mirror of
https://github.com/wekan/wekan.git
synced 2025-04-22 04:57:07 -04:00
c936d83b38
Thanks to xet7 ! Related https://github.com/wekan/wekan/pull/5619, related https://github.com/wekan/wekan/pull/5616
681 lines
33 KiB
Bash
Executable file
681 lines
33 KiB
Bash
Executable file
#!/bin/bash
|
|
|
|
# first read settings
|
|
source $SNAP/bin/wekan-read-settings &>/dev/null
|
|
if [ "$CADDY_ENABLED" = "true" ]; then
|
|
# tweak port nunmber as it has been remapped
|
|
export PORT=${CADDY_PORT} &>/dev/null
|
|
fi
|
|
|
|
echo -e "Wekan: The open-source kanban.\n"
|
|
echo -e "\n"
|
|
echo -e "Debug OIDC OAuth2 etc."
|
|
echo -e "To enable the Debug of Wekan:"
|
|
echo -e "\t$ snap set $SNAP_NAME debug='true'"
|
|
echo -e "\t-Disable the Debug of Wekan:"
|
|
echo -e "\t$ snap unset $SNAP_NAME debug"
|
|
echo -e "\n"
|
|
echo -e "AWS S3 for files:"
|
|
echo -e "\t$ snap set $NAP_NAME s3='{\"s3\":{\"key\": \"xxx\", \"secret\": \"xxx\", \"bucket\": \"xxx\", \"region\": \"eu-west-1\"}}'"
|
|
echo -e "Disable S3:"
|
|
echo -e "\t$ snap unset $SNAP_NAME s3"
|
|
echo -e "\n"
|
|
#echo -e "Writable path. Snap can not write outside of /var/snap/wekan/common sandbox directory."
|
|
#echo -e "Default:"
|
|
#echo -e "\t$ snap set $SNAP_NAME writable-path='\$SNAP_COMMON\files'"
|
|
#echo -e "\t-To set different path, usually not needed:"
|
|
#echo -e "\t$ snap set $SNAP_NAME writable-path='\$SNAP_COMMON\files2'"
|
|
#echo -e "\n"
|
|
echo -e "Mongo log destimation: devnull/snapcommon/syslog. Default: 'devnull'"
|
|
echo -e "To set different mongo log destination of Wekan:"
|
|
echo -e "\t$ snap set $SNAP_NAME mongo-log-destination='snapcommon'"
|
|
echo -e "\n"
|
|
echo -e "To enable the MONGO_URL of Wekan:"
|
|
echo -e "\t$ snap set $SNAP_NAME mongo-url='...'"
|
|
echo -e "\t-Disable the MONGO_URL of Wekan:"
|
|
echo -e "\t$ snap unset $SNAP_NAME mongo-url"
|
|
echo -e "\n"
|
|
echo -e "Make sure you have connected all interfaces, check more by calling $ snap interfaces ${SNAP_NAME}"
|
|
echo -e "\n"
|
|
echo -e "${SNAP_NAME} has multiple services, to check status use systemctl"
|
|
echo -e "\t$ systemctl status snap.$SNAP_NAME.*"
|
|
echo -e "\n"
|
|
echo -e "To make backup of wekan's database use: $ ${SNAP_NAME}.database-backup [backup file]"
|
|
echo -e "\t backup file is optional parameter, if not passed backup is created in directory:"
|
|
echo -e "\t\t${SNAP_COMMON}/db-backups"
|
|
echo -e "To list existing backups in default directory: $ ${SNAP_NAME}.database-list-backups"
|
|
echo -e "To restore wekan's database use: ${SNAP_NAME}.database-restore <path to backup>"
|
|
echo -e "\n"
|
|
echo -e "wekan can be configured to share mongodb with other services using content interface"
|
|
echo -e "\t-sharing mongodb from $SNAP_NAME to other snap(s):"
|
|
echo -e "\t\t-connect mongodb-slot with plug from corresponding snap(s)"
|
|
echo -e "\t\t-configure corresponding service to use mongodb unix socket in shared directory, socket file name is: mongodb-$MONGODB_PORT.sock"
|
|
echo -e "\t-sharing mongodb from other snap to $SNAP_NAME:"
|
|
echo -e "\t\t-connect mongodb-plug with slot from snap providing mongodb"
|
|
echo -e "\t\t-disable mongodb in $SNAP_NAME by calling: $ snap set $SNAP_NAME set disable-mongodb='true'"
|
|
echo -e "\t\t-set mongodb-bind-unix-socket to point to serving mongodb. Use relative path inside shared directory, e.g run/mongodb-27017.sock"
|
|
echo -e "\n"
|
|
echo -e "To enable the API of wekan:"
|
|
echo -e "\t$ snap set $SNAP_NAME with-api='true'"
|
|
echo -e "\t-Disable the API:"
|
|
echo -e "\t$ snap unset $SNAP_NAME with-api"
|
|
echo -e "\n"
|
|
echo -e "After OIDC login, add users automatically to this default board ID. https://github.com/wekan/wekan/pull/5098"
|
|
echo -e "To enable the default board ID of wekan:"
|
|
echo -e "\t$ snap set $SNAP_NAME default-board-id='abdc1234'"
|
|
echo -e "\t-Disable the default board ID:"
|
|
echo -e "\t$ snap unset $SNAP_NAME default-board-id"
|
|
echo -e "\n"
|
|
echo -e "Email: https://github.com/wekan/wekan/wiki/Troubleshooting-Mail"
|
|
echo -e "mail-url:"
|
|
echo -e "\t$ snap set $SNAP_NAME mail-url='smtp://username:password@email-smtp.eu-west-1.amazonaws.com:587?tls={ciphers:\"SSLv3\"}&secureConnection=false'"
|
|
echo -e "mail-from:"
|
|
echo -e "\t$ snap set $SNAP_NAME mail-from='Boards Support <support@example.com>'"
|
|
echo -e "mail-service (CURRENTLY NOT IN USE):"
|
|
echo -e "\t$ snap set $SNAP_NAME mail-service='Outlook365'"
