#!/bin/bash

# first read settings
source $SNAP/bin/wekan-read-settings &>/dev/null
if [ "$CADDY_ENABLED" = "true" ]; then
    # tweak port nunmber as it has been remapped
    export PORT=${CADDY_PORT} &>/dev/null
fi

echo -e "Wekan: The open-source kanban.\n"
echo -e "\n"
echo -e "Debug OIDC OAuth2 etc."
echo -e "To enable the Debug of Wekan:"
echo -e "\t$ snap set $SNAP_NAME debug='true'"
echo -e "\t-Disable the Debug of Wekan:"
echo -e "\t$ snap unset $SNAP_NAME debug"
echo -e "\n"
echo -e "AWS S3 for files:"
echo -e "\t$ snap set $NAP_NAME s3='{\"s3\":{\"key\": \"xxx\", \"secret\": \"xxx\", \"bucket\": \"xxx\", \"region\": \"eu-west-1\"}}'"
echo -e "Disable S3:"
echo -e "\t$ snap unset $SNAP_NAME s3"
echo -e "\n"
#echo -e "Writable path. Snap can not write outside of /var/snap/wekan/common sandbox directory."
#echo -e "Default:"
#echo -e "\t$ snap set $SNAP_NAME writable-path='\$SNAP_COMMON\files'"
#echo -e "\t-To set different path, usually not needed:"
#echo -e "\t$ snap set $SNAP_NAME writable-path='\$SNAP_COMMON\files2'"
#echo -e "\n"
echo -e "Mongo log destimation: devnull/snapcommon/syslog. Default: 'devnull'"
echo -e "To set different mongo log destination of Wekan:"
echo -e "\t$ snap set $SNAP_NAME mongo-log-destination='snapcommon'"
echo -e "\n"
echo -e "To enable the MONGO_URL of Wekan:"
echo -e "\t$ snap set $SNAP_NAME mongo-url='...'"
echo -e "\t-Disable the MONGO_URL of Wekan:"
echo -e "\t$ snap unset $SNAP_NAME mongo-url"
echo -e "\n"
echo -e "Make sure you have connected all interfaces, check more by calling $ snap interfaces ${SNAP_NAME}"
echo -e "\n"
echo -e "${SNAP_NAME} has multiple services, to check status use systemctl"
echo -e "\t$ systemctl status snap.$SNAP_NAME.*"
echo -e "\n"
echo -e "To make backup of wekan's database use: $ ${SNAP_NAME}.database-backup [backup file]"
echo -e "\t backup file is optional parameter, if not passed backup is created in directory:"
echo -e "\t\t${SNAP_COMMON}/db-backups"
echo -e "To list existing backups in default directory: $ ${SNAP_NAME}.database-list-backups"
echo -e "To restore wekan's database use: ${SNAP_NAME}.database-restore <path to backup>"
echo -e "\n"
echo -e "wekan can be configured to share mongodb with other services using content interface"
echo -e "\t-sharing mongodb from $SNAP_NAME to other snap(s):"
echo -e "\t\t-connect mongodb-slot with plug from corresponding snap(s)"
echo -e "\t\t-configure corresponding service to use mongodb unix socket in shared directory, socket file name is: mongodb-$MONGODB_PORT.sock"
echo -e "\t-sharing mongodb from other snap to $SNAP_NAME:"
echo -e "\t\t-connect mongodb-plug with slot from snap providing mongodb"
echo -e "\t\t-disable mongodb in $SNAP_NAME by calling: $ snap set $SNAP_NAME set disable-mongodb='true'"
echo -e "\t\t-set mongodb-bind-unix-socket to point to serving mongodb. Use relative path inside shared directory, e.g run/mongodb-27017.sock"
echo -e "\n"
echo -e "To enable the API of wekan:"
echo -e "\t$ snap set $SNAP_NAME with-api='true'"
echo -e "\t-Disable the API:"
echo -e "\t$ snap unset $SNAP_NAME with-api"
echo -e "\n"
echo -e "After OIDC login, add users automatically to this default board ID. https://github.com/wekan/wekan/pull/5098"
echo -e "To enable the default board ID of wekan:"
echo -e "\t$ snap set $SNAP_NAME default-board-id='abdc1234'"
echo -e "\t-Disable the default board ID:"
echo -e "\t$ snap unset $SNAP_NAME default-board-id"
echo -e "\n"
echo -e "Email: https://github.com/wekan/wekan/wiki/Troubleshooting-Mail"
echo -e "mail-url:"
echo -e "\t$ snap set $SNAP_NAME mail-url='smtp://username:password@email-smtp.eu-west-1.amazonaws.com:587?tls={ciphers:\"SSLv3\"}&secureConnection=false'"
echo -e "mail-from:"
echo -e "\t$ snap set $SNAP_NAME mail-from='Boards Support <support@example.com>'"
echo -e "mail-service (CURRENTLY NOT IN USE):"
echo -e "\t$ snap set $SNAP_NAME mail-service='Outlook365'"
echo -e "mail-service-user:"
echo -e "\t$ snap set $SNAP_NAME mail-service-user='firstname.lastname@hotmail.com'"
echo -e "mail-service-password:"
echo -e "\t$ snap set $SNAP_NAME mail-service-password='SecretPassword'"
echo -e "\n"
echo -e "Number of search results to show per page by default:"
echo -e "\t$ snap set $SNAP_NAME results-per-page='20'"
echo -e "\t-Restore default:"
echo -e "\t$ snap unset $SNAP_NAME results-per-page"
echo -e "\n"
echo -e "Accounts lockout known users failures before, greater than 0. Default: 3"
echo -e "\t$ snap set $SNAP_NAME accounts-lockout-known-users-failures-before='3'"
echo -e "\t-Restore default:"
echo -e "\t$ snap unset $SNAP_NAME accounts-lockout-known-users-failures-before"
echo -e "\n"
echo -e "Accounts lockout know users period, in seconds. Default: 60"
echo -e "\t$ snap set $SNAP_NAME accounts-lockout-known-users-period='60'"
echo -e "\t-Restore default:"
