Update example env file.

This commit is contained in:
James Cole 2021-06-12 07:38:58 +02:00
parent 6a928a3321
commit 1f83ebc6c7
No known key found for this signature in database
GPG Key ID: B5669F9493CDE38D

View File

@ -167,164 +167,43 @@ MAP_DEFAULT_ZOOM=6
# Firefly III authentication settings
#
# update me.
# Firefly III has two options for user authentication. "eloquent" is the default,
# and "ldap" for LDAP servers.
# For full instructions on these settings please visit:
#
# Firefly III supports a few authentication methods:
# - 'web' (default, uses built in DB)
# - 'ldap'
# - 'remote_user_guard' for Authelia etc
# Read more about these settings in the documentation.
# https://docs.firefly-iii.org/advanced-installation/authentication
# If you use Docker or similar, you can set this variable from a file by appending it with _FILE
#
# If you enable 'ldap' AND you run Docker, the Docker image will contact packagist.org
# This is necessary to download the required packages.
#
# It's also possible to change the way users are authenticated. You could use Authelia for example.
# Authentication via the REMOTE_USER header is supported. Change the value below to "remote_user_guard".
#
# This will also allow Windows SSO.
#
# If you do this please read the documentation for instructions and warnings:
# https://docs.firefly-iii.org/advanced-installation/authentication
#
# This function is available in Firefly III v5.3.0 and higher.
#AUTHENTICATION_GUARD=web
# If the guard is changed, Firefly III uses the 'REMOTE_USER' header as per RFC 3875.
# You can also use another header, like AUTH_USER when using Windows SSO.
# Some systems use X-Auth headers. In that case, use HTTP_X_AUTH_USERNAME or HTTP_X_AUTH_EMAIL
# Depending on your system, REMOTE_USER may need to be changed to HTTP_REMOTE_USER
#
# If this header is 'unexpectedly empty', check out the documentation.
# https://docs.firefly-iii.org/advanced-installation/authentication
#
# AUTHENTICATION_GUARD_HEADER=REMOTE_USER
#
# Firefly III uses email addresses as user identifiers. When you're using an external authentication guard
# that doesn't do this, Firefly III is incapable of emailing you. Messages sent to "Bill Gates" always fail.
# Set to 'ldap' to enable LDAP
#
# However, if you set this value, Firefly III will store the value from this header as the user's backup
# email address and use it to communicate. So user "Bill Gates" could still have
# the email address "bill@microsoft.com".
AUTHENTICATION_GUARD=web
#
# Example value: AUTHENTICATION_GUARD_EMAIL=HTTP_X_AUTH_EMAIL
# LDAP connection settings:
#
# AUTHENTICATION_GUARD_EMAIL=
LDAP_HOST=ldap.yourserver.com
LDAP_USERNAME="uid=X,ou=,o=,dc=something,dc=com"
LDAP_PASSWORD=super_secret
LDAP_PORT=389
LDAP_BASE_DN="o=something,dc=site,dc=com"
LDAP_TIMEOUT=5
LDAP_SSL=false
LDAP_TLS=false
LDAP_AUTH_FIELD=uid
# It's impossible to log out users who's authentication is handled by an external system.
# Enter a custom URL here that will force a logout (your authentication provider can tell you).
# Setting this variable only works when AUTHENTICATION_GUARD != web
#
# CUSTOM_LOGOUT_URI=
# LDAP connection configuration
# OpenLDAP, FreeIPA or ActiveDirectory
# # If you use Docker or similar, you can set this variable from a file by appending it with _FILE
#ADLDAP_CONNECTION_SCHEME=OpenLDAP