|
|
echo -e "mail-service-user:"
|
|
echo -e "\t$ snap set $SNAP_NAME mail-service-user='firstname.lastname@hotmail.com'"
|
|
echo -e "mail-service-password:"
|
|
echo -e "\t$ snap set $SNAP_NAME mail-service-password='SecretPassword'"
|
|
echo -e "\n"
|
|
echo -e "Number of search results to show per page by default:"
|
|
echo -e "\t$ snap set $SNAP_NAME results-per-page='20'"
|
|
echo -e "\t-Restore default:"
|
|
echo -e "\t$ snap unset $SNAP_NAME results-per-page"
|
|
echo -e "\n"
|
|
echo -e "Accounts lockout known users failures before, greater than 0. Default: 3"
|
|
echo -e "\t$ snap set $SNAP_NAME accounts-lockout-known-users-failures-before='3'"
|
|
echo -e "\t-Restore default:"
|
|
echo -e "\t$ snap unset $SNAP_NAME accounts-lockout-known-users-failures-before"
|
|
echo -e "\n"
|
|
echo -e "Accounts lockout know users period, in seconds. Default: 60"
|
|
echo -e "\t$ snap set $SNAP_NAME accounts-lockout-known-users-period='60'"
|
|
echo -e "\t-Restore default:"
|
|
echo -e "\t$ snap unset $SNAP_NAME accounts-lockout-known-users-period"
|
|
echo -e "\n"
|
|
echo -e "Accounts lockout unknown failure window, in seconds. Default: 15"
|
|
echo -e "\t$ snap set $SNAP_NAME accounts-lockout-known-users-failure-window='15'"
|
|
echo -e "\t-Restore default:"
|
|
echo -e "\t$ snap unset $SNAP_NAME accounts-lockout-known-users-failure-window"
|
|
echo -e "\n"
|
|
echo -e "Accounts lockout unknown users failures before, greater than 0. Default: 3"
|
|
echo -e "\t$ snap set $SNAP_NAME accounts-lockout-unknown-users-failures-before='3'"
|
|
echo -e "\t-Restore default:"
|
|
echo -e "\t$ snap unset $SNAP_NAME accounts-lockout-unknown-users-failures-before"
|
|
echo -e "\n"
|
|
echo -e "Accounts lockout unknown users lockout period, in seconds. Default: 60"
|
|
echo -e "\t$ snap set $SNAP_NAME accounts-lockout-unknown-users-lockout-period='60'"
|
|
echo -e "\t-Restore default:"
|
|
echo -e "\t$ snap unset $SNAP_NAME accounts-lockout-unknown-users-lockout-period"
|
|
echo -e "\n"
|
|
echo -e "Accounts lockout unknown users failure window, in seconds. Default: 15"
|
|
echo -e "\t$ snap set $SNAP_NAME accounts-lockout-unknown-users-failure-window='15'"
|
|
echo -e "\t-Restore default:"
|
|
echo -e "\t$ snap unset $SNAP_NAME accounts-lockout-unknown-users-failure-window"
|
|
echo -e "\n"
|
|
echo -e "Accounts common login expiration in days. Default: 90"
|
|
echo -e "\t$ snap set $SNAP_NAME accounts-common-login-expiration-in-days='90'"
|
|
echo -e "\t-Restore default:"
|
|
echo -e "\t$ snap unset $SNAP_NAME accounts-common-login-expiration-in-days"
|
|
echo -e "\n"
|
|
echo -e "https://github.com/wekan/wekan/issues/3585#issuecomment-1021522132"
|
|
echo -e "node-options: Add more Node heap. Default:"
|
|
echo -e "\t$ snap set $SNAP_NAME node-options=\"--max_old_space_size=4096\""
|
|
echo -e "\t-Remove node-options:"
|
|
echo -e "\t$ snap unset $SNAP_NAME node-options"
|
|
echo -e "\n"
|
|
echo -e "Rich text editor in card comments. Default: false https://github.com/wekan/wekan/pull/2560"
|
|
echo -e "Enable:"
|
|
echo -e "\t$ snap set $SNAP_NAME richer-card-comment-editor='true'"
|
|
echo -e "Disable:"
|
|
echo -e "\t$ snap unset $SNAP_NAME richer-card-comment-editor"
|
|
echo -e "\n"
|
|
echo -e "Card opened, send webhook message. Default: false https://github.com/wekan/wekan/issues/2518"
|
|
echo -e "Enable:"
|
|
echo -e "\t$ snap set $SNAP_NAME card-opened-webhook-enabled='true'"
|
|
echo -e "Disable, default:"
|
|
echo -e "\t$ snap unset $SNAP_NAME card-opened-webhook-enabled"
|
|
echo -e "\n"
|
|
echo -e "Attachments upload validation by an external program. {file} is replaced by the uploaded file. Example: /usr/local/bin/avscan {file}"
|
|
echo -e "Enable:"
|
|
echo -e "\t$ snap set $SNAP_NAME attachments-upload-external-program='/usr/local/bin/avscan {file}'"
|
|
echo -e "Disable, default:"
|
|
echo -e "\t$ snap unset $SNAP_NAME attachments-upload-external-program"
|
|
echo -e "\n"
|
|
echo -e "Attachments upload mime types. Example: image/*,text/*"
|
|
echo -e "Enable:"
|
|
echo -e "\t$ snap set $SNAP_NAME attachments-upload-mime-types='image/*,text/*'"
|
|
echo -e "Disable, default:"
|
|
echo -e "\t$ snap unset $SNAP_NAME attachments-upload-mime-types"
|
|
echo -e "\n"
|
|
echo -e "Attachments upload max size in bytes. Example: 5000000"
|
|
echo -e "Enable:"
|
|
echo -e "\t$ snap set $SNAP_NAME attachments-upload-max-size='5000000'"
|
|
echo -e "Disable, default:"