echo -e "\t$ snap unset $SNAP_NAME accounts-lockout-known-users-period"
echo -e "\n"
echo -e "Accounts lockout unknown failure window, in seconds. Default: 15"
echo -e "\t$ snap set $SNAP_NAME accounts-lockout-known-users-failure-window='15'"
echo -e "\t-Restore default:"
echo -e "\t$ snap unset $SNAP_NAME accounts-lockout-known-users-failure-window"
echo -e "\n"
echo -e "Accounts lockout unknown users failures before, greater than 0. Default: 3"
echo -e "\t$ snap set $SNAP_NAME accounts-lockout-unknown-users-failures-before='3'"
echo -e "\t-Restore default:"
echo -e "\t$ snap unset $SNAP_NAME accounts-lockout-unknown-users-failures-before"
echo -e "\n"
echo -e "Accounts lockout unknown users lockout period, in seconds. Default: 60"
echo -e "\t$ snap set $SNAP_NAME accounts-lockout-unknown-users-lockout-period='60'"
echo -e "\t-Restore default:"
echo -e "\t$ snap unset $SNAP_NAME accounts-lockout-unknown-users-lockout-period"
echo -e "\n"
echo -e "Accounts lockout unknown users failure window, in seconds. Default: 15"
echo -e "\t$ snap set $SNAP_NAME accounts-lockout-unknown-users-failure-window='15'"
echo -e "\t-Restore default:"
echo -e "\t$ snap unset $SNAP_NAME accounts-lockout-unknown-users-failure-window"
echo -e "\n"
echo -e "Accounts common login expiration in days. Default: 90"
echo -e "\t$ snap set $SNAP_NAME accounts-common-login-expiration-in-days='90'"
echo -e "\t-Restore default:"
echo -e "\t$ snap unset $SNAP_NAME accounts-common-login-expiration-in-days"
echo -e "\n"
echo -e "https://github.com/wekan/wekan/issues/3585#issuecomment-1021522132"
echo -e "node-options: Add more Node heap. Default:"
echo -e "\t$ snap set $SNAP_NAME node-options=\"--max_old_space_size=4096\""
echo -e "\t-Remove node-options:"
echo -e "\t$ snap unset $SNAP_NAME node-options"
echo -e "\n"
echo -e "Rich text editor in card comments. Default: false https://github.com/wekan/wekan/pull/2560"
echo -e "Enable:"
echo -e "\t$ snap set $SNAP_NAME richer-card-comment-editor='true'"
echo -e "Disable:"
echo -e "\t$ snap unset $SNAP_NAME richer-card-comment-editor"
echo -e "\n"
echo -e "Card opened, send webhook message. Default: false https://github.com/wekan/wekan/issues/2518"
echo -e "Enable:"
echo -e "\t$ snap set $SNAP_NAME card-opened-webhook-enabled='true'"
echo -e "Disable, default:"
echo -e "\t$ snap unset $SNAP_NAME card-opened-webhook-enabled"
echo -e "\n"
echo -e "Attachments upload validation by an external program. {file} is replaced by the uploaded file. Example: /usr/local/bin/avscan {file}"
echo -e "Enable:"
echo -e "\t$ snap set $SNAP_NAME attachments-upload-external-program='/usr/local/bin/avscan {file}'"
echo -e "Disable, default:"
echo -e "\t$ snap unset $SNAP_NAME attachments-upload-external-program"
echo -e "\n"
echo -e "Attachments upload mime types. Example: image/*,text/*"
echo -e "Enable:"
echo -e "\t$ snap set $SNAP_NAME attachments-upload-mime-types='image/*,text/*'"
echo -e "Disable, default:"
echo -e "\t$ snap unset $SNAP_NAME attachments-upload-mime-types"
echo -e "\n"
echo -e "Attachments upload max size in bytes. Example: 5000000"
echo -e "Enable:"
echo -e "\t$ snap set $SNAP_NAME attachments-upload-max-size='5000000'"
echo -e "Disable, default:"
echo -e "\t$ snap unset $SNAP_NAME attachments-upload-max-size"
echo -e "\n"
echo -e "Avatars upload validation by an external program. {file} is replaced by the uploaded file. Example: /usr/local/bin/avscan {file}"
echo -e "Enable:"
echo -e "\t$ snap set $SNAP_NAME avatars-upload-external-program='/usr/local/bin/avscan {file}'"
echo -e "Disable, default:"
echo -e "\t$ snap unset $SNAP_NAME avatars-upload-external-program"
echo -e "\n"
echo -e "Avatars upload mime types. Example: image/*,text/*"
echo -e "Enable:"
echo -e "\t$ snap set $SNAP_NAME avatars-upload-mime-types='image/*,text/*'"
echo -e "Disable, default:"
echo -e "\t$ snap unset $SNAP_NAME avatars-upload-mime-types"
echo -e "\n"
echo -e "Avatars upload max size in bytes. Example: 5000000"
echo -e "Enable:"
echo -e "\t$ snap set $SNAP_NAME avatars-upload-max-size='5000000'"
echo -e "Disable, default:"
echo -e "\t$ snap unset $SNAP_NAME avatars-upload-max-size"
echo -e "\n"
echo -e "Max image pixel: Allow to shrink attached/pasted image https://github.com/wekan/wekan/pull/2544"
echo -e "Example:"
echo -e "\t$ snap set $SNAP_NAME max-image-pixel='1024'"
echo -e "Disable:"
echo -e "\t$ snap unset $SNAP_NAME max-image-pixel"
echo -e "\n"
echo -e "Image compress ratio: Allow to shrink attached/pasted image https://github.com/wekan/wekan/pull/2544"
echo -e "Example:"
echo -e "\t$ snap set $SNAP_NAME image-compress-ratio='80'"
echo -e "Disable:"
echo -e "\t$ snap unset $SNAP_NAME image-compress-ratio"
echo -e "\n"
echo -e "NOTIFICATION TRAY AFTER READ DAYS BEFORE REMOVE https://github.com/wekan/wekan/pull/2998"
echo -e "Number of days after a notification is read before we remove it. Default: 2."
