mirror of
https://github.com/Part-DB/Part-DB-server.git
synced 2025-12-06 02:59:29 +00:00
fd7106af28
We normalize the url with an env var processor before passing it to the saml lib, to avoid an error. Fixes issue #1118
137 lines
6.5 KiB
Bash
137 lines
6.5 KiB
Bash
#### Part-DB Configuration
|
|
# See https://docs.part-db.de/configuration.html for documentation of available options
|
|
|
|
###################################################################################
|
|
# Database settings
|
|
###################################################################################
|
|
|
|
# Format described at https://www.doctrine-project.org/projects/doctrine-dbal/en/latest/reference/configuration.html#connecting-using-a-url
|
|
# IMPORTANT: You MUST configure your server version, either here or in config/packages/doctrine.yaml
|
|
|
|
# Use a file (SQLite) as database. For bigger instances you should use a real database server (like MySQL)
|
|
DATABASE_URL="sqlite:///%kernel.project_dir%/var/app.db"
|
|
|
|
# Uncomment this line (and comment the line above to use a MySQL database
|
|
#DATABASE_URL=mysql://root:@127.0.0.1:3306/part-db?serverVersion=5.7
|
|
|
|
# Set this value to 1, if you want to use SSL to connect to the MySQL server. It will be tried to use the CA certificate
|
|
# otherwise a CA bundle shipped with PHP will be used.
|
|
# Leave it at 0, if you do not want to use SSL or if your server does not support it
|
|
DATABASE_MYSQL_USE_SSL_CA=0
|
|
|
|
# Set this value to 0, if you don't want to verify the CA certificate of the MySQL server
|
|
# Only do this, if you know what you are doing!
|
|
DATABASE_MYSQL_SSL_VERIFY_CERT=1
|
|
|
|
# Emulate natural sorting of strings even on databases that do not support it (like SQLite, MySQL or MariaDB < 10.7)
|
|
# This can be slow on big databases and might have some problems and quirks, so use it with caution
|
|
DATABASE_EMULATE_NATURAL_SORT=0
|
|
|
|
###################################################################################
|
|
# General settings
|
|
###################################################################################
|
|
|
|
# The public reachable URL of this Part-DB installation. This is used for generating links in SAML and email templates or when no request context is available.
|
|
DEFAULT_URI="https://partdb.changeme.invalid/"
|
|
|
|
###################################################################################
|
|
# Email settings
|
|
###################################################################################
|
|
|
|
# The DSN of the email server that should be used for sending emails (disabled by default)
|
|
# See Transport section of https://symfony.com/doc/current/components/mailer.html for available providers and syntax
|
|
MAILER_DSN=null://null
|
|
#MAILER_DSN=smtp://user:password@smtp.mailserver.invalid:587
|
|
|
|
# The email address from which all Part-DB emails should be sent. Change this when you configure email!
|
|
EMAIL_SENDER_EMAIL=noreply@partdb.changeme
|
|
# The sender name which should be used for all Part-DB emails
|
|
EMAIL_SENDER_NAME="Part-DB Mailer"
|
|
# Set this to 1 to allow reset of a password per email
|
|
ALLOW_EMAIL_PW_RESET=0
|
|
|
|
###################################################################################
|
|
# Error pages settings
|
|
###################################################################################
|
|
|
|
# You can set an email address here, which is shown on an error page, how to contact an administrator
|
|
ERROR_PAGE_ADMIN_EMAIL=''
|
|
# If this is set to true, solutions to common problems are shown on error pages. Disable this, if you do not want your users to see them...
