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_OCIS_GENERAL_SPACE_ALIAS_TEMPLATE: name: STORAGE_USERS_OCIS_GENERAL_SPACE_ALIAS_TEMPLATE defaultValue: '{{.SpaceType}}/{{.SpaceName \| replace " " "-" \| lower}}' type: string description: Template string to construct general space aliases. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_OCIS_GENERAL_SPACE_PATH_TEMPLATE: name: STORAGE_USERS_OCIS_GENERAL_SPACE_PATH_TEMPLATE defaultValue: "" type: string description: Template string to construct the paths of the projects space roots. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_OCIS_LOCK_CYCLE_DURATION_FACTOR: name: STORAGE_USERS_OCIS_LOCK_CYCLE_DURATION_FACTOR defaultValue: "30" type: int description: When trying to lock files, ocis will multiply the cycle with this factor and use it as a millisecond timeout. Values of 0 or below will be ignored and the default value will be used. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_OCIS_MAX_ACQUIRE_LOCK_CYCLES: name: STORAGE_USERS_OCIS_MAX_ACQUIRE_LOCK_CYCLES defaultValue: "20" type: int description: When trying to lock files, ocis will try this amount of times to acquire the lock before failing. After each try it will wait for an increasing amount of time. Values of 0 or below will be ignored and the default value will be used. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_OCIS_MAX_CONCURRENCY: name: STORAGE_USERS_OCIS_MAX_CONCURRENCY defaultValue: "5" type: int description: Maximum number of concurrent go-routines. Higher values can potentially get work done faster but will also cause more load on the system. Values of 0 or below will be ignored and the default value will be used. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_OCIS_MAX_QUOTA: name: OCIS_SPACES_MAX_QUOTA;STORAGE_USERS_OCIS_MAX_QUOTA defaultValue: "0" type: uint64 description: Set a global max quota for spaces in bytes. A value of 0 equals unlimited. If not using the global OCIS_SPACES_MAX_QUOTA, you must define the FRONTEND_MAX_QUOTA in the frontend service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_OCIS_METADATA_BACKEND: name: OCIS_DECOMPOSEDFS_METADATA_BACKEND;STORAGE_USERS_OCIS_METADATA_BACKEND defaultValue: messagepack type: string description: The backend to use for storing metadata. Supported values are 'messagepack' and 'xattrs'. The setting 'messagepack' uses a dedicated file to store file metadata while 'xattrs' uses extended attributes to store file metadata. Defaults to 'messagepack'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_OCIS_PERMISSIONS_ENDPOINT: name: STORAGE_USERS_PERMISSION_ENDPOINT;STORAGE_USERS_OCIS_PERMISSIONS_ENDPOINT defaultValue: com.owncloud.api.settings type: string description: Endpoint of the permissions service. The endpoints can differ for 'ocis' and 's3ng'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_OCIS_PERSONAL_SPACE_ALIAS_TEMPLATE: name: STORAGE_USERS_OCIS_PERSONAL_SPACE_ALIAS_TEMPLATE defaultValue: '{{.SpaceType}}/{{.User.Username \| lower}}' type: string description: Template string to construct personal space aliases. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_OCIS_PERSONAL_SPACE_PATH_TEMPLATE: name: STORAGE_USERS_OCIS_PERSONAL_SPACE_PATH_TEMPLATE defaultValue: "" type: string description: Template string to construct the paths of the personal space roots. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_OCIS_PROPAGATOR: name: OCIS_DECOMPOSEDFS_PROPAGATOR;STORAGE_USERS_OCIS_PROPAGATOR defaultValue: sync type: string description: The propagator used for decomposedfs. At the moment, only 'sync' is fully supported, 'async' is available as an experimental option. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_OCIS_ROOT: name: STORAGE_USERS_OCIS_ROOT defaultValue: /var/lib/ocis/storage/users type: string description: The directory where the filesystem storage will store blobs and metadata. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage/users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_OCIS_SHARE_FOLDER: name: STORAGE_USERS_OCIS_SHARE_FOLDER defaultValue: /Shares type: string description: Name of the folder jailing all shares. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_OCIS_USER_LAYOUT: name: STORAGE_USERS_OCIS_USER_LAYOUT defaultValue: '{{.Id.OpaqueId}}' type: string description: Template string for the user storage layout in the user directory. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_OWNCLOUDSQL_DATADIR: name: STORAGE_USERS_OWNCLOUDSQL_DATADIR defaultValue: /var/lib/ocis/storage/owncloud type: string description: The directory where the filesystem storage will store SQL migration data. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage/owncloud. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_OWNCLOUDSQL_DB_HOST: name: STORAGE_USERS_OWNCLOUDSQL_DB_HOST defaultValue: "" type: string description: Hostname or IP of the database server. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_OWNCLOUDSQL_DB_NAME: name: STORAGE_USERS_OWNCLOUDSQL_DB_NAME defaultValue: owncloud type: string description: Name of the database to be used. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_OWNCLOUDSQL_DB_PASSWORD: name: STORAGE_USERS_OWNCLOUDSQL_DB_PASSWORD defaultValue: owncloud type: string description: Password for the database. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_OWNCLOUDSQL_DB_PORT: name: STORAGE_USERS_OWNCLOUDSQL_DB_PORT defaultValue: "3306" type: int description: Port that the database server is listening on. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_OWNCLOUDSQL_DB_USERNAME: name: STORAGE_USERS_OWNCLOUDSQL_DB_USERNAME defaultValue: owncloud type: string description: Username for the database. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_OWNCLOUDSQL_LAYOUT: name: STORAGE_USERS_OWNCLOUDSQL_LAYOUT defaultValue: '{{.Username}}' type: string description: Path layout to use to navigate into a users folder in an owncloud data directory introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_OWNCLOUDSQL_SHARE_FOLDER: name: STORAGE_USERS_OWNCLOUDSQL_SHARE_FOLDER defaultValue: /Shares type: string description: Name of the folder jailing all shares. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_OWNCLOUDSQL_UPLOADINFO_DIR: name: STORAGE_USERS_OWNCLOUDSQL_UPLOADINFO_DIR defaultValue: /var/lib/ocis/storage/uploadinfo type: string description: The directory where the filesystem will store uploads temporarily. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage/uploadinfo. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_OWNCLOUDSQL_USERS_PROVIDER_ENDPOINT: name: STORAGE_USERS_OWNCLOUDSQL_USERS_PROVIDER_ENDPOINT defaultValue: com.owncloud.api.users type: string description: Endpoint of the users provider. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_PERMISSION_ENDPOINT: name: STORAGE_USERS_PERMISSION_ENDPOINT;STORAGE_USERS_POSIX_PERMISSIONS_ENDPOINT defaultValue: com.owncloud.api.settings type: string description: Endpoint of the permissions service. The endpoints can differ for 'ocis', 'posix' and 's3ng'. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_POSIX_GENERAL_SPACE_PATH_TEMPLATE: name: STORAGE_USERS_POSIX_GENERAL_SPACE_PATH_TEMPLATE defaultValue: projects/{{.SpaceId}} type: string description: Template string to construct the paths of the projects space roots. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_POSIX_PERMISSIONS_ENDPOINT: name: STORAGE_USERS_PERMISSION_ENDPOINT;STORAGE_USERS_POSIX_PERMISSIONS_ENDPOINT defaultValue: com.owncloud.api.settings type: string description: Endpoint of the permissions service. The endpoints can differ for 'ocis', 'posix' and 's3ng'. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_POSIX_PERSONAL_SPACE_PATH_TEMPLATE: name: STORAGE_USERS_POSIX_PERSONAL_SPACE_PATH_TEMPLATE defaultValue: users/{{.User.Username}} type: string description: Template string to construct the paths of the personal space roots. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_POSIX_ROOT: name: STORAGE_USERS_POSIX_ROOT defaultValue: "" type: string description: The directory where the filesystem storage will store its data. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage/owncloud. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_POSIX_USE_SPACE_GROUPS: name: STORAGE_USERS_POSIX_USE_SPACE_GROUPS defaultValue: "false" type: bool description: Use space groups to manage permissions on spaces. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_POSIX_WATCH_FOLDER_KAFKA_BROKERS: name: STORAGE_USERS_POSIX_WATCH_FOLDER_KAFKA_BROKERS defaultValue: "" type: string description: Comma-separated list of kafka brokers to read the watchfolder events from. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_POSIX_WATCH_PATH: name: STORAGE_USERS_POSIX_WATCH_PATH defaultValue: "" type: string description: Path to the watch directory/file. Only applies to the 'gpfsfileauditlogging' and 'inotifywait' watcher, in which case it is the path of the file audit log file/base directory to watch. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_POSIX_WATCH_TYPE: name: STORAGE_USERS_POSIX_WATCH_TYPE defaultValue: "" type: string description: Type of the watcher to use for getting notified about changes to the filesystem. Currently available options are 'inotifywait' (default), 'gpfswatchfolder' and 'gpfsfileauditlogging'. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_PURGE_TRASH_BIN_PERSONAL_DELETE_BEFORE: name: STORAGE_USERS_PURGE_TRASH_BIN_PERSONAL_DELETE_BEFORE defaultValue: 720h0m0s type: Duration description: Specifies the period of time in which items that have been in the personal trash-bin for longer than this value should be deleted. A value of 0 means no automatic deletion. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_PURGE_TRASH_BIN_PROJECT_DELETE_BEFORE: name: STORAGE_USERS_PURGE_TRASH_BIN_PROJECT_DELETE_BEFORE defaultValue: 720h0m0s type: Duration description: Specifies the period of time in which items that have been in the project trash-bin for longer than this value should be deleted. A value of 0 means no automatic deletion. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_PURGE_TRASH_BIN_USER_ID: name: OCIS_ADMIN_USER_ID;STORAGE_USERS_PURGE_TRASH_BIN_USER_ID defaultValue: "" type: string description: ID of the user who collects all necessary information for deletion. Consider that the UUID can be encoded in some LDAP deployment configurations like in .ldif files. These need to be decoded beforehand. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_READ_ONLY: name: STORAGE_USERS_READ_ONLY defaultValue: "false" type: bool description: Set this storage to be read-only. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_S3NG_ACCESS_KEY: name: STORAGE_USERS_S3NG_ACCESS_KEY defaultValue: "" type: string description: Access key for the S3 bucket. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_S3NG_BUCKET: name: STORAGE_USERS_S3NG_BUCKET defaultValue: "" type: string description: Name of the S3 bucket. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_S3NG_ENDPOINT: name: STORAGE_USERS_S3NG_ENDPOINT defaultValue: "" type: string description: Endpoint for the S3 bucket. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_S3NG_GENERAL_SPACE_ALIAS_TEMPLATE: name: STORAGE_USERS_S3NG_GENERAL_SPACE_ALIAS_TEMPLATE defaultValue: '{{.SpaceType}}/{{.SpaceName \| replace " " "-" \| lower}}' type: string description: Template string to construct general space aliases. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_S3NG_GENERAL_SPACE_PATH_TEMPLATE: name: STORAGE_USERS_S3NG_GENERAL_SPACE_PATH_TEMPLATE defaultValue: "" type: string description: Template string to construct the paths of the projects space roots. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_S3NG_LOCK_CYCLE_DURATION_FACTOR: name: STORAGE_USERS_S3NG_LOCK_CYCLE_DURATION_FACTOR defaultValue: "30" type: int description: When trying to lock files, ocis will multiply the cycle with this factor and use it as a millisecond timeout. Values of 0 or below will be ignored and the default value of 30 will be used. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_S3NG_MAX_ACQUIRE_LOCK_CYCLES: name: STORAGE_USERS_S3NG_MAX_ACQUIRE_LOCK_CYCLES defaultValue: "20" type: int description: When trying to lock files, ocis will try this amount of times to acquire the lock before failing. After each try it will wait for an increasing amount of time. Values of 0 or below will be ignored and the default value of 20 will be used. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_S3NG_MAX_CONCURRENCY: name: STORAGE_USERS_S3NG_MAX_CONCURRENCY defaultValue: "5" type: int description: Maximum number of concurrent go-routines. Higher values can potentially get work done faster but will also cause more load on the system. Values of 0 or below will be ignored and the default value of 100 will be used. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_S3NG_METADATA_BACKEND: name: STORAGE_USERS_S3NG_METADATA_BACKEND defaultValue: messagepack type: string description: The backend to use for storing metadata. Supported values are 'xattrs' and 'messagepack'. The setting 'xattrs' uses extended attributes to store file metadata while 'messagepack' uses a dedicated file to store file metadata. Defaults to 'xattrs'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_S3NG_PERMISSIONS_ENDPOINT: name: STORAGE_USERS_PERMISSION_ENDPOINT;STORAGE_USERS_S3NG_PERMISSIONS_ENDPOINT defaultValue: com.owncloud.api.settings type: string description: Endpoint of the permissions service. The endpoints can differ for 'ocis' and 's3ng'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_S3NG_PERSONAL_SPACE_ALIAS_TEMPLATE: name: STORAGE_USERS_S3NG_PERSONAL_SPACE_ALIAS_TEMPLATE defaultValue: '{{.SpaceType}}/{{.User.Username \| lower}}' type: string description: Template string to construct personal space aliases. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_S3NG_PERSONAL_SPACE_PATH_TEMPLATE: name: STORAGE_USERS_S3NG_PERSONAL_SPACE_PATH_TEMPLATE defaultValue: "" type: string description: Template string to construct the paths of the personal space roots. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_S3NG_PROPAGATOR: name: OCIS_DECOMPOSEDFS_PROPAGATOR;STORAGE_USERS_S3NG_PROPAGATOR defaultValue: sync type: string description: The propagator used for decomposedfs. At the moment, only 'sync' is fully supported, 'async' is available as an experimental option. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_S3NG_PUT_OBJECT_CONCURRENT_STREAM_PARTS: name: STORAGE_USERS_S3NG_PUT_OBJECT_CONCURRENT_STREAM_PARTS defaultValue: "true" type: bool description: Always precreate parts when copying objects to S3. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_S3NG_PUT_OBJECT_DISABLE_CONTENT_SHA256: name: STORAGE_USERS_S3NG_PUT_OBJECT_DISABLE_CONTENT_SHA256 defaultValue: "false" type: bool description: Disable sending content sha256 when copying objects to S3. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_S3NG_PUT_OBJECT_DISABLE_MULTIPART: name: STORAGE_USERS_S3NG_PUT_OBJECT_DISABLE_MULTIPART defaultValue: "true" type: bool description: Disable multipart uploads when copying objects to S3 introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_S3NG_PUT_OBJECT_NUM_THREADS: name: STORAGE_USERS_S3NG_PUT_OBJECT_NUM_THREADS defaultValue: "4" type: uint description: Number of concurrent uploads to use when copying objects to S3. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_S3NG_PUT_OBJECT_PART_SIZE: name: STORAGE_USERS_S3NG_PUT_OBJECT_PART_SIZE defaultValue: "0" type: uint64 description: Part size for concurrent uploads to S3. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_S3NG_PUT_OBJECT_SEND_CONTENT_MD5: name: STORAGE_USERS_S3NG_PUT_OBJECT_SEND_CONTENT_MD5 defaultValue: "true" type: bool description: Send a Content-MD5 header when copying objects to S3. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_S3NG_REGION: name: STORAGE_USERS_S3NG_REGION defaultValue: default type: string description: Region of the S3 bucket. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_S3NG_ROOT: name: STORAGE_USERS_S3NG_ROOT defaultValue: /var/lib/ocis/storage/users type: string description: The directory where the filesystem storage will store metadata for blobs. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage/users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_S3NG_SECRET_KEY: name: STORAGE_USERS_S3NG_SECRET_KEY defaultValue: "" type: string description: Secret key for the S3 bucket. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_S3NG_SHARE_FOLDER: name: STORAGE_USERS_S3NG_SHARE_FOLDER defaultValue: /Shares type: string description: Name of the folder jailing all shares. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_S3NG_USER_LAYOUT: name: STORAGE_USERS_S3NG_USER_LAYOUT defaultValue: '{{.Id.OpaqueId}}' type: string description: Template string for the user storage layout in the user directory. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_SERVICE_ACCOUNT_ID: name: OCIS_SERVICE_ACCOUNT_ID;STORAGE_USERS_SERVICE_ACCOUNT_ID defaultValue: "" type: string description: The ID of the service account the service should use. See the 'auth-service' service description for more details. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_SERVICE_ACCOUNT_SECRET: name: OCIS_SERVICE_ACCOUNT_SECRET;STORAGE_USERS_SERVICE_ACCOUNT_SECRET defaultValue: "" type: string description: The service account secret. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_SKIP_USER_GROUPS_IN_TOKEN: name: STORAGE_USERS_SKIP_USER_GROUPS_IN_TOKEN defaultValue: "false" type: bool description: Disables the loading of user's group memberships from the reva access token. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;STORAGE_USERS_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;STORAGE_USERS_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;STORAGE_USERS_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_TRACING_TYPE: name: OCIS_TRACING_TYPE;STORAGE_USERS_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_TRANSFER_EXPIRES: name: STORAGE_USERS_TRANSFER_EXPIRES defaultValue: "86400" type: int64 description: The time after which the token for upload postprocessing expires introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_UPLOAD_EXPIRATION: name: STORAGE_USERS_UPLOAD_EXPIRATION defaultValue: "86400" type: int64 description: Duration in seconds after which uploads will expire. Note that when setting this to a low number, uploads could be cancelled before they are finished and return a 403 to the user. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORE_DATA_PATH: name: STORE_DATA_PATH defaultValue: /var/lib/ocis/store type: string description: The directory where the filesystem storage will store ocis settings. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/store. introductionVersion: pre5.0 deprecationVersion: "5.0" removalVersion: 7.0.0 deprecationInfo: The store service is optional and will be removed. STORE_DEBUG_ADDR: name: STORE_DEBUG_ADDR defaultValue: 127.0.0.1:9464 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: pre5.0 deprecationVersion: "5.0" removalVersion: 7.0.0 deprecationInfo: The store service is optional and will be removed. STORE_DEBUG_PPROF: name: STORE_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: pre5.0 deprecationVersion: "5.0" removalVersion: 7.0.0 deprecationInfo: The store service is optional and will be removed. STORE_DEBUG_TOKEN: name: STORE_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: pre5.0 deprecationVersion: "5.0" removalVersion: 7.0.0 deprecationInfo: The store service is optional and will be removed. STORE_DEBUG_ZPAGES: name: STORE_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: pre5.0 deprecationVersion: "5.0" removalVersion: 7.0.0 deprecationInfo: The store service is optional and will be removed. STORE_GRPC_ADDR: name: STORE_GRPC_ADDR defaultValue: 127.0.0.1:9460 type: string description: The bind address of the GRPC service. introductionVersion: pre5.0 deprecationVersion: "5.0" removalVersion: 7.0.0 deprecationInfo: The store service is optional and will be removed. STORE_LOG_COLOR: name: OCIS_LOG_COLOR;STORE_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: pre5.0 deprecationVersion: "5.0" removalVersion: 7.0.0 deprecationInfo: The store service is optional and will be removed. STORE_LOG_FILE: name: OCIS_LOG_FILE;STORE_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: pre5.0 deprecationVersion: "5.0" removalVersion: 7.0.0 deprecationInfo: The store service is optional and will be removed. STORE_LOG_LEVEL: name: OCIS_LOG_LEVEL;STORE_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: pre5.0 deprecationVersion: "5.0" removalVersion: 7.0.0 deprecationInfo: The store service is optional and will be removed. STORE_LOG_PRETTY: name: OCIS_LOG_PRETTY;STORE_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: pre5.0 deprecationVersion: "5.0" removalVersion: 7.0.0 deprecationInfo: The store service is optional and will be removed. STORE_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;STORE_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: pre5.0 deprecationVersion: "5.0" removalVersion: 7.0.0 deprecationInfo: The store service is optional and will be removed. STORE_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;STORE_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: pre5.0 deprecationVersion: "5.0" removalVersion: 7.0.0 deprecationInfo: The store service is optional and will be removed. STORE_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;STORE_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: pre5.0 deprecationVersion: "5.0" removalVersion: 7.0.0 deprecationInfo: The store service is optional and will be removed. STORE_TRACING_TYPE: name: OCIS_TRACING_TYPE;STORE_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: pre5.0 deprecationVersion: "5.0" removalVersion: 7.0.0 deprecationInfo: The store service is optional and will be removed. THUMBNAILS_CORS_ALLOW_CREDENTIALS: name: OCIS_CORS_ALLOW_CREDENTIALS;THUMBNAILS_CORS_ALLOW_CREDENTIALS defaultValue: "true" type: bool description: 'Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.' introductionVersion: "6.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" THUMBNAILS_CORS_ALLOW_HEADERS: name: OCIS_CORS_ALLOW_HEADERS;THUMBNAILS_CORS_ALLOW_HEADERS defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id Cache-Control]' type: '[]string' description: 'A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details.' introductionVersion: "6.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" THUMBNAILS_CORS_ALLOW_METHODS: name: OCIS_CORS_ALLOW_METHODS;THUMBNAILS_CORS_ALLOW_METHODS defaultValue: '[GET POST PUT PATCH DELETE OPTIONS]' type: '[]string' description: 'A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details.' introductionVersion: "6.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" THUMBNAILS_CORS_ALLOW_ORIGINS: name: OCIS_CORS_ALLOW_ORIGINS;THUMBNAILS_CORS_ALLOW_ORIGINS defaultValue: '[*]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details.' introductionVersion: "6.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" THUMBNAILS_CS3SOURCE_INSECURE: name: OCIS_INSECURE;THUMBNAILS_CS3SOURCE_INSECURE defaultValue: "false" type: bool description: Ignore untrusted SSL certificates when connecting to the CS3 source. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" THUMBNAILS_DATA_ENDPOINT: name: THUMBNAILS_DATA_ENDPOINT defaultValue: http://127.0.0.1:9186/thumbnails/data type: string description: The HTTP endpoint where the actual thumbnail file can be downloaded. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" THUMBNAILS_DEBUG_ADDR: name: THUMBNAILS_DEBUG_ADDR defaultValue: 127.0.0.1:9189 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" THUMBNAILS_DEBUG_PPROF: name: THUMBNAILS_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" THUMBNAILS_DEBUG_TOKEN: name: THUMBNAILS_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" THUMBNAILS_DEBUG_ZPAGES: name: THUMBNAILS_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" THUMBNAILS_FILESYSTEMSTORAGE_ROOT: name: THUMBNAILS_FILESYSTEMSTORAGE_ROOT defaultValue: /var/lib/ocis/thumbnails type: string description: The directory where the filesystem storage will store the thumbnails. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/thumbnails. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" THUMBNAILS_GRPC_ADDR: name: THUMBNAILS_GRPC_ADDR defaultValue: 127.0.0.1:9185 type: string description: The bind address of the GRPC service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" THUMBNAILS_HTTP_ADDR: name: THUMBNAILS_HTTP_ADDR defaultValue: 127.0.0.1:9186 type: string description: The bind address of the HTTP service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" THUMBNAILS_HTTP_ROOT: name: THUMBNAILS_HTTP_ROOT defaultValue: /thumbnails type: string description: Subdirectory that serves as the root for this HTTP service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" THUMBNAILS_LOG_COLOR: name: OCIS_LOG_COLOR;THUMBNAILS_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" THUMBNAILS_LOG_FILE: name: OCIS_LOG_FILE;THUMBNAILS_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" THUMBNAILS_LOG_LEVEL: name: OCIS_LOG_LEVEL;THUMBNAILS_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" THUMBNAILS_LOG_PRETTY: name: OCIS_LOG_PRETTY;THUMBNAILS_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" THUMBNAILS_MAX_CONCURRENT_REQUESTS: name: THUMBNAILS_MAX_CONCURRENT_REQUESTS defaultValue: "0" type: int description: Number of maximum concurrent thumbnail requests. Default is 0 which is unlimited. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" THUMBNAILS_MAX_INPUT_HEIGHT: name: THUMBNAILS_MAX_INPUT_HEIGHT defaultValue: "7680" type: int description: The maximum height of an input image which is being processed. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" THUMBNAILS_MAX_INPUT_IMAGE_FILE_SIZE: name: THUMBNAILS_MAX_INPUT_IMAGE_FILE_SIZE defaultValue: 50MB type: string description: 'The maximum file size of an input image which is being processed. Usable common abbreviations: [KB, KiB, MB, MiB, GB, GiB, TB, TiB, PB, PiB, EB, EiB], example: 2GB.' introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" THUMBNAILS_MAX_INPUT_WIDTH: name: THUMBNAILS_MAX_INPUT_WIDTH defaultValue: "7680" type: int description: The maximum width of an input image which is being processed. introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" THUMBNAILS_RESOLUTIONS: name: THUMBNAILS_RESOLUTIONS defaultValue: '[16x16 32x32 64x64 128x128 1080x1920 1920x1080 2160x3840 3840x2160 4320x7680 7680x4320]' type: '[]string' description: The supported list of target resolutions in the format WidthxHeight like 32x32. You can define any resolution as required. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" THUMBNAILS_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;THUMBNAILS_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" THUMBNAILS_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;THUMBNAILS_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" THUMBNAILS_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;THUMBNAILS_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" THUMBNAILS_TRACING_TYPE: name: OCIS_TRACING_TYPE;THUMBNAILS_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" THUMBNAILS_TRANSFER_TOKEN: name: THUMBNAILS_TRANSFER_TOKEN defaultValue: "" type: string description: The secret to sign JWT to download the actual thumbnail file. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" THUMBNAILS_TXT_FONTMAP_FILE: name: THUMBNAILS_TXT_FONTMAP_FILE defaultValue: "" type: string description: The path to a font file for txt thumbnails. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" THUMBNAILS_WEBDAVSOURCE_INSECURE: name: OCIS_INSECURE;THUMBNAILS_WEBDAVSOURCE_INSECURE defaultValue: "false" type: bool description: Ignore untrusted SSL certificates when connecting to the webdav source. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERLOG_CORS_ALLOW_CREDENTIALS: name: OCIS_CORS_ALLOW_CREDENTIALS;USERLOG_CORS_ALLOW_CREDENTIALS defaultValue: "true" type: bool description: 'Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERLOG_CORS_ALLOW_HEADERS: name: OCIS_CORS_ALLOW_HEADERS;USERLOG_CORS_ALLOW_HEADERS defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id Ocs-Apirequest]' type: '[]string' description: 'A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERLOG_CORS_ALLOW_METHODS: name: OCIS_CORS_ALLOW_METHODS;USERLOG_CORS_ALLOW_METHODS defaultValue: '[GET]' type: '[]string' description: 'A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERLOG_CORS_ALLOW_ORIGINS: name: OCIS_CORS_ALLOW_ORIGINS;USERLOG_CORS_ALLOW_ORIGINS defaultValue: '[*]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERLOG_DEBUG_ADDR: name: USERLOG_DEBUG_ADDR defaultValue: 127.0.0.1:9210 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERLOG_DEBUG_PPROF: name: USERLOG_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERLOG_DEBUG_TOKEN: name: USERLOG_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERLOG_DEBUG_ZPAGES: name: USERLOG_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERLOG_EVENTS_AUTH_PASSWORD: name: OCIS_EVENTS_AUTH_PASSWORD;USERLOG_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERLOG_EVENTS_AUTH_USERNAME: name: OCIS_EVENTS_AUTH_USERNAME;USERLOG_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERLOG_EVENTS_CLUSTER: name: OCIS_EVENTS_CLUSTER;USERLOG_EVENTS_CLUSTER defaultValue: ocis-cluster type: string description: The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERLOG_EVENTS_ENABLE_TLS: name: OCIS_EVENTS_ENABLE_TLS;USERLOG_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERLOG_EVENTS_ENDPOINT: name: OCIS_EVENTS_ENDPOINT;USERLOG_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERLOG_EVENTS_TLS_INSECURE: name: OCIS_INSECURE;USERLOG_EVENTS_TLS_INSECURE defaultValue: "false" type: bool description: Whether to verify the server TLS certificates. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERLOG_EVENTS_TLS_ROOT_CA_CERTIFICATE: name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;USERLOG_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. If provided NOTIFICATIONS_EVENTS_TLS_INSECURE will be seen as false. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERLOG_GLOBAL_NOTIFICATIONS_SECRET: name: USERLOG_GLOBAL_NOTIFICATIONS_SECRET defaultValue: "" type: string description: The secret to secure the global notifications endpoint. Only system admins and users knowing that secret can call the global notifications POST/DELETE endpoints. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERLOG_HTTP_ADDR: name: USERLOG_HTTP_ADDR defaultValue: 127.0.0.1:0 type: string description: The bind address of the HTTP service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERLOG_HTTP_ROOT: name: USERLOG_HTTP_ROOT defaultValue: / type: string description: Subdirectory that serves as the root for this HTTP service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERLOG_JWT_SECRET: name: OCIS_JWT_SECRET;USERLOG_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERLOG_LOG_COLOR: name: OCIS_LOG_COLOR;USERLOG_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERLOG_LOG_FILE: name: OCIS_LOG_FILE;USERLOG_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERLOG_LOG_LEVEL: name: OCIS_LOG_LEVEL;USERLOG_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERLOG_LOG_PRETTY: name: OCIS_LOG_PRETTY;USERLOG_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERLOG_SERVICE_ACCOUNT_ID: name: OCIS_SERVICE_ACCOUNT_ID;USERLOG_SERVICE_ACCOUNT_ID defaultValue: "" type: string description: The ID of the service account the service should use. See the 'auth-service' service description for more details. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERLOG_SERVICE_ACCOUNT_SECRET: name: OCIS_SERVICE_ACCOUNT_SECRET;USERLOG_SERVICE_ACCOUNT_SECRET defaultValue: "" type: string description: The service account secret. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERLOG_STORE: name: OCIS_PERSISTENT_STORE;USERLOG_STORE defaultValue: memory type: string description: 'The type of the store. Supported values are: ''memory'', ''ocmem'', ''etcd'', ''redis'', ''redis-sentinel'', ''nats-js'', ''noop''. See the text description for details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERLOG_STORE_AUTH_PASSWORD: name: OCIS_PERSISTENT_STORE_AUTH_PASSWORD;USERLOG_STORE_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERLOG_STORE_AUTH_USERNAME: name: OCIS_PERSISTENT_STORE_AUTH_USERNAME;USERLOG_STORE_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERLOG_STORE_DATABASE: name: USERLOG_STORE_DATABASE defaultValue: userlog type: string description: The database name the configured store should use. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERLOG_STORE_NODES: name: OCIS_PERSISTENT_STORE_NODES;USERLOG_STORE_NODES defaultValue: '[]' type: '[]string' description: A list of nodes to access the configured store. This has no effect when 'memory' or 'ocmem' stores are configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERLOG_STORE_SIZE: name: OCIS_PERSISTENT_STORE_SIZE;USERLOG_STORE_SIZE defaultValue: "0" type: int description: The maximum quantity of items in the store. Only applies when store type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package though not exclicitly set as default. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERLOG_STORE_TABLE: name: USERLOG_STORE_TABLE defaultValue: events type: string description: The database table the store should use. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERLOG_STORE_TTL: name: OCIS_PERSISTENT_STORE_TTL;USERLOG_STORE_TTL defaultValue: 336h0m0s type: Duration description: Time to live for events in the store. Defaults to '336h' (2 weeks). See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERLOG_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;USERLOG_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERLOG_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;USERLOG_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERLOG_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;USERLOG_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERLOG_TRACING_TYPE: name: OCIS_TRACING_TYPE;USERLOG_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERLOG_TRANSLATION_PATH: name: OCIS_TRANSLATION_PATH;USERLOG_TRANSLATION_PATH defaultValue: "" type: string description: (optional) Set this to a path with custom translations to overwrite the builtin translations. Note that file and folder naming rules apply, see the documentation for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_DEBUG_ADDR: name: USERS_DEBUG_ADDR defaultValue: 127.0.0.1:9145 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_DEBUG_PPROF: name: USERS_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_DEBUG_TOKEN: name: USERS_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_DEBUG_ZPAGES: name: USERS_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_DRIVER: name: USERS_DRIVER defaultValue: ldap type: string description: The driver which should be used by the users service. Supported values are 'ldap' and 'owncloudsql'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_GRPC_ADDR: name: USERS_GRPC_ADDR defaultValue: 127.0.0.1:9144 type: string description: The bind address of the GRPC service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_GRPC_PROTOCOL: name: USERS_GRPC_PROTOCOL defaultValue: tcp type: string description: The transport protocol of the GPRC service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_IDP_URL: name: OCIS_URL;OCIS_OIDC_ISSUER;USERS_IDP_URL defaultValue: https://localhost:9200 type: string description: The identity provider value to set in the userids of the CS3 user objects for users returned by this user provider. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_JWT_SECRET: name: OCIS_JWT_SECRET;USERS_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_LDAP_BIND_DN: name: OCIS_LDAP_BIND_DN;USERS_LDAP_BIND_DN defaultValue: uid=reva,ou=sysusers,o=libregraph-idm type: string description: LDAP DN to use for simple bind authentication with the target LDAP server. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_LDAP_BIND_PASSWORD: name: OCIS_LDAP_BIND_PASSWORD;USERS_LDAP_BIND_PASSWORD defaultValue: "" type: string description: Password to use for authenticating the 'bind_dn'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_LDAP_CACERT: name: OCIS_LDAP_CACERT;USERS_LDAP_CACERT defaultValue: /var/lib/ocis/idm/ldap.crt type: string description: Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/idm. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_LDAP_DISABLE_USER_MECHANISM: name: OCIS_LDAP_DISABLE_USER_MECHANISM;USERS_LDAP_DISABLE_USER_MECHANISM defaultValue: attribute type: string description: An option to control the behavior for disabling users. Valid options are 'none', 'attribute' and 'group'. If set to 'group', disabling a user via API will add the user to the configured group for disabled users, if set to 'attribute' this will be done in the ldap user entry, if set to 'none' the disable request is not processed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_LDAP_DISABLED_USERS_GROUP_DN: name: OCIS_LDAP_DISABLED_USERS_GROUP_DN;USERS_LDAP_DISABLED_USERS_GROUP_DN defaultValue: cn=DisabledUsersGroup,ou=groups,o=libregraph-idm type: string description: The distinguished name of the group to which added users will be classified as disabled when 'disable_user_mechanism' is set to 'group'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_LDAP_GROUP_BASE_DN: name: OCIS_LDAP_GROUP_BASE_DN;USERS_LDAP_GROUP_BASE_DN defaultValue: ou=groups,o=libregraph-idm type: string description: Search base DN for looking up LDAP groups. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_LDAP_GROUP_FILTER: name: OCIS_LDAP_GROUP_FILTER;USERS_LDAP_GROUP_FILTER defaultValue: "" type: string description: LDAP filter to add to the default filters for group searches. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_LDAP_GROUP_OBJECTCLASS: name: OCIS_LDAP_GROUP_OBJECTCLASS;USERS_LDAP_GROUP_OBJECTCLASS defaultValue: groupOfNames type: string description: The object class to use for groups in the default group search filter like 'groupOfNames'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_LDAP_GROUP_SCHEMA_DISPLAYNAME: name: OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME;USERS_LDAP_GROUP_SCHEMA_DISPLAYNAME defaultValue: cn type: string description: LDAP Attribute to use for the displayname of groups (often the same as groupname attribute). introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_LDAP_GROUP_SCHEMA_GROUPNAME: name: OCIS_LDAP_GROUP_SCHEMA_GROUPNAME;USERS_LDAP_GROUP_SCHEMA_GROUPNAME defaultValue: cn type: string description: LDAP Attribute to use for the name of groups. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_LDAP_GROUP_SCHEMA_ID: name: OCIS_LDAP_GROUP_SCHEMA_ID;USERS_LDAP_GROUP_SCHEMA_ID defaultValue: ownclouduuid type: string description: LDAP Attribute to use as the unique ID for groups. This should be a stable globally unique ID like a UUID. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING: name: OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;USERS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING defaultValue: "false" type: bool description: Set this to true if the defined 'id' attribute for groups is of the 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute of Active Directory for the group ID's. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_LDAP_GROUP_SCHEMA_MAIL: name: OCIS_LDAP_GROUP_SCHEMA_MAIL;USERS_LDAP_GROUP_SCHEMA_MAIL defaultValue: mail type: string description: LDAP Attribute to use for the email address of groups (can be empty). introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_LDAP_GROUP_SCHEMA_MEMBER: name: OCIS_LDAP_GROUP_SCHEMA_MEMBER;USERS_LDAP_GROUP_SCHEMA_MEMBER defaultValue: member type: string description: LDAP Attribute that is used for group members. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_LDAP_GROUP_SCOPE: name: OCIS_LDAP_GROUP_SCOPE;USERS_LDAP_GROUP_SCOPE defaultValue: sub type: string description: LDAP search scope to use when looking up groups. Supported values are 'base', 'one' and 'sub'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_LDAP_INSECURE: name: OCIS_LDAP_INSECURE;USERS_LDAP_INSECURE defaultValue: "false" type: bool description: Disable TLS certificate validation for the LDAP connections. Do not set this in production environments. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_LDAP_URI: name: OCIS_LDAP_URI;USERS_LDAP_URI defaultValue: ldaps://localhost:9235 type: string description: URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' and 'ldap://' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_LDAP_USER_BASE_DN: name: OCIS_LDAP_USER_BASE_DN;USERS_LDAP_USER_BASE_DN defaultValue: ou=users,o=libregraph-idm type: string description: Search base DN for looking up LDAP users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_LDAP_USER_ENABLED_ATTRIBUTE: name: OCIS_LDAP_USER_ENABLED_ATTRIBUTE;USERS_LDAP_USER_ENABLED_ATTRIBUTE defaultValue: ownCloudUserEnabled type: string description: LDAP attribute to use as a flag telling if the user is enabled or disabled. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_LDAP_USER_FILTER: name: OCIS_LDAP_USER_FILTER;USERS_LDAP_USER_FILTER defaultValue: "" type: string description: LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_LDAP_USER_OBJECTCLASS: name: OCIS_LDAP_USER_OBJECTCLASS;USERS_LDAP_USER_OBJECTCLASS defaultValue: inetOrgPerson type: string description: The object class to use for users in the default user search filter like 'inetOrgPerson'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_LDAP_USER_SCHEMA_DISPLAYNAME: name: OCIS_LDAP_USER_SCHEMA_DISPLAYNAME;USERS_LDAP_USER_SCHEMA_DISPLAYNAME defaultValue: displayname type: string description: LDAP Attribute to use for the displayname of users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_LDAP_USER_SCHEMA_ID: name: OCIS_LDAP_USER_SCHEMA_ID;USERS_LDAP_USER_SCHEMA_ID defaultValue: ownclouduuid type: string description: LDAP Attribute to use as the unique ID for users. This should be a stable globally unique ID like a UUID. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING: name: OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;USERS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING defaultValue: "false" type: bool description: Set this to true if the defined 'ID' attribute for users is of the 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute of Active Directory for the user ID's. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_LDAP_USER_SCHEMA_MAIL: name: OCIS_LDAP_USER_SCHEMA_MAIL;USERS_LDAP_USER_SCHEMA_MAIL defaultValue: mail type: string description: LDAP Attribute to use for the email address of users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_LDAP_USER_SCHEMA_USERNAME: name: OCIS_LDAP_USER_SCHEMA_USERNAME;USERS_LDAP_USER_SCHEMA_USERNAME defaultValue: uid type: string description: LDAP Attribute to use for username of users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_LDAP_USER_SCOPE: name: OCIS_LDAP_USER_SCOPE;USERS_LDAP_USER_SCOPE defaultValue: sub type: string description: LDAP search scope to use when looking up users. Supported values are 'base', 'one' and 'sub'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_LDAP_USER_SUBSTRING_FILTER_TYPE: name: LDAP_USER_SUBSTRING_FILTER_TYPE;USERS_LDAP_USER_SUBSTRING_FILTER_TYPE defaultValue: any type: string description: 'Type of substring search filter to use for substring searches for users. Possible values: ''initial'' for doing prefix only searches, ''final'' for doing suffix only searches or ''any'' for doing full substring searches' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_LDAP_USER_TYPE_ATTRIBUTE: name: OCIS_LDAP_USER_SCHEMA_USER_TYPE;USERS_LDAP_USER_TYPE_ATTRIBUTE defaultValue: ownCloudUserType type: string description: LDAP Attribute to distinguish between 'Member' and 'Guest' users. Default is 'ownCloudUserType'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_LOG_COLOR: name: OCIS_LOG_COLOR;USERS_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_LOG_FILE: name: OCIS_LOG_FILE;USERS_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_LOG_LEVEL: name: OCIS_LOG_LEVEL;USERS_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_LOG_PRETTY: name: OCIS_LOG_PRETTY;USERS_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_OWNCLOUDSQL_DB_HOST: name: USERS_OWNCLOUDSQL_DB_HOST defaultValue: mysql type: string description: Hostname of the database server. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_OWNCLOUDSQL_DB_NAME: name: USERS_OWNCLOUDSQL_DB_NAME defaultValue: owncloud type: string description: Name of the owncloud database. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_OWNCLOUDSQL_DB_PASSWORD: name: USERS_OWNCLOUDSQL_DB_PASSWORD defaultValue: secret type: string description: Password for the database user. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_OWNCLOUDSQL_DB_PORT: name: USERS_OWNCLOUDSQL_DB_PORT defaultValue: "3306" type: int description: Network port to use for the database connection. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_OWNCLOUDSQL_DB_USERNAME: name: USERS_OWNCLOUDSQL_DB_USERNAME defaultValue: owncloud type: string description: Database user to use for authenticating with the owncloud database. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_OWNCLOUDSQL_ENABLE_MEDIAL_SEARCH: name: USERS_OWNCLOUDSQL_ENABLE_MEDIAL_SEARCH defaultValue: "false" type: bool description: Allow 'medial search' when searching for users instead of just doing a prefix search. This allows finding 'Alice' when searching for 'lic'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_OWNCLOUDSQL_IDP: name: USERS_OWNCLOUDSQL_IDP defaultValue: https://localhost:9200 type: string description: The identity provider value to set in the userids of the CS3 user objects for users returned by this user provider. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_OWNCLOUDSQL_JOIN_OWNCLOUD_UUID: name: USERS_OWNCLOUDSQL_JOIN_OWNCLOUD_UUID defaultValue: "false" type: bool description: Join the user properties table to read user IDs. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_OWNCLOUDSQL_JOIN_USERNAME: name: USERS_OWNCLOUDSQL_JOIN_USERNAME defaultValue: "false" type: bool description: Join the user properties table to read usernames introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_OWNCLOUDSQL_NOBODY: name: USERS_OWNCLOUDSQL_NOBODY defaultValue: "90" type: int64 description: Fallback number if no numeric UID and GID properties are provided. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_SKIP_USER_GROUPS_IN_TOKEN: name: USERS_SKIP_USER_GROUPS_IN_TOKEN defaultValue: "false" type: bool description: Disables the loading of user's group memberships from the reva access token. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;USERS_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;USERS_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;USERS_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" USERS_TRACING_TYPE: name: OCIS_TRACING_TYPE;USERS_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_ASSET_APPS_PATH: name: WEB_ASSET_APPS_PATH defaultValue: /var/lib/ocis/web/assets/apps type: string description: Serve ownCloud Web apps assets from a path on the filesystem instead of the builtin assets. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/web/assets/apps introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_ASSET_CORE_PATH: name: WEB_ASSET_CORE_PATH defaultValue: /var/lib/ocis/web/assets/core type: string description: Serve ownCloud Web assets from a path on the filesystem instead of the builtin assets. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/web/assets/core introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_ASSET_PATH: name: WEB_ASSET_PATH defaultValue: "" type: string description: Serve ownCloud Web assets from a path on the filesystem instead of the builtin assets. introductionVersion: pre5.0 deprecationVersion: 5.1.0 removalVersion: 7.0.0 deprecationInfo: The WEB_ASSET_PATH is deprecated and will be removed in the future. WEB_ASSET_THEMES_PATH: name: OCIS_ASSET_THEMES_PATH;WEB_ASSET_THEMES_PATH defaultValue: /var/lib/ocis/web/assets/themes type: string description: Serve ownCloud themes from a path on the filesystem instead of the builtin assets. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/web/assets/themes introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_CACHE_TTL: name: WEB_CACHE_TTL defaultValue: "604800" type: int description: Cache policy in seconds for ownCloud Web assets. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_CORS_ALLOW_CREDENTIALS: name: OCIS_CORS_ALLOW_CREDENTIALS;WEB_CORS_ALLOW_CREDENTIALS defaultValue: "false" type: bool description: 'Allow credentials for CORS. See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_CORS_ALLOW_HEADERS: name: OCIS_CORS_ALLOW_HEADERS;WEB_CORS_ALLOW_HEADERS defaultValue: '[Origin Accept Content-Type Depth Authorization Ocs-Apirequest If-None-Match If-Match Destination Overwrite X-Request-Id X-Requested-With Tus-Resumable Tus-Checksum-Algorithm Upload-Concat Upload-Length Upload-Metadata Upload-Defer-Length Upload-Expires Upload-Checksum Upload-Offset X-HTTP-Method-Override]' type: '[]string' description: 'A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_CORS_ALLOW_METHODS: name: OCIS_CORS_ALLOW_METHODS;WEB_CORS_ALLOW_METHODS defaultValue: '[OPTIONS HEAD GET PUT PATCH POST DELETE MKCOL PROPFIND PROPPATCH MOVE COPY REPORT SEARCH]' type: '[]string' description: 'A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_CORS_ALLOW_ORIGINS: name: OCIS_CORS_ALLOW_ORIGINS;WEB_CORS_ALLOW_ORIGINS defaultValue: '[https://localhost:9200]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_DEBUG_ADDR: name: WEB_DEBUG_ADDR defaultValue: 127.0.0.1:9104 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_DEBUG_PPROF: name: WEB_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_DEBUG_TOKEN: name: WEB_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_DEBUG_ZPAGES: name: WEB_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_GATEWAY_GRPC_ADDR: name: WEB_GATEWAY_GRPC_ADDR defaultValue: com.owncloud.api.gateway type: string description: The bind address of the GRPC service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_HTTP_ADDR: name: WEB_HTTP_ADDR defaultValue: 127.0.0.1:9100 type: string description: The bind address of the HTTP service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_HTTP_ROOT: name: WEB_HTTP_ROOT defaultValue: / type: string description: Subdirectory that serves as the root for this HTTP service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_JWT_SECRET: name: OCIS_JWT_SECRET;WEB_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_LOG_COLOR: name: OCIS_LOG_COLOR;WEB_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_LOG_FILE: name: OCIS_LOG_FILE;WEB_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_LOG_LEVEL: name: OCIS_LOG_LEVEL;WEB_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_LOG_PRETTY: name: OCIS_LOG_PRETTY;WEB_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_OIDC_AUTHORITY: name: OCIS_URL;OCIS_OIDC_ISSUER;WEB_OIDC_AUTHORITY defaultValue: https://localhost:9200 type: string description: URL of the OIDC issuer. It defaults to URL of the builtin IDP. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_OIDC_CLIENT_ID: name: OCIS_OIDC_CLIENT_ID;WEB_OIDC_CLIENT_ID defaultValue: web type: string description: The OIDC client ID which ownCloud Web uses. This client needs to be set up in your IDP. Note that this setting has no effect when using the builtin IDP. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_OIDC_METADATA_URL: name: WEB_OIDC_METADATA_URL defaultValue: https://localhost:9200/.well-known/openid-configuration type: string description: URL for the OIDC well-known configuration endpoint. Defaults to the oCIS API URL + '/.well-known/openid-configuration'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_OIDC_POST_LOGOUT_REDIRECT_URI: name: WEB_OIDC_POST_LOGOUT_REDIRECT_URI defaultValue: "" type: string description: This value needs to point to a valid and reachable web page. The web client will trigger a redirect to that page directly after the logout action. The default value is empty and redirects to the login page. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_OIDC_RESPONSE_TYPE: name: WEB_OIDC_RESPONSE_TYPE defaultValue: code type: string description: The OIDC response type to use for authentication. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_OIDC_SCOPE: name: WEB_OIDC_SCOPE defaultValue: openid profile email type: string description: OIDC scopes to request during authentication to authorize access to user details. Defaults to 'openid profile email'. Values are separated by blank. More example values but not limited to are 'address' or 'phone' etc. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_OPTION_CONCURRENT_REQUESTS_RESOURCE_BATCH_ACTIONS: name: WEB_OPTION_CONCURRENT_REQUESTS_RESOURCE_BATCH_ACTIONS defaultValue: "0" type: int description: Defines the maximum number of concurrent requests per file/folder/space batch action. Defaults to 4. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_OPTION_CONCURRENT_REQUESTS_SHARES_CREATE: name: WEB_OPTION_CONCURRENT_REQUESTS_SHARES_CREATE defaultValue: "0" type: int description: Defines the maximum number of concurrent requests per sharing invite batch. Defaults to 4. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_OPTION_CONCURRENT_REQUESTS_SHARES_LIST: name: WEB_OPTION_CONCURRENT_REQUESTS_SHARES_LIST defaultValue: "0" type: int description: Defines the maximum number of concurrent requests when loading individual share information inside listings. Defaults to 2. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_OPTION_CONCURRENT_REQUESTS_SSE: name: WEB_OPTION_CONCURRENT_REQUESTS_SSE defaultValue: "0" type: int description: Defines the maximum number of concurrent requests in SSE event handlers. Defaults to 4. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_OPTION_CONTEXTHELPERS_READ_MORE: name: WEB_OPTION_CONTEXTHELPERS_READ_MORE defaultValue: "true" type: bool description: Specifies whether the 'Read more' link should be displayed or not. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_OPTION_DISABLE_FEEDBACK_LINK: name: WEB_OPTION_DISABLE_FEEDBACK_LINK defaultValue: "false" type: bool description: Set this option to 'true' to disable the feedback link in the top bar. Keeping it enabled by setting the value to 'false' or with the absence of the option, allows ownCloud to get feedback from your user base through a dedicated survey website. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_OPTION_DISABLE_PREVIEWS: name: OCIS_DISABLE_PREVIEWS;WEB_OPTION_DISABLE_PREVIEWS defaultValue: "false" type: bool description: Set this option to 'true' to disable previews in all the different web file listing views. This can speed up file listings in folders with many files. The only list view that is not affected by this setting is the trash bin, as it does not allow previewing at all. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_OPTION_DISABLED_EXTENSIONS: name: WEB_OPTION_DISABLED_EXTENSIONS defaultValue: '[]' type: '[]string' description: 'A list to disable specific Web extensions identified by their ID. The ID can e.g. be taken from the ''index.ts'' file of the web extension. Example: ''com.github.owncloud.web.files.search,com.github.owncloud.web.files.print''. See the Environment Variable Types description for more details.' introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_OPTION_HOME_FOLDER: name: WEB_OPTION_HOME_FOLDER defaultValue: "" type: string description: Specifies a folder that is used when the user navigates 'home'. Navigating home gets triggered by clicking on the 'All files' menu item. The user will not be jailed in that directory, it simply serves as a default location. A static location can be provided, or variables of the user object to come up with a user specific home path can be used. This uses the twig template variable style and allows picking a value or a substring of a value of the authenticated user. Examples are '/Shares', '/{{.Id}}' and '/{{substr 0 3 .Id}}/{{.Id}'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_OPTION_HOVERABLE_QUICK_ACTIONS: name: WEB_OPTION_HOVERABLE_QUICK_ACTIONS defaultValue: "false" type: bool description: Set this option to 'true' to hide quick actions (buttons appearing on file rows) and only show them when the user hovers over the row with his mouse. Defaults to 'false'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_OPTION_LOGIN_URL: name: WEB_OPTION_LOGIN_URL defaultValue: "" type: string description: 'Specifies the target URL to the login page. This is helpful when an external IdP is used. This option is disabled by default. Example URL like: https://www.myidp.com/login.' introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_OPTION_LOGOUT_URL: name: WEB_OPTION_LOGOUT_URL defaultValue: "" type: string description: Adds a link to the user's profile page to point him to an external page, where he can manage his session and devices. This is helpful when an external IdP is used. This option is disabled by default. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_OPTION_OPEN_APPS_IN_TAB: name: WEB_OPTION_OPEN_APPS_IN_TAB defaultValue: "false" type: bool description: Configures whether apps and extensions should generally open in a new tab. Defaults to false. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_OPTION_OPEN_LINKS_WITH_DEFAULT_APP: name: WEB_OPTION_OPEN_LINKS_WITH_DEFAULT_APP defaultValue: "true" type: bool description: Specifies whether single file link shares should be opened with the default app or not. If not opened by the default app, the Web UI just displays the file details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_OPTION_PREVIEW_FILE_MIMETYPES: name: WEB_OPTION_PREVIEW_FILE_MIMETYPES defaultValue: '[image/gif image/png image/jpeg text/plain image/tiff image/bmp image/x-ms-bmp application/vnd.geogebra.slides]' type: '[]string' description: A list of mimeTypes to specify which ones will be previewed in the UI. For example, to only preview jpg and text files, set this option to 'image/jpeg,text/plain'. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_OPTION_ROUTING_ID_BASED: name: WEB_OPTION_ROUTING_ID_BASED defaultValue: "true" type: bool description: 'Enable or disable fileIds being added to the URL. Defaults to ''true'', because otherwise spaces with name clashes cannot be resolved correctly. Note: Only disable this if you can guarantee on the server side, that spaces of the same namespace cannot have name clashes.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_OPTION_RUNNING_ON_EOS: name: WEB_OPTION_RUNNING_ON_EOS defaultValue: "false" type: bool description: Set this option to 'true' if running on an EOS storage backend (https://eos-web.web.cern.ch/eos-web/) to enable its specific features. Defaults to 'false'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_OPTION_SHARING_RECIPIENTS_PER_PAGE: name: WEB_OPTION_SHARING_RECIPIENTS_PER_PAGE defaultValue: "200" type: int description: Sets the number of users shown as recipients in the dropdown menu when sharing resources. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_OPTION_SIDEBAR_SHARES_SHOW_ALL_ON_LOAD: name: WEB_OPTION_SIDEBAR_SHARES_SHOW_ALL_ON_LOAD defaultValue: "false" type: bool description: Sets the list of the (link) shares list in the sidebar to be initially expanded. Default is a collapsed state, only showing the first three shares. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_OPTION_TOKEN_STORAGE_LOCAL: name: WEB_OPTION_TOKEN_STORAGE_LOCAL defaultValue: "true" type: bool description: Specifies whether the access token will be stored in the local storage when set to 'true' or in the session storage when set to 'false'. If stored in the local storage, login state will be persisted across multiple browser tabs, means no additional logins are required. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_OPTION_USER_LIST_REQUIRES_FILTER: name: WEB_OPTION_USER_LIST_REQUIRES_FILTER defaultValue: "false" type: bool description: Defines whether one or more filters must be set in order to list users in the Web admin settings. Set this option to 'true' if running in an environment with a lot of users and listing all users could slow down performance. Defaults to 'false'. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;WEB_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;WEB_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;WEB_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_TRACING_TYPE: name: OCIS_TRACING_TYPE;WEB_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_UI_CONFIG_FILE: name: WEB_UI_CONFIG_FILE defaultValue: "" type: string description: Read the ownCloud Web json based configuration from this path/file. The config file takes precedence over WEB_OPTION_xxx environment variables. See the text description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_UI_CONFIG_SERVER: name: OCIS_URL;WEB_UI_CONFIG_SERVER defaultValue: https://localhost:9200 type: string description: URL, where the oCIS APIs are reachable for ownCloud Web. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_UI_THEME_PATH: name: WEB_UI_THEME_PATH defaultValue: /themes/owncloud/theme.json type: string description: Path to the theme json file. Will be appended to the URL of the theme server. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEB_UI_THEME_SERVER: name: OCIS_URL;WEB_UI_THEME_SERVER defaultValue: https://localhost:9200 type: string description: Base URL to load themes from. Will be prepended to the theme path. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBDAV_CORS_ALLOW_CREDENTIALS: name: OCIS_CORS_ALLOW_CREDENTIALS;WEBDAV_CORS_ALLOW_CREDENTIALS defaultValue: "true" type: bool description: 'Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBDAV_CORS_ALLOW_HEADERS: name: OCIS_CORS_ALLOW_HEADERS;WEBDAV_CORS_ALLOW_HEADERS defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id Cache-Control]' type: '[]string' description: 'A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBDAV_CORS_ALLOW_METHODS: name: OCIS_CORS_ALLOW_METHODS;WEBDAV_CORS_ALLOW_METHODS defaultValue: '[GET POST PUT PATCH DELETE OPTIONS]' type: '[]string' description: 'A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBDAV_CORS_ALLOW_ORIGINS: name: OCIS_CORS_ALLOW_ORIGINS;WEBDAV_CORS_ALLOW_ORIGINS defaultValue: '[*]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBDAV_DEBUG_ADDR: name: WEBDAV_DEBUG_ADDR defaultValue: 127.0.0.1:9119 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBDAV_DEBUG_PPROF: name: WEBDAV_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBDAV_DEBUG_TOKEN: name: WEBDAV_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBDAV_DEBUG_ZPAGES: name: WEBDAV_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBDAV_DISABLE_PREVIEWS: name: OCIS_DISABLE_PREVIEWS;WEBDAV_DISABLE_PREVIEWS defaultValue: "false" type: bool description: Set this option to 'true' to disable rendering of thumbnails triggered via webdav access. Note that when disabled, all access to preview related webdav paths will return a 404. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBDAV_HTTP_ADDR: name: WEBDAV_HTTP_ADDR defaultValue: 127.0.0.1:9115 type: string description: The bind address of the HTTP service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBDAV_HTTP_ROOT: name: WEBDAV_HTTP_ROOT defaultValue: / type: string description: Subdirectory that serves as the root for this HTTP service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBDAV_LOG_COLOR: name: OCIS_LOG_COLOR;WEBDAV_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBDAV_LOG_FILE: name: OCIS_LOG_FILE;WEBDAV_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBDAV_LOG_LEVEL: name: OCIS_LOG_LEVEL;WEBDAV_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBDAV_LOG_PRETTY: name: OCIS_LOG_PRETTY;WEBDAV_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBDAV_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;WEBDAV_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBDAV_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;WEBDAV_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBDAV_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;WEBDAV_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBDAV_TRACING_TYPE: name: OCIS_TRACING_TYPE;WEBDAV_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBDAV_WEBDAV_NAMESPACE: name: WEBDAV_WEBDAV_NAMESPACE defaultValue: /users/{{.Id.OpaqueId}} type: string description: CS3 path layout to use when forwarding /webdav requests introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBFINGER_CORS_ALLOW_CREDENTIALS: name: OCIS_CORS_ALLOW_CREDENTIALS;WEBFINGER_CORS_ALLOW_CREDENTIALS defaultValue: "false" type: bool description: 'Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBFINGER_CORS_ALLOW_HEADERS: name: OCIS_CORS_ALLOW_HEADERS;WEBFINGER_CORS_ALLOW_HEADERS defaultValue: '[]' type: '[]string' description: 'A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBFINGER_CORS_ALLOW_METHODS: name: OCIS_CORS_ALLOW_METHODS;WEBFINGER_CORS_ALLOW_METHODS defaultValue: '[]' type: '[]string' description: 'A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBFINGER_CORS_ALLOW_ORIGINS: name: OCIS_CORS_ALLOW_ORIGINS;WEBFINGER_CORS_ALLOW_ORIGINS defaultValue: '[https://localhost:9200]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBFINGER_DEBUG_ADDR: name: WEBFINGER_DEBUG_ADDR defaultValue: 127.0.0.1:0 type: string description: Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBFINGER_DEBUG_PPROF: name: WEBFINGER_DEBUG_PPROF defaultValue: "false" type: bool description: Enables pprof, which can be used for profiling. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBFINGER_DEBUG_TOKEN: name: WEBFINGER_DEBUG_TOKEN defaultValue: "" type: string description: Token to secure the metrics endpoint. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBFINGER_DEBUG_ZPAGES: name: WEBFINGER_DEBUG_ZPAGES defaultValue: "false" type: bool description: Enables zpages, which can be used for collecting and viewing in-memory traces. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBFINGER_HTTP_ADDR: name: WEBFINGER_HTTP_ADDR defaultValue: 127.0.0.1:0 type: string description: The bind address of the HTTP service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBFINGER_HTTP_ROOT: name: WEBFINGER_HTTP_ROOT defaultValue: / type: string description: Subdirectory that serves as the root for this HTTP service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBFINGER_INSECURE: name: OCIS_INSECURE;WEBFINGER_INSECURE defaultValue: "false" type: bool description: Allow insecure connections to the WEBFINGER service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBFINGER_LOG_COLOR: name: OCIS_LOG_COLOR;WEBFINGER_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBFINGER_LOG_FILE: name: OCIS_LOG_FILE;WEBFINGER_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBFINGER_LOG_LEVEL: name: OCIS_LOG_LEVEL;WEBFINGER_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', ''warn'', ''info'', ''debug'', ''trace''.' introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBFINGER_LOG_PRETTY: name: OCIS_LOG_PRETTY;WEBFINGER_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBFINGER_OIDC_ISSUER: name: OCIS_URL;OCIS_OIDC_ISSUER;WEBFINGER_OIDC_ISSUER defaultValue: https://localhost:9200 type: string description: The identity provider href for the openid-discovery relation. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBFINGER_OWNCLOUD_SERVER_INSTANCE_URL: name: OCIS_URL;WEBFINGER_OWNCLOUD_SERVER_INSTANCE_URL defaultValue: https://localhost:9200 type: string description: The URL for the legacy ownCloud server instance relation (not to be confused with the product ownCloud Server). It defaults to the OCIS_URL but can be overridden to support some reverse proxy corner cases. To shard the deployment, multiple instances can be configured in the configuration file. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBFINGER_RELATIONS: name: WEBFINGER_RELATIONS defaultValue: '[http://openid.net/specs/connect/1.0/issuer http://webfinger.owncloud/rel/server-instance]' type: '[]string' description: A list of relation URIs or registered relation types to add to webfinger responses. See the Environment Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBFINGER_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;WEBFINGER_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBFINGER_TRACING_ENABLED: name: OCIS_TRACING_ENABLED;WEBFINGER_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBFINGER_TRACING_ENDPOINT: name: OCIS_TRACING_ENDPOINT;WEBFINGER_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" WEBFINGER_TRACING_TYPE: name: OCIS_TRACING_TYPE;WEBFINGER_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: ""