forked from georchestra/datadir
-
Notifications
You must be signed in to change notification settings - Fork 0
/
console.properties
323 lines (244 loc) · 10.9 KB
/
console.properties
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
# General purposes properties
# Name of the geOrchestra instance
# default: see default.properties - uncomment to override
#instanceName=
# Header height (in px)
# default: see default.properties - uncomment to override
#headerHeight=
# Header URL (can be absolute or relative)
# default: see default.properties - uncomment to override
#headerUrl=
# PostgreSQL server domain name
# default: see default.properties - uncomment to override
#pgsqlHost=
# PostgreSQL server port
# default: see default.properties - uncomment to override
#pgsqlPort=
# PostgreSQL database name
# default: see default.properties - uncomment to override
#pgsqlDatabase=
# User to connect to PostGreSQL server
# default: see default.properties - uncomment to override
#pgsqlUser=
# Password to connect to PostGreSQL server
# default: see default.properties - uncomment to override
#pgsqlPassword=
# LDAP server domain name
# default: see default.properties - uncomment to override
#ldapHost=
# LDAP server port
# default: see default.properties - uncomment to override
#ldapPort=
# LDAP connection pool
# Whether objects will be validated before being borrowed from the pool. If the object fails to validate, it will be dropped from the pool, and an attempt to borrow another will be made.
#ldap.pool.testOnBorrow=true
# maximum number of active connections of each type (read-only|read-write) that can be allocated from this pool at the same time, or -1 for no limit.
#ldap.pool.maxActive=8
# minimum number of active connections of each type (read-only|read-write) that can remain idle in the pool, without extra ones being created, or zero to create none.
#ldap.pool.minIdle=1
# maximum number of active connections of each type (read-only|read-write) that can remain idle in the pool, without extra ones being released, or -1 for no limit.
#ldap.pool.maxIdle=8
# overall maximum number of active connections (for all types) that can be allocated from this pool at the same time, or non-positive for no limit.
#ldap.pool.maxTotal=-1
# maximum number of milliseconds that the pool will wait (when there are no available connections) for a connection to be returned before throwing an exception, or -1 to wait indefinitely.
#ldap.pool.maxWait=-1
# Base DN of the LDAP directory
# default: see default.properties - uncomment to override
#ldapBaseDn=
# Administrator DN
# default: see default.properties - uncomment to override
#ldapAdminDn=
# Administrator password
# default: see default.properties - uncomment to override
#ldapAdminPassword=
# Users RDN
# default: see default.properties - uncomment to override
#ldapUsersRdn=
# Roles RDN
# default: see default.properties - uncomment to override
#ldapRolesRdn=
# Organizations RDN
# default: see default.properties - uncomment to override
#ldapOrgsRdn=
# SMTP server domain name
# default: see default.properties - uncomment to override
#smtpHost=
# SMTP server domain name
# default: see default.properties - uncomment to override
#smtpPort=
# Public context path for the application
# default: /console
#publicContextPath=/console
# List of users protected against modification and deletion
# default: geoserver_privileged_user
#protectedUsersList=geoserver_privileged_user
# Account moderation
# If moderatedSignup is true, each time a new user requests an account:
# * an email is sent to all users having the SUPERUSER role and also to those
# which hold and admin delegation for the declared Org (if any)
# * user is stored inside the "ou=pendingusers" LDAP organizational unit
# (which grants nothing on the SDI).
# Otherwise, the user is immediately considered as registered,
# and is stored inside the "ou=user" LDAP organizational unit. An email
# is also sent to SUPERUSER user and delegated admins if any.
# default: true
#moderatedSignup=true
# Prevent the user from choosing its own username
# if set to true, username will be 'first letter of firstname+lastname'
# default: false
#readonlyUid=false
# Show an "I agree to privacy policy" checkbox at account creation
# default: false
#privacy.policy.agreement.activated=false
# URL of the privacy policy (it can correspond to a PDF, a webpage...)
# example: https://${domainName}/policy.html
# MUST be set to a valid URL if privacy.policy.agreement.activated is set to
# true (see above)
#privacy.policy.agreement.url=https://${domainName}/policy.html
# Password content requirements
# default: 8 characters minimum, all requirements to false
#password.minimumLength=8
#password.requireLowers=false
#password.requireUppers=false
#password.requireDigits=false
#password.requireSpecials=false
# Delay in days before the "I lost my password" token expires
# default: 1
#delayInDays=1
# Fields that MUST be filled in forms
# Possible values for org creation form: "orgAddress" and "orgType"
# default: firstName,surname,org,orgType
#requiredFields=firstName,surname,org,orgType
# Org type values is used to populate the drop down list from /console/account/new
# default: Association,Company,NGO,Individual,Other
orgTypeValues=Association,Company,NGO,Individual,Other
# Areas map configuration
# This map appears on the /console/account/new page, when the user checks the "my org does not exist" checkbox.
# Currently the map is configured with the EPSG:4326 SRS.
# Center of map
AreaMapCenter=9.3707, 42.0753
# Zoom of map
AreaMapZoom=7
# AreasUrl is the URL of a static geojson file in the current folder, which
# provides the basic geometries used to build up organization's areas.
# Also accepts an URL, which can be a static file or a WFS request.
# MUST provide a GeoJSON FeatureCollection with the EPSG:4326 SRS.
# example "dynamic" AreasUrl=https://my.server.org/geoserver/ows?SERVICE=WFS&REQUEST=GetFeature&typeName=gadm:gadm_for_countries&outputFormat=json&srs=EPSG:4326&cql_filter=ISO='FRA' or ISO='BEL'
AreasUrl=cities.geojson
# The following properties are used to configure the map widget behavior:
# AreasKey is the key stored in the org LDAP record to uniquely identify a feature.
AreasKey=INSEE_COM
# AreasValue is the feature "nice name" which appears in the widget list once selected, and in the search result as well.
