forked from cozy/cozy-stack
-
Notifications
You must be signed in to change notification settings - Fork 0
/
cozy.example.yaml
281 lines (242 loc) · 9.14 KB
/
cozy.example.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
# This file contain an example of cozy-stack configuration file.
# It provides a description for all available fields to configure the stack.
#
# It is possible to pass environnment variable to this configuration using the
# template language of golang, delimited by "{{" and "}}". See:
#
# https://golang.org/pkg/text/template/.
#
# The env map is available in the ".Env" variable. For instance
# ".Env.COUCHDB_PASSPHRASE" will access to "COUCHDB_PASSPHRASE" environment
# variable. The template is evaluated at startup of the stack.
# server host - flags: --host
host: localhost
# server port - flags: --port -p
port: 8080
# how to structure the subdomains for apps - flags: --subdomains
# values:
# - nested, like https://<app>.<user>.<domain>/ (well suited for self-hosted with Let's Encrypt)
# - flat, like https://<user>-<app>.<domain>/ (easier when using wildcard TLS certificate)
subdomains: nested
# defines a list of assets that can be fetched via the /remote/:asset-name
# route.
remote_assets:
bank: https://myassetserver.com/remote_asset.json
# path to the directory with the assets - flags: --assets
# default is to use the assets packed in the binary
# assets: ""
# administration endpoint parameters. this endpoint should be protected
admin:
# server host - flags: --admin-host
host: localhost
# server port - flags: --admin-port
port: 6060
# secret file name containing the derived passphrase to access to the
# administration endpoint. this secret file can be generated using the `cozy-
# stack config passwd` command. this file should be located in the same path
# as the configuration file.
secret_filename: cozy-admin-passphrase
# vault contains keyfiles informations
# See https://docs.cozy.io/en/cozy-stack/cli/cozy-stack_config_gen-keys/
# to generate the keys
vault:
# the path to the key used to encrypt credentials
credentials_encryptor_key: /path/to/key.enc
# the path to the key used to decrypt credentials
credentials_decryptor_key: /path/to/key.dec
# file system parameters
fs:
# file system url - flags: --fs-url
# default url is the directory relative to the binary: ./storage
# url: file://localhost/var/lib/cozy
# url: swift://openstack/?UserName={{ .Env.OS_USERNAME }}&Password={{ .Env.OS_PASSWORD }}&ProjectName={{ .Env.OS_PROJECT_NAME }}&UserDomainName={{ .Env.OS_USER_DOMAIN_NAME }}
# couchdb parameters
couchdb:
# CouchDB URL - flags: --couchdb-url
url: http://localhost:5984/
# CouchDB advanced parameters to activate TLS properties:
#
# root_ca: /ca-certificates.pem
# client_cert: /client_cert.pem
# client_key: /client_key
# pinned_key: 57c8ff33c9c0cfc3ef00e650a1cc910d7ee479a8bc509f6c9209a7c2a11399d6
# insecure_skip_validation: true
# jobs parameters to configure the job system
jobs:
