98 lines
3.1 KiB
YAML
98 lines
3.1 KiB
YAML
|
# This is the default configuration file
|
||
|
databases:
|
||
|
default:
|
||
|
engine: 'django.db.backends.sqlite3'
|
||
|
name: 'db.sqlite3'
|
||
|
log:
|
||
|
level:
|
||
|
console: DEBUG
|
||
|
file: DEBUG
|
||
|
file: /dev/null
|
||
|
syslog:
|
||
|
host: 127.0.0.1
|
||
|
port: 514
|
||
|
email:
|
||
|
host: localhost
|
||
|
port: 25
|
||
|
user: ''
|
||
|
password: ''
|
||
|
use_tls: false
|
||
|
use_ssl: false
|
||
|
from: passbook <passbook@domain.tld>
|
||
|
web:
|
||
|
listen: 0.0.0.0
|
||
|
port: 8000
|
||
|
threads: 30
|
||
|
debug: true
|
||
|
secure_proxy_header:
|
||
|
HTTP_X_FORWARDED_PROTO: https
|
||
|
redis: localhost
|
||
|
# Error reporting, sends stacktrace to sentry.services.beryju.org
|
||
|
error_report_enabled: true
|
||
|
|
||
|
passbook:
|
||
|
sign_up:
|
||
|
# Enables signup, created users are stored in internal Database and created in LDAP if ldap.create_users is true
|
||
|
enabled: true
|
||
|
password_reset:
|
||
|
# Enable password reset, passwords are reset in internal Database and in LDAP if ldap.reset_password is true
|
||
|
enabled: true
|
||
|
# Verification the user has to provide in order to be able to reset passwords. Can be any combination of `email`, `2fa`, `security_questions`
|
||
|
verification:
|
||
|
- email
|
||
|
# Text used in title, on login page and multiple other places
|
||
|
branding: passbook
|
||
|
login:
|
||
|
# Override URL used for logo
|
||
|
logo_url: null
|
||
|
# Override URL used for Background on Login page
|
||
|
bg_url: null
|
||
|
# Optionally add a subtext, placed below logo on the login page
|
||
|
subtext: This is placeholder text, only. Use this area to place any information or introductory message about your application that may be relevant for users.
|
||
|
footer:
|
||
|
links:
|
||
|
# Optionally add links to the footer on the login page
|
||
|
# - name: test
|
||
|
# href: https://test
|
||
|
# Specify which fields can be used to authenticate. Can be any combination of `username` and `email`
|
||
|
uid_fields:
|
||
|
- username
|
||
|
session:
|
||
|
remember_age: 2592000 # 60 * 60 * 24 * 30, one month
|
||
|
# Provider-specific settings
|
||
|
ldap:
|
||
|
# Completely enable or disable LDAP provider
|
||
|
enabled: false
|
||
|
# AD Domain, used to generate `userPrincipalName`
|
||
|
domain: corp.contoso.com
|
||
|
# Base DN in which passbook should look for users
|
||
|
base_dn: dn=corp,dn=contoso,dn=com
|
||
|
# LDAP field which is used to set the django username
|
||
|
username_field: sAMAccountName
|
||
|
# LDAP server to connect to, can be set to `<domain_name>`
|
||
|
server:
|
||
|
name: corp.contoso.com
|
||
|
use_tls: false
|
||
|
# Bind credentials, used for account creation
|
||
|
bind:
|
||
|
username: Administraotr@corp.contoso.com
|
||
|
password: VerySecurePassword!
|
||
|
# Which field from `uid_fields` maps to which LDAP Attribute
|
||
|
login_field_map:
|
||
|
username: sAMAccountName
|
||
|
email: mail # or userPrincipalName
|
||
|
# Create new users in LDAP upon sign-up
|
||
|
create_users: true
|
||
|
# Reset LDAP password when user reset their password
|
||
|
reset_password: true
|
||
|
oauth_client:
|
||
|
# List of python packages with sources types to load.
|
||
|
source_tyoes:
|
||
|
- passbook.oauth_client.source_types.discord
|
||
|
- passbook.oauth_client.source_types.facebook
|
||
|
- passbook.oauth_client.source_types.github
|
||
|
- passbook.oauth_client.source_types.google
|
||
|
- passbook.oauth_client.source_types.reddit
|
||
|
- passbook.oauth_client.source_types.supervisr
|
||
|
- passbook.oauth_client.source_types.twitter
|