|
|
echo -e "\t$ snap unset $SNAP_NAME attachments-upload-max-size"
|
|
echo -e "\n"
|
|
echo -e "Avatars upload validation by an external program. {file} is replaced by the uploaded file. Example: /usr/local/bin/avscan {file}"
|
|
echo -e "Enable:"
|
|
echo -e "\t$ snap set $SNAP_NAME avatars-upload-external-program='/usr/local/bin/avscan {file}'"
|
|
echo -e "Disable, default:"
|
|
echo -e "\t$ snap unset $SNAP_NAME avatars-upload-external-program"
|
|
echo -e "\n"
|
|
echo -e "Avatars upload mime types. Example: image/*,text/*"
|
|
echo -e "Enable:"
|
|
echo -e "\t$ snap set $SNAP_NAME avatars-upload-mime-types='image/*,text/*'"
|
|
echo -e "Disable, default:"
|
|
echo -e "\t$ snap unset $SNAP_NAME avatars-upload-mime-types"
|
|
echo -e "\n"
|
|
echo -e "Avatars upload max size in bytes. Example: 5000000"
|
|
echo -e "Enable:"
|
|
echo -e "\t$ snap set $SNAP_NAME avatars-upload-max-size='5000000'"
|
|
echo -e "Disable, default:"
|
|
echo -e "\t$ snap unset $SNAP_NAME avatars-upload-max-size"
|
|
echo -e "\n"
|
|
echo -e "Max image pixel: Allow to shrink attached/pasted image https://github.com/wekan/wekan/pull/2544"
|
|
echo -e "Example:"
|
|
echo -e "\t$ snap set $SNAP_NAME max-image-pixel='1024'"
|
|
echo -e "Disable:"
|
|
echo -e "\t$ snap unset $SNAP_NAME max-image-pixel"
|
|
echo -e "\n"
|
|
echo -e "Image compress ratio: Allow to shrink attached/pasted image https://github.com/wekan/wekan/pull/2544"
|
|
echo -e "Example:"
|
|
echo -e "\t$ snap set $SNAP_NAME image-compress-ratio='80'"
|
|
echo -e "Disable:"
|
|
echo -e "\t$ snap unset $SNAP_NAME image-compress-ratio"
|
|
echo -e "\n"
|
|
echo -e "NOTIFICATION TRAY AFTER READ DAYS BEFORE REMOVE https://github.com/wekan/wekan/pull/2998"
|
|
echo -e "Number of days after a notification is read before we remove it. Default: 2."
|
|
echo -e "Example:"
|
|
echo -e "\t$ snap set $SNAP_NAME notification-tray-after-read-days-before-remove='4'"
|
|
echo -e "Restore default:"
|
|
echo -e "\t$ snap unset $SNAP_NAME notification-tray-after-read-days-before-remove"
|
|
echo -e "\n"
|
|
echo -e "BIGEVENTS DUE ETC NOTIFICATIONS https://github.com/wekan/wekan/pull/2541"
|
|
echo -e "Big events pattern: Notify always due etc regardless of notification settings. Default: due, All: received|start|due|end, Disabled: NONE"
|
|
echo -e "Default:"
|
|
echo -e "\t$ snap set $SNAP_NAME bigevents-pattern='due'"
|
|
echo -e "All:"
|
|
echo -e "\t$ snap set $SNAP_NAME bigevents-pattern='received|start|due|end'"
|
|
echo -e "Disabled:"
|
|
echo -e "\t$ snap set $SNAP_NAME bigevents-pattern='NONE'"
|
|
echo -e "\n"
|
|
echo -e "EMAIL DUE DATE NOTIFICATION https://github.com/wekan/wekan/pull/2536"
|
|
echo -e "System timelines will be showing any user modification for dueat startat endat receivedat, also notification to the watchers and if any card is due, about due or past due."
|
|
echo -e "Notify due days, number less than 15 or negative number accepted, you can specify multiple days delimited by ','. Default: NONE"
|
|
echo -e "To enable different Notify for Due Days on 2 days before, and on the event day "
|
|
echo -e "\t$ snap set $SNAP_NAME notify-due-days-before-and-after='2,0'"
|
|
echo -e "\t-Disable Notifying for Due Days:"
|
|
echo -e "\t$ snap unset $SNAP_NAME notify-due-days-before-and-after"
|
|
echo -e "\n"
|
|
echo -e "Notify due at hour of day. Default every morning at 8am. Can be 0-23."
|
|
echo -e "If env variable has parsing error, use default. Notification sent to watchers."
|
|
echo -e "To enable different Notify Due At Hour Of Day than default 8:"
|
|
echo -e "\t$ snap set $SNAP_NAME notify-due-at-hour-of-day='10'"
|
|
echo -e "\t-To set back default 8 of Notify Due at Hour of Day:"
|
|
echo -e "\t$ snap unset $SNAP_NAME notify-due-at-hour-of-day"
|
|
echo -e "\n"
|
|
echo -e "To enable the Email Notification Timeout of wekan in ms, default 30000 (=30s):"
|
|
echo -e "\t$ snap set $SNAP_NAME email-notification-timeout='10000'"
|
|
echo -e "\t-Restore default:"
|
|
echo -e "\t$ snap unset $SNAP_NAME email-notification-timeout"
|
|
echo -e "\n"
|
|
echo -e "To enable the CORS of wekan, to set Access-Control-Allow-Origin header:"
|
|
echo -e "\t$ snap set $SNAP_NAME cors='*'"
|
|
echo -e "\t-Disable the CORS:"
|
|
echo -e "\t$ snap unset $SNAP_NAME cors"
|
|
echo -e "\n"
|
|
echo -e "To enable the Set Access-Control-Allow-Headers header. \"Authorization,Content-Type\" is required for cross-origin use of the API."