# path to the imagemagick convert binary
# imagemagick_convert_cmd: convert
# Specify whether the given list of jobs is a whitelist or blacklist. In case
# of a whitelist, all jobs are deactivated by default and only the listed one
# are activated.
#
# whitelist: false
# workers individual configrations.
#
# For each worker type it is possible to configure the following fields:
# - concurrency: the maximum number of jobs executed in parallel. when set
# to zero, the worker is deactivated
# - max_exec_count: the maximum number of retries for one job in case of an
# error
# - timeout: the maximum amount of time allowed for one execution of a job
#
# List of available workers:
#
# - "export": exporting data from a cozy instance
# - "konnector": launching konnectors
# - "push": sending push notifications
# - "sendmail": sending mails
# - "service": launching services
# - "thumbnail": creatings and deleting thumbnails for images
# - "share-replicate": for cozy to cozy sharing
# - "share-track": idem
# - "share-upload": idem
# - "unzip": unzipping tarball
# - "updates": run updates for installed applications
#
# When no configuration is given for a worker, a default configuration is
# used. When a false boolean value is given, the worker is deactivated.
#
# To deactivate all workers, the workers field can be set to "false" or
# "none".
workers:
# thumbnail:
# concurrency: {{mul .NumCPU 4}}
# max_exec_count: 2
# timeout: 15s
# konnector:
# concurrency: {{.NumCPU}}
# max_exec_count: 2
# timeout: 200s
# service:
# concurrency: {{.NumCPU}}
# max_exec_count: 2
# timeout: 200s
# export:
# concurrency: 4
# max_exec_count: 1
# timeout: 200s
# push: false
# sendmail: false
# konnectors execution parameters for executing external processes.
konnectors:
cmd: ./scripts/konnector-node-run.sh # run connectors with node
# cmd: ./scripts/konnector-rkt-run.sh # run connectors with rkt
# cmd: ./scripts/konnector-nsjail-run.sh # run connectors with nsjail
# mail service parameters for sending email via SMTP
mail:
# mail noreply address - flags: --mail-noreply-address
noreply_address: noreply@localhost
noreply_name: My Cozy
# mail smtp host - flags: --mail-host
host: smtp.home
# mail smtp port - flags: --mail-port
port: 465
# mail smtp username - flags: --mail-username
username: {{.Env.COZY_MAIL_USERNAME}}
# mail smtp password - flags: --mail-password
password: {{.Env.COZY_MAIL_PASSWORD}}
# disable mail tls - flags: --mail-disable-tls
disable_tls: false
# skip the certificate validation (may be useful on localhost)
skip_certificate_validation: false
# directory with the hooks scripts - flags: --hooks
hooks: ./scripts/hooks
# location of the database for IP -> City lookups - flags: --geodb
# See https://dev.maxmind.com/geoip/geoip2/geolite2/
geodb: ""
# minimal duration between two password reset
password_reset_interval: 15m
# redis namespace to configure its usage for different part of the stack. redis
# is not mandatory and is specifically useful to run the stack in an
# environment where multiple stacks run simultaneously.
redis:
# the redis clients created can be configured to be used with a cluster of
# redis. if addrs field is left empty, redis is not used.
# either a single address or a seed list of host:port addresses
# of cluster/sentinel nodes separated by whitespaces.
addrs: # localhost:1234 localhost:4321
# the sentinel master name - only failover clients.
master:
# redis password
password:
# databases number for each part of the stack using a specific database.
databases:
jobs: 0
cache: 1
lock: 2
sessions: 3
downloads: 4
konnectors: 5
realtime: 6
log: 7
# advanced parameters for advanced users
# dial_timeout: 5s
# read_timeout: 3s
# write_timeout: 3s
# pool_size: 10 * runtime.NumCPU()
# pool_timeout: 3s
# idle_timeout: 5m
# idle_check_frequency: 1m
# enables read only queries on slave nodes.
# read_only_slave: false
# Registries used for applications and konnectors
registries:
- https://apps-registry.cozycloud.cc/
# [internal usage] Cloudery configuration
clouderies:
default:
api:
url: https://manager.cozycloud.cc/
token: xxxxxx
notifications:
# Activate development APIs (iOS only)
development: false
# Firebase Cloud Messaging API Key for Android notifications
# android_api_key: ""
# APNS/2 certificates for iOS notifications
# ios_certificate_key_path: path/to/certificate.p12
# ios_certificate_password: mycertificatepasswordifany
# ios_key_id: my_key_id_if_any
# ios_team_id: my_team_id_if_any
# whitelisted domains for the CSP policy used in hosted web applications
csp_whitelist:
# script: https://whitelisted1.domain.com/ https://whitelisted2.domain.com/
# img: https://whitelisted.domain.com/
# style: https://whitelisted.domain.com/
# font: https://whitelisted.domain.com/
# It can useful to disable the CSP policy to debug and test things in local
# disable_csp: true
log:
# logger level (debug, info, warning, panic, fatal) - flags: --log-level
level: info
# send logs to the local syslog - flags: --log-syslog
syslog: false
# It is possible to customize some behaviors of cozy-stack in function of the
# context of an instance (the context field of the settings document of this
# instance). Here, the "beta" context is customized with.
contexts:
beta:
# Indicates if debug related features should be enabled in front
# applications.
debug: false
# Redirect to a specific route of cozy-collect after the onboarding
onboarded_redirection: collect/#/discovery/?intro
# Redirect to the photos application after login
default_redirection: drive/#/files
# Allow to customize the cozy-bar link to the help
help_link: https://forum.cozy.io/
# Coming soon applications listed in the Cozy Bar's app panel
# Will be removed when the store will be available.
coming_soon:
store:
editor: 'Cozy'
name: 'Store'
slug: 'store'
category: 'cozy'
# claudy actions list
claudy_actions:
- desktop
- mobile
# konnectors slugs to exclude from cozy-collect
exclude_konnectors:
- a_konnector_slug