echo -e "Example:"
echo -e "\t$ snap set $SNAP_NAME notification-tray-after-read-days-before-remove='4'"
echo -e "Restore default:"
echo -e "\t$ snap unset $SNAP_NAME notification-tray-after-read-days-before-remove"
echo -e "\n"
echo -e "BIGEVENTS DUE ETC NOTIFICATIONS https://github.com/wekan/wekan/pull/2541"
echo -e "Big events pattern: Notify always due etc regardless of notification settings. Default: due, All: received|start|due|end, Disabled: NONE"
echo -e "Default:"
echo -e "\t$ snap set $SNAP_NAME bigevents-pattern='due'"
echo -e "All:"
echo -e "\t$ snap set $SNAP_NAME bigevents-pattern='received|start|due|end'"
echo -e "Disabled:"
echo -e "\t$ snap set $SNAP_NAME bigevents-pattern='NONE'"
echo -e "\n"
echo -e "EMAIL DUE DATE NOTIFICATION https://github.com/wekan/wekan/pull/2536"
echo -e "System timelines will be showing any user modification for dueat startat endat receivedat, also notification to the watchers and if any card is due, about due or past due."
echo -e "Notify due days, number less than 15 or negative number accepted, you can specify multiple days delimited by ','. Default: NONE"
echo -e "To enable different Notify for Due Days on 2 days before, and on the event day "
echo -e "\t$ snap set $SNAP_NAME notify-due-days-before-and-after='2,0'"
echo -e "\t-Disable Notifying for Due Days:"
echo -e "\t$ snap unset $SNAP_NAME notify-due-days-before-and-after"
echo -e "\n"
echo -e "Notify due at hour of day. Default every morning at 8am. Can be 0-23."
echo -e "If env variable has parsing error, use default. Notification sent to watchers."
echo -e "To enable different Notify Due At Hour Of Day than default 8:"
echo -e "\t$ snap set $SNAP_NAME notify-due-at-hour-of-day='10'"
echo -e "\t-To set back default 8 of Notify Due at Hour of Day:"
echo -e "\t$ snap unset $SNAP_NAME notify-due-at-hour-of-day"
echo -e "\n"
echo -e "To enable the Email Notification Timeout of wekan in ms, default 30000 (=30s):"
echo -e "\t$ snap set $SNAP_NAME email-notification-timeout='10000'"
echo -e "\t-Restore default:"
echo -e "\t$ snap unset $SNAP_NAME email-notification-timeout"
echo -e "\n"
echo -e "To enable the CORS of wekan, to set Access-Control-Allow-Origin header:"
echo -e "\t$ snap set $SNAP_NAME cors='*'"
echo -e "\t-Disable the CORS:"
echo -e "\t$ snap unset $SNAP_NAME cors"
echo -e "\n"
echo -e "To enable the Set Access-Control-Allow-Headers header. \"Authorization,Content-Type\" is required for cross-origin use of the API."
echo -e "\t$ snap set $SNAP_NAME cors-allow-headers='Authorization,Content-Type'"
echo -e "\t-Disable the Set Access-Control-Allow-Headers header. \"Authorization,Content-Type\" is required for cross-origin use of the API."
