Andreas/wekan
1
0
Fork 0
mirror of https://github.com/wekan/wekan.git synced 2025-12-16 15:30:13 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

- Add CORS https://enable-cors.org/server_meteor.html

Browse source 
- Add missing LDAP and TIMER environment variables.

Thanks to xet7 !

Closes wekan/wekan-snap#69
This commit is contained in:
Lauri Ojansivu 2018-12-03 16:05:24 +02:00
parent fa6b2e5679
commit b788deb002
10 changed files with 464 additions and 310 deletions
Download patch file Download diff file Expand all files Collapse all files

4
Dockerfile
View file

@ -69,6 +69,7 @@ ARG LOGOUT_WITH_TIMER
ARG LOGOUT_IN ARG LOGOUT_IN
ARG LOGOUT_ON_HOURS ARG LOGOUT_ON_HOURS
ARG LOGOUT_ON_MINUTES ARG LOGOUT_ON_MINUTES
ARG CORS
# Set the environment variables (defaults where required) # Set the environment variables (defaults where required)
# DOES NOT WORK: paxctl fix for alpine linux: https://github.com/wekan/wekan/issues/1303 # DOES NOT WORK: paxctl fix for alpine linux: https://github.com/wekan/wekan/issues/1303
@ -140,7 +141,8 @@ ENV BUILD_DEPS="apt-utils bsdtar gnupg gosu wget curl bzip2 build-essential pyth
LOGOUT_WITH_TIMER="false" \ LOGOUT_WITH_TIMER="false" \
LOGOUT_IN="" \ LOGOUT_IN="" \
LOGOUT_ON_HOURS="" \ LOGOUT_ON_HOURS="" \
LOGOUT_ON_MINUTES="" LOGOUT_ON_MINUTES="" \
CORS=""
# Copy the app to the image # Copy the app to the image
COPY ${SRC_PATH} /home/wekan/app COPY ${SRC_PATH} /home/wekan/app

14
docker-compose-build.yml
View file

@ -45,6 +45,8 @@ services:
# Wekan Export Board works when WITH_API=true. # Wekan Export Board works when WITH_API=true.
# If you disable Wekan API with false, Export Board does not work. # If you disable Wekan API with false, Export Board does not work.
- WITH_API=true - WITH_API=true
# CORS: Set Access-Control-Allow-Origin header. Example: *
#- CORS=*
# Optional: Integration with Matomo https://matomo.org that is installed to your server # Optional: Integration with Matomo https://matomo.org that is installed to your server
# The address of the server where Matomo is hosted. # The address of the server where Matomo is hosted.
# example: - MATOMO_ADDRESS=https://example.com/matomo # example: - MATOMO_ADDRESS=https://example.com/matomo
@ -209,6 +211,18 @@ services:
# LDAP_DEFAULT_DOMAIN : The default domain of the ldap it is used to create email if the field is not map correctly with the LDAP_SYNC_USER_DATA_FIELDMAP # LDAP_DEFAULT_DOMAIN : The default domain of the ldap it is used to create email if the field is not map correctly with the LDAP_SYNC_USER_DATA_FIELDMAP
# example : # example :
#- LDAP_DEFAULT_DOMAIN= #- LDAP_DEFAULT_DOMAIN=
# LOGOUT_WITH_TIMER : Enables or not the option logout with timer
# example : LOGOUT_WITH_TIMER=true
#- LOGOUT_WITH_TIMER=
# LOGOUT_IN : The number of days
# example : LOGOUT_IN=1
#- LOGOUT_IN=
# LOGOUT_ON_HOURS : The number of hours
# example : LOGOUT_ON_HOURS=9
#- LOGOUT_ON_HOURS=
# LOGOUT_ON_MINUTES : The number of minutes
# example : LOGOUT_ON_MINUTES=55
#- LOGOUT_ON_MINUTES=
depends_on: depends_on:
- wekandb - wekandb

15
docker-compose-postgresql.yml
View file

@ -67,6 +67,8 @@ services:
# Wekan Export Board works when WITH_API='true'. # Wekan Export Board works when WITH_API='true'.
# If you disable Wekan API, Export Board does not work. # If you disable Wekan API, Export Board does not work.
- WITH_API=true - WITH_API=true
# CORS: Set Access-Control-Allow-Origin header. Example: *
#- CORS=*
# Optional: Integration with Matomo https://matomo.org that is installed to your server # Optional: Integration with Matomo https://matomo.org that is installed to your server
# The address of the server where Matomo is hosted. # The address of the server where Matomo is hosted.
# example: - MATOMO_ADDRESS=https://example.com/matomo # example: - MATOMO_ADDRESS=https://example.com/matomo
@ -231,7 +233,18 @@ services:
# LDAP_DEFAULT_DOMAIN : The default domain of the ldap it is used to create email if the field is not map correctly with the LDAP_SYNC_USER_DATA_FIELDMAP # LDAP_DEFAULT_DOMAIN : The default domain of the ldap it is used to create email if the field is not map correctly with the LDAP_SYNC_USER_DATA_FIELDMAP
# example : # example :
#- LDAP_DEFAULT_DOMAIN= #- LDAP_DEFAULT_DOMAIN=
# LOGOUT_WITH_TIMER : Enables or not the option logout with timer
# example : LOGOUT_WITH_TIMER=true
#- LOGOUT_WITH_TIMER=
# LOGOUT_IN : The number of days
# example : LOGOUT_IN=1
#- LOGOUT_IN=
# LOGOUT_ON_HOURS : The number of hours
# example : LOGOUT_ON_HOURS=9
#- LOGOUT_ON_HOURS=
# LOGOUT_ON_MINUTES : The number of minutes
# example : LOGOUT_ON_MINUTES=55
#- LOGOUT_ON_MINUTES=
depends_on: depends_on:
- mongodb - mongodb

2
docker-compose.yml
View file

@ -34,6 +34,8 @@ services:
# Wekan Export Board works when WITH_API=true. # Wekan Export Board works when WITH_API=true.
# If you disable Wekan API with false, Export Board does not work. # If you disable Wekan API with false, Export Board does not work.
- WITH_API=true - WITH_API=true
# CORS: Set Access-Control-Allow-Origin header. Example: *
#- CORS=*
# Optional: Integration with Matomo https://matomo.org that is installed to your server # Optional: Integration with Matomo https://matomo.org that is installed to your server
# The address of the server where Matomo is hosted. # The address of the server where Matomo is hosted.
# example: - MATOMO_ADDRESS=https://example.com/matomo # example: - MATOMO_ADDRESS=https://example.com/matomo

14
releases/virtualbox/start-wekan.sh
View file

@ -22,6 +22,9 @@
# If you disable Wekan API, Export Board does not work. # If you disable Wekan API, Export Board does not work.
export WITH_API='true' export WITH_API='true'
#--------------------------------------------- #---------------------------------------------
# CORS: Set Access-Control-Allow-Origin header. Example: *
#- CORS=*
#---------------------------------------------
## Optional: Integration with Matomo https://matomo.org that is installed to your server ## Optional: Integration with Matomo https://matomo.org that is installed to your server
## The address of the server where Matomo is hosted: ## The address of the server where Matomo is hosted:
##export MATOMO_ADDRESS=https://example.com/matomo ##export MATOMO_ADDRESS=https://example.com/matomo
@ -187,6 +190,17 @@
# LDAP_DEFAULT_DOMAIN : The default domain of the ldap it is used to create email if the field is not map correctly with the LDAP_SYNC_USER_DATA_FIELDMAP # LDAP_DEFAULT_DOMAIN : The default domain of the ldap it is used to create email if the field is not map correctly with the LDAP_SYNC_USER_DATA_FIELDMAP
# example : # example :
#export LDAP_DEFAULT_DOMAIN= #export LDAP_DEFAULT_DOMAIN=
# LOGOUT_WITH_TIMER : Enables or not the option logout with timer
# example : LOGOUT_WITH_TIMER=true
#- LOGOUT_WITH_TIMER=
# LOGOUT_IN : The number of days
# example : LOGOUT_IN=1
#- LOGOUT_IN=
#- LOGOUT_ON_HOURS=
# LOGOUT_ON_MINUTES : The number of minutes
# example : LOGOUT_ON_MINUTES=55
#- LOGOUT_ON_MINUTES=
node main.js & >> ~/repos/wekan.log node main.js & >> ~/repos/wekan.log
cd ~/repos cd ~/repos
#done #done

