251 lines
11 KiB
Text
251 lines
11 KiB
Text
service:
|
||
# This token is used to verify issued JWT tokens.
|
||
# Default is a random token which will be generated at each startup of vikunja.
|
||
# (This means all already issued tokens will be invalid once you restart vikunja)
|
||
JWTSecret: "<jwt-secret>"
|
||
# The interface on which to run the webserver
|
||
interface: ":3456"
|
||
# The URL of the frontend, used to send password reset emails.
|
||
frontendurl: ""
|
||
# The base path on the file system where the binary and assets are.
|
||
# Vikunja will also look in this path for a config file, so you could provide only this variable to point to a folder
|
||
# with a config file which will then be used.
|
||
rootpath: <rootpath>
|
||
# The max number of items which can be returned per page
|
||
maxitemsperpage: 50
|
||
# If set to true, enables a /metrics endpoint for prometheus to collect metrics about the system
|
||
# You'll need to use redis for this in order to enable common metrics over multiple nodes
|
||
enablemetrics: false
|
||
# Enable the caldav endpoint, see the docs for more details
|
||
enablecaldav: true
|
||
# Set the motd message, available from the /info endpoint
|
||
motd: ""
|
||
# Enable sharing of lists via a link
|
||
enablelinksharing: true
|
||
# Whether to let new users registering themselves or not
|
||
enableregistration: true
|
||
# Whether to enable task attachments or not
|
||
enabletaskattachments: true
|
||
# The time zone all timestamps are in
|
||
timezone: GMT
|
||
# Whether task comments should be enabled or not
|
||
enabletaskcomments: true
|
||
# Whether totp is enabled. In most cases you want to leave that enabled.
|
||
enabletotp: true
|
||
# If not empty, enables logging of crashes and unhandled errors in sentry.
|
||
sentrydsn: ''
|
||
# If not empty, this will enable `/test/{table}` endpoints which allow to put any content in the database.
|
||
# Used to reset the db before frontend tests. Because this is quite a dangerous feature allowing for lots of harm,
|
||
# each request made to this endpoint neefs to provide an `Authorization: <token>` header with the token from below. <br/>
|
||
# **You should never use this unless you know exactly what you're doing**
|
||
testingtoken: ''
|
||
|
||
database:
|
||
# Database type to use. Supported types are mysql, postgres and sqlite.
|
||
type: "sqlite"
|
||
# Database user which is used to connect to the database.
|
||
user: "vikunja"
|
||
# Databse password
|
||
password: ""
|
||
# Databse host
|
||
host: "localhost"
|
||
# Databse to use
|
||
database: "vikunja"
|
||
# When using sqlite, this is the path where to store the data
|
||
path: "./vikunja.db"
|
||
# Sets the max open connections to the database. Only used when using mysql and postgres.
|
||
maxopenconnections: 100
|
||
# Sets the maximum number of idle connections to the db.
|
||
maxidleconnections: 50
|
||
# The maximum lifetime of a single db connection in miliseconds.
|
||
maxconnectionlifetime: 10000
|
||
# Secure connection mode. Only used with postgres.
|
||
# (see https://pkg.go.dev/github.com/lib/pq?tab=doc#hdr-Connection_String_Parameters)
|
||
sslmode: disable
|
||
|
||
cache:
|
||
# If cache is enabled or not
|
||
enabled: false
|
||
# Cache type. Possible values are "keyvalue", "memory" or "redis".
|
||
# When choosing "keyvalue" this setting follows the one configured in the "keyvalue" section.
|
||
# When choosing "redis" you will need to configure the redis connection seperately.
|
||
type: keyvalue
|
||
# When using memory this defines the maximum size an element can take
|
||
maxelementsize: 1000
|
||
|
||
redis:
|
||
# Whether to enable redis or not
|
||
enabled: false
|
||
# The host of the redis server including its port.
|
||
host: 'localhost:6379'
|
||
# The password used to authenicate against the redis server
|
||
password: ''
|
||
# 0 means default database
|
||
db: 0
|
||
|
||
cors:
|
||
# Whether to enable or disable cors headers.
|
||
# Note: If you want to put the frontend and the api on seperate domains or ports, you will need to enable this.
|
||
# Otherwise the frontend won't be able to make requests to the api through the browser.
|
||
enable: true
|
||
# A list of origins which may access the api. These need to include the protocol (`http://` or `https://`) and port, if any.