echo -e "\t$ snap unset $SNAP_NAME cors-allow-headers"
echo -e "\n"
echo -e "To enable the Set Access-Control-Expose-Headers header.  This is not needed for typical CORS situations. Example: *"
echo -e "\t$ snap set $SNAP_NAME cors-expose-headers='*'"
echo -e "\t-Disable the Set Access-Control-Expose-Headers header.  This is not needed for typical CORS situations. Example: ''"
echo -e "\t$ snap unset $SNAP_NAME cors-expose-headers"
echo -e "\n"
echo -e "The address of the server where Matomo is hosted:"
echo -e "\t$ snap set $SNAP_NAME matomo-address='https://matomo.example.com'"
echo -e "\t-Disable the Matomo integration:"
echo -e "\t$ snap unset $SNAP_NAME matomo-address"
echo -e "\n"
echo -e "The value of the site ID given in matomo server"
echo -e "\t$ snap set $SNAP_NAME matomo-site-id='12345'"
echo -e "\t-Disable the Matomo site id integration:"
echo -e "\t$ snap unset $SNAP_NAME matomo-site-id"
echo -e "\n"
echo -e "The option do not track which enables users to not be tracked by matomo. Default: true"
echo -e "\t$ snap set $SNAP_NAME matomo-do-not-track='true'"
echo -e "\t-Disable the Matomo do not track:"
echo -e "\t$ snap unset $SNAP_NAME matomo-do-not-track"
echo -e "\n"
echo -e "The option that allows matomo to retrieve the username. Default: false"
echo -e "\t$ snap set $SNAP_NAME matomo-with-username='true'"
echo -e "\t-Do not retrieve username:"
echo -e "\t$ snap set $SNAP_NAME matomo-with-username='false'"
echo -e "\n"
echo -e "Metrics allowed IP addresses, separated by ',' . https://github.com/wekan/wekan/wiki/Metrics"
echo -e "\t$ snap set $SNAP_NAME metrics-allowed-ip-addresses='192.168.0.100,192.168.0.200'"
echo -e "\t-Disable the Metrics:"
echo -e "\t$ snap unset $SNAP_NAME metrics-allowed-ip-addresses"
echo -e "\n"
echo -e "Enable browser policy and allow one trusted URL that can have iframe that has Wekan embedded inside."
echo -e "\t\t Setting this to false is not recommended, it also disables all other browser policy protections"
echo -e "\t\t and allows all iframing etc. See wekan/server/policy.js"
echo -e "To enable the Browser Policy of Wekan:"
echo -e "\t$ snap set $SNAP_NAME browser-policy-enabled='true'"
echo -e "\t-Disable the Browser Policy of Wekan:"
echo -e "\t$ snap set $SNAP_NAME browser-policy-enabled='false'"
echo -e "\n"
echo -e "When browser policy is enabled, HTML code at this URL can have iframe that embeds Wekan inside."
echo -e "To enable the Trusted URL of Wekan:"
echo -e "\t$ snap set $SNAP_NAME trusted-url='https://example.com'"
echo -e "\t-Disable the Trusted URL of Wekan:"
echo -e "\t$ snap unset $SNAP_NAME trusted-url"
echo -e "\n"
echo -e "What to send to Outgoing Webhook, or leave out. Example, that includes all that are default: cardId,listId,oldListId,boardId,comment,user,card,commentId ."
echo -e "To enable the Webhooks Attributes of Wekan:"
echo -e "\t$ snap set $SNAP_NAME webhooks-attributes='cardId,listId,oldListId,boardId,comment,user,card,commentId'"
echo -e "\t-Disable the Webhooks Attributes of Wekan to send all default ones:"
echo -e "\t$ snap unset $SNAP_NAME webhooks-attributes"
echo -e "\n"
echo -e "OAuth2 Enabled."
echo -e "To enable the OAuth2 of Wekan:"
echo -e "\t$ snap set $SNAP_NAME oauth2-enabled='true'"
echo -e "\t-Disable the OAuth2 of Wekan:"
echo -e "\t$ snap unset $SNAP_NAME oauth2-enabled"
echo -e "\n"
echo -e "OIDC/OAuth2 redirection to autologin, see https://github.com/wekan/wekan/wiki/autologin"
echo -e "To enable the autologin of Wekan:"
echo -e "\t$ snap set $SNAP_NAME oidc-redirection-enabled='true'"
echo -e "\t-Disable the autologin of Wekan:"
echo -e "\t$ snap unset $SNAP_NAME oidc-redirection-enabled"
echo -e "\n"
echo -e "Optional OAuth2 CA Cert, see https://github.com/wekan/wekan/issues/3299"
echo -e "To enable the OAuth2 of Wekan:"
echo -e "\t$ snap set $SNAP_NAME oauth2-ca-cert='ABCD134'"
echo -e "\t-Disable the OAuth2 of Wekan:"
echo -e "\t$ snap unset $SNAP_NAME oauth2-ca-cert"
echo -e "\n"
echo -e "Enable OAuth2 Oracle on premise identity manager OIM. Default: false"
echo -e "To enable the OAuth2 Oracle OIM of Wekan:"
echo -e "\t$ snap set $SNAP_NAME oracle-oim-enabled='true'"
echo -e "\t-Disable the OAuth2 Oracle OIM of Wekan:"
echo -e "\t$ snap unset $SNAP_NAME oracle-oim-enabled"
echo -e "\n"
echo -e "OAuth2 ADFS Enabled. Also requires oauth2-enabled='true'"
echo -e "To enable the OAuth2 ADFS of Wekan:"
echo -e "\t$ snap set $SNAP_NAME oauth2-adfs-enabled='true'"
echo -e "\t-Disable the OAuth2 ADFS of Wekan:"
echo -e "\t$ snap unset $SNAP_NAME oauth2-adfs-enabled"
echo -e "\n"
echo -e "OAuth2 Azure AD B2C Enabled. Also requires oauth2-enabled='true' . https://github.com/wekan/wekan/issues/5242."
echo -e "To enable the OAuth2 Azure AD B2C of Wekan:"
echo -e "\t$ snap set $SNAP_NAME oauth2-b2c-enabled='true'"
echo -e "\t-Disable the OAuth2 Azure AD B2C of Wekan:"
echo -e "\t$ snap unset $SNAP_NAME oauth2-b2c-enabled"
echo -e "\n"
echo -e "OAuth2 Client ID."