AreasValue=NOM_COM_M
# AreasGroup is the feature property which is used to group together areas.
# eg: if the GeoJSON file represents regions, then AreasGroup might be the property with the "state name".
# CAUTION: AreasGroup **has to** be a string, not a numeric !
AreasGroup=INSEE_DEP
# reCaptcha V2
# Activate reCaptcha
# default: false
#recaptcha.activated=false
# reCaptcha verification URL
# default: https://www.google.com/recaptcha/api/siteverify
#verificationURL=https://www.google.com/recaptcha/api/siteverify
# reCaptcha private key
# default: 6LfTgF4UAAAAAL-FJJecf36W69hEaC4qZ1yu_s5-
#privateKey=6LfTgF4UAAAAAL-FJJecf36W69hEaC4qZ1yu_s5-
# reCaptcha public key
# default: 6LfTgF4UAAAAADphdZKi6ocxIpn9MSzt8wRBFmmd
#publicKey=6LfTgF4UAAAAADphdZKi6ocxIpn9MSzt8wRBFmmd
# LDAP organizational units
# Pending users
# default: ou=pendingusers
#pendingUserSearchBaseDN=ou=pendingusers
# Pending organizations
# default: ou=pendingorgs
#pendingOrgSearchBaseDN=ou=pendingorgs
# PostgreSQL database connection parameters
# Minimum connections pool size
# default: 2
#dataSource.minPoolSize = 2
# Maximum connections pool size
# default: 10
#dataSource.maxPoolSize = 10
# Acquire connection timeout (in ms for c3p0)
# default: 1000
#dataSource.timeout = 1000
# Max time unused connections are kept idle in the pool. Unit is seconds for c3p0.
# default: 60
#dataSource.maxIdleTime=60
# Email-related properties
# Send emails in HTML format
# default: false
#emailHtml=false
# Reply-To field in sent emails
# default: ${administratorEmail}
#replyTo=${administratorEmail}
# From field in sent emails
# default: ${administratorEmail}
#from=${administratorEmail}
# Subject of email when your account has been created
# default: [${instanceName}] Your account has been created
#subject.account.created=[${instanceName}] Your account has been created
# Subject of email when your account creation is waiting for validation
# default: [${instanceName}] Your new account is waiting for validation
#subject.account.in.process=[${instanceName}] Your new account is waiting for validation
# Subject of email for moderator at account creation
# default: [${instanceName}] New account waiting for validation
#subject.requires.moderation=[${instanceName}] New account waiting for validation
# Subject of email for password change
# default: [${instanceName}] Update your password
#subject.change.password=[${instanceName}] Update your password
# Subject of email for login change
# default: [${instanceName}] New login for your account
#subject.account.uid.renamed=[${instanceName}] New login for your account
# Subject of email when a new account has been created
# default: [${instanceName}] New account created
#subject.new.account.notification=[${instanceName}] New account created
# Encoding of the email templates
# This "é" char should display nicely in a ISO 8859-1 configured editor
# default: UTF-8
#templateEncoding=UTF-8
# Warn a user if their login has been modified
# default: true
#warnUserIfUidModified=true
# Email proxy configuration
# Basically, this webapp can send emails on behalf of LDAP users.
# The service endpoint is available at /console/emailProxy
# Usage is restricted to users having the EMAILPROXY role by default,
# cf https://github.com/georchestra/datadir/blob/master/security-proxy/security-mappings.xml
# see https://github.com/georchestra/georchestra/pull/1572 for more information.
# The following restrictions have been implemented to prevent spammers.
# From field in sent emails
# default: ${administratorEmail}
#emailProxyFromAddress=${administratorEmail}
# Maximum number of recipients
# default: 10
#emailProxyMaxRecipient=10
# Maximum email body size
# default: 10000
#emailProxyMaxBodySize=10000
# Maximum email subject size
# 200
#emailProxyMaxSubjectSize=200
# Comma-separated list of allowed recipients of emails
# default: ${administratorEmail}
#emailProxyRecipientWhitelist=${administratorEmail}
# Activates SASL
# if set to true, the console will leave the possibility to the administrator
# to set a user to cascade the authentication to another system.
# See https://github.com/georchestra/georchestra/blob/master/docs/tutorials/sasl.md#remote-adldap-authentication-with-sasl
# for more info on how to configure your OpenLDAP to cascade authentication to another LDAP-aware system.
# default: false
#saslEnabled=false
# name of the remote SASL server
# This option is purely informative, and give hints to the administrator on which server the authentication will take place
# in case of the previous option is activated.
# As all the SASL configuration is made outside of geOrchestra, setting this property won't have influence on the
# server which will be actually queried for authentication.
# default: null
#saslServer=null
# Activates or disable GDPR-related endpoints
# default: true
#gdpr.allowAccountDeletion=true