From 14e15e7ae7e764a9343367ce7815ece3ebd035c0 Mon Sep 17 00:00:00 2001 From: Martin Mattel Date: Mon, 2 Dec 2024 16:53:49 +0100 Subject: [PATCH] [docs-only] Update env_vars.yaml --- docs/helpers/env_vars.yaml | 617 +++++++++++++++++++------------------ 1 file changed, 316 insertions(+), 301 deletions(-) diff --git a/docs/helpers/env_vars.yaml b/docs/helpers/env_vars.yaml index 989f747a6ba..008cc102300 100644 --- a/docs/helpers/env_vars.yaml +++ b/docs/helpers/env_vars.yaml @@ -783,12 +783,11 @@ APP_PROVIDER_WOPI_APP_URL: removalVersion: "" deprecationInfo: "" APP_PROVIDER_WOPI_DISABLE_CHAT: - name: COLLABORATION_WOPI_DISABLE_CHAT;OCIS_WOPI_DISABLE_CHAT + name: APP_PROVIDER_WOPI_DISABLE_CHAT;OCIS_WOPI_DISABLE_CHAT defaultValue: "false" type: bool - description: Disable chat in the office web frontend. This feature applies to OnlyOffice - and Microsoft. - introductionVersion: 7.0.0 + description: Disable the chat functionality of the office app. + introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" @@ -1604,7 +1603,7 @@ AUTH_BASIC_LDAP_GROUP_OBJECTCLASS: removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_GROUP_SCHEMA_DISPLAYNAME: - name: OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME;USERS_LDAP_GROUP_SCHEMA_DISPLAYNAME + name: OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME;AUTH_BASIC_LDAP_GROUP_SCHEMA_DISPLAYNAME defaultValue: cn type: string description: LDAP Attribute to use for the displayname of groups (often the same @@ -1644,7 +1643,7 @@ AUTH_BASIC_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING: removalVersion: "" deprecationInfo: "" AUTH_BASIC_LDAP_GROUP_SCHEMA_MAIL: - name: OCIS_LDAP_GROUP_SCHEMA_MAIL;USERS_LDAP_GROUP_SCHEMA_MAIL + name: OCIS_LDAP_GROUP_SCHEMA_MAIL;AUTH_BASIC_LDAP_GROUP_SCHEMA_MAIL defaultValue: mail type: string description: LDAP Attribute to use for the email address of groups (can be empty). @@ -3562,11 +3561,12 @@ FRONTEND_ENABLE_FAVORITES: removalVersion: "" deprecationInfo: "" FRONTEND_ENABLE_FEDERATED_SHARING_INCOMING: - name: OCIS_ENABLE_OCM;GRAPH_INCLUDE_OCM_SHAREES + name: OCIS_ENABLE_OCM;FRONTEND_ENABLE_FEDERATED_SHARING_INCOMING defaultValue: "false" type: bool - description: Include OCM sharees when listing users. - introductionVersion: "5.0" + description: Changing this value is NOT supported. Enables support for incoming + federated sharing for clients. The backend behaviour is not changed. + introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" @@ -3696,7 +3696,7 @@ FRONTEND_JWT_SECRET: removalVersion: "" deprecationInfo: "" FRONTEND_LDAP_SERVER_WRITE_ENABLED: - name: OCIS_LDAP_SERVER_WRITE_ENABLED;GRAPH_LDAP_SERVER_WRITE_ENABLED + name: OCIS_LDAP_SERVER_WRITE_ENABLED;FRONTEND_LDAP_SERVER_WRITE_ENABLED defaultValue: "true" type: bool description: Allow creating, modifying and deleting LDAP users via the GRAPH API. @@ -3832,28 +3832,27 @@ FRONTEND_OCS_PREFIX: removalVersion: '%%NEXT_PRODUCTION_VERSION%%' deprecationInfo: The OCS API is deprecated FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD: - name: OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD;SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD + name: OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD defaultValue: "true" type: bool description: Set this to true if you want to enforce passwords on all public shares. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" - deprecationInfo: 'FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated - | ' + deprecationInfo: FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated + | | FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD: - name: OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD;SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD + name: OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD defaultValue: "false" type: bool - description: Set this to true if you want to enforce passwords on Uploader, Editor - or Contributor shares. If not using the global OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD, - you must define the FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD (deprecated) - in the frontend service. + description: Set this to true if you want to enforce passwords for writable shares. + Only effective if the setting for 'passwords on all public shares' is set to false. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" - deprecationInfo: 'FRONTEND_OCS_PUBLIC_WRITABLE_SHARE_MUST_HAVE_PASSWORD, the OCS - API is deprecated | ' + deprecationInfo: FRONTEND_OCS_PUBLIC_WRITABLE_SHARE_MUST_HAVE_PASSWORD, the OCS + API is deprecated | | FRONTEND_OCS_PUBLIC_WRITABLE_SHARE_MUST_HAVE_PASSWORD, + the OCS API is deprecated FRONTEND_OCS_SHARE_PREFIX: name: FRONTEND_OCS_SHARE_PREFIX defaultValue: /Shares @@ -3937,7 +3936,7 @@ FRONTEND_OCS_STAT_CACHE_TTL: removalVersion: '%%NEXT_PRODUCTION_VERSION%%' deprecationInfo: FRONTEND_OCS_STAT_CACHE_TTL, the OCS API is deprecated FRONTEND_PASSWORD_POLICY_BANNED_PASSWORDS_LIST: - name: OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST;SHARING_PASSWORD_POLICY_BANNED_PASSWORDS_LIST + name: OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST;FRONTEND_PASSWORD_POLICY_BANNED_PASSWORDS_LIST defaultValue: "" type: string description: Path to the 'banned passwords list' file. This only impacts public @@ -3947,7 +3946,7 @@ FRONTEND_PASSWORD_POLICY_BANNED_PASSWORDS_LIST: removalVersion: "" deprecationInfo: "" FRONTEND_PASSWORD_POLICY_DISABLED: - name: OCIS_PASSWORD_POLICY_DISABLED;SHARING_PASSWORD_POLICY_DISABLED + name: OCIS_PASSWORD_POLICY_DISABLED;FRONTEND_PASSWORD_POLICY_DISABLED defaultValue: "false" type: bool description: Disable the password policy. Defaults to false if not set. @@ -3956,7 +3955,7 @@ FRONTEND_PASSWORD_POLICY_DISABLED: removalVersion: "" deprecationInfo: "" FRONTEND_PASSWORD_POLICY_MIN_CHARACTERS: - name: OCIS_PASSWORD_POLICY_MIN_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_CHARACTERS + name: OCIS_PASSWORD_POLICY_MIN_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_CHARACTERS defaultValue: "8" type: int description: Define the minimum password length. Defaults to 8 if not set. @@ -3965,7 +3964,7 @@ FRONTEND_PASSWORD_POLICY_MIN_CHARACTERS: removalVersion: "" deprecationInfo: "" FRONTEND_PASSWORD_POLICY_MIN_DIGITS: - name: OCIS_PASSWORD_POLICY_MIN_DIGITS;SHARING_PASSWORD_POLICY_MIN_DIGITS + name: OCIS_PASSWORD_POLICY_MIN_DIGITS;FRONTEND_PASSWORD_POLICY_MIN_DIGITS defaultValue: "1" type: int description: Define the minimum number of digits. Defaults to 1 if not set. @@ -3974,7 +3973,7 @@ FRONTEND_PASSWORD_POLICY_MIN_DIGITS: removalVersion: "" deprecationInfo: "" FRONTEND_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS: - name: OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS + name: OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS defaultValue: "1" type: int description: Define the minimum number of uppercase letters. Defaults to 1 if not @@ -3984,7 +3983,7 @@ FRONTEND_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS: removalVersion: "" deprecationInfo: "" FRONTEND_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS: - name: OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS + name: OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS defaultValue: "1" type: int description: Define the minimum number of characters from the special characters @@ -3994,7 +3993,7 @@ FRONTEND_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS: removalVersion: "" deprecationInfo: "" FRONTEND_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS: - name: OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS + name: OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS defaultValue: "1" type: int description: Define the minimum number of lowercase letters. Defaults to 1 if not @@ -4827,20 +4826,20 @@ GRAPH_DEBUG_ZPAGES: removalVersion: "" deprecationInfo: "" GRAPH_DISABLE_USER_MECHANISM: - name: OCIS_LDAP_DISABLE_USER_MECHANISM;USERS_LDAP_DISABLE_USER_MECHANISM + name: OCIS_LDAP_DISABLE_USER_MECHANISM;GRAPH_DISABLE_USER_MECHANISM defaultValue: attribute type: string - description: An option to control the behavior for disabling users. Valid options + description: An option to control the behavior for disabling users. Supported options are 'none', 'attribute' and 'group'. If set to 'group', disabling a user via API will add the user to the configured group for disabled users, if set to 'attribute' this will be done in the ldap user entry, if set to 'none' the disable request - is not processed. + is not processed. Default is 'attribute'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_DISABLED_USERS_GROUP_DN: - name: OCIS_LDAP_DISABLED_USERS_GROUP_DN;USERS_LDAP_DISABLED_USERS_GROUP_DN + name: OCIS_LDAP_DISABLED_USERS_GROUP_DN;GRAPH_DISABLED_USERS_GROUP_DN defaultValue: cn=DisabledUsersGroup,ou=groups,o=libregraph-idm type: string description: The distinguished name of the group to which added users will be classified @@ -4995,7 +4994,7 @@ GRAPH_JWT_SECRET: removalVersion: "" deprecationInfo: "" GRAPH_KEYCLOAK_BASE_PATH: - name: OCIS_KEYCLOAK_BASE_PATH;INVITATIONS_KEYCLOAK_BASE_PATH + name: OCIS_KEYCLOAK_BASE_PATH;GRAPH_KEYCLOAK_BASE_PATH defaultValue: "" type: string description: The URL to access keycloak. @@ -5004,16 +5003,16 @@ GRAPH_KEYCLOAK_BASE_PATH: removalVersion: "" deprecationInfo: "" GRAPH_KEYCLOAK_CLIENT_ID: - name: OCIS_KEYCLOAK_CLIENT_ID;INVITATIONS_KEYCLOAK_CLIENT_ID + name: OCIS_KEYCLOAK_CLIENT_ID;GRAPH_KEYCLOAK_CLIENT_ID defaultValue: "" type: string - description: The client ID to authenticate with keycloak. + description: The client id to authenticate with keycloak. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_KEYCLOAK_CLIENT_REALM: - name: OCIS_KEYCLOAK_CLIENT_REALM;INVITATIONS_KEYCLOAK_CLIENT_REALM + name: OCIS_KEYCLOAK_CLIENT_REALM;GRAPH_KEYCLOAK_CLIENT_REALM defaultValue: "" type: string description: The realm the client is defined in. @@ -5022,7 +5021,7 @@ GRAPH_KEYCLOAK_CLIENT_REALM: removalVersion: "" deprecationInfo: "" GRAPH_KEYCLOAK_CLIENT_SECRET: - name: OCIS_KEYCLOAK_CLIENT_SECRET;INVITATIONS_KEYCLOAK_CLIENT_SECRET + name: OCIS_KEYCLOAK_CLIENT_SECRET;GRAPH_KEYCLOAK_CLIENT_SECRET defaultValue: "" type: string description: The client secret to use in authentication. @@ -5031,7 +5030,7 @@ GRAPH_KEYCLOAK_CLIENT_SECRET: removalVersion: "" deprecationInfo: "" GRAPH_KEYCLOAK_INSECURE_SKIP_VERIFY: - name: OCIS_KEYCLOAK_INSECURE_SKIP_VERIFY;INVITATIONS_KEYCLOAK_INSECURE_SKIP_VERIFY + name: OCIS_KEYCLOAK_INSECURE_SKIP_VERIFY;GRAPH_KEYCLOAK_INSECURE_SKIP_VERIFY defaultValue: "false" type: bool description: Disable TLS certificate validation for Keycloak connections. Do not @@ -5041,7 +5040,7 @@ GRAPH_KEYCLOAK_INSECURE_SKIP_VERIFY: removalVersion: "" deprecationInfo: "" GRAPH_KEYCLOAK_USER_REALM: - name: OCIS_KEYCLOAK_USER_REALM;INVITATIONS_KEYCLOAK_USER_REALM + name: OCIS_KEYCLOAK_USER_REALM;GRAPH_KEYCLOAK_USER_REALM defaultValue: "" type: string description: The realm users are defined. @@ -5050,8 +5049,8 @@ GRAPH_KEYCLOAK_USER_REALM: removalVersion: "" deprecationInfo: "" GRAPH_LDAP_BIND_DN: - name: OCIS_LDAP_BIND_DN;USERS_LDAP_BIND_DN - defaultValue: uid=reva,ou=sysusers,o=libregraph-idm + name: OCIS_LDAP_BIND_DN;GRAPH_LDAP_BIND_DN + defaultValue: uid=libregraph,ou=sysusers,o=libregraph-idm type: string description: LDAP DN to use for simple bind authentication with the target LDAP server. @@ -5060,7 +5059,7 @@ GRAPH_LDAP_BIND_DN: removalVersion: "" deprecationInfo: "" GRAPH_LDAP_BIND_PASSWORD: - name: OCIS_LDAP_BIND_PASSWORD;USERS_LDAP_BIND_PASSWORD + name: OCIS_LDAP_BIND_PASSWORD;GRAPH_LDAP_BIND_PASSWORD defaultValue: "" type: string description: Password to use for authenticating the 'bind_dn'. @@ -5069,7 +5068,7 @@ GRAPH_LDAP_BIND_PASSWORD: removalVersion: "" deprecationInfo: "" GRAPH_LDAP_CACERT: - name: OCIS_LDAP_CACERT;USERS_LDAP_CACERT + name: OCIS_LDAP_CACERT;GRAPH_LDAP_CACERT defaultValue: /var/lib/ocis/idm/ldap.crt type: string description: Path/File name for the root CA certificate (in PEM format) used to @@ -5089,7 +5088,7 @@ GRAPH_LDAP_EDUCATION_RESOURCES_ENABLED: removalVersion: "" deprecationInfo: "" GRAPH_LDAP_GROUP_BASE_DN: - name: OCIS_LDAP_GROUP_BASE_DN;USERS_LDAP_GROUP_BASE_DN + name: OCIS_LDAP_GROUP_BASE_DN;GRAPH_LDAP_GROUP_BASE_DN defaultValue: ou=groups,o=libregraph-idm type: string description: Search base DN for looking up LDAP groups. @@ -5110,7 +5109,7 @@ GRAPH_LDAP_GROUP_CREATE_BASE_DN: removalVersion: "" deprecationInfo: "" GRAPH_LDAP_GROUP_FILTER: - name: OCIS_LDAP_GROUP_FILTER;USERS_LDAP_GROUP_FILTER + name: OCIS_LDAP_GROUP_FILTER;GRAPH_LDAP_GROUP_FILTER defaultValue: "" type: string description: LDAP filter to add to the default filters for group searches. @@ -5119,17 +5118,17 @@ GRAPH_LDAP_GROUP_FILTER: removalVersion: "" deprecationInfo: "" GRAPH_LDAP_GROUP_ID_ATTRIBUTE: - name: OCIS_LDAP_GROUP_SCHEMA_ID;USERS_LDAP_GROUP_SCHEMA_ID - defaultValue: ownclouduuid + name: OCIS_LDAP_GROUP_SCHEMA_ID;GRAPH_LDAP_GROUP_ID_ATTRIBUTE + defaultValue: owncloudUUID type: string - description: LDAP Attribute to use as the unique ID for groups. This should be a + description: LDAP Attribute to use as the unique id for groups. This should be a stable globally unique ID like a UUID. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_GROUP_MEMBER_ATTRIBUTE: - name: OCIS_LDAP_GROUP_SCHEMA_MEMBER;USERS_LDAP_GROUP_SCHEMA_MEMBER + name: OCIS_LDAP_GROUP_SCHEMA_MEMBER;GRAPH_LDAP_GROUP_MEMBER_ATTRIBUTE defaultValue: member type: string description: LDAP Attribute that is used for group members. @@ -5138,7 +5137,7 @@ GRAPH_LDAP_GROUP_MEMBER_ATTRIBUTE: removalVersion: "" deprecationInfo: "" GRAPH_LDAP_GROUP_NAME_ATTRIBUTE: - name: OCIS_LDAP_GROUP_SCHEMA_GROUPNAME;USERS_LDAP_GROUP_SCHEMA_GROUPNAME + name: OCIS_LDAP_GROUP_SCHEMA_GROUPNAME;GRAPH_LDAP_GROUP_NAME_ATTRIBUTE defaultValue: cn type: string description: LDAP Attribute to use for the name of groups. @@ -5147,38 +5146,38 @@ GRAPH_LDAP_GROUP_NAME_ATTRIBUTE: removalVersion: "" deprecationInfo: "" GRAPH_LDAP_GROUP_OBJECTCLASS: - name: OCIS_LDAP_GROUP_OBJECTCLASS;USERS_LDAP_GROUP_OBJECTCLASS + name: OCIS_LDAP_GROUP_OBJECTCLASS;GRAPH_LDAP_GROUP_OBJECTCLASS defaultValue: groupOfNames type: string description: The object class to use for groups in the default group search filter - like 'groupOfNames'. + ('groupOfNames'). introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING: - name: OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;USERS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING + name: OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;GRAPH_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING defaultValue: "false" type: bool - description: Set this to true if the defined 'id' attribute for groups is of the - 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute - of Active Directory for the group ID's. + description: Set this to true if the defined 'ID' attribute for groups is of the + 'OCTETSTRING' syntax. This is required when using the 'objectGUID' attribute of + Active Directory for the group ID's. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_GROUP_SEARCH_SCOPE: - name: OCIS_LDAP_GROUP_SCOPE;USERS_LDAP_GROUP_SCOPE + name: OCIS_LDAP_GROUP_SCOPE;GRAPH_LDAP_GROUP_SEARCH_SCOPE defaultValue: sub type: string - description: LDAP search scope to use when looking up groups. Supported values are + description: LDAP search scope to use when looking up groups. Supported scopes are 'base', 'one' and 'sub'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_INSECURE: - name: OCIS_LDAP_INSECURE;USERS_LDAP_INSECURE + name: OCIS_LDAP_INSECURE;GRAPH_LDAP_INSECURE defaultValue: "false" type: bool description: Disable TLS certificate validation for the LDAP connections. Do not @@ -5304,7 +5303,7 @@ GRAPH_LDAP_SERVER_WRITE_ENABLED: removalVersion: "" deprecationInfo: "" GRAPH_LDAP_URI: - name: OCIS_LDAP_URI;USERS_LDAP_URI + name: OCIS_LDAP_URI;GRAPH_LDAP_URI defaultValue: ldaps://localhost:9235 type: string description: URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' @@ -5314,7 +5313,7 @@ GRAPH_LDAP_URI: removalVersion: "" deprecationInfo: "" GRAPH_LDAP_USER_BASE_DN: - name: OCIS_LDAP_USER_BASE_DN;USERS_LDAP_USER_BASE_DN + name: OCIS_LDAP_USER_BASE_DN;GRAPH_LDAP_USER_BASE_DN defaultValue: ou=users,o=libregraph-idm type: string description: Search base DN for looking up LDAP users. @@ -5323,16 +5322,17 @@ GRAPH_LDAP_USER_BASE_DN: removalVersion: "" deprecationInfo: "" GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE: - name: OCIS_LDAP_USER_SCHEMA_DISPLAYNAME;USERS_LDAP_USER_SCHEMA_DISPLAYNAME - defaultValue: displayname + name: OCIS_LDAP_USER_SCHEMA_DISPLAYNAME;LDAP_USER_SCHEMA_DISPLAY_NAME;GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE + defaultValue: displayName type: string - description: LDAP Attribute to use for the displayname of users. + description: LDAP Attribute to use for the display name of users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" - deprecationInfo: 'LDAP_USER_SCHEMA_DISPLAY_NAME changing name for consistency | | | ' + deprecationInfo: LDAP_USER_SCHEMA_DISPLAY_NAME changing name for consistency | | | | + LDAP_USER_SCHEMA_DISPLAY_NAME changing name for consistency GRAPH_LDAP_USER_EMAIL_ATTRIBUTE: - name: OCIS_LDAP_USER_SCHEMA_MAIL;USERS_LDAP_USER_SCHEMA_MAIL + name: OCIS_LDAP_USER_SCHEMA_MAIL;GRAPH_LDAP_USER_EMAIL_ATTRIBUTE defaultValue: mail type: string description: LDAP Attribute to use for the email address of users. @@ -5341,7 +5341,7 @@ GRAPH_LDAP_USER_EMAIL_ATTRIBUTE: removalVersion: "" deprecationInfo: "" GRAPH_LDAP_USER_FILTER: - name: OCIS_LDAP_USER_FILTER;USERS_LDAP_USER_FILTER + name: OCIS_LDAP_USER_FILTER;GRAPH_LDAP_USER_FILTER defaultValue: "" type: string description: LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'. @@ -5350,7 +5350,7 @@ GRAPH_LDAP_USER_FILTER: removalVersion: "" deprecationInfo: "" GRAPH_LDAP_USER_NAME_ATTRIBUTE: - name: OCIS_LDAP_USER_SCHEMA_USERNAME;USERS_LDAP_USER_SCHEMA_USERNAME + name: OCIS_LDAP_USER_SCHEMA_USERNAME;GRAPH_LDAP_USER_NAME_ATTRIBUTE defaultValue: uid type: string description: LDAP Attribute to use for username of users. @@ -5359,38 +5359,38 @@ GRAPH_LDAP_USER_NAME_ATTRIBUTE: removalVersion: "" deprecationInfo: "" GRAPH_LDAP_USER_OBJECTCLASS: - name: OCIS_LDAP_USER_OBJECTCLASS;USERS_LDAP_USER_OBJECTCLASS + name: OCIS_LDAP_USER_OBJECTCLASS;GRAPH_LDAP_USER_OBJECTCLASS defaultValue: inetOrgPerson type: string description: The object class to use for users in the default user search filter - like 'inetOrgPerson'. + ('inetOrgPerson'). introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING: - name: OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;USERS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING + name: OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;GRAPH_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING defaultValue: "false" type: bool description: Set this to true if the defined 'ID' attribute for users is of the - 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute - of Active Directory for the user ID's. + 'OCTETSTRING' syntax. This is required when using the 'objectGUID' attribute of + Active Directory for the user ID's. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_USER_SCOPE: - name: OCIS_LDAP_USER_SCOPE;USERS_LDAP_USER_SCOPE + name: OCIS_LDAP_USER_SCOPE;GRAPH_LDAP_USER_SCOPE defaultValue: sub type: string - description: LDAP search scope to use when looking up users. Supported values are + description: LDAP search scope to use when looking up users. Supported scopes are 'base', 'one' and 'sub'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" GRAPH_LDAP_USER_TYPE_ATTRIBUTE: - name: OCIS_LDAP_USER_SCHEMA_USER_TYPE;USERS_LDAP_USER_TYPE_ATTRIBUTE + name: OCIS_LDAP_USER_SCHEMA_USER_TYPE;GRAPH_LDAP_USER_TYPE_ATTRIBUTE defaultValue: ownCloudUserType type: string description: LDAP Attribute to distinguish between 'Member' and 'Guest' users. Default @@ -5400,8 +5400,8 @@ GRAPH_LDAP_USER_TYPE_ATTRIBUTE: removalVersion: "" deprecationInfo: "" GRAPH_LDAP_USER_UID_ATTRIBUTE: - name: OCIS_LDAP_USER_SCHEMA_ID;USERS_LDAP_USER_SCHEMA_ID - defaultValue: ownclouduuid + name: OCIS_LDAP_USER_SCHEMA_ID;GRAPH_LDAP_USER_UID_ATTRIBUTE + defaultValue: owncloudUUID type: string description: LDAP Attribute to use as the unique ID for users. This should be a stable globally unique ID like a UUID. @@ -5446,6 +5446,15 @@ GRAPH_LOG_PRETTY: deprecationVersion: "" removalVersion: "" deprecationInfo: "" +GRAPH_MAX_CONCURRENCY: + name: OCIS_MAX_CONCURRENCY;GRAPH_MAX_CONCURRENCY + defaultValue: "20" + type: int + description: The maximum number of concurrent requests the service will handle. + introductionVersion: 7.0.0 + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" GRAPH_SERVICE_ACCOUNT_ID: name: OCIS_SERVICE_ACCOUNT_ID;GRAPH_SERVICE_ACCOUNT_ID defaultValue: "" @@ -5578,10 +5587,10 @@ GRAPH_TRANSLATION_PATH: removalVersion: "" deprecationInfo: "" GRAPH_USER_ENABLED_ATTRIBUTE: - name: OCIS_LDAP_USER_ENABLED_ATTRIBUTE;USERS_LDAP_USER_ENABLED_ATTRIBUTE + name: OCIS_LDAP_USER_ENABLED_ATTRIBUTE;GRAPH_USER_ENABLED_ATTRIBUTE defaultValue: ownCloudUserEnabled type: string - description: LDAP attribute to use as a flag telling if the user is enabled or disabled. + description: LDAP Attribute to use as a flag telling if the user is enabled or disabled. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -6115,7 +6124,7 @@ IDM_ADMIN_PASSWORD: removalVersion: "" deprecationInfo: "" IDM_ADMIN_USER_ID: - name: OCIS_ADMIN_USER_ID;SETTINGS_ADMIN_USER_ID + name: OCIS_ADMIN_USER_ID;IDM_ADMIN_USER_ID defaultValue: "" type: string description: ID of the user that should receive admin privileges. Consider that @@ -6126,10 +6135,10 @@ IDM_ADMIN_USER_ID: removalVersion: "" deprecationInfo: "" IDM_CREATE_DEMO_USERS: - name: SETTINGS_SETUP_DEFAULT_ASSIGNMENTS;IDM_CREATE_DEMO_USERS + name: IDM_CREATE_DEMO_USERS defaultValue: "false" type: bool - description: The default role assignments the demo users should be setup. + description: Flag to enable or disable the creation of the demo users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -6222,7 +6231,7 @@ IDM_LDAPS_KEY: removalVersion: "" deprecationInfo: "" IDM_LOG_COLOR: - name: OCIS_LOG_COLOR;USERS_LOG_COLOR + name: OCIS_LOG_COLOR;IDM_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -6231,7 +6240,7 @@ IDM_LOG_COLOR: removalVersion: "" deprecationInfo: "" IDM_LOG_FILE: - name: OCIS_LOG_FILE;USERS_LOG_FILE + name: OCIS_LOG_FILE;IDM_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -6240,7 +6249,7 @@ IDM_LOG_FILE: removalVersion: "" deprecationInfo: "" IDM_LOG_LEVEL: - name: OCIS_LOG_LEVEL;USERS_LOG_LEVEL + name: OCIS_LOG_LEVEL;IDM_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -6250,7 +6259,7 @@ IDM_LOG_LEVEL: removalVersion: "" deprecationInfo: "" IDM_LOG_PRETTY: - name: OCIS_LOG_PRETTY;USERS_LOG_PRETTY + name: OCIS_LOG_PRETTY;IDM_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -6279,7 +6288,7 @@ IDM_SVC_PASSWORD: removalVersion: "" deprecationInfo: "" IDM_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;USERS_TRACING_COLLECTOR + name: OCIS_TRACING_COLLECTOR;IDM_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -6289,7 +6298,7 @@ IDM_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" IDM_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;USERS_TRACING_ENABLED + name: OCIS_TRACING_ENABLED;IDM_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -6298,7 +6307,7 @@ IDM_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" IDM_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;USERS_TRACING_ENDPOINT + name: OCIS_TRACING_ENDPOINT;IDM_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -6307,7 +6316,7 @@ IDM_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" IDM_TRACING_TYPE: - name: OCIS_TRACING_TYPE;USERS_TRACING_TYPE + name: OCIS_TRACING_TYPE;IDM_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -7080,14 +7089,15 @@ LDAP_LOGIN_ATTRIBUTES: removalVersion: "" deprecationInfo: "" LDAP_USER_SCHEMA_DISPLAY_NAME: - name: OCIS_LDAP_USER_SCHEMA_DISPLAYNAME;USERS_LDAP_USER_SCHEMA_DISPLAYNAME - defaultValue: displayname + name: OCIS_LDAP_USER_SCHEMA_DISPLAYNAME;LDAP_USER_SCHEMA_DISPLAY_NAME;GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE + defaultValue: displayName type: string - description: LDAP Attribute to use for the displayname of users. + description: LDAP Attribute to use for the display name of users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" - deprecationInfo: 'LDAP_USER_SCHEMA_DISPLAY_NAME changing name for consistency | | | ' + deprecationInfo: LDAP_USER_SCHEMA_DISPLAY_NAME changing name for consistency | | | | + LDAP_USER_SCHEMA_DISPLAY_NAME changing name for consistency LDAP_USER_SUBSTRING_FILTER_TYPE: name: LDAP_USER_SUBSTRING_FILTER_TYPE;USERS_LDAP_USER_SUBSTRING_FILTER_TYPE defaultValue: any @@ -7576,7 +7586,7 @@ NOTIFICATIONS_TRACING_TYPE: removalVersion: "" deprecationInfo: "" NOTIFICATIONS_TRANSLATION_PATH: - name: OCIS_TRANSLATION_PATH;USERLOG_TRANSLATION_PATH + name: OCIS_TRANSLATION_PATH;NOTIFICATIONS_TRANSLATION_PATH defaultValue: "" type: string description: (optional) Set this to a path with custom translations to overwrite @@ -7608,8 +7618,8 @@ OCDAV_ALLOW_PROPFIND_DEPTH_INFINITY: removalVersion: "" deprecationInfo: "" OCDAV_CORS_ALLOW_CREDENTIALS: - name: OCIS_CORS_ALLOW_CREDENTIALS;WEBDAV_CORS_ALLOW_CREDENTIALS - defaultValue: "true" + name: OCIS_CORS_ALLOW_CREDENTIALS;OCDAV_CORS_ALLOW_CREDENTIALS + defaultValue: "false" type: bool description: 'Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.' @@ -7618,9 +7628,11 @@ OCDAV_CORS_ALLOW_CREDENTIALS: removalVersion: "" deprecationInfo: "" OCDAV_CORS_ALLOW_HEADERS: - name: OCIS_CORS_ALLOW_HEADERS;WEBDAV_CORS_ALLOW_HEADERS - defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id - Cache-Control]' + name: OCIS_CORS_ALLOW_HEADERS;OCDAV_CORS_ALLOW_HEADERS + defaultValue: '[Origin Accept Content-Type Depth Authorization Ocs-Apirequest If-None-Match + If-Match Destination Overwrite X-Request-Id X-Requested-With Tus-Resumable Tus-Checksum-Algorithm + Upload-Concat Upload-Length Upload-Metadata Upload-Defer-Length Upload-Expires + Upload-Checksum Upload-Offset X-HTTP-Method-Override Cache-Control]' type: '[]string' description: 'A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. @@ -7630,8 +7642,9 @@ OCDAV_CORS_ALLOW_HEADERS: removalVersion: "" deprecationInfo: "" OCDAV_CORS_ALLOW_METHODS: - name: OCIS_CORS_ALLOW_METHODS;WEBDAV_CORS_ALLOW_METHODS - defaultValue: '[GET POST PUT PATCH DELETE OPTIONS]' + name: OCIS_CORS_ALLOW_METHODS;OCDAV_CORS_ALLOW_METHODS + defaultValue: '[OPTIONS HEAD GET PUT POST DELETE MKCOL PROPFIND PROPPATCH MOVE COPY + REPORT SEARCH]' type: '[]string' description: 'A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. @@ -7641,8 +7654,8 @@ OCDAV_CORS_ALLOW_METHODS: removalVersion: "" deprecationInfo: "" OCDAV_CORS_ALLOW_ORIGINS: - name: OCIS_CORS_ALLOW_ORIGINS;WEBDAV_CORS_ALLOW_ORIGINS - defaultValue: '[*]' + name: OCIS_CORS_ALLOW_ORIGINS;OCDAV_CORS_ALLOW_ORIGINS + defaultValue: '[https://localhost:9200]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. @@ -7690,7 +7703,7 @@ OCDAV_DEBUG_ZPAGES: removalVersion: "" deprecationInfo: "" OCDAV_EDITION: - name: OCIS_EDITION;FRONTEND_EDITION + name: OCIS_EDITION;OCDAV_EDITION defaultValue: Community type: string description: Edition of oCIS. Used for branding purposes. @@ -7746,17 +7759,16 @@ OCDAV_HTTP_PROTOCOL: removalVersion: "" deprecationInfo: "" OCDAV_INSECURE: - name: OCIS_INSECURE;POLICIES_EVENTS_TLS_INSECURE + name: OCIS_INSECURE;OCDAV_INSECURE defaultValue: "false" type: bool - description: Whether the server should skip the client certificate verification - during the TLS handshake. + description: Allow insecure connections to the GATEWAY service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCDAV_JWT_SECRET: - name: OCIS_JWT_SECRET;USERS_JWT_SECRET + name: OCIS_JWT_SECRET;OCDAV_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. @@ -7802,7 +7814,7 @@ OCDAV_LOG_PRETTY: removalVersion: "" deprecationInfo: "" OCDAV_MACHINE_AUTH_API_KEY: - name: OCIS_MACHINE_AUTH_API_KEY;AUTH_MACHINE_API_KEY + name: OCIS_MACHINE_AUTH_API_KEY;OCDAV_MACHINE_AUTH_API_KEY defaultValue: "" type: string description: Machine auth API key used to validate internal requests necessary for @@ -7898,12 +7910,12 @@ OCDAV_WEBDAV_NAMESPACE: removalVersion: "" deprecationInfo: "" OCIS_ADMIN_USER_ID: - name: OCIS_ADMIN_USER_ID;SETTINGS_ADMIN_USER_ID + name: OCIS_ADMIN_USER_ID;STORAGE_USERS_PURGE_TRASH_BIN_USER_ID defaultValue: "" type: string - description: ID of the user that should receive admin privileges. Consider that - the UUID can be encoded in some LDAP deployment configurations like in .ldif files. - These need to be decoded beforehand. + description: ID of the user who collects all necessary information for deletion. + Consider that the UUID can be encoded in some LDAP deployment configurations like + in .ldif files. These need to be decoded beforehand. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -7919,7 +7931,7 @@ OCIS_ASSET_THEMES_PATH: removalVersion: "" deprecationInfo: "" OCIS_ASYNC_UPLOADS: - name: OCIS_ASYNC_UPLOADS;SEARCH_EVENTS_ASYNC_UPLOADS + name: OCIS_ASYNC_UPLOADS defaultValue: "true" type: bool description: Enable asynchronous file uploads. @@ -7928,28 +7940,28 @@ OCIS_ASYNC_UPLOADS: removalVersion: "" deprecationInfo: "" OCIS_CACHE_AUTH_PASSWORD: - name: OCIS_CACHE_AUTH_PASSWORD;STORAGE_SYSTEM_CACHE_AUTH_PASSWORD + name: OCIS_CACHE_AUTH_PASSWORD;STORAGE_USERS_ID_CACHE_AUTH_PASSWORD defaultValue: "" type: string - description: Password for the configured store. Only applies when store type 'nats-js-kv' - is configured. + description: The password to authenticate with the cache store. Only applies when + store type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_CACHE_AUTH_USERNAME: - name: OCIS_CACHE_AUTH_USERNAME;STORAGE_SYSTEM_CACHE_AUTH_USERNAME + name: OCIS_CACHE_AUTH_USERNAME;STORAGE_USERS_ID_CACHE_AUTH_USERNAME defaultValue: "" type: string - description: Username for the configured store. Only applies when store type 'nats-js-kv' - is configured. + description: The username to authenticate with the cache store. Only applies when + store type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_CACHE_DATABASE: name: OCIS_CACHE_DATABASE - defaultValue: storage-system + defaultValue: ids-storage-users type: string description: The database name the configured store should use. introductionVersion: pre5.0 @@ -7957,7 +7969,7 @@ OCIS_CACHE_DATABASE: removalVersion: "" deprecationInfo: "" OCIS_CACHE_DISABLE_PERSISTENCE: - name: OCIS_CACHE_DISABLE_PERSISTENCE;STORAGE_SYSTEM_CACHE_DISABLE_PERSISTENCE + name: OCIS_CACHE_DISABLE_PERSISTENCE;STORAGE_USERS_ID_CACHE_DISABLE_PERSISTENCE defaultValue: "false" type: bool description: Disables persistence of the cache. Only applies when store type 'nats-js-kv' @@ -7967,7 +7979,7 @@ OCIS_CACHE_DISABLE_PERSISTENCE: removalVersion: "" deprecationInfo: "" OCIS_CACHE_STORE: - name: OCIS_CACHE_STORE;STORAGE_SYSTEM_CACHE_STORE + name: OCIS_CACHE_STORE;STORAGE_USERS_ID_CACHE_STORE defaultValue: memory type: string description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'', @@ -7977,7 +7989,7 @@ OCIS_CACHE_STORE: removalVersion: "" deprecationInfo: "" OCIS_CACHE_STORE_NODES: - name: OCIS_CACHE_STORE_NODES;STORAGE_SYSTEM_CACHE_STORE_NODES + name: OCIS_CACHE_STORE_NODES;STORAGE_USERS_ID_CACHE_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. This has no effect @@ -7989,19 +8001,20 @@ OCIS_CACHE_STORE_NODES: removalVersion: "" deprecationInfo: "" OCIS_CACHE_TTL: - name: OCIS_CACHE_TTL;STORAGE_SYSTEM_CACHE_TTL + name: OCIS_CACHE_TTL;STORAGE_USERS_ID_CACHE_TTL defaultValue: 24m0s type: Duration description: Default time to live for user info in the user info cache. Only applied - when access tokens has no expiration. See the Environment Variable Types description - for more details. + when access tokens have no expiration. Defaults to 300s which is derived from + the underlaying package though not explicitly set as default. See the Environment + Variable Types description for more details. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_CORS_ALLOW_CREDENTIALS: - name: OCIS_CORS_ALLOW_CREDENTIALS;WEBDAV_CORS_ALLOW_CREDENTIALS - defaultValue: "true" + name: OCIS_CORS_ALLOW_CREDENTIALS;STORAGE_USERS_CORS_ALLOW_CREDENTIALS + defaultValue: "false" type: bool description: 'Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials.' @@ -8010,9 +8023,10 @@ OCIS_CORS_ALLOW_CREDENTIALS: removalVersion: "" deprecationInfo: "" OCIS_CORS_ALLOW_HEADERS: - name: OCIS_CORS_ALLOW_HEADERS;WEBDAV_CORS_ALLOW_HEADERS - defaultValue: '[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id - Cache-Control]' + name: OCIS_CORS_ALLOW_HEADERS;STORAGE_USERS_CORS_ALLOW_HEADERS + defaultValue: '[Authorization Origin X-Requested-With X-Request-Id X-HTTP-Method-Override + Content-Type Upload-Length Upload-Offset Tus-Resumable Upload-Metadata Upload-Defer-Length + Upload-Concat Upload-Incomplete Upload-Draft-Interop-Version]' type: '[]string' description: 'A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. @@ -8022,8 +8036,8 @@ OCIS_CORS_ALLOW_HEADERS: removalVersion: "" deprecationInfo: "" OCIS_CORS_ALLOW_METHODS: - name: OCIS_CORS_ALLOW_METHODS;WEBDAV_CORS_ALLOW_METHODS - defaultValue: '[GET POST PUT PATCH DELETE OPTIONS]' + name: OCIS_CORS_ALLOW_METHODS;STORAGE_USERS_CORS_ALLOW_METHODS + defaultValue: '[POST HEAD PATCH OPTIONS GET DELETE]' type: '[]string' description: 'A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. @@ -8033,8 +8047,8 @@ OCIS_CORS_ALLOW_METHODS: removalVersion: "" deprecationInfo: "" OCIS_CORS_ALLOW_ORIGINS: - name: OCIS_CORS_ALLOW_ORIGINS;WEBDAV_CORS_ALLOW_ORIGINS - defaultValue: '[*]' + name: OCIS_CORS_ALLOW_ORIGINS;STORAGE_USERS_CORS_ALLOW_ORIGINS + defaultValue: '[https://localhost:9200]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. @@ -8129,7 +8143,7 @@ OCIS_DISABLE_VERSIONING: removalVersion: "" deprecationInfo: "" OCIS_EDITION: - name: OCIS_EDITION;FRONTEND_EDITION + name: OCIS_EDITION;OCDAV_EDITION defaultValue: Community type: string description: Edition of oCIS. Used for branding purposes. @@ -8156,7 +8170,7 @@ OCIS_ENABLE_OCM: removalVersion: "" deprecationInfo: "" OCIS_EVENTS_AUTH_PASSWORD: - name: OCIS_EVENTS_AUTH_PASSWORD;POLICIES_EVENTS_AUTH_PASSWORD + name: OCIS_EVENTS_AUTH_PASSWORD;STORAGE_USERS_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the events broker. The events broker @@ -8166,7 +8180,7 @@ OCIS_EVENTS_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" OCIS_EVENTS_AUTH_USERNAME: - name: OCIS_EVENTS_AUTH_USERNAME;POLICIES_EVENTS_AUTH_USERNAME + name: OCIS_EVENTS_AUTH_USERNAME;STORAGE_USERS_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the events broker. The events broker @@ -8176,7 +8190,7 @@ OCIS_EVENTS_AUTH_USERNAME: removalVersion: "" deprecationInfo: "" OCIS_EVENTS_CLUSTER: - name: OCIS_EVENTS_CLUSTER;POLICIES_EVENTS_CLUSTER + name: OCIS_EVENTS_CLUSTER;STORAGE_USERS_EVENTS_CLUSTER defaultValue: ocis-cluster type: string description: The clusterID of the event system. The event system is the message @@ -8187,7 +8201,7 @@ OCIS_EVENTS_CLUSTER: removalVersion: "" deprecationInfo: "" OCIS_EVENTS_ENABLE_TLS: - name: OCIS_EVENTS_ENABLE_TLS;POLICIES_EVENTS_ENABLE_TLS + name: OCIS_EVENTS_ENABLE_TLS;STORAGE_USERS_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker @@ -8197,7 +8211,7 @@ OCIS_EVENTS_ENABLE_TLS: removalVersion: "" deprecationInfo: "" OCIS_EVENTS_ENDPOINT: - name: OCIS_EVENTS_ENDPOINT;POLICIES_EVENTS_ENDPOINT + name: OCIS_EVENTS_ENDPOINT;STORAGE_USERS_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing @@ -8207,21 +8221,21 @@ OCIS_EVENTS_ENDPOINT: removalVersion: "" deprecationInfo: "" OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE: - name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;POLICIES_EVENTS_TLS_ROOT_CA_CERTIFICATE + name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;STORAGE_USERS_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. - If provided POLICIES_EVENTS_TLS_INSECURE will be seen as false. + If provided STORAGE_USERS_EVENTS_TLS_INSECURE will be seen as false. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_GATEWAY_GRPC_ADDR: - name: OCIS_GATEWAY_GRPC_ADDR;GATEWAY_GRPC_ADDR + name: OCIS_GATEWAY_GRPC_ADDR;STORAGE_USERS_GATEWAY_GRPC_ADDR defaultValue: 127.0.0.1:9142 type: string - description: The bind address of the GRPC service. - introductionVersion: pre5.0 + description: The bind address of the gateway GRPC address. + introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" @@ -8249,7 +8263,7 @@ OCIS_GRPC_CLIENT_TLS_MODE: removalVersion: "" deprecationInfo: "" OCIS_GRPC_PROTOCOL: - name: OCIS_GRPC_PROTOCOL;USERS_GRPC_PROTOCOL + name: OCIS_GRPC_PROTOCOL;STORAGE_USERS_GRPC_PROTOCOL defaultValue: "" type: string description: The transport protocol of the GPRC service. @@ -8289,17 +8303,16 @@ OCIS_HTTP_TLS_KEY: removalVersion: "" deprecationInfo: "" OCIS_INSECURE: - name: OCIS_INSECURE;POLICIES_EVENTS_TLS_INSECURE + name: OCIS_INSECURE;STORAGE_USERS_EVENTS_TLS_INSECURE defaultValue: "false" type: bool - description: Whether the server should skip the client certificate verification - during the TLS handshake. + description: Whether to verify the server TLS certificates. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_JWT_SECRET: - name: OCIS_JWT_SECRET;USERS_JWT_SECRET + name: OCIS_JWT_SECRET;STORAGE_USERS_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. @@ -8308,7 +8321,7 @@ OCIS_JWT_SECRET: removalVersion: "" deprecationInfo: "" OCIS_KEYCLOAK_BASE_PATH: - name: OCIS_KEYCLOAK_BASE_PATH;INVITATIONS_KEYCLOAK_BASE_PATH + name: OCIS_KEYCLOAK_BASE_PATH;GRAPH_KEYCLOAK_BASE_PATH defaultValue: "" type: string description: The URL to access keycloak. @@ -8317,16 +8330,16 @@ OCIS_KEYCLOAK_BASE_PATH: removalVersion: "" deprecationInfo: "" OCIS_KEYCLOAK_CLIENT_ID: - name: OCIS_KEYCLOAK_CLIENT_ID;INVITATIONS_KEYCLOAK_CLIENT_ID + name: OCIS_KEYCLOAK_CLIENT_ID;GRAPH_KEYCLOAK_CLIENT_ID defaultValue: "" type: string - description: The client ID to authenticate with keycloak. + description: The client id to authenticate with keycloak. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_KEYCLOAK_CLIENT_REALM: - name: OCIS_KEYCLOAK_CLIENT_REALM;INVITATIONS_KEYCLOAK_CLIENT_REALM + name: OCIS_KEYCLOAK_CLIENT_REALM;GRAPH_KEYCLOAK_CLIENT_REALM defaultValue: "" type: string description: The realm the client is defined in. @@ -8335,7 +8348,7 @@ OCIS_KEYCLOAK_CLIENT_REALM: removalVersion: "" deprecationInfo: "" OCIS_KEYCLOAK_CLIENT_SECRET: - name: OCIS_KEYCLOAK_CLIENT_SECRET;INVITATIONS_KEYCLOAK_CLIENT_SECRET + name: OCIS_KEYCLOAK_CLIENT_SECRET;GRAPH_KEYCLOAK_CLIENT_SECRET defaultValue: "" type: string description: The client secret to use in authentication. @@ -8344,7 +8357,7 @@ OCIS_KEYCLOAK_CLIENT_SECRET: removalVersion: "" deprecationInfo: "" OCIS_KEYCLOAK_INSECURE_SKIP_VERIFY: - name: OCIS_KEYCLOAK_INSECURE_SKIP_VERIFY;INVITATIONS_KEYCLOAK_INSECURE_SKIP_VERIFY + name: OCIS_KEYCLOAK_INSECURE_SKIP_VERIFY;GRAPH_KEYCLOAK_INSECURE_SKIP_VERIFY defaultValue: "false" type: bool description: Disable TLS certificate validation for Keycloak connections. Do not @@ -8354,7 +8367,7 @@ OCIS_KEYCLOAK_INSECURE_SKIP_VERIFY: removalVersion: "" deprecationInfo: "" OCIS_KEYCLOAK_USER_REALM: - name: OCIS_KEYCLOAK_USER_REALM;INVITATIONS_KEYCLOAK_USER_REALM + name: OCIS_KEYCLOAK_USER_REALM;GRAPH_KEYCLOAK_USER_REALM defaultValue: "" type: string description: The realm users are defined. @@ -8363,8 +8376,8 @@ OCIS_KEYCLOAK_USER_REALM: removalVersion: "" deprecationInfo: "" OCIS_LDAP_BIND_DN: - name: OCIS_LDAP_BIND_DN;USERS_LDAP_BIND_DN - defaultValue: uid=reva,ou=sysusers,o=libregraph-idm + name: OCIS_LDAP_BIND_DN;GRAPH_LDAP_BIND_DN + defaultValue: uid=libregraph,ou=sysusers,o=libregraph-idm type: string description: LDAP DN to use for simple bind authentication with the target LDAP server. @@ -8373,7 +8386,7 @@ OCIS_LDAP_BIND_DN: removalVersion: "" deprecationInfo: "" OCIS_LDAP_BIND_PASSWORD: - name: OCIS_LDAP_BIND_PASSWORD;USERS_LDAP_BIND_PASSWORD + name: OCIS_LDAP_BIND_PASSWORD;GRAPH_LDAP_BIND_PASSWORD defaultValue: "" type: string description: Password to use for authenticating the 'bind_dn'. @@ -8382,7 +8395,7 @@ OCIS_LDAP_BIND_PASSWORD: removalVersion: "" deprecationInfo: "" OCIS_LDAP_CACERT: - name: OCIS_LDAP_CACERT;USERS_LDAP_CACERT + name: OCIS_LDAP_CACERT;GRAPH_LDAP_CACERT defaultValue: /var/lib/ocis/idm/ldap.crt type: string description: Path/File name for the root CA certificate (in PEM format) used to @@ -8393,20 +8406,20 @@ OCIS_LDAP_CACERT: removalVersion: "" deprecationInfo: "" OCIS_LDAP_DISABLE_USER_MECHANISM: - name: OCIS_LDAP_DISABLE_USER_MECHANISM;USERS_LDAP_DISABLE_USER_MECHANISM + name: OCIS_LDAP_DISABLE_USER_MECHANISM;GRAPH_DISABLE_USER_MECHANISM defaultValue: attribute type: string - description: An option to control the behavior for disabling users. Valid options + description: An option to control the behavior for disabling users. Supported options are 'none', 'attribute' and 'group'. If set to 'group', disabling a user via API will add the user to the configured group for disabled users, if set to 'attribute' this will be done in the ldap user entry, if set to 'none' the disable request - is not processed. + is not processed. Default is 'attribute'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_DISABLED_USERS_GROUP_DN: - name: OCIS_LDAP_DISABLED_USERS_GROUP_DN;USERS_LDAP_DISABLED_USERS_GROUP_DN + name: OCIS_LDAP_DISABLED_USERS_GROUP_DN;GRAPH_DISABLED_USERS_GROUP_DN defaultValue: cn=DisabledUsersGroup,ou=groups,o=libregraph-idm type: string description: The distinguished name of the group to which added users will be classified @@ -8416,7 +8429,7 @@ OCIS_LDAP_DISABLED_USERS_GROUP_DN: removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_BASE_DN: - name: OCIS_LDAP_GROUP_BASE_DN;USERS_LDAP_GROUP_BASE_DN + name: OCIS_LDAP_GROUP_BASE_DN;GRAPH_LDAP_GROUP_BASE_DN defaultValue: ou=groups,o=libregraph-idm type: string description: Search base DN for looking up LDAP groups. @@ -8425,7 +8438,7 @@ OCIS_LDAP_GROUP_BASE_DN: removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_FILTER: - name: OCIS_LDAP_GROUP_FILTER;USERS_LDAP_GROUP_FILTER + name: OCIS_LDAP_GROUP_FILTER;GRAPH_LDAP_GROUP_FILTER defaultValue: "" type: string description: LDAP filter to add to the default filters for group searches. @@ -8434,11 +8447,11 @@ OCIS_LDAP_GROUP_FILTER: removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_OBJECTCLASS: - name: OCIS_LDAP_GROUP_OBJECTCLASS;USERS_LDAP_GROUP_OBJECTCLASS + name: OCIS_LDAP_GROUP_OBJECTCLASS;GRAPH_LDAP_GROUP_OBJECTCLASS defaultValue: groupOfNames type: string description: The object class to use for groups in the default group search filter - like 'groupOfNames'. + ('groupOfNames'). introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -8454,7 +8467,7 @@ OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME: removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_SCHEMA_GROUPNAME: - name: OCIS_LDAP_GROUP_SCHEMA_GROUPNAME;USERS_LDAP_GROUP_SCHEMA_GROUPNAME + name: OCIS_LDAP_GROUP_SCHEMA_GROUPNAME;GRAPH_LDAP_GROUP_NAME_ATTRIBUTE defaultValue: cn type: string description: LDAP Attribute to use for the name of groups. @@ -8463,22 +8476,22 @@ OCIS_LDAP_GROUP_SCHEMA_GROUPNAME: removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_SCHEMA_ID: - name: OCIS_LDAP_GROUP_SCHEMA_ID;USERS_LDAP_GROUP_SCHEMA_ID - defaultValue: ownclouduuid + name: OCIS_LDAP_GROUP_SCHEMA_ID;GRAPH_LDAP_GROUP_ID_ATTRIBUTE + defaultValue: owncloudUUID type: string - description: LDAP Attribute to use as the unique ID for groups. This should be a + description: LDAP Attribute to use as the unique id for groups. This should be a stable globally unique ID like a UUID. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING: - name: OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;USERS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING + name: OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING;GRAPH_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING defaultValue: "false" type: bool - description: Set this to true if the defined 'id' attribute for groups is of the - 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute - of Active Directory for the group ID's. + description: Set this to true if the defined 'ID' attribute for groups is of the + 'OCTETSTRING' syntax. This is required when using the 'objectGUID' attribute of + Active Directory for the group ID's. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -8493,7 +8506,7 @@ OCIS_LDAP_GROUP_SCHEMA_MAIL: removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_SCHEMA_MEMBER: - name: OCIS_LDAP_GROUP_SCHEMA_MEMBER;USERS_LDAP_GROUP_SCHEMA_MEMBER + name: OCIS_LDAP_GROUP_SCHEMA_MEMBER;GRAPH_LDAP_GROUP_MEMBER_ATTRIBUTE defaultValue: member type: string description: LDAP Attribute that is used for group members. @@ -8502,17 +8515,17 @@ OCIS_LDAP_GROUP_SCHEMA_MEMBER: removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_SCOPE: - name: OCIS_LDAP_GROUP_SCOPE;USERS_LDAP_GROUP_SCOPE + name: OCIS_LDAP_GROUP_SCOPE;GRAPH_LDAP_GROUP_SEARCH_SCOPE defaultValue: sub type: string - description: LDAP search scope to use when looking up groups. Supported values are + description: LDAP search scope to use when looking up groups. Supported scopes are 'base', 'one' and 'sub'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_INSECURE: - name: OCIS_LDAP_INSECURE;USERS_LDAP_INSECURE + name: OCIS_LDAP_INSECURE;GRAPH_LDAP_INSECURE defaultValue: "false" type: bool description: Disable TLS certificate validation for the LDAP connections. Do not @@ -8534,7 +8547,7 @@ OCIS_LDAP_SERVER_WRITE_ENABLED: removalVersion: "" deprecationInfo: "" OCIS_LDAP_URI: - name: OCIS_LDAP_URI;USERS_LDAP_URI + name: OCIS_LDAP_URI;GRAPH_LDAP_URI defaultValue: ldaps://localhost:9235 type: string description: URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' @@ -8544,7 +8557,7 @@ OCIS_LDAP_URI: removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_BASE_DN: - name: OCIS_LDAP_USER_BASE_DN;USERS_LDAP_USER_BASE_DN + name: OCIS_LDAP_USER_BASE_DN;GRAPH_LDAP_USER_BASE_DN defaultValue: ou=users,o=libregraph-idm type: string description: Search base DN for looking up LDAP users. @@ -8553,16 +8566,16 @@ OCIS_LDAP_USER_BASE_DN: removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_ENABLED_ATTRIBUTE: - name: OCIS_LDAP_USER_ENABLED_ATTRIBUTE;USERS_LDAP_USER_ENABLED_ATTRIBUTE + name: OCIS_LDAP_USER_ENABLED_ATTRIBUTE;GRAPH_USER_ENABLED_ATTRIBUTE defaultValue: ownCloudUserEnabled type: string - description: LDAP attribute to use as a flag telling if the user is enabled or disabled. + description: LDAP Attribute to use as a flag telling if the user is enabled or disabled. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_FILTER: - name: OCIS_LDAP_USER_FILTER;USERS_LDAP_USER_FILTER + name: OCIS_LDAP_USER_FILTER;GRAPH_LDAP_USER_FILTER defaultValue: "" type: string description: LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'. @@ -8571,27 +8584,28 @@ OCIS_LDAP_USER_FILTER: removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_OBJECTCLASS: - name: OCIS_LDAP_USER_OBJECTCLASS;USERS_LDAP_USER_OBJECTCLASS + name: OCIS_LDAP_USER_OBJECTCLASS;GRAPH_LDAP_USER_OBJECTCLASS defaultValue: inetOrgPerson type: string description: The object class to use for users in the default user search filter - like 'inetOrgPerson'. + ('inetOrgPerson'). introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_SCHEMA_DISPLAYNAME: - name: OCIS_LDAP_USER_SCHEMA_DISPLAYNAME;USERS_LDAP_USER_SCHEMA_DISPLAYNAME - defaultValue: displayname + name: OCIS_LDAP_USER_SCHEMA_DISPLAYNAME;LDAP_USER_SCHEMA_DISPLAY_NAME;GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE + defaultValue: displayName type: string - description: LDAP Attribute to use for the displayname of users. + description: LDAP Attribute to use for the display name of users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" - deprecationInfo: 'LDAP_USER_SCHEMA_DISPLAY_NAME changing name for consistency | | | ' + deprecationInfo: LDAP_USER_SCHEMA_DISPLAY_NAME changing name for consistency | | | | | | | + LDAP_USER_SCHEMA_DISPLAY_NAME changing name for consistency OCIS_LDAP_USER_SCHEMA_ID: - name: OCIS_LDAP_USER_SCHEMA_ID;USERS_LDAP_USER_SCHEMA_ID - defaultValue: ownclouduuid + name: OCIS_LDAP_USER_SCHEMA_ID;GRAPH_LDAP_USER_UID_ATTRIBUTE + defaultValue: owncloudUUID type: string description: LDAP Attribute to use as the unique ID for users. This should be a stable globally unique ID like a UUID. @@ -8600,18 +8614,18 @@ OCIS_LDAP_USER_SCHEMA_ID: removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING: - name: OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;USERS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING + name: OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING;GRAPH_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING defaultValue: "false" type: bool description: Set this to true if the defined 'ID' attribute for users is of the - 'OCTETSTRING' syntax. This is e.g. required when using the 'objectGUID' attribute - of Active Directory for the user ID's. + 'OCTETSTRING' syntax. This is required when using the 'objectGUID' attribute of + Active Directory for the user ID's. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_SCHEMA_MAIL: - name: OCIS_LDAP_USER_SCHEMA_MAIL;USERS_LDAP_USER_SCHEMA_MAIL + name: OCIS_LDAP_USER_SCHEMA_MAIL;GRAPH_LDAP_USER_EMAIL_ATTRIBUTE defaultValue: mail type: string description: LDAP Attribute to use for the email address of users. @@ -8620,7 +8634,7 @@ OCIS_LDAP_USER_SCHEMA_MAIL: removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_SCHEMA_USER_TYPE: - name: OCIS_LDAP_USER_SCHEMA_USER_TYPE;USERS_LDAP_USER_TYPE_ATTRIBUTE + name: OCIS_LDAP_USER_SCHEMA_USER_TYPE;GRAPH_LDAP_USER_TYPE_ATTRIBUTE defaultValue: ownCloudUserType type: string description: LDAP Attribute to distinguish between 'Member' and 'Guest' users. Default @@ -8630,7 +8644,7 @@ OCIS_LDAP_USER_SCHEMA_USER_TYPE: removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_SCHEMA_USERNAME: - name: OCIS_LDAP_USER_SCHEMA_USERNAME;USERS_LDAP_USER_SCHEMA_USERNAME + name: OCIS_LDAP_USER_SCHEMA_USERNAME;GRAPH_LDAP_USER_NAME_ATTRIBUTE defaultValue: uid type: string description: LDAP Attribute to use for username of users. @@ -8639,17 +8653,17 @@ OCIS_LDAP_USER_SCHEMA_USERNAME: removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_SCOPE: - name: OCIS_LDAP_USER_SCOPE;USERS_LDAP_USER_SCOPE + name: OCIS_LDAP_USER_SCOPE;GRAPH_LDAP_USER_SCOPE defaultValue: sub type: string - description: LDAP search scope to use when looking up users. Supported values are + description: LDAP search scope to use when looking up users. Supported scopes are 'base', 'one' and 'sub'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LOG_COLOR: - name: OCIS_LOG_COLOR;USERS_LOG_COLOR + name: OCIS_LOG_COLOR;STORAGE_USERS_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -8658,7 +8672,7 @@ OCIS_LOG_COLOR: removalVersion: "" deprecationInfo: "" OCIS_LOG_FILE: - name: OCIS_LOG_FILE;USERS_LOG_FILE + name: OCIS_LOG_FILE;STORAGE_USERS_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -8667,7 +8681,7 @@ OCIS_LOG_FILE: removalVersion: "" deprecationInfo: "" OCIS_LOG_LEVEL: - name: OCIS_LOG_LEVEL;USERS_LOG_LEVEL + name: OCIS_LOG_LEVEL;STORAGE_USERS_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -8677,7 +8691,7 @@ OCIS_LOG_LEVEL: removalVersion: "" deprecationInfo: "" OCIS_LOG_PRETTY: - name: OCIS_LOG_PRETTY;USERS_LOG_PRETTY + name: OCIS_LOG_PRETTY;STORAGE_USERS_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -8686,23 +8700,23 @@ OCIS_LOG_PRETTY: removalVersion: "" deprecationInfo: "" OCIS_MACHINE_AUTH_API_KEY: - name: OCIS_MACHINE_AUTH_API_KEY;AUTH_MACHINE_API_KEY + name: OCIS_MACHINE_AUTH_API_KEY;STORAGE_USERS_MACHINE_AUTH_API_KEY defaultValue: "" type: string description: Machine auth API key used to validate internal requests necessary for the access to resources from other services. - introductionVersion: pre5.0 + introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_MAX_CONCURRENCY: - name: OCIS_MAX_CONCURRENCY;USERLOG_MAX_CONCURRENCY - defaultValue: "1" + name: OCIS_MAX_CONCURRENCY;STORAGE_USERS_S3NG_MAX_CONCURRENCY + defaultValue: "5" type: int description: Maximum number of concurrent go-routines. Higher values can potentially get work done faster but will also cause more load on the system. Values of 0 - or below will be ignored and the default value will be used. - introductionVersion: 7.0.0 + or below will be ignored and the default value of 100 will be used. + introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" @@ -8718,11 +8732,10 @@ OCIS_OIDC_CLIENT_ID: removalVersion: "" deprecationInfo: "" OCIS_OIDC_ISSUER: - name: OCIS_URL;OCIS_OIDC_ISSUER;USERS_IDP_URL + name: OCIS_URL;OCIS_OIDC_ISSUER defaultValue: https://localhost:9200 type: string - description: The identity provider value to set in the userids of the CS3 user objects - for users returned by this user provider. + description: The OIDC issuer URL to assign to the demo users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -8795,54 +8808,54 @@ OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS: removalVersion: "" deprecationInfo: "" OCIS_PERSISTENT_STORE: - name: OCIS_PERSISTENT_STORE;COLLABORATION_STORE + name: OCIS_PERSISTENT_STORE;EVENTHISTORY_STORE defaultValue: nats-js-kv type: string description: 'The type of the store. Supported values are: ''memory'', ''nats-js-kv'', ''redis-sentinel'', ''noop''. See the text description for details.' - introductionVersion: 7.0.0 + introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_PERSISTENT_STORE_AUTH_PASSWORD: - name: OCIS_PERSISTENT_STORE_AUTH_PASSWORD;COLLABORATION_STORE_AUTH_PASSWORD + name: OCIS_PERSISTENT_STORE_AUTH_PASSWORD;EVENTHISTORY_STORE_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. - introductionVersion: 7.0.0 + introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_PERSISTENT_STORE_AUTH_USERNAME: - name: OCIS_PERSISTENT_STORE_AUTH_USERNAME;COLLABORATION_STORE_AUTH_USERNAME + name: OCIS_PERSISTENT_STORE_AUTH_USERNAME;EVENTHISTORY_STORE_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. - introductionVersion: 7.0.0 + introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_PERSISTENT_STORE_NODES: - name: OCIS_PERSISTENT_STORE_NODES;COLLABORATION_STORE_NODES + name: OCIS_PERSISTENT_STORE_NODES;EVENTHISTORY_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. This has no effect when 'memory' store is configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details. - introductionVersion: 7.0.0 + introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_PERSISTENT_STORE_TTL: - name: OCIS_PERSISTENT_STORE_TTL;COLLABORATION_STORE_TTL - defaultValue: 30m0s + name: OCIS_PERSISTENT_STORE_TTL;EVENTHISTORY_STORE_TTL + defaultValue: 336h0m0s type: Duration - description: Time to live for events in the store. Defaults to '30m' (30 minutes). + description: Time to live for events in the store. Defaults to '336h' (2 weeks). See the Environment Variable Types description for more details. - introductionVersion: 7.0.0 + introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" @@ -8887,7 +8900,7 @@ OCIS_REVA_GATEWAY_TLS_MODE: removalVersion: "" deprecationInfo: "" OCIS_SERVICE_ACCOUNT_ID: - name: OCIS_SERVICE_ACCOUNT_ID;SEARCH_SERVICE_ACCOUNT_ID + name: OCIS_SERVICE_ACCOUNT_ID;STORAGE_USERS_SERVICE_ACCOUNT_ID defaultValue: "" type: string description: The ID of the service account the service should use. See the 'auth-service' @@ -8897,7 +8910,7 @@ OCIS_SERVICE_ACCOUNT_ID: removalVersion: "" deprecationInfo: "" OCIS_SERVICE_ACCOUNT_SECRET: - name: OCIS_SERVICE_ACCOUNT_SECRET;SEARCH_SERVICE_ACCOUNT_SECRET + name: OCIS_SERVICE_ACCOUNT_SECRET;STORAGE_USERS_SERVICE_ACCOUNT_SECRET defaultValue: "" type: string description: The service account secret. @@ -8914,7 +8927,7 @@ OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD: deprecationVersion: "" removalVersion: "" deprecationInfo: 'FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated - | ' + | | FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated | ' OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD: name: OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD;SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD defaultValue: "false" @@ -8927,7 +8940,8 @@ OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD: deprecationVersion: "" removalVersion: "" deprecationInfo: 'FRONTEND_OCS_PUBLIC_WRITABLE_SHARE_MUST_HAVE_PASSWORD, the OCS - API is deprecated | ' + API is deprecated | | FRONTEND_OCS_PUBLIC_WRITABLE_SHARE_MUST_HAVE_PASSWORD, + the OCS API is deprecated | ' OCIS_SHOW_USER_EMAIL_IN_RESULTS: name: OCIS_SHOW_USER_EMAIL_IN_RESULTS defaultValue: "false" @@ -8940,17 +8954,18 @@ OCIS_SHOW_USER_EMAIL_IN_RESULTS: removalVersion: "" deprecationInfo: "" OCIS_SPACES_MAX_QUOTA: - name: OCIS_SPACES_MAX_QUOTA;FRONTEND_MAX_QUOTA + name: OCIS_SPACES_MAX_QUOTA;STORAGE_USERS_OCIS_MAX_QUOTA defaultValue: "0" type: uint64 - description: Set the global max quota value in bytes. A value of 0 equals unlimited. - The value is provided via capabilities. + description: Set a global max quota for spaces in bytes. A value of 0 equals unlimited. + If not using the global OCIS_SPACES_MAX_QUOTA, you must define the FRONTEND_MAX_QUOTA + in the frontend service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_SYSTEM_USER_API_KEY: - name: OCIS_SYSTEM_USER_API_KEY + name: OCIS_SYSTEM_USER_API_KEY;SHARING_PUBLIC_CS3_SYSTEM_USER_API_KEY defaultValue: "" type: string description: API key for the STORAGE-SYSTEM system user. @@ -8959,10 +8974,10 @@ OCIS_SYSTEM_USER_API_KEY: removalVersion: "" deprecationInfo: "" OCIS_SYSTEM_USER_ID: - name: OCIS_SYSTEM_USER_ID + name: OCIS_SYSTEM_USER_ID;SHARING_PUBLIC_CS3_SYSTEM_USER_ID defaultValue: "" type: string - description: ID of the oCIS storage-system system user. Admins need to set the ID + description: ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID for the STORAGE-SYSTEM system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format. @@ -8980,7 +8995,7 @@ OCIS_SYSTEM_USER_IDP: removalVersion: "" deprecationInfo: "" OCIS_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;USERS_TRACING_COLLECTOR + name: OCIS_TRACING_COLLECTOR;STORAGE_USERS_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -8990,7 +9005,7 @@ OCIS_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" OCIS_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;USERS_TRACING_ENABLED + name: OCIS_TRACING_ENABLED;STORAGE_USERS_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -8999,7 +9014,7 @@ OCIS_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" OCIS_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;USERS_TRACING_ENDPOINT + name: OCIS_TRACING_ENDPOINT;STORAGE_USERS_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -9008,7 +9023,7 @@ OCIS_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" OCIS_TRACING_TYPE: - name: OCIS_TRACING_TYPE;USERS_TRACING_TYPE + name: OCIS_TRACING_TYPE;STORAGE_USERS_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -9027,22 +9042,21 @@ OCIS_TRANSFER_SECRET: removalVersion: "" deprecationInfo: "" OCIS_TRANSLATION_PATH: - name: OCIS_TRANSLATION_PATH;USERLOG_TRANSLATION_PATH + name: OCIS_TRANSLATION_PATH;GRAPH_TRANSLATION_PATH defaultValue: "" type: string description: (optional) Set this to a path with custom translations to overwrite the builtin translations. Note that file and folder naming rules apply, see the documentation for more details. - introductionVersion: pre5.0 + introductionVersion: 7.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_URL: - name: OCIS_URL;OCIS_OIDC_ISSUER;USERS_IDP_URL + name: OCIS_URL;OCDAV_PUBLIC_URL defaultValue: https://localhost:9200 type: string - description: The identity provider value to set in the userids of the CS3 user objects - for users returned by this user provider. + description: URL where oCIS is reachable for users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -10205,32 +10219,32 @@ POSTPROCESSING_STEPS: removalVersion: "" deprecationInfo: "" POSTPROCESSING_STORE: - name: OCIS_PERSISTENT_STORE;COLLABORATION_STORE + name: OCIS_PERSISTENT_STORE;POSTPROCESSING_STORE defaultValue: nats-js-kv type: string - description: 'The type of the store. Supported values are: ''memory'', ''nats-js-kv'', - ''redis-sentinel'', ''noop''. See the text description for details.' - introductionVersion: 7.0.0 + description: 'The type of the store. Supported values are: ''memory'', ''redis-sentinel'', + ''nats-js-kv'', ''noop''. See the text description for details.' + introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" POSTPROCESSING_STORE_AUTH_PASSWORD: - name: OCIS_PERSISTENT_STORE_AUTH_PASSWORD;COLLABORATION_STORE_AUTH_PASSWORD + name: OCIS_PERSISTENT_STORE_AUTH_PASSWORD;POSTPROCESSING_STORE_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. - introductionVersion: 7.0.0 + introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" POSTPROCESSING_STORE_AUTH_USERNAME: - name: OCIS_PERSISTENT_STORE_AUTH_USERNAME;COLLABORATION_STORE_AUTH_USERNAME + name: OCIS_PERSISTENT_STORE_AUTH_USERNAME;POSTPROCESSING_STORE_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. - introductionVersion: 7.0.0 + introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" @@ -10244,14 +10258,14 @@ POSTPROCESSING_STORE_DATABASE: removalVersion: "" deprecationInfo: "" POSTPROCESSING_STORE_NODES: - name: OCIS_PERSISTENT_STORE_NODES;COLLABORATION_STORE_NODES + name: OCIS_PERSISTENT_STORE_NODES;POSTPROCESSING_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. This has no effect when 'memory' store is configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details. - introductionVersion: 7.0.0 + introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" @@ -10265,12 +10279,12 @@ POSTPROCESSING_STORE_TABLE: removalVersion: "" deprecationInfo: "" POSTPROCESSING_STORE_TTL: - name: OCIS_PERSISTENT_STORE_TTL;COLLABORATION_STORE_TTL - defaultValue: 30m0s + name: OCIS_PERSISTENT_STORE_TTL;POSTPROCESSING_STORE_TTL + defaultValue: 0s type: Duration - description: Time to live for events in the store. Defaults to '30m' (30 minutes). - See the Environment Variable Types description for more details. - introductionVersion: 7.0.0 + description: Time to live for events in the store. See the Environment Variable + Types description for more details. + introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" @@ -11593,10 +11607,10 @@ SETTINGS_STORAGE_GRPC_ADDR: removalVersion: "" deprecationInfo: "" SETTINGS_SYSTEM_USER_ID: - name: OCIS_SYSTEM_USER_ID + name: OCIS_SYSTEM_USER_ID;SETTINGS_SYSTEM_USER_ID defaultValue: "" type: string - description: ID of the oCIS storage-system system user. Admins need to set the ID + description: ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID for the STORAGE-SYSTEM system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format. @@ -11605,7 +11619,7 @@ SETTINGS_SYSTEM_USER_ID: removalVersion: "" deprecationInfo: "" SETTINGS_SYSTEM_USER_IDP: - name: OCIS_SYSTEM_USER_IDP;SHARING_PUBLIC_CS3_SYSTEM_USER_IDP + name: OCIS_SYSTEM_USER_IDP;SETTINGS_SYSTEM_USER_IDP defaultValue: internal type: string description: IDP of the oCIS STORAGE-SYSTEM system user. @@ -13303,7 +13317,7 @@ STORAGE_USERS_DRIVER: removalVersion: "" deprecationInfo: "" STORAGE_USERS_EVENTS_AUTH_PASSWORD: - name: OCIS_EVENTS_AUTH_PASSWORD;POLICIES_EVENTS_AUTH_PASSWORD + name: OCIS_EVENTS_AUTH_PASSWORD;STORAGE_USERS_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the events broker. The events broker @@ -13313,7 +13327,7 @@ STORAGE_USERS_EVENTS_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" STORAGE_USERS_EVENTS_AUTH_USERNAME: - name: OCIS_EVENTS_AUTH_USERNAME;POLICIES_EVENTS_AUTH_USERNAME + name: OCIS_EVENTS_AUTH_USERNAME;STORAGE_USERS_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the events broker. The events broker @@ -13323,7 +13337,7 @@ STORAGE_USERS_EVENTS_AUTH_USERNAME: removalVersion: "" deprecationInfo: "" STORAGE_USERS_EVENTS_CLUSTER: - name: OCIS_EVENTS_CLUSTER;POLICIES_EVENTS_CLUSTER + name: OCIS_EVENTS_CLUSTER;STORAGE_USERS_EVENTS_CLUSTER defaultValue: ocis-cluster type: string description: The clusterID of the event system. The event system is the message @@ -13334,7 +13348,7 @@ STORAGE_USERS_EVENTS_CLUSTER: removalVersion: "" deprecationInfo: "" STORAGE_USERS_EVENTS_ENABLE_TLS: - name: OCIS_EVENTS_ENABLE_TLS;POLICIES_EVENTS_ENABLE_TLS + name: OCIS_EVENTS_ENABLE_TLS;STORAGE_USERS_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker @@ -13344,7 +13358,7 @@ STORAGE_USERS_EVENTS_ENABLE_TLS: removalVersion: "" deprecationInfo: "" STORAGE_USERS_EVENTS_ENDPOINT: - name: OCIS_EVENTS_ENDPOINT;POLICIES_EVENTS_ENDPOINT + name: OCIS_EVENTS_ENDPOINT;STORAGE_USERS_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing @@ -13375,11 +13389,11 @@ STORAGE_USERS_EVENTS_TLS_INSECURE: removalVersion: "" deprecationInfo: "" STORAGE_USERS_EVENTS_TLS_ROOT_CA_CERTIFICATE: - name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;POLICIES_EVENTS_TLS_ROOT_CA_CERTIFICATE + name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;STORAGE_USERS_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. - If provided POLICIES_EVENTS_TLS_INSECURE will be seen as false. + If provided STORAGE_USERS_EVENTS_TLS_INSECURE will be seen as false. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -13395,27 +13409,27 @@ STORAGE_USERS_EXPOSE_DATA_SERVER: removalVersion: "" deprecationInfo: "" STORAGE_USERS_FILEMETADATA_CACHE_AUTH_PASSWORD: - name: OCIS_CACHE_AUTH_PASSWORD;STORAGE_SYSTEM_CACHE_AUTH_PASSWORD + name: OCIS_CACHE_AUTH_PASSWORD;STORAGE_USERS_FILEMETADATA_CACHE_AUTH_PASSWORD defaultValue: "" type: string - description: Password for the configured store. Only applies when store type 'nats-js-kv' - is configured. + description: The password to authenticate with the cache store. Only applies when + store type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_FILEMETADATA_CACHE_AUTH_USERNAME: - name: OCIS_CACHE_AUTH_USERNAME;STORAGE_SYSTEM_CACHE_AUTH_USERNAME + name: OCIS_CACHE_AUTH_USERNAME;STORAGE_USERS_FILEMETADATA_CACHE_AUTH_USERNAME defaultValue: "" type: string - description: Username for the configured store. Only applies when store type 'nats-js-kv' - is configured. + description: The username to authenticate with the cache store. Only applies when + store type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_FILEMETADATA_CACHE_DISABLE_PERSISTENCE: - name: OCIS_CACHE_DISABLE_PERSISTENCE;STORAGE_SYSTEM_CACHE_DISABLE_PERSISTENCE + name: OCIS_CACHE_DISABLE_PERSISTENCE;STORAGE_USERS_FILEMETADATA_CACHE_DISABLE_PERSISTENCE defaultValue: "false" type: bool description: Disables persistence of the cache. Only applies when store type 'nats-js-kv' @@ -13425,7 +13439,7 @@ STORAGE_USERS_FILEMETADATA_CACHE_DISABLE_PERSISTENCE: removalVersion: "" deprecationInfo: "" STORAGE_USERS_FILEMETADATA_CACHE_STORE: - name: OCIS_CACHE_STORE;STORAGE_SYSTEM_CACHE_STORE + name: OCIS_CACHE_STORE;STORAGE_USERS_FILEMETADATA_CACHE_STORE defaultValue: memory type: string description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'', @@ -13435,7 +13449,7 @@ STORAGE_USERS_FILEMETADATA_CACHE_STORE: removalVersion: "" deprecationInfo: "" STORAGE_USERS_FILEMETADATA_CACHE_STORE_NODES: - name: OCIS_CACHE_STORE_NODES;STORAGE_SYSTEM_CACHE_STORE_NODES + name: OCIS_CACHE_STORE_NODES;STORAGE_USERS_FILEMETADATA_CACHE_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. This has no effect @@ -13447,7 +13461,7 @@ STORAGE_USERS_FILEMETADATA_CACHE_STORE_NODES: removalVersion: "" deprecationInfo: "" STORAGE_USERS_FILEMETADATA_CACHE_TTL: - name: OCIS_CACHE_TTL;STORAGE_SYSTEM_CACHE_TTL + name: OCIS_CACHE_TTL;STORAGE_USERS_FILEMETADATA_CACHE_TTL defaultValue: 24m0s type: Duration description: Default time to live for user info in the user info cache. Only applied @@ -13458,11 +13472,11 @@ STORAGE_USERS_FILEMETADATA_CACHE_TTL: removalVersion: "" deprecationInfo: "" STORAGE_USERS_GATEWAY_GRPC_ADDR: - name: OCIS_GATEWAY_GRPC_ADDR;GATEWAY_GRPC_ADDR + name: OCIS_GATEWAY_GRPC_ADDR;STORAGE_USERS_GATEWAY_GRPC_ADDR defaultValue: 127.0.0.1:9142 type: string - description: The bind address of the GRPC service. - introductionVersion: pre5.0 + description: The bind address of the gateway GRPC address. + introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" @@ -13488,7 +13502,7 @@ STORAGE_USERS_GRPC_ADDR: removalVersion: "" deprecationInfo: "" STORAGE_USERS_GRPC_PROTOCOL: - name: OCIS_GRPC_PROTOCOL;USERS_GRPC_PROTOCOL + name: OCIS_GRPC_PROTOCOL;STORAGE_USERS_GRPC_PROTOCOL defaultValue: "" type: string description: The transport protocol of the GPRC service. @@ -13685,33 +13699,34 @@ STORAGE_USERS_OCIS_MAX_ACQUIRE_LOCK_CYCLES: removalVersion: "" deprecationInfo: "" STORAGE_USERS_OCIS_MAX_CONCURRENCY: - name: OCIS_MAX_CONCURRENCY;USERLOG_MAX_CONCURRENCY - defaultValue: "1" + name: OCIS_MAX_CONCURRENCY;STORAGE_USERS_OCIS_MAX_CONCURRENCY + defaultValue: "5" type: int description: Maximum number of concurrent go-routines. Higher values can potentially get work done faster but will also cause more load on the system. Values of 0 or below will be ignored and the default value will be used. - introductionVersion: 7.0.0 + introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_OCIS_MAX_QUOTA: - name: OCIS_SPACES_MAX_QUOTA;FRONTEND_MAX_QUOTA + name: OCIS_SPACES_MAX_QUOTA;STORAGE_USERS_OCIS_MAX_QUOTA defaultValue: "0" type: uint64 - description: Set the global max quota value in bytes. A value of 0 equals unlimited. - The value is provided via capabilities. + description: Set a global max quota for spaces in bytes. A value of 0 equals unlimited. + If not using the global OCIS_SPACES_MAX_QUOTA, you must define the FRONTEND_MAX_QUOTA + in the frontend service. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" STORAGE_USERS_OCIS_PERMISSIONS_ENDPOINT: - name: STORAGE_USERS_PERMISSION_ENDPOINT;STORAGE_USERS_POSIX_PERMISSIONS_ENDPOINT + name: STORAGE_USERS_PERMISSION_ENDPOINT;STORAGE_USERS_OCIS_PERMISSIONS_ENDPOINT defaultValue: com.owncloud.api.settings type: string - description: Endpoint of the permissions service. The endpoints can differ for 'ocis', - 'posix' and 's3ng'. - introductionVersion: 6.0.0 + description: Endpoint of the permissions service. The endpoints can differ for 'ocis' + and 's3ng'. + introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" @@ -13734,7 +13749,7 @@ STORAGE_USERS_OCIS_PERSONAL_SPACE_PATH_TEMPLATE: removalVersion: "" deprecationInfo: "" STORAGE_USERS_OCIS_PROPAGATOR: - name: OCIS_DECOMPOSEDFS_PROPAGATOR;STORAGE_USERS_S3NG_PROPAGATOR + name: OCIS_DECOMPOSEDFS_PROPAGATOR;STORAGE_USERS_OCIS_PROPAGATOR defaultValue: sync type: string description: The propagator used for decomposedfs. At the moment, only 'sync' is @@ -14224,7 +14239,7 @@ STORAGE_USERS_S3NG_USER_LAYOUT: removalVersion: "" deprecationInfo: "" STORAGE_USERS_SERVICE_ACCOUNT_ID: - name: OCIS_SERVICE_ACCOUNT_ID;SEARCH_SERVICE_ACCOUNT_ID + name: OCIS_SERVICE_ACCOUNT_ID;STORAGE_USERS_SERVICE_ACCOUNT_ID defaultValue: "" type: string description: The ID of the service account the service should use. See the 'auth-service' @@ -14234,7 +14249,7 @@ STORAGE_USERS_SERVICE_ACCOUNT_ID: removalVersion: "" deprecationInfo: "" STORAGE_USERS_SERVICE_ACCOUNT_SECRET: - name: OCIS_SERVICE_ACCOUNT_SECRET;SEARCH_SERVICE_ACCOUNT_SECRET + name: OCIS_SERVICE_ACCOUNT_SECRET;STORAGE_USERS_SERVICE_ACCOUNT_SECRET defaultValue: "" type: string description: The service account secret.