|
||
origins:
|
||
- "*"
|
||
# How long (in seconds) the results of a preflight request can be cached.
|
||
maxage: 0
|
||
|
||
mailer:
|
||
# Whether to enable the mailer or not. If it is disabled, all users are enabled right away and password reset is not possible.
|
||
enabled: false
|
||
# SMTP Host
|
||
host: ""
|
||
# SMTP Host port
|
||
port: 587
|
||
# SMTP username
|
||
username: "user"
|
||
# SMTP password
|
||
password: ""
|
||
# Wether to skip verification of the tls certificate on the server
|
||
skiptlsverify: false
|
||
# The default from address when sending emails
|
||
fromemail: "mail@vikunja"
|
||
# The length of the mail queue.
|
||
queuelength: 100
|
||
# The timeout in seconds after which the current open connection to the mailserver will be closed.
|
||
queuetimeout: 30
|
||
# By default, vikunja will try to connect with starttls, use this option to force it to use ssl.
|
||
forcessl: false
|
||
|
||
log:
|
||
# A folder where all the logfiles should go.
|
||
path: <rootpath>logs
|
||
# Whether to show any logging at all or none
|
||
enabled: true
|
||
# Where the normal log should go. Possible values are stdout, stderr, file or off to disable standard logging.
|
||
standard: "stdout"
|
||
# Change the log level. Possible values (case-insensitive) are CRITICAL, ERROR, WARNING, NOTICE, INFO, DEBUG.
|
||
level: "INFO"
|
||
# Whether or not to log database queries. Useful for debugging. Possible values are stdout, stderr, file or off to disable database logging.
|
||
database: "off"
|
||
# The log level for database log messages. Possible values (case-insensitive) are CRITICAL, ERROR, WARNING, NOTICE, INFO, DEBUG.
|
||
databaselevel: "WARNING"
|
||
# Whether to log http requests or not. Possible values are stdout, stderr, file or off to disable http logging.
|
||
http: "stdout"
|
||
# Echo has its own logging which usually is unnessecary, which is why it is disabled by default. Possible values are stdout, stderr, file or off to disable standard logging.
|
||
echo: "off"
|
||
|
||
ratelimit:
|
||
# whether or not to enable the rate limit
|
||
enabled: false
|
||
# The kind on which rates are based. Can be either "user" for a rate limit per user or "ip" for an ip-based rate limit.
|
||
kind: user
|
||
# The time period in seconds for the limit
|
||
period: 60
|
||
# The max number of requests a user is allowed to do in the configured time period
|
||
limit: 100
|
||
# The store where the limit counter for each user is stored.
|
||
# Possible values are "keyvalue", "memory" or "redis".
|
||
# When choosing "keyvalue" this setting follows the one configured in the "keyvalue" section.
|
||
store: keyvalue
|
||
|
||
files:
|
||
# The path where files are stored
|
||
basepath: ./files # relative to the binary
|
||
# The maximum size of a file, as a human-readable string.
|
||
# Warning: The max size is limited 2^64-1 bytes due to the underlying datatype
|
||
maxsize: 20MB
|
||
|
||
migration:
|
||
# These are the settings for the wunderlist migrator
|
||
wunderlist:
|
||
# Wheter to enable the wunderlist migrator or not
|
||
enable: false
|
||
# The client id, required for making requests to the wunderlist api
|
||
# You need to register your vikunja instance at https://developer.wunderlist.com/apps/new to get this
|
||
clientid:
|
||
# The client secret, also required for making requests to the wunderlist api
|
||
clientsecret:
|
||
# The url where clients are redirected after they authorized Vikunja to access their wunderlist stuff.
|
||
# This needs to match the url you entered when registering your Vikunja instance at wunderlist.
|
||
# This is usually the frontend url where the frontend then makes a request to /migration/wunderlist/migrate
|
||
# with the code obtained from the wunderlist api.
|
||
# Note that the vikunja frontend expects this to be /migrate/wunderlist
|
||
redirecturl:
|
||
todoist:
|
||
# Wheter to enable the todoist migrator or not
|
||
enable: false
|
||
# The client id, required for making requests to the wunderlist api
|
||
# You need to register your vikunja instance at https://developer.todoist.com/appconsole.html to get this
|
||
clientid:
|
||
# The client secret, also required for making requests to the todoist api
|
||
clientsecret:
|
||
# The url where clients are redirected after they authorized Vikunja to access their todoist items.
|
||
# This needs to match the url you entered when registering your Vikunja instance at todoist.
|
||
# This is usually the frontend url where the frontend then makes a request to /migration/todoist/migrate
|
||
# with the code obtained from the todoist api.
|
||
# Note that the vikunja frontend expects this to be /migrate/todoist
|
||
redirecturl:
|
||
|
||
avatar:
|
||
# When using gravatar, this is the duration in seconds until a cached gravatar user avatar expires
|
||
gravatarexpiration: 3600
|
||
|
||
backgrounds:
|
||
# Whether to enable backgrounds for lists at all.
|
||
enabled: true
|
||
providers:
|
||
upload:
|
||
# Whethere to enable uploaded list backgrounds
|
||
enabled: true
|
||
unsplash:
|
||
# Whether to enable setting backgrounds from unsplash as list backgrounds
|
||
enabled: false
|
||
# You need to create an application for your installation at https://unsplash.com/oauth/applications/new
|
||
# and set the access token below.
|
||
accesstoken:
|
||
# The unsplash application id is only used for pingback and required as per their api guidelines.
|
||
# You can find the Application ID in the dashboard for your API application. It should be a numeric ID.
|
||
# It will only show in the UI if your application has been approved for Enterprise usage, therefore if
|
||
# you’re in Demo mode, you can also find the ID in the URL at the end: https://unsplash.com/oauth/applications/:application_id
|
||
applicationid:
|
||
|
||
# Legal urls
|
||
# Will be shown in the frontend if configured here
|
||
legal:
|
||
imprinturl:
|
||
privacyurl:
|
||
|
||
# Key Value Storage settings
|
||
# The Key Value Storage is used for different kinds of things like metrics and a few cache systems.
|
||
keyvalue:
|
||
# The type of the storage backend. Can be either "memory" or "redis". If "redis" is chosen it needs to be configured seperately.
|
||
type: "memory"
|
||
|
||
auth:
|
||
# Local authentication will let users log in and register (if enabled) through the db.
|
||
# This is the default auth mechanism and does not require any additional configuration.
|
||
local:
|
||
# Enable or disable local authentication
|
||
enabled: true
|
||
# OpenID configuration will allow users to authenticate through a third-party OpenID Connect compatible provider.<br/>
|
||
# The provider needs to support the `openid`, `profile` and `email` scopes.<br/>
|
||
# **Note:** The frontend expects to be redirected after authentication by the third party
|
||
# to <frontend-url>/auth/openid/<auth key>. Please make sure to configure the redirect url with your third party
|
||
# auth service accordingy if you're using the default vikunja frontend.
|
||
# Take a look at the [default config file](https://kolaente.dev/vikunja/api/src/branch/master/config.yml.sample) for more information about how to configure openid authentication.
|
||
openid:
|
||
# Enable or disable OpenID Connect authentication
|
||
enabled: false
|
||
# The url to redirect clients to. Defaults to the configured frontend url. If you're using Vikunja with the official
|
||
# frontend, you don't need to change this value.
|
||
redirecturl: <frontend url>
|
||
# A list of enabled providers
|
||
providers:
|
||
# The name of the provider as it will appear in the frontend.
|
||
- name:
|
||
# The auth url to send users to if they want to authenticate using OpenID Connect.
|
||
authurl:
|
||
# The client ID used to authenticate Vikunja at the OpenID Connect provider.
|
||
clientid:
|
||
# The client secret used to authenticate Vikunja at the OpenID Connect provider.
|
||
clientsecret:
|