98 lines
3.8 KiB
Plaintext
98 lines
3.8 KiB
Plaintext
|
<?php
|
||
|
$CONFIG = array (
|
||
|
'memcache.local' => '\\OC\\Memcache\\APCu',
|
||
|
'apps_paths' =>
|
||
|
array (
|
||
|
0 =>
|
||
|
array (
|
||
|
'path' => '/var/www/html/apps',
|
||
|
'url' => '/apps',
|
||
|
'writable' => false,
|
||
|
),
|
||
|
1 =>
|
||
|
array (
|
||
|
'path' => '/var/www/html/custom_apps',
|
||
|
'url' => '/custom_apps',
|
||
|
'writable' => true,
|
||
|
),
|
||
|
),
|
||
|
'instanceid' => 'oc9uqhr7buka',
|
||
|
'passwordsalt' => 'SK2vmQeTEHrkkwx9K+hC1WX33lPJDs',
|
||
|
'secret' => '3dBt5THD2ehg0yWdVDAvMmsY8yLtrfk/gE560lkMqYqgh6lu',
|
||
|
'trusted_domains' =>
|
||
|
array (
|
||
|
0 => 'cloud.hamburg.ccc.de',
|
||
|
),
|
||
|
'datadirectory' => '/var/www/html/data',
|
||
|
'dbtype' => 'mysql',
|
||
|
'version' => '25.0.9.2',
|
||
|
'overwrite.cli.url' => 'https://cloud.hamburg.ccc.de',
|
||
|
'dbname' => 'nextcloud',
|
||
|
'dbhost' => 'database',
|
||
|
'dbport' => '',
|
||
|
'dbtableprefix' => 'oc_',
|
||
|
'mysql.utf8mb4' => true,
|
||
|
'dbuser' => 'nextcloud',
|
||
|
'dbpassword' => 'TdBLMQQeKbz1zab3sySUsGxo3',
|
||
|
'installed' => true,
|
||
|
// Some Nextcloud options that might make sense here
|
||
|
'allow_user_to_change_display_name' => false,
|
||
|
'lost_password_link' => 'disabled',
|
||
|
// URL of provider. All other URLs are auto-discovered from .well-known
|
||
|
'oidc_login_provider_url' => 'https://id.ccchh.net/realms/ccchh',
|
||
|
// Client ID and secret registered with the provider
|
||
|
'oidc_login_client_id' => 'cloud',
|
||
|
'oidc_login_client_secret' => '{{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/cloud/kc-client-secret", create=false, missing="error") }}',
|
||
|
// Automatically redirect the login page to the provider
|
||
|
'oidc_login_auto_redirect' => true,
|
||
|
// Redirect to this page after logging out the user
|
||
|
//'oidc_login_logout_url' => 'https://openid.example.com/thankyou',
|
||
|
// If set to true the user will be redirected to the
|
||
|
// logout endpoint of the OIDC provider after logout
|
||
|
// in Nextcloud. After successfull logout the OIDC
|
||
|
// provider will redirect back to 'oidc_login_logout_url' (MUST be set).
|
||
|
'oidc_login_end_session_redirect' => true,
|
||
|
// Quota to assign if no quota is specified in the OIDC response (bytes)
|
||
|
//
|
||
|
// NOTE: If you want to allow NextCloud to manage quotas, omit this option. Do not set it to
|
||
|
// zero or -1 or ''.
|
||
|
'oidc_login_default_quota' => '1000000000',
|
||
|
// Login button text
|
||
|
'oidc_login_button_text' => 'Log in via id.ccchh.net',
|
||
|
// Hide the NextCloud password change form.
|
||
|
'oidc_login_hide_password_form' => false,
|
||
|
// Use ID Token instead of UserInfo
|
||
|
'oidc_login_use_id_token' => false,
|
||
|
'oidc_login_attributes' => array (
|
||
|
'id' => 'preferred_username',
|
||
|
'name' => 'name',
|
||
|
'mail' => 'email',
|
||
|
'quota' => 'ownCloudQuota',
|
||
|
'home' => 'homeDirectory',
|
||
|
'ldap_uid' => 'uid',
|
||
|
'groups' => 'ownCloudGroups',
|
||
|
'login_filter' => 'realm_access_roles',
|
||
|
'photoURL' => 'picture',
|
||
|
'is_admin' => 'ownCloudAdmin',
|
||
|
),
|
||
|
// Default group to add users to (optional, defaults to nothing)
|
||
|
//'oidc_login_default_group' => 'oidc',
|
||
|
'oidc_login_filter_allowed_values' => null,
|
||
|
// Set OpenID Connect scope
|
||
|
'oidc_login_scope' => 'openid profile',
|
||
|
// The `id` attribute in `oidc_login_attributes` must return the
|
||
|
// "Internal Username" (see expert settings in LDAP integration)
|
||
|
'oidc_login_proxy_ldap' => false,
|
||
|
// Fallback to direct login if login from OIDC fails
|
||
|
// Note that no error message will be displayed if enabled
|
||
|
'oidc_login_disable_registration' => false,
|
||
|
//'oidc_login_redir_fallback' => false,
|
||
|
// If you get your groups from the oidc_login_attributes, you might want
|
||
|
// to create them if they are not already existing, Default is `false`.
|
||
|
'oidc_create_groups' => true,
|
||
|
// Enable use of WebDAV via OIDC bearer token.
|
||
|
'oidc_login_webdav_enabled' => true,
|
||
|
// Enable authentication with user/password for DAV clients that do not
|
||
|
// support token authentication (e.g. DAVx⁵)
|
||
|
'oidc_login_password_authentication' => false,
|
||
|
);
|