-
-
Notifications
You must be signed in to change notification settings - Fork 88
/
sample.env
202 lines (168 loc) · 9.22 KB
/
sample.env
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
# This is a sample configuration file with all possible configuration options.
# If you don't want to maintain a file like this you can pass in all variables via Server Variables
## Minimum Configuration, these are required for installation
LEAN_PORT = '8081' # The port to expose and access Leantime
LEAN_APP_URL = '' # Base URL, needed for subfolder or proxy installs (including http:// or https://)
LEAN_APP_DIR = '' # Base of application without trailing slash (used for cookies), e.g, /leantime
LEAN_DEBUG = 0 # Debug flag
# Database - MySQL container
MYSQL_ROOT_PASSWORD = 'changeme123' # MySQL root password
MYSQL_DATABASE = 'leantime' # Database name
MYSQL_USER = 'lean' # Database username
MYSQL_PASSWORD = 'changeme123' # Database password
# Database - leantime container
LEAN_DB_HOST = 'mysql_leantime' # Database host
LEAN_DB_USER = 'lean' # Database username (needs to be the same as MYSQL_USER)
LEAN_DB_PASSWORD = 'changeme123' # Database password (needs to be the same as MYSQL_PASSWORD)
LEAN_DB_DATABASE = 'leantime' # Database name (needs to be the same as MYSQL_DATABASE)
LEAN_DB_PORT = '3306' # Database port
## Optional Configuration, you may omit these from your .env file
## Default Settings
LEAN_SITENAME = 'Leantime' # Name of your site, can be changed later
LEAN_LANGUAGE = 'en-US' # Default language
LEAN_DEFAULT_TIMEZONE = 'America/Los_Angeles' # Set default timezone
LEAN_LOG_PATH = '' # Default Log Path (including filename), if not set /logs/error.log will be used
LEAN_DISABLE_LOGIN_FORM = false # If true then don't show the login form (useful only if additional auth method[s] are available)
## Session Management
LEAN_SESSION_PASSWORD = '3evBlq9zdUEuzKvVJHWWx3QzsQhturBApxwcws2m' # Salting sessions, replace with a strong password
LEAN_SESSION_EXPIRATION = 28800 # How many seconds after inactivity should we logout? 28800seconds = 8hours
LEAN_SESSION_SECURE = false # Cookies only served via https
## Look & Feel, these settings are available in the UI and can be overwritten there.
LEAN_LOGO_PATH = '/dist/images/logo.svg' # Default logo path, can be changed later
LEAN_PRINT_LOGO_URL = '/dist/images/logo.png' # Default logo URL use for printing (must be jpg or png format)
LEAN_DEFAULT_THEME = 'default' # Default theme
LEAN_PRIMARY_COLOR = '#006d9f' # Primary Theme color
LEAN_SECONDARY_COLOR =' #00a886' # Secondary Theme Color
## Fileuploads
# Local File Uploads
LEAN_USER_FILE_PATH = 'userfiles/' # Local relative path to store uploaded files (if not using S3)
LEAN_DB_BACKUP_PATH = 'backupdb/' # Local relative path to store backup files, need permission to write
# S3 File Uploads
LEAN_USE_S3 = false # Set to true if you want to use S3 instead of local files
LEAN_S3_KEY = '' # S3 Key
LEAN_S3_SECRET = '' # S3 Secret
LEAN_S3_BUCKET = '' # Your S3 bucket
LEAN_S3_USE_PATH_STYLE_ENDPOINT = false # Sets the endpoint style: false => https://[bucket].[endpoint] ; true => https://[endpoint]/[bucket]
LEAN_S3_REGION = '' # S3 region
LEAN_S3_FOLDER_NAME = '' # Foldername within S3 (can be empty)
LEAN_S3_END_POINT = null # S3 EndPoint S3 Compatible (https://sfo2.digitaloceanspaces.com)
## Email
LEAN_EMAIL_RETURN = '' # Return email address, needs to be valid email address format
LEAN_EMAIL_USE_SMTP = false # Use SMTP? If set to false, the default php mail() function will be used
LEAN_EMAIL_SMTP_HOSTS = '' # SMTP host
LEAN_EMAIL_SMTP_AUTH = true # SMTP authentication required
LEAN_EMAIL_SMTP_USERNAME = '' # SMTP username
LEAN_EMAIL_SMTP_PASSWORD = '' # SMTP password
LEAN_EMAIL_SMTP_AUTO_TLS = true # SMTP Enable TLS encryption automatically if a server supports it
LEAN_EMAIL_SMTP_SECURE = '' # SMTP Security protocol (usually one of: TLS, SSL, STARTTLS)
LEAN_EMAIL_SMTP_SSLNOVERIFY = false # SMTP Allow insecure SSL: Don't verify certificate, accept self-signed, etc.