11
server/cors.js Normal file
View file

@ -0,0 +1,11 @@
Meteor.startup(() => {
if ( process.env.CORS ) {
// Listen to incoming HTTP requests, can only be used on the server
WebApp.rawConnectHandlers.use(function(req, res, next) {
res.setHeader('Access-Control-Allow-Origin', process.env.CORS);
return next();
});
}
});

6
snap-src/bin/config
View file

@ -3,7 +3,7 @@
# All supported keys are defined here together with descriptions and default values # All supported keys are defined here together with descriptions and default values
# list of supported keys # list of supported keys
keys="MONGODB_BIND_UNIX_SOCKET MONGODB_BIND_IP MONGODB_PORT MAIL_URL MAIL_FROM ROOT_URL PORT DISABLE_MONGODB CADDY_ENABLED CADDY_BIND_PORT WITH_API MATOMO_ADDRESS MATOMO_SITE_ID MATOMO_DO_NOT_TRACK MATOMO_WITH_USERNAME BROWSER_POLICY_ENABLED TRUSTED_URL WEBHOOKS_ATTRIBUTES OAUTH2_ENABLED OAUTH2_CLIENT_ID OAUTH2_SECRET OAUTH2_SERVER_URL OAUTH2_AUTH_ENDPOINT OAUTH2_USERINFO_ENDPOINT OAUTH2_TOKEN_ENDPOINT LDAP_ENABLE LDAP_PORT LDAP_HOST LDAP_BASEDN LDAP_LOGIN_FALLBACK LDAP_RECONNECT LDAP_TIMEOUT LDAP_IDLE_TIMEOUT LDAP_CONNECT_TIMEOUT LDAP_AUTHENTIFICATION LDAP_AUTHENTIFICATION_USERDN LDAP_AUTHENTIFICATION_PASSWORD LDAP_LOG_ENABLED LDAP_BACKGROUND_SYNC LDAP_BACKGROUND_SYNC_INTERVAL LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS LDAP_ENCRYPTION LDAP_CA_CERT LDAP_REJECT_UNAUTHORIZED LDAP_USER_SEARCH_FILTER LDAP_USER_SEARCH_SCOPE LDAP_USER_SEARCH_FIELD LDAP_SEARCH_PAGE_SIZE LDAP_SEARCH_SIZE_LIMIT LDAP_GROUP_FILTER_ENABLE LDAP_GROUP_FILTER_OBJECTCLASS LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT LDAP_GROUP_FILTER_GROUP_NAME LDAP_UNIQUE_IDENTIFIER_FIELD LDAP_UTF8_NAMES_SLUGIFY LDAP_USERNAME_FIELD LDAP_FULLNAME_FIELD LDAP_MERGE_EXISTING_USERS LDAP_SYNC_USER_DATA LDAP_SYNC_USER_DATA_FIELDMAP LDAP_SYNC_GROUP_ROLES LDAP_DEFAULT_DOMAIN LOGOUT_WITH_TIMER, LOGOUT_IN, LOGOUT_ON_HOURS, LOGOUT_ON_MINUTES" keys="MONGODB_BIND_UNIX_SOCKET MONGODB_BIND_IP MONGODB_PORT MAIL_URL MAIL_FROM ROOT_URL PORT DISABLE_MONGODB CADDY_ENABLED CADDY_BIND_PORT WITH_API CORS MATOMO_ADDRESS MATOMO_SITE_ID MATOMO_DO_NOT_TRACK MATOMO_WITH_USERNAME BROWSER_POLICY_ENABLED TRUSTED_URL WEBHOOKS_ATTRIBUTES OAUTH2_ENABLED OAUTH2_CLIENT_ID OAUTH2_SECRET OAUTH2_SERVER_URL OAUTH2_AUTH_ENDPOINT OAUTH2_USERINFO_ENDPOINT OAUTH2_TOKEN_ENDPOINT LDAP_ENABLE LDAP_PORT LDAP_HOST LDAP_BASEDN LDAP_LOGIN_FALLBACK LDAP_RECONNECT LDAP_TIMEOUT LDAP_IDLE_TIMEOUT LDAP_CONNECT_TIMEOUT LDAP_AUTHENTIFICATION LDAP_AUTHENTIFICATION_USERDN LDAP_AUTHENTIFICATION_PASSWORD LDAP_LOG_ENABLED LDAP_BACKGROUND_SYNC LDAP_BACKGROUND_SYNC_INTERVAL LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS LDAP_ENCRYPTION LDAP_CA_CERT LDAP_REJECT_UNAUTHORIZED LDAP_USER_SEARCH_FILTER LDAP_USER_SEARCH_SCOPE LDAP_USER_SEARCH_FIELD LDAP_SEARCH_PAGE_SIZE LDAP_SEARCH_SIZE_LIMIT LDAP_GROUP_FILTER_ENABLE LDAP_GROUP_FILTER_OBJECTCLASS LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT LDAP_GROUP_FILTER_GROUP_NAME LDAP_UNIQUE_IDENTIFIER_FIELD LDAP_UTF8_NAMES_SLUGIFY LDAP_USERNAME_FIELD LDAP_FULLNAME_FIELD LDAP_MERGE_EXISTING_USERS LDAP_SYNC_USER_DATA LDAP_SYNC_USER_DATA_FIELDMAP LDAP_SYNC_GROUP_ROLES LDAP_DEFAULT_DOMAIN LOGOUT_WITH_TIMER, LOGOUT_IN, LOGOUT_ON_HOURS, LOGOUT_ON_MINUTES"
# default values # default values
DESCRIPTION_MONGODB_BIND_UNIX_SOCKET="mongodb binding unix socket:\n"\ DESCRIPTION_MONGODB_BIND_UNIX_SOCKET="mongodb binding unix socket:\n"\
@ -52,6 +52,10 @@ DESCRIPTION_WITH_API="Enable/disable the api of wekan"
DEFAULT_WITH_API="true" DEFAULT_WITH_API="true"
KEY_WITH_API="with-api" KEY_WITH_API="with-api"
DESCRIPTION_CORS="Enable/disable CORS: Set Access-Control-Allow-Origin header. Example: *"
DEFAULT_CORS=""
KEY_CORS="cors"
DESCRIPTION_MATOMO_ADDRESS="The address of the server where matomo is hosted" DESCRIPTION_MATOMO_ADDRESS="The address of the server where matomo is hosted"
DEFAULT_MATOMO_ADDRESS="" DEFAULT_MATOMO_ADDRESS=""
KEY_MATOMO_ADDRESS="matomo-address" KEY_MATOMO_ADDRESS="matomo-address"

