101 lines
3 KiB
YAML
101 lines
3 KiB
YAML
# This is the default configuration file
|
|
databases:
|
|
default:
|
|
engine: 'django.db.backends.sqlite3'
|
|
name: 'db.sqlite3'
|
|
log:
|
|
level:
|
|
console: DEBUG
|
|
file: DEBUG
|
|
file: /dev/null
|
|
syslog:
|
|
host: 127.0.0.1
|
|
port: 514
|
|
email:
|
|
host: localhost
|
|
port: 25
|
|
user: ''
|
|
password: ''
|
|
use_tls: false
|
|
use_ssl: false
|
|
from: passbook <passbook@domain.tld>
|
|
web:
|
|
listen: 0.0.0.0
|
|
port: 8000
|
|
threads: 30
|
|
debug: false
|
|
secure_proxy_header:
|
|
HTTP_X_FORWARDED_PROTO: https
|
|
redis: localhost
|
|
# Error reporting, sends stacktrace to sentry.services.beryju.org
|
|
error_report_enabled: true
|
|
secret_key: 9$@r!d^1^jrn#fk#1#@ks#9&i$^s#1)_13%$rwjrhd=e8jfi_s
|
|
|
|
passbook:
|
|
sign_up:
|
|
# Enables signup, created users are stored in internal Database and created in LDAP if ldap.create_users is true
|
|
enabled: true
|
|
password_reset:
|
|
# Enable password reset, passwords are reset in internal Database and in LDAP if ldap.reset_password is true
|
|
enabled: true
|
|
# Verification the user has to provide in order to be able to reset passwords. Can be any combination of `email`, `2fa`, `security_questions`
|
|
verification:
|
|
- email
|
|
# Text used in title, on login page and multiple other places
|
|
branding: passbook
|
|
login:
|
|
# Override URL used for logo
|
|
logo_url: null
|
|
# Override URL used for Background on Login page
|
|
bg_url: null
|
|
# Optionally add a subtext, placed below logo on the login page
|
|
subtext: null
|
|
footer:
|
|
links:
|
|
# Optionally add links to the footer on the login page
|
|
# - name: test
|
|
# href: https://test
|
|
# Specify which fields can be used to authenticate. Can be any combination of `username` and `email`
|
|
uid_fields:
|
|
- username
|
|
- email
|
|
# Factors to load
|
|
factors:
|
|
- passbook.core.auth.factors.backend
|
|
- passbook.core.auth.factors.dummy
|
|
- passbook.captcha_factor.factor
|
|
session:
|
|
remember_age: 2592000 # 60 * 60 * 24 * 30, one month
|
|
# Provider-specific settings
|
|
ldap:
|
|
# Which field from `uid_fields` maps to which LDAP Attribute
|
|
login_field_map:
|
|
username: sAMAccountName
|
|
email: mail # or userPrincipalName
|
|
user_attribute_map:
|
|
active_directory:
|
|
sAMAccountName: username
|
|
mail: email
|
|
given_name: first_name
|
|
name: last_name
|
|
oauth_client:
|
|
# List of python packages with sources types to load.
|
|
types:
|
|
- passbook.oauth_client.source_types.discord
|
|
- passbook.oauth_client.source_types.facebook
|
|
- passbook.oauth_client.source_types.github
|
|
- passbook.oauth_client.source_types.google
|
|
- passbook.oauth_client.source_types.reddit
|
|
- passbook.oauth_client.source_types.supervisr
|
|
- passbook.oauth_client.source_types.twitter
|
|
saml_idp:
|
|
# List of python packages with provider types to load.
|
|
types:
|
|
- passbook.saml_idp.processors.generic
|
|
- passbook.saml_idp.processors.aws
|
|
- passbook.saml_idp.processors.gitlab
|
|
- passbook.saml_idp.processors.nextcloud
|
|
- passbook.saml_idp.processors.salesforce
|
|
- passbook.saml_idp.processors.shibboleth
|
|
- passbook.saml_idp.processors.wordpress_orange
|