|
|
echo -e "\t$ snap set $SNAP_NAME cors-allow-headers='Authorization,Content-Type'"
|
|
echo -e "\t-Disable the Set Access-Control-Allow-Headers header. \"Authorization,Content-Type\" is required for cross-origin use of the API."
|
|
echo -e "\t$ snap unset $SNAP_NAME cors-allow-headers"
|
|
echo -e "\n"
|
|
echo -e "To enable the Set Access-Control-Expose-Headers header. This is not needed for typical CORS situations. Example: *"
|
|
echo -e "\t$ snap set $SNAP_NAME cors-expose-headers='*'"
|
|
echo -e "\t-Disable the Set Access-Control-Expose-Headers header. This is not needed for typical CORS situations. Example: ''"
|
|
echo -e "\t$ snap unset $SNAP_NAME cors-expose-headers"
|
|
echo -e "\n"
|
|
echo -e "The address of the server where Matomo is hosted:"
|
|
echo -e "\t$ snap set $SNAP_NAME matomo-address='https://matomo.example.com'"
|
|
echo -e "\t-Disable the Matomo integration:"
|
|
echo -e "\t$ snap unset $SNAP_NAME matomo-address"
|
|
echo -e "\n"
|
|
echo -e "The value of the site ID given in matomo server"
|
|
echo -e "\t$ snap set $SNAP_NAME matomo-site-id='12345'"
|
|
echo -e "\t-Disable the Matomo site id integration:"
|
|
echo -e "\t$ snap unset $SNAP_NAME matomo-site-id"
|
|
echo -e "\n"
|
|
echo -e "The option do not track which enables users to not be tracked by matomo. Default: true"
|
|
echo -e "\t$ snap set $SNAP_NAME matomo-do-not-track='true'"
|
|
echo -e "\t-Disable the Matomo do not track:"
|
|
echo -e "\t$ snap unset $SNAP_NAME matomo-do-not-track"
|
|
echo -e "\n"
|
|
echo -e "The option that allows matomo to retrieve the username. Default: false"
|
|
echo -e "\t$ snap set $SNAP_NAME matomo-with-username='true'"
|
|
echo -e "\t-Do not retrieve username:"
|
|
echo -e "\t$ snap set $SNAP_NAME matomo-with-username='false'"
|
|
echo -e "\n"
|
|
echo -e "Metrics allowed IP addresses, separated by ',' . https://github.com/wekan/wekan/wiki/Metrics"
|
|
echo -e "\t$ snap set $SNAP_NAME metrics-allowed-ip-addresses='192.168.0.100,192.168.0.200'"
|
|
echo -e "\t-Disable the Metrics:"
|
|
echo -e "\t$ snap unset $SNAP_NAME metrics-allowed-ip-addresses"
|
|
echo -e "\n"
|
|
echo -e "Enable browser policy and allow one trusted URL that can have iframe that has Wekan embedded inside."
|
|
echo -e "\t\t Setting this to false is not recommended, it also disables all other browser policy protections"
|
|
echo -e "\t\t and allows all iframing etc. See wekan/server/policy.js"
|
|
echo -e "To enable the Browser Policy of Wekan:"
|
|
echo -e "\t$ snap set $SNAP_NAME browser-policy-enabled='true'"
|
|
echo -e "\t-Disable the Browser Policy of Wekan:"
|
|
echo -e "\t$ snap set $SNAP_NAME browser-policy-enabled='false'"
|
|
echo -e "\n"
|
|
echo -e "When browser policy is enabled, HTML code at this URL can have iframe that embeds Wekan inside."
|
|
echo -e "To enable the Trusted URL of Wekan:"
|
|
echo -e "\t$ snap set $SNAP_NAME trusted-url='https://example.com'"
|
|
echo -e "\t-Disable the Trusted URL of Wekan:"
|
|
echo -e "\t$ snap unset $SNAP_NAME trusted-url"
|
|
echo -e "\n"
|
|
echo -e "What to send to Outgoing Webhook, or leave out. Example, that includes all that are default: cardId,listId,oldListId,boardId,comment,user,card,commentId ."
|
|
echo -e "To enable the Webhooks Attributes of Wekan:"
|
|
echo -e "\t$ snap set $SNAP_NAME webhooks-attributes='cardId,listId,oldListId,boardId,comment,user,card,commentId'"
|
|
echo -e "\t-Disable the Webhooks Attributes of Wekan to send all default ones:"
|
|
echo -e "\t$ snap unset $SNAP_NAME webhooks-attributes"
|
|
echo -e "\n"
|
|
echo -e "OAuth2 Enabled."