5
snap-src/bin/wekan-help
View file

@ -33,6 +33,11 @@ echo -e "\t$ snap set $SNAP_NAME WITH_API='true'"
echo -e "\t-Disable the API:" echo -e "\t-Disable the API:"
echo -e "\t$ snap set $SNAP_NAME WITH_API='false'" echo -e "\t$ snap set $SNAP_NAME WITH_API='false'"
echo -e "\n" echo -e "\n"
echo -e "To enable the CORS of wekan, to set Access-Control-Allow-Origin header:"
echo -e "\t$ snap set $SNAP_NAME CORS='*'"
echo -e "\t-Disable the CORS:"
echo -e "\t$ snap set $SNAP_NAME CORS=''"
echo -e "\n"
echo -e "Enable browser policy and allow one trusted URL that can have iframe that has Wekan embedded inside." echo -e "Enable browser policy and allow one trusted URL that can have iframe that has Wekan embedded inside."
echo -e "\t\t Setting this to false is not recommended, it also disables all other browser policy protections" echo -e "\t\t Setting this to false is not recommended, it also disables all other browser policy protections"
echo -e "\t\t and allows all iframing etc. See wekan/server/policy.js" echo -e "\t\t and allows all iframing etc. See wekan/server/policy.js"

290
start-wekan.bat
View file

@ -4,175 +4,245 @@ SET MAIL_URL=smtp://user:pass@mailserver.example.com:25/
SET MAIL_FROM=admin@example.com SET MAIL_FROM=admin@example.com
SET PORT=2000 SET PORT=2000
REM If you disable Wekan API with false, Export Board does not work. REM # If you disable Wekan API with false, Export Board does not work.
SET WITH_API=true SET WITH_API=true
REM Optional: Integration with Matomo https://matomo.org that is installed to your server REM # Optional: Integration with Matomo https://matomo.org that is installed to your server
REM The address of the server where Matomo is hosted. REM # The address of the server where Matomo is hosted.
REM example: - MATOMO_ADDRESS=https://example.com/matomo REM # example: - MATOMO_ADDRESS=https://example.com/matomo
REM SET MATOMO_ADDRESS= REM SET MATOMO_ADDRESS=
REM The value of the site ID given in Matomo server for Wekan
REM example: - MATOMO_SITE_ID=12345 REM # The value of the site ID given in Matomo server for Wekan
REM # example: - MATOMO_SITE_ID=12345
REM SET MATOMO_SITE_ID= REM SET MATOMO_SITE_ID=
REM The option do not track which enables users to not be tracked by matomo
REM example: - MATOMO_DO_NOT_TRACK=false REM # The option do not track which enables users to not be tracked by matomo
REM # example: - MATOMO_DO_NOT_TRACK=false
REM SET MATOMO_DO_NOT_TRACK= REM SET MATOMO_DO_NOT_TRACK=
REM The option that allows matomo to retrieve the username:
REM example: MATOMO_WITH_USERNAME=true REM # The option that allows matomo to retrieve the username:
REM # example: MATOMO_WITH_USERNAME=true
REM SET MATOMO_WITH_USERNAME=false REM SET MATOMO_WITH_USERNAME=false
REM Enable browser policy and allow one trusted URL that can have iframe that has Wekan embedded inside. REM # Enable browser policy and allow one trusted URL that can have iframe that has Wekan embedded inside.
REM Setting this to false is not recommended, it also disables all other browser policy protections REM # Setting this to false is not recommended, it also disables all other browser policy protections
REM and allows all iframing etc. See wekan/server/policy.js REM # and allows all iframing etc. See wekan/server/policy.js
SET BROWSER_POLICY_ENABLED=true SET BROWSER_POLICY_ENABLED=true
REM When browser policy is enabled, HTML code at this Trusted URL can have iframe that embeds Wekan inside.
REM # When browser policy is enabled, HTML code at this Trusted URL can have iframe that embeds Wekan inside.
REM SET TRUSTED_URL= REM SET TRUSTED_URL=
REM What to send to Outgoing Webhook, or leave out. Example, that includes all that are default: cardId,listId,oldListId,boardId,comment,user,card,commentId . REM # What to send to Outgoing Webhook, or leave out. Example, that includes all that are default: cardId,listId,oldListId,boardId,comment,user,card,commentId .
REM example: WEBHOOKS_ATTRIBUTES=cardId,listId,oldListId,boardId,comment,user,card,commentId REM # example: WEBHOOKS_ATTRIBUTES=cardId,listId,oldListId,boardId,comment,user,card,commentId
REM SET WEBHOOKS_ATTRIBUTES= REM SET WEBHOOKS_ATTRIBUTES=
REM Enable the OAuth2 connection REM ------------------------------------------------------------
REM example: OAUTH2_ENABLED=true
REM # Enable the OAuth2 connection
REM # OAuth2 docs: https://github.com/wekan/wekan/wiki/OAuth2
REM # example: OAUTH2_ENABLED=true
REM SET OAUTH2_ENABLED=false REM SET OAUTH2_ENABLED=false
REM OAuth2 docs: https://github.com/wekan/wekan/wiki/OAuth2
REM OAuth2 Client ID, for example from Rocket.Chat. Example: abcde12345 REM # OAuth2 Client ID, for example from Rocket.Chat. Example: abcde12345
REM example: OAUTH2_CLIENT_ID=abcde12345 REM # example: OAUTH2_CLIENT_ID=abcde12345
REM SET OAUTH2_CLIENT_ID= REM SET OAUTH2_CLIENT_ID=
REM OAuth2 Secret, for example from Rocket.Chat: Example: 54321abcde
REM example: OAUTH2_SECRET=54321abcde REM # OAuth2 Secret, for example from Rocket.Chat: Example: 54321abcde
REM # example: OAUTH2_SECRET=54321abcde
REM SET OAUTH2_SECRET= REM SET OAUTH2_SECRET=
REM OAuth2 Server URL, for example Rocket.Chat. Example: https://chat.example.com
REM example: OAUTH2_SERVER_URL=https://chat.example.com REM # OAuth2 Server URL, for example Rocket.Chat. Example: https://chat.example.com
REM # example: OAUTH2_SERVER_URL=https://chat.example.com
REM SET OAUTH2_SERVER_URL= REM SET OAUTH2_SERVER_URL=
REM OAuth2 Authorization Endpoint. Example: /oauth/authorize
REM example: OAUTH2_AUTH_ENDPOINT=/oauth/authorize REM # OAuth2 Authorization Endpoint. Example: /oauth/authorize
REM # example: OAUTH2_AUTH_ENDPOINT=/oauth/authorize
REM SET OAUTH2_AUTH_ENDPOINT= REM SET OAUTH2_AUTH_ENDPOINT=
REM OAuth2 Userinfo Endpoint. Example: /oauth/userinfo
REM example: OAUTH2_USERINFO_ENDPOINT=/oauth/userinfo REM # OAuth2 Userinfo Endpoint. Example: /oauth/userinfo
REM # example: OAUTH2_USERINFO_ENDPOINT=/oauth/userinfo
REM SET OAUTH2_USERINFO_ENDPOINT= REM SET OAUTH2_USERINFO_ENDPOINT=
REM OAuth2 Token Endpoint. Example: /oauth/token
REM example: OAUTH2_TOKEN_ENDPOINT=/oauth/token REM # OAuth2 Token Endpoint. Example: /oauth/token
REM # example: OAUTH2_TOKEN_ENDPOINT=/oauth/token