echo -e "To enable the OAuth2 Client ID of Wekan:"
echo -e "\t$ snap set $SNAP_NAME oauth2-client-id='54321abcde'"
echo -e "\t-Disable the OAuth2 Client ID of Wekan:"
echo -e "\t$ snap unset $SNAP_NAME oauth2-client-id"
echo -e "\n"
echo -e "OAuth2 login style: popup or redirect. Default: redirect"
echo -e "To enable the OAuth2 login style popup of Wekan:"
echo -e "\t$ snap set $SNAP_NAME oauth2-login-style='popup'"
echo -e "\t-Disable the OAuth2 login style popup of Wekan:"
echo -e "\t$ snap set $SNAP_NAME oauth2-login-style='redirect'"
echo -e "\n"
echo -e "OAuth2 Secret."
echo -e "To enable the OAuth2 Secret of Wekan:"
echo -e "\t$ snap set $SNAP_NAME oauth2-secret='54321abcde'"
echo -e "\t-Disable the OAuth2 Secret of Wekan:"
echo -e "\t$ snap unset $SNAP_NAME oauth2-secret"
echo -e "\n"
echo -e "OAuth2 Server URL."
echo -e "To enable the OAuth2 Server URL of Wekan:"
echo -e "\t$ snap set $SNAP_NAME oauth2-server-url='https://chat.example.com'"
echo -e "\t-Disable the OAuth2 Server URL of Wekan:"
echo -e "\t$ snap unset $SNAP_NAME oauth2-server-url"
echo -e "\n"
echo -e "OAuth2 Authorization Endpoint."
echo -e "To enable the OAuth2 Authorization Endpoint of Wekan:"
echo -e "\t$ snap set $SNAP_NAME oauth2-auth-endpoint='/oauth/authorize'"
echo -e "\t-Disable the OAuth2 Authorization Endpoint of Wekan:"
echo -e "\t$ snap unset $SNAP_NAME oauth2-auth-endpoint"
echo -e "\n"
echo -e "OAuth2 Userinfo Endpoint."
echo -e "To enable the OAuth2 Userinfo Endpoint of Wekan:"
echo -e "\t$ snap set $SNAP_NAME oauth2-userinfo-endpoint='/oauth/authorize'"
echo -e "\t-Disable the OAuth2 Userinfo Endpoint of Wekan:"
echo -e "\t$ snap unset $SNAP_NAME oauth2-userinfo-endpoint"
echo -e "\n"
echo -e "OAuth2 Token Endpoint."
echo -e "To enable the OAuth2 Token Endpoint of Wekan:"
echo -e "\t$ snap set $SNAP_NAME oauth2-token-endpoint='/oauth/token'"
echo -e "\t-Disable the OAuth2 Token Endpoint of Wekan:"
echo -e "\t$ snap unset $SNAP_NAME oauth2-token-endpoint"
echo -e "\n"
echo -e "OAuth2 ID Token Whitelist Fields."
echo -e "To enable the OAuth2 ID Token Whitelist Fields of Wekan:"
echo -e "\t$ snap set $SNAP_NAME oauth2-id-token-whitelist-fields=[]"
echo -e "\t-Disable the OAuth2 ID Token Whitelist Fields of Wekan:"
echo -e "\t$ snap unset $SNAP_NAME oauth2-id-token-whitelist-fields"
echo -e "\n"
echo -e "OAuth2 Request Permissions."
echo -e "To enable the OAuth2 Request Permissions of Wekan:"
echo -e "\t$ snap set $SNAP_NAME oauth2-request-permissions=\"'openid profile email'\""
echo -e "\t-Disable the OAuth2 Request Permissions of Wekan:"
echo -e "\t$ snap unset $SNAP_NAME oauth2-request-permissions"
echo -e "\n"
echo -e "OAuth2 ID Mapping."
echo -e "To enable the OAuth2 ID Mapping of Wekan:"
echo -e "\t$ snap set $SNAP_NAME oauth2-id-map='username.uid'"
echo -e "\t-Disable the OAuth2 ID Mapping of Wekan:"
echo -e "\t$ snap unset $SNAP_NAME oauth2-id-map"
echo -e "\n"
echo -e "OAuth2 Username Mapping."
echo -e "To enable the OAuth2 Username Mapping of Wekan:"
echo -e "\t$ snap set $SNAP_NAME oauth2-username-map='username'"
echo -e "\t-Disable the OAuth2 Username Mapping of Wekan:"
echo -e "\t$ snap unset $SNAP_NAME oauth2-username-map"
echo -e "\n"
echo -e "OAuth2 Fullname Mapping."
echo -e "To enable the OAuth2 Fullname Mapping of Wekan:"
echo -e "\t$ snap set $SNAP_NAME oauth2-fullname-map='fullname'"
echo -e "\t-Disable the OAuth2 Fullname Mapping of Wekan:"
echo -e "\t$ snap unset $SNAP_NAME oauth2-fullname-map"
echo -e "\n"
echo -e "OAuth2 Email Mapping."
echo -e "To enable the OAuth2 Email Mapping of Wekan:"
echo -e "\t$ snap set $SNAP_NAME oauth2-email-map='email'"
echo -e "\t-Disable the OAuth2 Email Mapping of Wekan:"
echo -e "\t$ snap unset $SNAP_NAME oauth2-email-map"
echo -e "\n"
echo -e "Ldap Enable."