|
|
echo -e "To enable the OAuth2 of Wekan:"
|
|
echo -e "\t$ snap set $SNAP_NAME oauth2-enabled='true'"
|
|
echo -e "\t-Disable the OAuth2 of Wekan:"
|
|
echo -e "\t$ snap unset $SNAP_NAME oauth2-enabled"
|
|
echo -e "\n"
|
|
echo -e "OIDC/OAuth2 redirection to autologin, see https://github.com/wekan/wekan/wiki/autologin"
|
|
echo -e "To enable the autologin of Wekan:"
|
|
echo -e "\t$ snap set $SNAP_NAME oidc-redirection-enabled='true'"
|
|
echo -e "\t-Disable the autologin of Wekan:"
|
|
echo -e "\t$ snap unset $SNAP_NAME oidc-redirection-enabled"
|
|
echo -e "\n"
|
|
echo -e "Optional OAuth2 CA Cert, see https://github.com/wekan/wekan/issues/3299"
|
|
echo -e "To enable the OAuth2 of Wekan:"
|
|
echo -e "\t$ snap set $SNAP_NAME oauth2-ca-cert='ABCD134'"
|
|
echo -e "\t-Disable the OAuth2 of Wekan:"
|
|
echo -e "\t$ snap unset $SNAP_NAME oauth2-ca-cert"
|
|
echo -e "\n"
|
|
echo -e "Enable OAuth2 Oracle on premise identity manager OIM. Default: false"
|
|
echo -e "To enable the OAuth2 Oracle OIM of Wekan:"
|
|
echo -e "\t$ snap set $SNAP_NAME oracle-oim-enabled='true'"
|
|
echo -e "\t-Disable the OAuth2 Oracle OIM of Wekan:"
|
|
echo -e "\t$ snap unset $SNAP_NAME oracle-oim-enabled"
|
|
echo -e "\n"
|
|
echo -e "OAuth2 ADFS Enabled. Also requires oauth2-enabled='true'"
|
|
echo -e "To enable the OAuth2 ADFS of Wekan:"
|
|
echo -e "\t$ snap set $SNAP_NAME oauth2-adfs-enabled='true'"
|
|
echo -e "\t-Disable the OAuth2 ADFS of Wekan:"
|
|
echo -e "\t$ snap unset $SNAP_NAME oauth2-adfs-enabled"
|
|
echo -e "\n"
|
|
echo -e "OAuth2 Azure AD B2C Enabled. Also requires oauth2-enabled='true' . https://github.com/wekan/wekan/issues/5242."
|
|
echo -e "To enable the OAuth2 Azure AD B2C of Wekan:"
|
|
echo -e "\t$ snap set $SNAP_NAME oauth2-b2c-enabled='true'"
|
|
echo -e "\t-Disable the OAuth2 Azure AD B2C of Wekan:"
|
|
echo -e "\t$ snap unset $SNAP_NAME oauth2-b2c-enabled"
|
|
echo -e "\n"
|
|
echo -e "OAuth2 Client ID."
|
|
echo -e "To enable the OAuth2 Client ID of Wekan:"
|
|
echo -e "\t$ snap set $SNAP_NAME oauth2-client-id='54321abcde'"
|
|
echo -e "\t-Disable the OAuth2 Client ID of Wekan:"
|
|
echo -e "\t$ snap unset $SNAP_NAME oauth2-client-id"
|
|
echo -e "\n"
|
|
echo -e "OAuth2 login style: popup or redirect. Default: redirect"
|
|
echo -e "To enable the OAuth2 login style popup of Wekan:"
|
|
echo -e "\t$ snap set $SNAP_NAME oauth2-login-style='popup'"
|
|
echo -e "\t-Disable the OAuth2 login style popup of Wekan:"
|
|
echo -e "\t$ snap set $SNAP_NAME oauth2-login-style='redirect'"
|
|
echo -e "\n"
|
|
echo -e "OAuth2 Secret."
|
|
echo -e "To enable the OAuth2 Secret of Wekan:"
|
|
echo -e "\t$ snap set $SNAP_NAME oauth2-secret='54321abcde'"
|
|
echo -e "\t-Disable the OAuth2 Secret of Wekan:"
|
|
echo -e "\t$ snap unset $SNAP_NAME oauth2-secret"
|
|
echo -e "\n"
|
|
echo -e "OAuth2 Server URL."
|
|
echo -e "To enable the OAuth2 Server URL of Wekan:"
|
|
echo -e "\t$ snap set $SNAP_NAME oauth2-server-url='https://chat.example.com'"
|
|
echo -e "\t-Disable the OAuth2 Server URL of Wekan:"
|
|
echo -e "\t$ snap unset $SNAP_NAME oauth2-server-url"
|
|
echo -e "\n"
|
|
echo -e "OAuth2 Authorization Endpoint."
|
|
echo -e "To enable the OAuth2 Authorization Endpoint of Wekan:"
|
|
echo -e "\t$ snap set $SNAP_NAME oauth2-auth-endpoint='/oauth/authorize'"
|
|
echo -e "\t-Disable the OAuth2 Authorization Endpoint of Wekan:"
|
|
echo -e "\t$ snap unset $SNAP_NAME oauth2-auth-endpoint"
|
|
echo -e "\n"
|
|
echo -e "OAuth2 Userinfo Endpoint."
|
|
echo -e "To enable the OAuth2 Userinfo Endpoint of Wekan:"
|
|
echo -e "\t$ snap set $SNAP_NAME oauth2-userinfo-endpoint='/oauth/authorize'"
|
|
echo -e "\t-Disable the OAuth2 Userinfo Endpoint of Wekan:"
|
|
echo -e "\t$ snap unset $SNAP_NAME oauth2-userinfo-endpoint"
|
|
echo -e "\n"
|
|
echo -e "OAuth2 Token Endpoint."
|
|
echo -e "To enable the OAuth2 Token Endpoint of Wekan:"
|
|
echo -e "\t$ snap set $SNAP_NAME oauth2-token-endpoint='/oauth/token'"
|
|
echo -e "\t-Disable the OAuth2 Token Endpoint of Wekan:"
|
|
echo -e "\t$ snap unset $SNAP_NAME oauth2-token-endpoint"
|
|
echo -e "\n"
|
|
echo -e "OAuth2 ID Token Whitelist Fields."