REM SET OAUTH2_TOKEN_ENDPOINT= REM SET OAUTH2_TOKEN_ENDPOINT=
REM LDAP_ENABLE : Enable or not the connection by the LDAP REM ------------------------------------------------------------
REM example : LDAP_ENABLE=true
REM # LDAP_ENABLE : Enable or not the connection by the LDAP
REM # example : LDAP_ENABLE=true
REM SET LDAP_ENABLE=false REM SET LDAP_ENABLE=false
REM LDAP_PORT : The port of the LDAP server
REM example : LDAP_PORT=389 REM # LDAP_PORT : The port of the LDAP server
REM # example : LDAP_PORT=389
REM SET LDAP_PORT=389 REM SET LDAP_PORT=389
REM LDAP_HOST : The host server for the LDAP server
REM example : LDAP_HOST=localhost REM # LDAP_HOST : The host server for the LDAP server
REM # example : LDAP_HOST=localhost
REM SET LDAP_HOST= REM SET LDAP_HOST=
REM LDAP_BASEDN : The base DN for the LDAP Tree
REM example : LDAP_BASEDN=ou=user,dc=example,dc=org REM # LDAP_BASEDN : The base DN for the LDAP Tree
REM # example : LDAP_BASEDN=ou=user,dc=example,dc=org
REM SET LDAP_BASEDN= REM SET LDAP_BASEDN=
REM LDAP_LOGIN_FALLBACK : Fallback on the default authentication method
REM example : LDAP_LOGIN_FALLBACK=true REM # LDAP_LOGIN_FALLBACK : Fallback on the default authentication method
REM # example : LDAP_LOGIN_FALLBACK=true
REM SET LDAP_LOGIN_FALLBACK=false REM SET LDAP_LOGIN_FALLBACK=false
REM LDAP_RECONNECT : Reconnect to the server if the connection is lost
REM example : LDAP_RECONNECT=false REM # LDAP_RECONNECT : Reconnect to the server if the connection is lost
REM # example : LDAP_RECONNECT=false
REM SET LDAP_RECONNECT=true REM SET LDAP_RECONNECT=true
REM LDAP_TIMEOUT : Overall timeout, in milliseconds
REM example : LDAP_TIMEOUT=12345 REM # LDAP_TIMEOUT : Overall timeout, in milliseconds
REM # example : LDAP_TIMEOUT=12345
REM SET LDAP_TIMEOUT=10000 REM SET LDAP_TIMEOUT=10000
REM LDAP_IDLE_TIMEOUT : Specifies the timeout for idle LDAP connections in milliseconds
REM example : LDAP_IDLE_TIMEOUT=12345 REM # LDAP_IDLE_TIMEOUT : Specifies the timeout for idle LDAP connections in milliseconds
REM # example : LDAP_IDLE_TIMEOUT=12345
REM SET LDAP_IDLE_TIMEOUT=10000 REM SET LDAP_IDLE_TIMEOUT=10000
REM LDAP_CONNECT_TIMEOUT : Connection timeout, in milliseconds
REM example : LDAP_CONNECT_TIMEOUT=12345 REM # LDAP_CONNECT_TIMEOUT : Connection timeout, in milliseconds
REM # example : LDAP_CONNECT_TIMEOUT=12345
REM SET LDAP_CONNECT_TIMEOUT=10000 REM SET LDAP_CONNECT_TIMEOUT=10000
REM LDAP_AUTHENTIFICATION : If the LDAP needs a user account to search
REM example : LDAP_AUTHENTIFICATION=true REM # LDAP_AUTHENTIFICATION : If the LDAP needs a user account to search
REM # example : LDAP_AUTHENTIFICATION=true
REM SET LDAP_AUTHENTIFICATION=false REM SET LDAP_AUTHENTIFICATION=false
REM LDAP_AUTHENTIFICATION_USERDN : The search user DN
REM example : LDAP_AUTHENTIFICATION_USERDN=cn=admin,dc=example,dc=org REM # LDAP_AUTHENTIFICATION_USERDN : The search user DN
REM # example: LDAP_AUTHENTIFICATION_USERDN=cn=admin,dc=example,dc=org
REM SET LDAP_AUTHENTIFICATION_USERDN= REM SET LDAP_AUTHENTIFICATION_USERDN=
REM LDAP_AUTHENTIFICATION_PASSWORD : The password for the search user
REM example : AUTHENTIFICATION_PASSWORD=admin REM # LDAP_AUTHENTIFICATION_PASSWORD : The password for the search user
REM # example : AUTHENTIFICATION_PASSWORD=admin
REM SET LDAP_AUTHENTIFICATION_PASSWORD= REM SET LDAP_AUTHENTIFICATION_PASSWORD=
REM LDAP_LOG_ENABLED : Enable logs for the module
REM example : LDAP_LOG_ENABLED=true REM # LDAP_LOG_ENABLED : Enable logs for the module
REM # example : LDAP_LOG_ENABLED=true
REM SET LDAP_LOG_ENABLED=false REM SET LDAP_LOG_ENABLED=false
REM LDAP_BACKGROUND_SYNC : If the sync of the users should be done in the background
REM example : LDAP_BACKGROUND_SYNC=true REM # LDAP_BACKGROUND_SYNC : If the sync of the users should be done in the background
REM # example : LDAP_BACKGROUND_SYNC=true
REM SET LDAP_BACKGROUND_SYNC=false REM SET LDAP_BACKGROUND_SYNC=false
REM LDAP_BACKGROUND_SYNC_INTERVAL : At which interval does the background task sync in milliseconds
REM example : LDAP_BACKGROUND_SYNC_INTERVAL=12345 REM # LDAP_BACKGROUND_SYNC_INTERVAL : At which interval does the background task sync in milliseconds
REM # example : LDAP_BACKGROUND_SYNC_INTERVAL=12345
REM SET LDAP_BACKGROUND_SYNC_INTERVAL=100 REM SET LDAP_BACKGROUND_SYNC_INTERVAL=100
REM LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED :
REM example : LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=true REM # LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED :
REM # example : LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=true
REM SET LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=false REM SET LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=false
REM LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS :
REM example : LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=true REM # LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS :
REM # example : LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=true
REM SET LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=false REM SET LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=false
REM LDAP_ENCRYPTION : If using LDAPS
REM example : LDAP_ENCRYPTION=ssl REM # LDAP_ENCRYPTION : If using LDAPS
REM # example : LDAP_ENCRYPTION=ssl
REM SET LDAP_ENCRYPTION=false REM SET LDAP_ENCRYPTION=false
REM LDAP_CA_CERT : The certification for the LDAPS server. Certificate needs to be included in this docker-compose.yml file.
REM example : LDAP_CA_CERT=-----BEGIN CERTIFICATE-----MIIE+zCCA+OgAwIBAgIkAhwR/6TVLmdRY6hHxvUFWc0+Enmu/Hu6cj+G2FIdAgIC...-----END CERTIFICATE----- REM # LDAP_CA_CERT : The certification for the LDAPS server. Certificate needs to be included in this docker-compose.yml file.
REM # example : LDAP_CA_CERT=-----BEGIN CERTIFICATE-----MIIE+zCCA+OgAwIBAgIkAhwR/6TVLmdRY6hHxvUFWc0+Enmu/Hu6cj+G2FIdAgIC...-----END CERTIFICATE-----
REM SET LDAP_CA_CERT= REM SET LDAP_CA_CERT=
REM LDAP_REJECT_UNAUTHORIZED : Reject Unauthorized Certificate
REM example : LDAP_REJECT_UNAUTHORIZED=true REM # LDAP_REJECT_UNAUTHORIZED : Reject Unauthorized Certificate
REM # example : LDAP_REJECT_UNAUTHORIZED=true