echo -e "To enable the ldap of Wekan:"
echo -e "\t$ snap set $SNAP_NAME ldap-enable='true'"
echo -e "\t-Disable the ldap of Wekan:"
echo -e "\t$ snap set $SNAP_NAME ldap-enable='false'"
echo -e "\n"
echo -e "Ldap Port."
echo -e "The port of the ldap server:"
echo -e "\t$ snap set $SNAP_NAME ldap-port='12345'"
echo -e "\n"
echo -e "LDAP AD Simple Auth. When enabled, ldap-basedn is not needed, and also do set ldap-user-autentication='true'. Example: true. Enable:"
echo -e "\t$ snap set $SNAP_NAME ldap-ad-simple-auth='true'"
echo -e "\t-Disable the LDAP AD Simple Auth of Wekan:"
echo -e "\t$ snap unset $SNAP_NAME ldap-ad-simple-auth"
echo -e "\n"
echo -e "a) Option to login to the LDAP server with the user's own username and password, instead of an administrator key. Default: false (use administrator key)."
echo -e "b) For LDAP AD Simple Auth, set to true."
echo -e "\t$ snap set $SNAP_NAME ldap-user-authentication='true'"
echo -e "\n"
echo -e "Which field is used to find the user for the user authentication. Default: uid."
echo -e "\t$ snap set $SNAP_NAME ldap-user-authentication-field='uid'"
echo -e "\n"
echo -e "Ldap Host."
echo -e "The host server for the LDAP server:"
echo -e "\t$ snap set $SNAP_NAME ldap-host='localhost'"
echo -e "\n"
echo -e "Ldap Base Dn."
echo -e "The base DN for the LDAP Tree:"
echo -e "\t$ snap set $SNAP_NAME ldap-basedn='ou=user,dc=example,dc=org'"
echo -e "\n"
echo -e "Ldap Login Fallback."
echo -e "Fallback on the default authentication method:"
echo -e "\t$ snap set $SNAP_NAME ldap-login-fallback='true'"
echo -e "\n"
echo -e "Ldap Reconnect."
echo -e "Reconnect to the server if the connection is lost:"
echo -e "\t$ snap set $SNAP_NAME ldap-reconnect='false'"
echo -e "\n"
echo -e "Ldap Timeout."
echo -e "Overall timeout, in milliseconds:"
echo -e "\t$ snap set $SNAP_NAME ldap-timeout='12345'"
echo -e "\n"
echo -e "Ldap Idle Timeout."
echo -e "Specifies the timeout for idle LDAP connections in milliseconds:"
echo -e "\t$ snap set $SNAP_NAME ldap-idle-timeout='12345'"
echo -e "\n"
echo -e "Ldap Connect Timeout."
echo -e "Connection timeout, in milliseconds:"
echo -e "\t$ snap set $SNAP_NAME ldap-connect-timeout='12345'"
echo -e "\n"
echo -e "Ldap Authentication."
echo -e "If the LDAP needs a user account to search:"
echo -e "\t$ snap set $SNAP_NAME ldap-authentication='true'"
echo -e "\n"
echo -e "Ldap Authentication User Dn."
echo -e "The search user Dn, 2 examples:"
echo -e "\t$ snap set $SNAP_NAME ldap-authentication-userdn='CN=ldap admin,CN=users,DC=domainmatter,DC=lan'"
echo -e "\t$ snap set $SNAP_NAME ldap-authentication-userdn='CN=wekan_adm,OU=serviceaccounts,OU=admin,OU=prod,DC=mydomain,DC=com'"
echo -e "\n"
echo -e "Ldap Authentication Password."
echo -e "The password for the search user:"
echo -e "\t$ snap set $SNAP_NAME ldap-authentication-password='admin'"
echo -e "\n"
echo -e "Ldap Log Enabled."
echo -e "Enable logs for the module:"
echo -e "\t$ snap set $SNAP_NAME ldap-log-enabled='true'"
echo -e "\n"
echo -e "Ldap Background Sync."
echo -e "If the sync of the users should be done in the background:"
echo -e "\t$ snap set $SNAP_NAME ldap-background-sync='true'"
echo -e "\n"
echo -e "Ldap Background Sync Interval."
echo -e "At which interval does the background task sync."
echo -e "The format must be as specified in: https://bunkat.github.io/later/parsers.html#text"
echo -e "Default is empty '' that is same as 'every 1 hour'"
echo -e "\t$ snap set $SNAP_NAME ldap-background-sync-interval='every 1 hour'"
echo -e "\n"
echo -e "Ldap Background Sync Keep Existant Users Updated."
echo -e "\t$ snap set $SNAP_NAME ldap-background-sync-keep-existant-users-updated='true'"
echo -e "\n"
echo -e "Ldap Background Sync Import New Users."
echo -e "\t$ snap set $SNAP_NAME ldap-background-sync-import-new-users='true'"
echo -e "\n"
echo -e "Ldap Encryption."
echo -e "Allow LDAPS:"
echo -e "\t$ snap set $SNAP_NAME ldap-encryption='ssl'"
echo -e "\n"
echo -e "Ldap Ca Cert."