|
|
ERROR_PAGE_SHOW_HELP=1
|
|
|
|
|
|
###################################################################################
|
|
# SAML Single sign on-settings
|
|
###################################################################################
|
|
# Set this to 1 to enable SAML single sign on
|
|
# Be also sure to set the correct values for DEFAULT_URI
|
|
SAML_ENABLED=0
|
|
|
|
# Set to 1, if your Part-DB installation is behind a reverse proxy and you want to use SAML
|
|
SAML_BEHIND_PROXY=0
|
|
|
|
# A JSON encoded array of role mappings in the form { "saml_role": PARTDB_GROUP_ID, "*": PARTDB_GROUP_ID }
|
|
# The first match is used, so the order is important! Put the group mapping with the most privileges first.
|
|
# Please not to only use single quotes to enclose the JSON string
|
|
SAML_ROLE_MAPPING='{}'
|
|
# A mapping could look like the following
|
|
#SAML_ROLE_MAPPING='{ "*": 2, "admin": 1, "editor": 3}'
|
|
|
|
# When this is set to 1, the group of SAML users will be updated everytime they login based on their SAML roles
|
|
SAML_UPDATE_GROUP_ON_LOGIN=1
|
|
|
|
# The entity ID of your SAML IDP (e.g. the realm name of your Keycloak server)
|
|
SAML_IDP_ENTITY_ID="https://idp.changeme.invalid/realms/master"
|
|
# The URL of your SAML IDP SingleSignOnService (e.g. the endpoint of your Keycloak server)
|
|
SAML_IDP_SINGLE_SIGN_ON_SERVICE="https://idp.changeme.invalid/realms/master/protocol/saml"
|
|
# The URL of your SAML IDP SingleLogoutService (e.g. the endpoint of your Keycloak server)
|
|
SAML_IDP_SINGLE_LOGOUT_SERVICE="https://idp.changeme.invalid/realms/master/protocol/saml"
|
|
# The public certificate of the SAML IDP (e.g. the certificate of your Keycloak server)
|
|
SAML_IDP_X509_CERT="MIIC..."
|
|
|
|
# The entity of your SAML SP, must match the SP entityID configured in your SAML IDP (e.g. Keycloak).
|
|
# This should be a the domain name of your Part-DB installation, followed by "/sp"
|
|
SAML_SP_ENTITY_ID="https://partdb.changeme.invalid/sp"
|
|
|
|
# The public certificate of the SAML SP
|
|
SAML_SP_X509_CERT="MIIC..."
|
|
# The private key of the SAML SP
|
|
SAML_SP_PRIVATE_KEY="MIIE..."
|
|
|
|
|
|
######################################################################################
|
|
# Other settings
|
|
######################################################################################
|
|
# In demo mode things it is not possible for a user to change his password and his settings.
|
|
DEMO_MODE=0
|
|
|
|
# Change this to true, if no url rewriting (like mod_rewrite for Apache) is available
|
|
# In that case all URL contains the index.php front controller in URL
|
|
NO_URL_REWRITE_AVAILABLE=0
|
|
|
|
# Set to 1, if Part-DB should redirect all HTTP requests to HTTPS. You dont need to configure this, if your webserver already does this.
|
|
REDIRECT_TO_HTTPS=0
|
|
|
|
# Set this to zero, if you want to disable the year 2038 bug check on 32-bit systems (it will cause errors with current 32-bit PHP versions)
|
|
DISABLE_YEAR2038_BUG_CHECK=0
|
|
|
|
# Set the trusted IPs here, when using an reverse proxy
|
|
#TRUSTED_PROXIES=127.0.0.0/8,::1,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
|
|
#TRUSTED_HOSTS='^(localhost|example\.com)$'
|
|
|
|
|
|
###> symfony/lock ###
|
|
# Choose one of the stores below
|
|
# postgresql+advisory://db_user:db_password@localhost/db_name
|
|
LOCK_DSN=flock
|
|
###< symfony/lock ###
|
|
|
|
###> nelmio/cors-bundle ###
|
|
CORS_ALLOW_ORIGIN='^https?://(localhost|127\.0\.0\.1)(:[0-9]+)?$'
|
|
###< nelmio/cors-bundle ###
|
|
|
|
###> symfony/framework-bundle ###
|
|
APP_ENV=prod
|
|
APP_SECRET=a03498528f5a5fc089273ec9ae5b2849
|
|
APP_SHARE_DIR=var/share
|
|
###< symfony/framework-bundle ###
|