REM SET LDAP_REJECT_UNAUTHORIZED=false REM SET LDAP_REJECT_UNAUTHORIZED=false
REM LDAP_USER_SEARCH_FILTER : Optional extra LDAP filters. Don't forget the outmost enclosing parentheses if needed
REM example : LDAP_USER_SEARCH_FILTER= REM # LDAP_USER_SEARCH_FILTER : Optional extra LDAP filters. Don't forget the outmost enclosing parentheses if needed
REM # example : LDAP_USER_SEARCH_FILTER=
REM SET LDAP_USER_SEARCH_FILTER= REM SET LDAP_USER_SEARCH_FILTER=
REM LDAP_USER_SEARCH_SCOPE : base (search only in the provided DN), one (search only in the provided DN and one level deep), or sub (search the whole subtree)
REM example : LDAP_USER_SEARCH_SCOPE=one REM # LDAP_USER_SEARCH_SCOPE : base (search only in the provided DN), one (search only in the provided DN and one level deep), or sub (search the whole subtree)
REM # example : LDAP_USER_SEARCH_SCOPE=one
REM SET LDAP_USER_SEARCH_SCOPE= REM SET LDAP_USER_SEARCH_SCOPE=
REM LDAP_USER_SEARCH_FIELD : Which field is used to find the user
REM example : LDAP_USER_SEARCH_FIELD=uid REM # LDAP_USER_SEARCH_FIELD : Which field is used to find the user
REM # example : LDAP_USER_SEARCH_FIELD=uid
REM SET LDAP_USER_SEARCH_FIELD= REM SET LDAP_USER_SEARCH_FIELD=
REM LDAP_SEARCH_PAGE_SIZE : Used for pagination (0=unlimited)
REM example : LDAP_SEARCH_PAGE_SIZE=12345 REM # LDAP_SEARCH_PAGE_SIZE : Used for pagination (0=unlimited)
REM # example : LDAP_SEARCH_PAGE_SIZE=12345
REM SET LDAP_SEARCH_PAGE_SIZE=0 REM SET LDAP_SEARCH_PAGE_SIZE=0
REM LDAP_SEARCH_SIZE_LIMIT : The limit number of entries (0=unlimited)
REM example : LDAP_SEARCH_SIZE_LIMIT=12345 REM # LDAP_SEARCH_SIZE_LIMIT : The limit number of entries (0=unlimited)
REM #33 example : LDAP_SEARCH_SIZE_LIMIT=12345
REM SET LDAP_SEARCH_SIZE_LIMIT=0 REM SET LDAP_SEARCH_SIZE_LIMIT=0
REM LDAP_GROUP_FILTER_ENABLE : Enable group filtering
REM example : LDAP_GROUP_FILTER_ENABLE=true REM # LDAP_GROUP_FILTER_ENABLE : Enable group filtering
REM # example : LDAP_GROUP_FILTER_ENABLE=true
REM SET LDAP_GROUP_FILTER_ENABLE=false REM SET LDAP_GROUP_FILTER_ENABLE=false
REM LDAP_GROUP_FILTER_OBJECTCLASS : The object class for filtering
REM example : LDAP_GROUP_FILTER_OBJECTCLASS=group REM # LDAP_GROUP_FILTER_OBJECTCLASS : The object class for filtering
REM # example : LDAP_GROUP_FILTER_OBJECTCLASS=group
REM SET LDAP_GROUP_FILTER_OBJECTCLASS= REM SET LDAP_GROUP_FILTER_OBJECTCLASS=
REM LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE :
REM example : REM # LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE :
REM # example :
REM SET LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE= REM SET LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE=
REM LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE :
REM example : REM # LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE :
REM # example :
REM SET LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE= REM SET LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE=
REM LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT :
REM example : REM # LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT :
REM # example :
REM SET LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT= REM SET LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT=
REM LDAP_GROUP_FILTER_GROUP_NAME :
REM example : REM # LDAP_GROUP_FILTER_GROUP_NAME :
REM # example :
REM SET LDAP_GROUP_FILTER_GROUP_NAME= REM SET LDAP_GROUP_FILTER_GROUP_NAME=
REM LDAP_UNIQUE_IDENTIFIER_FIELD : This field is sometimes class GUID (Globally Unique Identifier)
REM example : LDAP_UNIQUE_IDENTIFIER_FIELD=guid REM # LDAP_UNIQUE_IDENTIFIER_FIELD : This field is sometimes class GUID (Globally Unique Identifier)
REM # example : LDAP_UNIQUE_IDENTIFIER_FIELD=guid
REM SET LDAP_UNIQUE_IDENTIFIER_FIELD= REM SET LDAP_UNIQUE_IDENTIFIER_FIELD=
REM LDAP_UTF8_NAMES_SLUGIFY : Convert the username to utf8
REM example : LDAP_UTF8_NAMES_SLUGIFY=false REM # LDAP_UTF8_NAMES_SLUGIFY : Convert the username to utf8
REM # example : LDAP_UTF8_NAMES_SLUGIFY=false
REM SET LDAP_UTF8_NAMES_SLUGIFY=true REM SET LDAP_UTF8_NAMES_SLUGIFY=true
REM LDAP_USERNAME_FIELD : Which field contains the ldap username
REM example : LDAP_USERNAME_FIELD=username REM # LDAP_USERNAME_FIELD : Which field contains the ldap username
REM # example : LDAP_USERNAME_FIELD=username
REM SET LDAP_USERNAME_FIELD= REM SET LDAP_USERNAME_FIELD=
REM LDAP_MERGE_EXISTING_USERS :
REM example : LDAP_MERGE_EXISTING_USERS=true REM # LDAP_MERGE_EXISTING_USERS :
REM # example : LDAP_MERGE_EXISTING_USERS=true
REM SET LDAP_MERGE_EXISTING_USERS=false REM SET LDAP_MERGE_EXISTING_USERS=false
REM LDAP_SYNC_USER_DATA :
REM example : LDAP_SYNC_USER_DATA=true REM # LDAP_SYNC_USER_DATA :
REM # example : LDAP_SYNC_USER_DATA=true
REM SET LDAP_SYNC_USER_DATA=false REM SET LDAP_SYNC_USER_DATA=false
REM LDAP_SYNC_USER_DATA_FIELDMAP :
REM example : LDAP_SYNC_USER_DATA_FIELDMAP={"cn":"name", "mail":"email"} REM # LDAP_SYNC_USER_DATA_FIELDMAP :
REM # example : LDAP_SYNC_USER_DATA_FIELDMAP={"cn":"name", "mail":"email"}
REM SET LDAP_SYNC_USER_DATA_FIELDMAP= REM SET LDAP_SYNC_USER_DATA_FIELDMAP=
REM LDAP_SYNC_GROUP_ROLES :
REM example : REM # LDAP_SYNC_GROUP_ROLES :
REM SET LDAP_SYNC_GROUP_ROLES= REM # example :
REM LDAP_DEFAULT_DOMAIN : The default domain of the ldap it is used to create email if the field is not map correctly with the LDAP_SYNC_USER_DATA_FIELDMAP REM # SET LDAP_SYNC_GROUP_ROLES=
REM example :
REM # LDAP_DEFAULT_DOMAIN : The default domain of the ldap it is used to create email if the field is not map correctly with the LDAP_SYNC_USER_DATA_FIELDMAP
REM # example :
REM SET LDAP_DEFAULT_DOMAIN= REM SET LDAP_DEFAULT_DOMAIN=
REM ------------------------------------------------
REM # LOGOUT_WITH_TIMER : Enables or not the option logout with timer
REM # example : LOGOUT_WITH_TIMER=true
REM SET LOGOUT_WITH_TIMER=
REM # LOGOUT_IN : The number of days
REM # example : LOGOUT_IN=1
REM SET LOGOUT_IN=
REM # LOGOUT_ON_HOURS : The number of hours
REM # example : LOGOUT_ON_HOURS=9
REM SET LOGOUT_ON_HOURS=
REM # LOGOUT_ON_MINUTES : The number of minutes
REM # example : LOGOUT_ON_MINUTES=55
REM SET LOGOUT_ON_MINUTES=
cd .build\bundle cd .build\bundle
node main.js node main.js
cd ..\.. cd ..\..