echo -e "The certification for the LDAPS server:"
echo -e "\t$ snap set $SNAP_NAME ldap-ca-cert=-----BEGIN CERTIFICATE-----MIIE+zCCA+OgAwIBAgIkAhwR/6TVLmdRY6hHxvUFWc0+Enmu/Hu6cj+G2FIdAgIC...-----END CERTIFICATE-----"
echo -e "\n"
echo -e "Ldap Reject Unauthorized."
echo -e "Reject Unauthorized Certificate:"
echo -e "\t$ snap set $SNAP_NAME ldap-reject-unauthorized='true'"
echo -e "\n"
echo -e "Ldap User Search Filter."
echo -e "Optional extra LDAP filters. Don't forget the outmost enclosing parentheses if needed:"
echo -e "\t$ snap set $SNAP_NAME ldap-user-search-filter=''"
echo -e "\n"
echo -e "Ldap User Search Scope."
echo -e "base (search only in the provided DN), one (search only in the provided DN and one level deep), or sub (search the whole subtree). Example: one"
echo -e "\t$ snap set $SNAP_NAME ldap-user-search-scope=one"
echo -e "\n"
echo -e "Ldap User Search Field."
echo -e "Which field is used to find the user:"
echo -e "\t$ snap set $SNAP_NAME ldap-user-search-field='uid'"
echo -e "\n"
echo -e "Ldap Search Page Size."
echo -e "Used for pagination (0=unlimited):"
echo -e "\t$ snap set $SNAP_NAME ldap-search-page-size='12345'"
echo -e "\n"
echo -e "Ldap Search Size Limit."
echo -e "The limit number of entries (0=unlimited):"
echo -e "\t$ snap set $SNAP_NAME ldap-search-size-limit='12345'"
echo -e "\n"
echo -e "Ldap Group Filter Enable. Note the authenticated ldap user must be able to query all relevant group data with own login data from ldap."
echo -e "Enable group filtering:"
echo -e "\t$ snap set $SNAP_NAME ldap-group-filter-enable='true'"
echo -e "\n"
echo -e "Ldap Group Filter ObjectClass."
echo -e "The object class for filtering:"
echo -e "\t$ snap set $SNAP_NAME ldap-group-filter-objectclass='group'"
echo -e "\n"
echo -e "Ldap Group Filter Id Attribute."
echo -e "\t$ snap set $SNAP_NAME ldap-group-filter-group-id-attribute=''"
echo -e "\n"
echo -e "Ldap Group Filter Member Attribute."
echo -e "\t$ snap set $SNAP_NAME ldap-group-filter-group-member-attribute=''"
echo -e "\n"
echo -e "Ldap Group Filter Member Format."
echo -e "\t$ snap set $SNAP_NAME ldap-group-filter-group-member-format=''"
echo -e "\n"
echo -e "Ldap Group Filter Group Name."
echo -e "\t$ snap set $SNAP_NAME ldap-group-filter-group-name=''"
echo -e "\n"
echo -e "Ldap Unique Identifier Field."
echo -e "This field is sometimes class GUID (Globally Unique Identifier):"
echo -e "\t$ snap set $SNAP_NAME ldap-unique-identifier-field=guid"
echo -e "\n"
echo -e "Ldap Utf8 Names Slugify."
echo -e "Convert the username to utf8:"
echo -e "\t$ snap set $SNAP_NAME ldap-utf8-names-slugify='false'"
echo -e "\n"
echo -e "Ldap Username Field."
echo -e "Which field contains the ldap username:"
echo -e "\t$ snap set $SNAP_NAME ldap-username-field='username'"
echo -e "\n"
echo -e "Ldap Fullname Field."
echo -e "Which field contains the ldap fullname:"
echo -e "\t$ snap set $SNAP_NAME ldap-fullname-field='fullname'"
echo -e "\n"
echo -e "Ldap Merge Existing Users."
echo -e "\t$ snap set $SNAP_NAME ldap-merge-existing-users='true'"
echo -e "\n"
echo -e "Ldap Email Match Enable."
echo -e "\t$ snap set $SNAP_NAME ldap-email-match-enable='true'"
echo -e "\n"
echo -e "Ldap Email Match Require."
echo -e "\t$ snap set $SNAP_NAME ldap-email-match-require='true'"
echo -e "\n"
echo -e "Ldap Email Match Verified."
echo -e "\t$ snap set $SNAP_NAME ldap-email-match-verfied='false'"
echo -e "\n"
echo -e "Ldap Fullname Field."
echo -e "Which field contains the ldap email address:"
echo -e "\t$ snap set $SNAP_NAME ldap-fullname-field='fullname'"
echo -e "\n"
echo -e "Ldap Sync User Data."
echo -e "Enable synchronization of user data:"
echo -e "\t$ snap set $SNAP_NAME ldap-sync-user-data='true'"
echo -e "\n"
echo -e "Ldap Sync User Data Fieldmap."
echo -e "A field map for the matching:"
echo -e "\t$ snap set $SNAP_NAME ldap-sync-user-data-fieldmap={\"cn\":\"name\", \"mail\":\"email\"}"
echo -e "\n"
echo -e "Ldap Sync Group Roles."
echo -e "\t$ snap set $SNAP_NAME ldap-sync-group-roles=''"
echo -e "\n"
echo -e "Ldap Default Domain."
echo -e "a) In case AD SimpleAuth is configured, the default domain is appended to the given loginname for creating the correct username for the bind request to AD."
echo -e "b) The default domain of the ldap it is used to create email if the field is not map correctly with the ldap-sync-user-data-fieldmap."