#ADLDAP_AUTO_CONNECT=true
# LDAP connection settings
# You can set the following variables from a file by appending them with _FILE:
# ADLDAP_CONTROLLERS, ADLDAP_PORT, ADLDAP_BASEDN
#ADLDAP_CONTROLLERS=
#ADLDAP_PORT=389
#ADLDAP_TIMEOUT=5
#ADLDAP_BASEDN=""
#ADLDAP_FOLLOW_REFFERALS=false
# SSL/TLS settings
#ADLDAP_USE_SSL=false
#ADLDAP_USE_TLS=false
#ADLDAP_SSL_CACERTDIR=
#ADLDAP_SSL_CACERTFILE=
#ADLDAP_SSL_CERTFILE=
#ADLDAP_SSL_KEYFILE=
#ADLDAP_SSL_CIPHER_SUITE=
#ADLDAP_SSL_REQUIRE_CERT=
# You can set the following variables from a file by appending them with _FILE:
#ADLDAP_ADMIN_USERNAME=
#ADLDAP_ADMIN_PASSWORD=
# You can set the following variables from a file by appending them with _FILE:
#ADLDAP_ACCOUNT_PREFIX=
#ADLDAP_ACCOUNT_SUFFIX=
# LDAP authentication settings.
#ADLDAP_PASSWORD_SYNC=false
#ADLDAP_LOGIN_FALLBACK=false
#ADLDAP_DISCOVER_FIELD=distinguishedname
#ADLDAP_AUTH_FIELD=distinguishedname
# field to sync as local username.
# You can set the following variable from a file by appending it with _FILE:
#ADLDAP_SYNC_FIELD=userprincipalname
# Login provider is obsolete
#LOGIN_PROVIDER=eloquent
#AUTHENTICATION_GUARD=ldap
#CUSTOM_LOGOUT_URI=https://nu.nl
# start new LDAP settings
#LDAP_LOGGING=true
#LDAP_CONNECTION=default
#LDAP_HOST=ldap.jumpcloud.com
#LDAP_USERNAME="uid=authelia,ou=Users,o=5fdddb09ae7868233b9d26d6,dc=jumpcloud,dc=com"
#LDAP_PASSWORD=FZWhDnXVb_.ciGFVwuQC@m9CVo@vdVMx
#LDAP_PORT=389
#LDAP_BASE_DN="ou=Users,o=5fdddb09ae7868233b9d26d6,dc=jumpcloud,dc=com"
#LDAP_TIMEOUT=5
#DAP_SSL=true
#LDAP_TLS=false
# end new LDAP settings
# start custom LDAP settings
#LDAP_AUTH_FIELD=uid
# end custom LDAP settings
# LDAP connection configuration
# OpenLDAP, FreeIPA or ActiveDirectory
#ADLDAP_CONNECTION_SCHEME=OpenLDAP
#ADLDAP_AUTO_CONNECT=true
# LDAP connection settings
#ADLDAP_CONTROLLERS=
#ADLDAP_PORT=389
#ADLDAP_TIMEOUT=5
#ADLDAP_BASEDN=""
#ADLDAP_FOLLOW_REFFERALS=false
#ADLDAP_USE_SSL=false
#ADLDAP_USE_TLS=false
#ADLDAP_SSL_CACERTDIR=
#ADLDAP_SSL_CACERTFILE=
#ADLDAP_SSL_CERTFILE=
#ADLDAP_SSL_KEYFILE=
#ADLDAP_SSL_CIPHER_SUITE=
#ADLDAP_SSL_REQUIRE_CERT=
#ADLDAP_ADMIN_USERNAME=
#ADLDAP_ADMIN_PASSWORD=
#ADLDAP_ACCOUNT_PREFIX=
#ADLDAP_ACCOUNT_SUFFIX=
# LDAP authentication settings.
#ADLDAP_PASSWORD_SYNC=false
#ADLDAP_LOGIN_FALLBACK=false
#ADLDAP_DISCOVER_FIELD=distinguishedname
#ADLDAP_AUTH_FIELD=distinguishedname
# Will allow SSO if your server provides an AUTH_USER field.
#WINDOWS_SSO_DISCOVER=samaccountname
#WINDOWS_SSO_KEY=AUTH_USER
# field to sync as local username.
#ADLDAP_SYNC_FIELD=userprincipalname
# Remote user guard settings
#
AUTHENTICATION_GUARD_HEADER=REMOTE_USER
AUTHENTICATION_GUARD_EMAIL=
#
# Extra authentication settings
#
CUSTOM_LOGOUT_URI=
# You can disable the X-Frame-Options header if it interferes with tools like
# Organizr. This is at your own risk. Applications running in frames run the risk