|
|
echo -e "To enable the OAuth2 ID Token Whitelist Fields of Wekan:"
|
|
echo -e "\t$ snap set $SNAP_NAME oauth2-id-token-whitelist-fields=[]"
|
|
echo -e "\t-Disable the OAuth2 ID Token Whitelist Fields of Wekan:"
|
|
echo -e "\t$ snap unset $SNAP_NAME oauth2-id-token-whitelist-fields"
|
|
echo -e "\n"
|
|
echo -e "OAuth2 Request Permissions."
|
|
echo -e "To enable the OAuth2 Request Permissions of Wekan:"
|
|
echo -e "\t$ snap set $SNAP_NAME oauth2-request-permissions=\"'openid profile email'\""
|
|
echo -e "\t-Disable the OAuth2 Request Permissions of Wekan:"
|
|
echo -e "\t$ snap unset $SNAP_NAME oauth2-request-permissions"
|
|
echo -e "\n"
|
|
echo -e "OAuth2 ID Mapping."
|
|
echo -e "To enable the OAuth2 ID Mapping of Wekan:"
|
|
echo -e "\t$ snap set $SNAP_NAME oauth2-id-map='username.uid'"
|
|
echo -e "\t-Disable the OAuth2 ID Mapping of Wekan:"
|
|
echo -e "\t$ snap unset $SNAP_NAME oauth2-id-map"
|
|
echo -e "\n"
|
|
echo -e "OAuth2 Username Mapping."
|
|
echo -e "To enable the OAuth2 Username Mapping of Wekan:"
|
|
echo -e "\t$ snap set $SNAP_NAME oauth2-username-map='username'"
|
|
echo -e "\t-Disable the OAuth2 Username Mapping of Wekan:"
|
|
echo -e "\t$ snap unset $SNAP_NAME oauth2-username-map"
|
|
echo -e "\n"
|
|
echo -e "OAuth2 Fullname Mapping."
|
|
echo -e "To enable the OAuth2 Fullname Mapping of Wekan:"
|
|
echo -e "\t$ snap set $SNAP_NAME oauth2-fullname-map='fullname'"
|
|
echo -e "\t-Disable the OAuth2 Fullname Mapping of Wekan:"
|
|
echo -e "\t$ snap unset $SNAP_NAME oauth2-fullname-map"
|
|
echo -e "\n"
|
|
echo -e "OAuth2 Email Mapping."
|
|
echo -e "To enable the OAuth2 Email Mapping of Wekan:"
|
|
echo -e "\t$ snap set $SNAP_NAME oauth2-email-map='email'"
|
|
echo -e "\t-Disable the OAuth2 Email Mapping of Wekan:"
|
|
echo -e "\t$ snap unset $SNAP_NAME oauth2-email-map"
|
|
echo -e "\n"
|
|
echo -e "Ldap Enable."
|
|
echo -e "To enable the ldap of Wekan:"
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-enable='true'"
|
|
echo -e "\t-Disable the ldap of Wekan:"
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-enable='false'"
|
|
echo -e "\n"
|
|
echo -e "Ldap Port."
|
|
echo -e "The port of the ldap server:"
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-port='12345'"
|
|
echo -e "\n"
|
|
echo -e "LDAP AD Simple Auth. When enabled, ldap-basedn is not needed, and also do set ldap-user-autentication='true'. Example: true. Enable:"
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-ad-simple-auth='true'"
|
|
echo -e "\t-Disable the LDAP AD Simple Auth of Wekan:"
|
|
echo -e "\t$ snap unset $SNAP_NAME ldap-ad-simple-auth"
|
|
echo -e "\n"
|
|
echo -e "a) Option to login to the LDAP server with the user's own username and password, instead of an administrator key. Default: false (use administrator key)."
|
|
echo -e "b) For LDAP AD Simple Auth, set to true."
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-user-authentication='true'"
|
|
echo -e "\n"
|
|
echo -e "Which field is used to find the user for the user authentication. Default: uid."
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-user-authentication-field='uid'"
|
|
echo -e "\n"
|
|
echo -e "Ldap Host."
|
|
echo -e "The host server for the LDAP server:"
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-host='localhost'"
|
|
echo -e "\n"
|
|
echo -e "Ldap Base Dn."
|
|
echo -e "The base DN for the LDAP Tree:"
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-basedn='ou=user,dc=example,dc=org'"
|
|
echo -e "\n"
|
|
echo -e "Ldap Login Fallback."
|
|
echo -e "Fallback on the default authentication method:"
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-login-fallback='true'"
|
|
echo -e "\n"
|
|
echo -e "Ldap Reconnect."
|
|
echo -e "Reconnect to the server if the connection is lost:"
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-reconnect='false'"
|
|
echo -e "\n"
|
|
echo -e "Ldap Timeout."
|
|
echo -e "Overall timeout, in milliseconds:"
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-timeout='12345'"
|
|
echo -e "\n"
|
|
echo -e "Ldap Idle Timeout."
|
|
echo -e "Specifies the timeout for idle LDAP connections in milliseconds:"
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-idle-timeout='12345'"
|
|
echo -e "\n"
|
|
echo -e "Ldap Connect Timeout."
|
|
echo -e "Connection timeout, in milliseconds:"
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-connect-timeout='12345'"
|
|
echo -e "\n"
|
|
echo -e "Ldap Authentication."
|
|
echo -e "If the LDAP needs a user account to search:"
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-authentication='true'"
|
|
echo -e "\n"
|
|
echo -e "Ldap Authentication User Dn."
|
|
echo -e "The search user Dn, 2 examples:"
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-authentication-userdn='CN=ldap admin,CN=users,DC=domainmatter,DC=lan'"
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-authentication-userdn='CN=wekan_adm,OU=serviceaccounts,OU=admin,OU=prod,DC=mydomain,DC=com'"
|
|
echo -e "\n"
|
|
echo -e "Ldap Authentication Password."