413
start-wekan.sh
View file

@ -1,206 +1,225 @@
#!/bin/bash #!/bin/bash
function wekan_repo_check(){ function wekan_repo_check(){
git_remotes="$(git remote show 2>/dev/null)" git_remotes="$(git remote show 2>/dev/null)"
res="" res=""
for i in $git_remotes; do for i in $git_remotes; do
res="$(git remote get-url $i | sed 's/.*wekan\/wekan.*/wekan\/wekan/')" res="$(git remote get-url $i | sed 's/.*wekan\/wekan.*/wekan\/wekan/')"
if [[ "$res" == "wekan/wekan" ]]; then if [[ "$res" == "wekan/wekan" ]]; then
break break
fi fi
done done
if [[ "$res" != "wekan/wekan" ]]; then if [[ "$res" != "wekan/wekan" ]]; then
echo "$PWD is not a wekan repository" echo "$PWD is not a wekan repository"
exit; exit;
fi fi
} }
# If you want to restart even on crash, uncomment while and done lines. # If you want to restart even on crash, uncomment while and done lines.
#while true; do #while true; do
wekan_repo_check wekan_repo_check
cd .build/bundle cd .build/bundle
export MONGO_URL='mongodb://127.0.0.1:27019/wekan' export MONGO_URL='mongodb://127.0.0.1:27019/wekan'
# Production: https://example.com/wekan #---------------------------------------------
# Local: http://localhost:2000 # Production: https://example.com/wekan
#export ipaddress=$(ifdata -pa eth0) # Local: http://localhost:2000
export ROOT_URL='http://localhost:2000' #export ipaddress=$(ifdata -pa eth0)
# https://github.com/wekan/wekan/wiki/Troubleshooting-Mail export ROOT_URL='http://localhost:2000'
# https://github.com/wekan/wekan-mongodb/blob/master/docker-compose.yml #---------------------------------------------
export MAIL_URL='smtp://user:pass@mailserver.example.com:25/' # https://github.com/wekan/wekan/wiki/Troubleshooting-Mail
#export KADIRA_OPTIONS_ENDPOINT=http://127.0.0.1:11011 # https://github.com/wekan/wekan-mongodb/blob/master/docker-compose.yml
# This is local port where Wekan Node.js runs, same as below on Caddyfile settings. export MAIL_URL='smtp://user:pass@mailserver.example.com:25/'
export PORT=2000 #---------------------------------------------
# Wekan Export Board works when WITH_API=true. #export KADIRA_OPTIONS_ENDPOINT=http://127.0.0.1:11011
# If you disable Wekan API with false, Export Board does not work. #---------------------------------------------
export WITH_API='true' # This is local port where Wekan Node.js runs, same as below on Caddyfile settings.
#--------------------------------------------- export PORT=2000
## Optional: Integration with Matomo https://matomo.org that is installed to your server #---------------------------------------------
## The address of the server where Matomo is hosted: # Wekan Export Board works when WITH_API=true.
##export MATOMO_ADDRESS=https://example.com/matomo # If you disable Wekan API with false, Export Board does not work.
#export MATOMO_ADDRESS= export WITH_API='true'
## The value of the site ID given in Matomo server for Wekan #---------------------------------------------
# Example: export MATOMO_SITE_ID=123456789 # CORS: Set Access-Control-Allow-Origin header. Example: *
#export MATOMO_SITE_ID='' #- CORS=*
## The option do not track which enables users to not be tracked by matomo" #---------------------------------------------
#Example: export MATOMO_DO_NOT_TRACK=false ## Optional: Integration with Matomo https://matomo.org that is installed to your server
#export MATOMO_DO_NOT_TRACK=true ## The address of the server where Matomo is hosted:
## The option that allows matomo to retrieve the username: ##export MATOMO_ADDRESS=https://example.com/matomo
# Example: export MATOMO_WITH_USERNAME=true #export MATOMO_ADDRESS=
#export MATOMO_WITH_USERNAME='false' ## The value of the site ID given in Matomo server for Wekan
# Enable browser policy and allow one trusted URL that can have iframe that has Wekan embedded inside. # Example: export MATOMO_SITE_ID=123456789
# Setting this to false is not recommended, it also disables all other browser policy protections #export MATOMO_SITE_ID=''
# and allows all iframing etc. See wekan/server/policy.js ## The option do not track which enables users to not be tracked by matomo"
# Default value: true #Example: export MATOMO_DO_NOT_TRACK=false
export BROWSER_POLICY_ENABLED=true #export MATOMO_DO_NOT_TRACK=true
# When browser policy is enabled, HTML code at this Trusted URL can have iframe that embeds Wekan inside. ## The option that allows matomo to retrieve the username:
# Example: export TRUSTED_URL=http://example.com # Example: export MATOMO_WITH_USERNAME=true
export TRUSTED_URL='' #export MATOMO_WITH_USERNAME='false'
# What to send to Outgoing Webhook, or leave out. Example, that includes all that are default: cardId,listId,oldListId,boardId,comment,user,card,commentId . # Enable browser policy and allow one trusted URL that can have iframe that has Wekan embedded inside.
# Example: export WEBHOOKS_ATTRIBUTES=cardId,listId,oldListId,boardId,comment,user,card,commentId # Setting this to false is not recommended, it also disables all other browser policy protections
export WEBHOOKS_ATTRIBUTES='' # and allows all iframing etc. See wekan/server/policy.js
#--------------------------------------------- # Default value: true
# OAuth2 docs: https://github.com/wekan/wekan/wiki/OAuth2 export BROWSER_POLICY_ENABLED=true
# OAuth2 Client ID, for example from Rocket.Chat. Example: abcde12345 # When browser policy is enabled, HTML code at this Trusted URL can have iframe that embeds Wekan inside.
# example: export OAUTH2_CLIENT_ID=abcde12345 # Example: export TRUSTED_URL=http://example.com
#export OAUTH2_CLIENT_ID='' export TRUSTED_URL=''
# OAuth2 Secret, for example from Rocket.Chat: Example: 54321abcde # What to send to Outgoing Webhook, or leave out. Example, that includes all that are default: cardId,listId,oldListId,boardId,comment,user,card,commentId .
# example: export OAUTH2_SECRET=54321abcde # Example: export WEBHOOKS_ATTRIBUTES=cardId,listId,oldListId,boardId,comment,user,card,commentId
#export OAUTH2_SECRET='' export WEBHOOKS_ATTRIBUTES=''
# OAuth2 Server URL, for example Rocket.Chat. Example: https://chat.example.com #---------------------------------------------
# example: export OAUTH2_SERVER_URL=https://chat.example.com # OAuth2 docs: https://github.com/wekan/wekan/wiki/OAuth2
#export OAUTH2_SERVER_URL='' # OAuth2 Client ID, for example from Rocket.Chat. Example: abcde12345
# OAuth2 Authorization Endpoint. Example: /oauth/authorize # example: export OAUTH2_CLIENT_ID=abcde12345
# example: export OAUTH2_AUTH_ENDPOINT=/oauth/authorize #export OAUTH2_CLIENT_ID=''
#export OAUTH2_AUTH_ENDPOINT='' # OAuth2 Secret, for example from Rocket.Chat: Example: 54321abcde