LEAN_EMAIL_SMTP_PORT = '' # Port (usually one of 25, 465, 587, 2526)
## LDAP
LEAN_LDAP_USE_LDAP = false # Set to true if you want to use LDAP
LEAN_LDAP_LDAP_DOMAIN = '' # Domain name after username@ so users can login without domain definition
LEAN_LDAP_LDAP_TYPE = 'OL' # Select the correct directory type. Currently Supported: OL - OpenLdap, AD - Active Directory
LEAN_LDAP_HOST = '' # FQDN
LEAN_LDAP_PORT = 389 # Default Port
LEAN_LDAP_URI = '' # LDAP URI as alternative to hostname and port. Uses ldap://hostname:port
LEAN_LDAP_DN = '' # Location of users, example: CN=users,DC=example,DC=com
# Leantime->Ldap attribute mapping
LEAN_LDAP_KEYS="{
\"username\":\"uid\",
\"groups\":\"memberOf\",
\"email\":\"mail\",
\"firstname\":\"displayname\",
\"lastname\":\"\",
\"phone\":\"telephoneNumber\",
\"jobTitle\":\"title\"
\"jobLevel\":\"level\"
\"department\":\"department\"
}"
# For AD use these default attributes
# LEAN_LDAP_KEYS="{
# \"username\":\"cn\",
# \"groups\":\"memberOf\",
# \"email\":\"mail\",
# \"firstname\":\"givenName\",
# \"lastname\":\"sn\",
# \"phone\":\"telephoneNumber\",
# \"jobTitle\":\"title\"
# \"jobLevel\":\"level\"
# \"department\":\"department\"
# }"
LEAN_LDAP_DEFAULT_ROLE_KEY = 20; # Default Leantime Role on creation. (set to editor)
# Default role assignments upon first login.
# optional - Can be updated later in user settings for each user
LEAN_LDAP_GROUP_ASSIGNMENT="{
\"5\": {
\"ltRole\":\"readonly\",
\"ldapRole\":\"readonly\"
},
\"10\": {
\"ltRole\":\"commenter\",
\"ldapRole\":\"commenter\"
},
\"20\": {
\"ltRole\":\"editor\",
\"ldapRole\":\"editor\"
},
\"30\": {
\"ltRole\":\"manager\",
\"ldapRole\":\"manager\"
},
\"40\": {
\"ltRole\":\"admin\",
\"ldapRole\":\"administrators\"
},
\"50\": {
\"ltRole\":\"owner\",
\"ldapRole\":\"administrators\"
}
}"
## OpenID Connect
# required
LEAN_OIDC_ENABLE = false
LEAN_OIDC_CLIENT_ID =
LEAN_OIDC_CLIENT_SECRET =
# required - the URL for your provider (examples down below)
#LEAN_OIDC_PROVIDER_URL =
#Create User if it doesn't exist in Leantime db, otherwise fail login
LEAN_OIDC_CREATE_USER = false
# Default role for users created via OIDC (20 is editor)
LEAN_OIDC_DEFAULT_ROLE = 20
# optional - these will be read from the well-known configuration if possible
#LEAN_OIDC_AUTH_URL_OVERRIDE =
#LEAN_OIDC_TOKEN_URL_OVERRIDE =
#LEAN_OIDC_JWKS_URL_OVERRIDE =
#LEAN_OIDC_USERINFO_URL_OVERRIDE =
# optional - override the public key for RSA validation
#LEAN_OIDC_CERTIFICATE_STRING =
#LEAN_OIDC_CERTIFICATE_FILE =
# optional - override the requested scopes
#LEAN_OIDC_SCOPES =
# optional - override the keys used for these fields
#LEAN_OIDC_FIELD_EMAIL =
#LEAN_OIDC_FIELD_FIRSTNAME =
#LEAN_OIDC_FIELD_LASTNAME =
#LEAN_OIDC_FIELD_PHONE =
#LEAN_OIDC_FIELD_JOBTITLE =
#LEAN_OIDC_FIELD_JOBLEVEL=
#LEAN_OIDC_FIELD_DEPARTMENT =
## OpenID Connect setting for GitHub
#LEAN_OIDC_PROVIDER_URL = https://token.actions.githubusercontent.com/
#LEAN_OIDC_AUTH_URL_OVERRIDE = https://github.com/login/oauth/authorize
#LEAN_OIDC_TOKEN_URL_OVERRIDE = https://github.com/login/oauth/access_token
#LEAN_OIDC_USERINFO_URL_OVERRIDE = https://api.github.com/user,https://api.github.com/user/emails
#LEAN_OIDC_SCOPES = user:email,read:user
#LEAN_OIDC_FIELD_EMAIL = 0.email
#LEAN_OIDC_FIELD_FIRSTNAME = name
## Redis (for session storage and cache)
LEAN_USE_REDIS = false # Set to true to use redis as session cache
LEAN_REDIS_URL = '' # Add URL path such as tcp://1.2.3.4:6379. If you are using a password, add ?auth=yourverycomplexpasswordhere to your URL
LEAN_REDIS_HOST = ''
LEAN_REDIS_PORT = 6379
LEAN_REDIS_PASSWORD = ''
LEAN_REDIS_SCHEME = ''
## Rate limiting
LEAN_RATELIMIT_GENERAL = 1000
LEAN_RATELIMIT_API = 10
LEAN_RATELIMIT_AUTH = 20