|
|
echo -e "The password for the search user:"
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-authentication-password='admin'"
|
|
echo -e "\n"
|
|
echo -e "Ldap Log Enabled."
|
|
echo -e "Enable logs for the module:"
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-log-enabled='true'"
|
|
echo -e "\n"
|
|
echo -e "Ldap Background Sync."
|
|
echo -e "If the sync of the users should be done in the background:"
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-background-sync='true'"
|
|
echo -e "\n"
|
|
echo -e "Ldap Background Sync Interval."
|
|
echo -e "At which interval does the background task sync."
|
|
echo -e "The format must be as specified in: https://bunkat.github.io/later/parsers.html#text"
|
|
echo -e "Default is empty '' that is same as 'every 1 hour'"
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-background-sync-interval='every 1 hour'"
|
|
echo -e "\n"
|
|
echo -e "Ldap Background Sync Keep Existant Users Updated."
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-background-sync-keep-existant-users-updated='true'"
|
|
echo -e "\n"
|
|
echo -e "Ldap Background Sync Import New Users."
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-background-sync-import-new-users='true'"
|
|
echo -e "\n"
|
|
echo -e "Ldap Encryption."
|
|
echo -e "Allow LDAPS:"
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-encryption='ssl'"
|
|
echo -e "\n"
|
|
echo -e "Ldap Ca Cert."
|
|
echo -e "The certification for the LDAPS server:"
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-ca-cert=-----BEGIN CERTIFICATE-----MIIE+zCCA+OgAwIBAgIkAhwR/6TVLmdRY6hHxvUFWc0+Enmu/Hu6cj+G2FIdAgIC...-----END CERTIFICATE-----"
|
|
echo -e "\n"
|
|
echo -e "Ldap Reject Unauthorized."
|
|
echo -e "Reject Unauthorized Certificate:"
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-reject-unauthorized='true'"
|
|
echo -e "\n"
|
|
echo -e "Ldap User Search Filter."
|
|
echo -e "Optional extra LDAP filters. Don't forget the outmost enclosing parentheses if needed:"
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-user-search-filter=''"
|
|
echo -e "\n"
|
|
echo -e "Ldap User Search Scope."
|
|
echo -e "base (search only in the provided DN), one (search only in the provided DN and one level deep), or sub (search the whole subtree). Example: one"
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-user-search-scope=one"
|
|
echo -e "\n"
|
|
echo -e "Ldap User Search Field."
|
|
echo -e "Which field is used to find the user:"
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-user-search-field='uid'"
|
|
echo -e "\n"
|
|
echo -e "Ldap Search Page Size."
|
|
echo -e "Used for pagination (0=unlimited):"
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-search-page-size='12345'"
|
|
echo -e "\n"
|
|
echo -e "Ldap Search Size Limit."
|
|
echo -e "The limit number of entries (0=unlimited):"
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-search-size-limit='12345'"
|
|
echo -e "\n"
|
|
echo -e "Ldap Group Filter Enable. Note the authenticated ldap user must be able to query all relevant group data with own login data from ldap."
|
|
echo -e "Enable group filtering:"
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-group-filter-enable='true'"
|
|
echo -e "\n"
|
|
echo -e "Ldap Group Filter ObjectClass."
|
|
echo -e "The object class for filtering:"
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-group-filter-objectclass='group'"
|
|
echo -e "\n"
|
|
echo -e "Ldap Group Filter Id Attribute."
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-group-filter-group-id-attribute=''"
|
|
echo -e "\n"
|
|
echo -e "Ldap Group Filter Member Attribute."
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-group-filter-group-member-attribute=''"
|
|
echo -e "\n"
|
|
echo -e "Ldap Group Filter Member Format."
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-group-filter-group-member-format=''"
|
|
echo -e "\n"
|
|
echo -e "Ldap Group Filter Group Name."
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-group-filter-group-name=''"
|
|
echo -e "\n"
|
|
echo -e "Ldap Unique Identifier Field."
|
|
echo -e "This field is sometimes class GUID (Globally Unique Identifier):"
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-unique-identifier-field=guid"
|
|
echo -e "\n"
|
|
echo -e "Ldap Utf8 Names Slugify."
|
|
echo -e "Convert the username to utf8:"
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-utf8-names-slugify='false'"
|
|
echo -e "\n"
|
|
echo -e "Ldap Username Field."
|
|
echo -e "Which field contains the ldap username:"
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-username-field='username'"
|
|
echo -e "\n"
|
|
echo -e "Ldap Fullname Field."
|
|
echo -e "Which field contains the ldap fullname:"
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-fullname-field='fullname'"
|
|
echo -e "\n"
|
|
echo -e "Ldap Merge Existing Users."
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-merge-existing-users='true'"
|
|
echo -e "\n"
|
|
echo -e "Ldap Email Match Enable."
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-email-match-enable='true'"
|
|
echo -e "\n"
|
|
echo -e "Ldap Email Match Require."
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-email-match-require='true'"
|
|
echo -e "\n"
|
|
echo -e "Ldap Email Match Verified."
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-email-match-verfied='false'"
|
|
echo -e "\n"
|
|
echo -e "Ldap Fullname Field."
|
|
echo -e "Which field contains the ldap email address:"
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-fullname-field='fullname'"
|
|
echo -e "\n"
|
|
echo -e "Ldap Sync User Data."
|
|
echo -e "Enable synchronization of user data:"
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-sync-user-data='true'"
|
|
echo -e "\n"
|
|
echo -e "Ldap Sync User Data Fieldmap."
|
|
echo -e "A field map for the matching:"
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-sync-user-data-fieldmap={\"cn\":\"name\", \"mail\":\"email\"}"
|
|
echo -e "\n"
|
|
echo -e "Ldap Sync Group Roles."