# OAuth2 Userinfo Endpoint. Example: /oauth/userinfo # example: export OAUTH2_SECRET=54321abcde
# example: export OAUTH2_USERINFO_ENDPOINT=/oauth/userinfo #export OAUTH2_SECRET=''
#export OAUTH2_USERINFO_ENDPOINT='' # OAuth2 Server URL, for example Rocket.Chat. Example: https://chat.example.com
# OAuth2 Token Endpoint. Example: /oauth/token # example: export OAUTH2_SERVER_URL=https://chat.example.com
# example: export OAUTH2_TOKEN_ENDPOINT=/oauth/token #export OAUTH2_SERVER_URL=''
#export OAUTH2_TOKEN_ENDPOINT='' # OAuth2 Authorization Endpoint. Example: /oauth/authorize
#--------------------------------------------- # example: export OAUTH2_AUTH_ENDPOINT=/oauth/authorize
# LDAP_ENABLE : Enable or not the connection by the LDAP #export OAUTH2_AUTH_ENDPOINT=''
# example : export LDAP_ENABLE=true # OAuth2 Userinfo Endpoint. Example: /oauth/userinfo
#export LDAP_ENABLE=false # example: export OAUTH2_USERINFO_ENDPOINT=/oauth/userinfo
# LDAP_PORT : The port of the LDAP server #export OAUTH2_USERINFO_ENDPOINT=''
# example : export LDAP_PORT=389 # OAuth2 Token Endpoint. Example: /oauth/token
#export LDAP_PORT=389 # example: export OAUTH2_TOKEN_ENDPOINT=/oauth/token
# LDAP_HOST : The host server for the LDAP server #export OAUTH2_TOKEN_ENDPOINT=''
# example : export LDAP_HOST=localhost #---------------------------------------------
#export LDAP_HOST= # LDAP_ENABLE : Enable or not the connection by the LDAP
# LDAP_BASEDN : The base DN for the LDAP Tree # example : export LDAP_ENABLE=true
# example : export LDAP_BASEDN=ou=user,dc=example,dc=org #export LDAP_ENABLE=false
#export LDAP_BASEDN= # LDAP_PORT : The port of the LDAP server
# LDAP_LOGIN_FALLBACK : Fallback on the default authentication method # example : export LDAP_PORT=389
# example : export LDAP_LOGIN_FALLBACK=true #export LDAP_PORT=389
#export LDAP_LOGIN_FALLBACK=false # LDAP_HOST : The host server for the LDAP server
# LDAP_RECONNECT : Reconnect to the server if the connection is lost # example : export LDAP_HOST=localhost
# example : export LDAP_RECONNECT=false #export LDAP_HOST=
#export LDAP_RECONNECT=true # LDAP_BASEDN : The base DN for the LDAP Tree
# LDAP_TIMEOUT : Overall timeout, in milliseconds # example : export LDAP_BASEDN=ou=user,dc=example,dc=org
# example : export LDAP_TIMEOUT=12345 #export LDAP_BASEDN=
#export LDAP_TIMEOUT=10000 # LDAP_LOGIN_FALLBACK : Fallback on the default authentication method
# LDAP_IDLE_TIMEOUT : Specifies the timeout for idle LDAP connections in milliseconds # example : export LDAP_LOGIN_FALLBACK=true
# example : export LDAP_IDLE_TIMEOUT=12345 #export LDAP_LOGIN_FALLBACK=false
#export LDAP_IDLE_TIMEOUT=10000 # LDAP_RECONNECT : Reconnect to the server if the connection is lost
# LDAP_CONNECT_TIMEOUT : Connection timeout, in milliseconds # example : export LDAP_RECONNECT=false
# example : export LDAP_CONNECT_TIMEOUT=12345 #export LDAP_RECONNECT=true
#export LDAP_CONNECT_TIMEOUT=10000 # LDAP_TIMEOUT : Overall timeout, in milliseconds
# LDAP_AUTHENTIFICATION : If the LDAP needs a user account to search # example : export LDAP_TIMEOUT=12345
# example : export LDAP_AUTHENTIFICATION=true #export LDAP_TIMEOUT=10000
#export LDAP_AUTHENTIFICATION=false # LDAP_IDLE_TIMEOUT : Specifies the timeout for idle LDAP connections in milliseconds
# LDAP_AUTHENTIFICATION_USERDN : The search user DN # example : export LDAP_IDLE_TIMEOUT=12345
# example : export LDAP_AUTHENTIFICATION_USERDN=cn=admin,dc=example,dc=org #export LDAP_IDLE_TIMEOUT=10000
#export LDAP_AUTHENTIFICATION_USERDN= # LDAP_CONNECT_TIMEOUT : Connection timeout, in milliseconds
# LDAP_AUTHENTIFICATION_PASSWORD : The password for the search user # example : export LDAP_CONNECT_TIMEOUT=12345
# example : AUTHENTIFICATION_PASSWORD=admin #export LDAP_CONNECT_TIMEOUT=10000
#export LDAP_AUTHENTIFICATION_PASSWORD= # LDAP_AUTHENTIFICATION : If the LDAP needs a user account to search
# LDAP_LOG_ENABLED : Enable logs for the module # example : export LDAP_AUTHENTIFICATION=true
# example : export LDAP_LOG_ENABLED=true #export LDAP_AUTHENTIFICATION=false
#export LDAP_LOG_ENABLED=false # LDAP_AUTHENTIFICATION_USERDN : The search user DN
# LDAP_BACKGROUND_SYNC : If the sync of the users should be done in the background # example : export LDAP_AUTHENTIFICATION_USERDN=cn=admin,dc=example,dc=org
# example : export LDAP_BACKGROUND_SYNC=true #export LDAP_AUTHENTIFICATION_USERDN=
#export LDAP_BACKGROUND_SYNC=false # LDAP_AUTHENTIFICATION_PASSWORD : The password for the search user
# LDAP_BACKGROUND_SYNC_INTERVAL : At which interval does the background task sync in milliseconds # example : AUTHENTIFICATION_PASSWORD=admin
# example : export LDAP_BACKGROUND_SYNC_INTERVAL=12345 #export LDAP_AUTHENTIFICATION_PASSWORD=
#export LDAP_BACKGROUND_SYNC_INTERVAL=100 # LDAP_LOG_ENABLED : Enable logs for the module
# LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED : # example : export LDAP_LOG_ENABLED=true
# example : export LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=true #export LDAP_LOG_ENABLED=false
#export LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=false # LDAP_BACKGROUND_SYNC : If the sync of the users should be done in the background
# LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS : # example : export LDAP_BACKGROUND_SYNC=true
# example : export LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=true #export LDAP_BACKGROUND_SYNC=false
#export LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=false # LDAP_BACKGROUND_SYNC_INTERVAL : At which interval does the background task sync in milliseconds
# LDAP_ENCRYPTION : If using LDAPS # example : export LDAP_BACKGROUND_SYNC_INTERVAL=12345
# example : export LDAP_ENCRYPTION=ssl #export LDAP_BACKGROUND_SYNC_INTERVAL=100
#export LDAP_ENCRYPTION=false # LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED :
# LDAP_CA_CERT : The certification for the LDAPS server. Certificate needs to be included in this docker-compose.yml file. # example : export LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=true
# example : export LDAP_CA_CERT=-----BEGIN CERTIFICATE-----MIIE+zCCA+OgAwIBAgIkAhwR/6TVLmdRY6hHxvUFWc0+Enmu/Hu6cj+G2FIdAgIC...-----END CERTIFICATE----- #export LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=false
#export LDAP_CA_CERT= # LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS :
# LDAP_REJECT_UNAUTHORIZED : Reject Unauthorized Certificate # example : export LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=true
# example : export LDAP_REJECT_UNAUTHORIZED=true #export LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=false
#export LDAP_REJECT_UNAUTHORIZED=false # LDAP_ENCRYPTION : If using LDAPS