echo -e "\t$ snap set $SNAP_NAME ldap-default-domain=''"
echo -e "\n"
echo -e "Enable/Disable syncing of admin status based on LDAP groups."
echo -e "\t$ snap set $SNAP_NAME ldap-sync-admin-status='true'"
echo -e "\n"
echo -e "Comma separated list of admin group names to sync."
echo -e "\t$ snap set $SNAP_NAME ldap-sync-admin-groups='group1,group2'"
echo -e "\n"
echo -e "Logout with timer."
echo -e "Enable or not the option that allows to disconnect an user after a given time:"
echo -e "\t$ snap set $SNAP_NAME logout-with-timer='true'"
echo -e "\n"
echo -e "Login to LDAP automatically with HTTP header."
echo -e "In below example for siteminder, at right side of = is header name."
echo -e "\t$ snap set $SNAP_NAME header-login-id='HEADERUID'"
echo -e "\t$ snap set $SNAP_NAME header-login-firstname='HEADERFIRSTNAME'"
echo -e "\t$ snap set $SNAP_NAME header-login-lastname='HEADERLASTNAME'"
echo -e "\t$ snap set $SNAP_NAME header-login-email='HEADEREMAILADDRESS'"
echo -e "\n"
echo -e "Logout in."
echo -e "Logout in how many days:"
echo -e "\t$ snap set $SNAP_NAME logout-in='1'"
echo -e "\n"
echo -e "Logout on hours."
echo -e "Logout in how many hours:"
echo -e "\t$ snap set $SNAP_NAME logout-on-hours='9'"
echo -e "\n"
echo -e "Logout on minutes."
echo -e "Logout in how many minutes:"
echo -e "\t$ snap set $SNAP_NAME logout-on-minutes='5'"
echo -e "\n"
echo -e "Default authentication method."
echo -e "The default authentication method used if a user does not exist to create and authenticate. Method can be password or ldap."
echo -e "\t$ snap set $SNAP_NAME default-authentication-method='ldap'"
echo -e "\n"
echo -e "Enable or not password login Form"
echo -e "\t$ snap set $SNAP_NAME password-login-enabled='false'"
echo -e "\n"
echo -e "CAS Enabled. Default: false"
echo -e "\t$ snap set $SNAP_NAME cas-enabled='true'"
echo -e "\n"
echo -e "CAS Base URL."
echo -e "\t$ snap set $SNAP_NAME cas-base-url='https://cas.example.com/cas'"
echo -e "\n"
echo -e "CAS Login URL."
echo -e "\t$ snap set $SNAP_NAME cas-login-url='https://cas.example.com/login'"
echo -e "\n"
echo -e "CAS Validate URL."
echo -e "\t$ snap set $SNAP_NAME cas-validate-url='https://cas.example.com/cas/p3/serviceValidate'"
echo -e "\n"
echo -e "SAML Enabled. Default: false"
echo -e "\t$ snap set $SNAP_NAME saml-enabled='true'"
echo -e "\n"
echo -e "SAML Provider. openam or openidp."
echo -e "\t$ snap set $SNAP_NAME saml-provider='openam'"
echo -e "\n"
echo -e "SAML Entrypoint."
echo -e "\t$ snap set $SNAP_NAME saml-entrypoint=''"
echo -e "\n"
echo -e "SAML Issuer."
echo -e "\t$ snap set $SNAP_NAME saml-issuer=''"
echo -e "\n"
echo -e "SAML Cert."
echo -e "\t$ snap set $SNAP_NAME saml-cert=''"
echo -e "\n"
echo -e "SAML IDPS LO Redirect URL."
echo -e "\t$ snap set $SNAP_NAME saml-ispslo-redirecturl=''"
echo -e "\n"
echo -e "SAML Private Keyfile."
echo -e "\t$ snap set $SNAP_NAME saml-private-keyfile=''"
echo -e "\n"
echo -e "SAML Public Certfile."
echo -e "\t$ snap set $SNAP_NAME saml-public-certfile=''"
echo -e "\n"
echo -e "SAML Identifier Format."
echo -e "\t$ snap set $SNAP_NAME saml-identifier-format=''"
echo -e "\n"
echo -e "SAML Local Profile Match Attribute."
echo -e "\t$ snap set $SNAP_NAME saml-local-profile-match-attribute=''"
echo -e "\n"
echo -e "SAML Attributes."
echo -e "\t$ snap set $SNAP_NAME saml-attributes=''"
echo -e "\n"
echo -e "Wait spinner to use."
echo -e "\t$ snap set $SNAP_NAME wait-spinner='Bounce'"
echo -e "\n"
# parse config file for supported settings keys
echo -e "wekan supports settings keys"
echo -e "values can be changed by calling\n$ snap set $SNAP_NAME <key name>='<key value>'"
echo -e "list of supported keys:"
for key in ${keys[@]}
do
    default_value="DEFAULT_$key"
    description="DESCRIPTION_$key"
    snappy_key="KEY_$key"
    echo -e "\t${!snappy_key}:   ${!description}"
    if [ "x" == "x${!key}" ]; then
        echo -e "\t\tNo value set, using default value: '${!default_value}'"
    else
        echo -e "\t\tCurrent value set to: '${!key}', (default value: '${!default_value}')"
    fi
done

echo -e "\n!!!! Some changes result in restart of some or all services, use with caution !!!!!"