# LDAP_USER_SEARCH_FILTER : Optional extra LDAP filters. Don't forget the outmost enclosing parentheses if needed # example : export LDAP_ENCRYPTION=ssl
# example : export LDAP_USER_SEARCH_FILTER= #export LDAP_ENCRYPTION=false
#export LDAP_USER_SEARCH_FILTER= # LDAP_CA_CERT : The certification for the LDAPS server. Certificate needs to be included in this docker-compose.yml file.
# LDAP_USER_SEARCH_SCOPE : base (search only in the provided DN), one (search only in the provided DN and one level deep), or sub (search the whole subtree) # example : export LDAP_CA_CERT=-----BEGIN CERTIFICATE-----MIIE+zCCA+OgAwIBAgIkAhwR/6TVLmdRY6hHxvUFWc0+Enmu/Hu6cj+G2FIdAgIC...-----END CERTIFICATE-----
# example : export LDAP_USER_SEARCH_SCOPE=one #export LDAP_CA_CERT=
#export LDAP_USER_SEARCH_SCOPE= # LDAP_REJECT_UNAUTHORIZED : Reject Unauthorized Certificate
# LDAP_USER_SEARCH_FIELD : Which field is used to find the user # example : export LDAP_REJECT_UNAUTHORIZED=true
# example : export LDAP_USER_SEARCH_FIELD=uid #export LDAP_REJECT_UNAUTHORIZED=false
#export LDAP_USER_SEARCH_FIELD= # LDAP_USER_SEARCH_FILTER : Optional extra LDAP filters. Don't forget the outmost enclosing parentheses if needed
# LDAP_SEARCH_PAGE_SIZE : Used for pagination (0=unlimited) # example : export LDAP_USER_SEARCH_FILTER=
# example : export LDAP_SEARCH_PAGE_SIZE=12345 #export LDAP_USER_SEARCH_FILTER=
#export LDAP_SEARCH_PAGE_SIZE=0 # LDAP_USER_SEARCH_SCOPE : base (search only in the provided DN), one (search only in the provided DN and one level deep), or sub (search the whole subtree)
# LDAP_SEARCH_SIZE_LIMIT : The limit number of entries (0=unlimited) # example : export LDAP_USER_SEARCH_SCOPE=one
# example : export LDAP_SEARCH_SIZE_LIMIT=12345 #export LDAP_USER_SEARCH_SCOPE=
#export LDAP_SEARCH_SIZE_LIMIT=0 # LDAP_USER_SEARCH_FIELD : Which field is used to find the user
# LDAP_GROUP_FILTER_ENABLE : Enable group filtering # example : export LDAP_USER_SEARCH_FIELD=uid
# example : export LDAP_GROUP_FILTER_ENABLE=true #export LDAP_USER_SEARCH_FIELD=
#export LDAP_GROUP_FILTER_ENABLE=false # LDAP_SEARCH_PAGE_SIZE : Used for pagination (0=unlimited)
# LDAP_GROUP_FILTER_OBJECTCLASS : The object class for filtering # example : export LDAP_SEARCH_PAGE_SIZE=12345
# example : export LDAP_GROUP_FILTER_OBJECTCLASS=group #export LDAP_SEARCH_PAGE_SIZE=0
#export LDAP_GROUP_FILTER_OBJECTCLASS= # LDAP_SEARCH_SIZE_LIMIT : The limit number of entries (0=unlimited)
# LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE : # example : export LDAP_SEARCH_SIZE_LIMIT=12345
# example : #export LDAP_SEARCH_SIZE_LIMIT=0
#export LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE= # LDAP_GROUP_FILTER_ENABLE : Enable group filtering
# LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE : # example : export LDAP_GROUP_FILTER_ENABLE=true
# example : #export LDAP_GROUP_FILTER_ENABLE=false
#export LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE= # LDAP_GROUP_FILTER_OBJECTCLASS : The object class for filtering
# LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT : # example : export LDAP_GROUP_FILTER_OBJECTCLASS=group
# example : #export LDAP_GROUP_FILTER_OBJECTCLASS=
#export LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT= # LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE :
# LDAP_GROUP_FILTER_GROUP_NAME : # example :
# example : #export LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE=
#export LDAP_GROUP_FILTER_GROUP_NAME= # LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE :
# LDAP_UNIQUE_IDENTIFIER_FIELD : This field is sometimes class GUID (Globally Unique Identifier) # example :
# example : export LDAP_UNIQUE_IDENTIFIER_FIELD=guid #export LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE=
#export LDAP_UNIQUE_IDENTIFIER_FIELD= # LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT :
# LDAP_UTF8_NAMES_SLUGIFY : Convert the username to utf8 # example :
# example : export LDAP_UTF8_NAMES_SLUGIFY=false #export LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT=
#export LDAP_UTF8_NAMES_SLUGIFY=true # LDAP_GROUP_FILTER_GROUP_NAME :
# LDAP_USERNAME_FIELD : Which field contains the ldap username # example :
# example : export LDAP_USERNAME_FIELD=username #export LDAP_GROUP_FILTER_GROUP_NAME=
#export LDAP_USERNAME_FIELD= # LDAP_UNIQUE_IDENTIFIER_FIELD : This field is sometimes class GUID (Globally Unique Identifier)
# LDAP_FULLNAME_FIELD : Which field contains the ldap fullname # example : export LDAP_UNIQUE_IDENTIFIER_FIELD=guid
# example : export LDAP_FULLNAME_FIELD=fullname #export LDAP_UNIQUE_IDENTIFIER_FIELD=
#export LDAP_FULLNAME_FIELD= # LDAP_UTF8_NAMES_SLUGIFY : Convert the username to utf8
# LDAP_MERGE_EXISTING_USERS : # example : export LDAP_UTF8_NAMES_SLUGIFY=false
# example : export LDAP_MERGE_EXISTING_USERS=true #export LDAP_UTF8_NAMES_SLUGIFY=true
#export LDAP_MERGE_EXISTING_USERS=false # LDAP_USERNAME_FIELD : Which field contains the ldap username
# LDAP_SYNC_USER_DATA : # example : export LDAP_USERNAME_FIELD=username
# example : export LDAP_SYNC_USER_DATA=true #export LDAP_USERNAME_FIELD=
#export LDAP_SYNC_USER_DATA=false # LDAP_FULLNAME_FIELD : Which field contains the ldap fullname
# LDAP_SYNC_USER_DATA_FIELDMAP : # example : export LDAP_FULLNAME_FIELD=fullname
# example : export LDAP_SYNC_USER_DATA_FIELDMAP={"cn":"name", "mail":"email"} #export LDAP_FULLNAME_FIELD=
#export LDAP_SYNC_USER_DATA_FIELDMAP= # LDAP_MERGE_EXISTING_USERS :
# LDAP_SYNC_GROUP_ROLES : # example : export LDAP_MERGE_EXISTING_USERS=true
# example : #export LDAP_MERGE_EXISTING_USERS=false
#export LDAP_SYNC_GROUP_ROLES= # LDAP_SYNC_USER_DATA :
# LDAP_DEFAULT_DOMAIN : The default domain of the ldap it is used to create email if the field is not map correctly with the LDAP_SYNC_USER_DATA_FIELDMAP # example : export LDAP_SYNC_USER_DATA=true
# example : #export LDAP_SYNC_USER_DATA=false
#export LDAP_DEFAULT_DOMAIN= # LDAP_SYNC_USER_DATA_FIELDMAP :
node main.js # example : export LDAP_SYNC_USER_DATA_FIELDMAP={"cn":"name", "mail":"email"}
# & >> ../../wekan.log #export LDAP_SYNC_USER_DATA_FIELDMAP=
cd ../.. # LDAP_SYNC_GROUP_ROLES :
# example :
#export LDAP_SYNC_GROUP_ROLES=
# LDAP_DEFAULT_DOMAIN : The default domain of the ldap it is used to create email if the field is not map correctly with the LDAP_SYNC_USER_DATA_FIELDMAP
# example :
#export LDAP_DEFAULT_DOMAIN=
# LOGOUT_WITH_TIMER : Enables or not the option logout with timer
# example : LOGOUT_WITH_TIMER=true
#- LOGOUT_WITH_TIMER=
# LOGOUT_IN : The number of days
# example : LOGOUT_IN=1
#- LOGOUT_IN=
#- LOGOUT_ON_HOURS=
# LOGOUT_ON_MINUTES : The number of minutes
# example : LOGOUT_ON_MINUTES=55
#- LOGOUT_ON_MINUTES=
node main.js
# & >> ../../wekan.log
cd ../..
#done #done