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-sync-group-roles=''"
|
|
echo -e "\n"
|
|
echo -e "Ldap Default Domain."
|
|
echo -e "a) In case AD SimpleAuth is configured, the default domain is appended to the given loginname for creating the correct username for the bind request to AD."
|
|
echo -e "b) The default domain of the ldap it is used to create email if the field is not map correctly with the ldap-sync-user-data-fieldmap."
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-default-domain=''"
|
|
echo -e "\n"
|
|
echo -e "Enable/Disable syncing of admin status based on LDAP groups."
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-sync-admin-status='true'"
|
|
echo -e "\n"
|
|
echo -e "Comma separated list of admin group names to sync."
|
|
echo -e "\t$ snap set $SNAP_NAME ldap-sync-admin-groups='group1,group2'"
|
|
echo -e "\n"
|
|
echo -e "Logout with timer."
|
|
echo -e "Enable or not the option that allows to disconnect an user after a given time:"
|
|
echo -e "\t$ snap set $SNAP_NAME logout-with-timer='true'"
|
|
echo -e "\n"
|
|
echo -e "Login to LDAP automatically with HTTP header."
|
|
echo -e "In below example for siteminder, at right side of = is header name."
|
|
echo -e "\t$ snap set $SNAP_NAME header-login-id='HEADERUID'"
|
|
echo -e "\t$ snap set $SNAP_NAME header-login-firstname='HEADERFIRSTNAME'"
|
|
echo -e "\t$ snap set $SNAP_NAME header-login-lastname='HEADERLASTNAME'"
|
|
echo -e "\t$ snap set $SNAP_NAME header-login-email='HEADEREMAILADDRESS'"
|
|
echo -e "\n"
|
|
echo -e "Logout in."
|
|
echo -e "Logout in how many days:"
|
|
echo -e "\t$ snap set $SNAP_NAME logout-in='1'"
|
|
echo -e "\n"
|
|
echo -e "Logout on hours."
|
|
echo -e "Logout in how many hours:"
|
|
echo -e "\t$ snap set $SNAP_NAME logout-on-hours='9'"
|
|
echo -e "\n"
|
|
echo -e "Logout on minutes."
|
|
echo -e "Logout in how many minutes:"
|
|
echo -e "\t$ snap set $SNAP_NAME logout-on-minutes='5'"
|
|
echo -e "\n"
|
|
echo -e "Default authentication method."
|
|
echo -e "The default authentication method used if a user does not exist to create and authenticate. Method can be password or ldap."
|
|
echo -e "\t$ snap set $SNAP_NAME default-authentication-method='ldap'"
|
|
echo -e "\n"
|
|
echo -e "Enable or not password login Form"
|
|
echo -e "\t$ snap set $SNAP_NAME password-login-enabled='false'"
|
|
echo -e "\n"
|
|
echo -e "CAS Enabled. Default: false"
|
|
echo -e "\t$ snap set $SNAP_NAME cas-enabled='true'"
|
|
echo -e "\n"
|
|
echo -e "CAS Base URL."
|
|
echo -e "\t$ snap set $SNAP_NAME cas-base-url='https://cas.example.com/cas'"
|
|
echo -e "\n"
|
|
echo -e "CAS Login URL."
|
|
echo -e "\t$ snap set $SNAP_NAME cas-login-url='https://cas.example.com/login'"
|
|
echo -e "\n"
|
|
echo -e "CAS Validate URL."
|
|
echo -e "\t$ snap set $SNAP_NAME cas-validate-url='https://cas.example.com/cas/p3/serviceValidate'"
|
|
echo -e "\n"
|
|
echo -e "SAML Enabled. Default: false"
|
|
echo -e "\t$ snap set $SNAP_NAME saml-enabled='true'"
|
|
echo -e "\n"
|
|
echo -e "SAML Provider. openam or openidp."
|
|
echo -e "\t$ snap set $SNAP_NAME saml-provider='openam'"
|
|
echo -e "\n"
|
|
echo -e "SAML Entrypoint."
|
|
echo -e "\t$ snap set $SNAP_NAME saml-entrypoint=''"
|
|
echo -e "\n"
|
|
echo -e "SAML Issuer."
|
|
echo -e "\t$ snap set $SNAP_NAME saml-issuer=''"
|
|
echo -e "\n"
|
|
echo -e "SAML Cert."
|
|
echo -e "\t$ snap set $SNAP_NAME saml-cert=''"
|
|
echo -e "\n"
|
|
echo -e "SAML IDPS LO Redirect URL."
|
|
echo -e "\t$ snap set $SNAP_NAME saml-ispslo-redirecturl=''"
|
|
echo -e "\n"
|
|
echo -e "SAML Private Keyfile."
|
|
echo -e "\t$ snap set $SNAP_NAME saml-private-keyfile=''"
|
|
echo -e "\n"
|
|
echo -e "SAML Public Certfile."
|
|
echo -e "\t$ snap set $SNAP_NAME saml-public-certfile=''"
|
|
echo -e "\n"
|
|
echo -e "SAML Identifier Format."
|
|
echo -e "\t$ snap set $SNAP_NAME saml-identifier-format=''"
|
|
echo -e "\n"
|
|
echo -e "SAML Local Profile Match Attribute."
|
|
echo -e "\t$ snap set $SNAP_NAME saml-local-profile-match-attribute=''"
|
|
echo -e "\n"
|
|
echo -e "SAML Attributes."
|
|
echo -e "\t$ snap set $SNAP_NAME saml-attributes=''"
|
|
echo -e "\n"
|
|
echo -e "Wait spinner to use."
|
|
echo -e "\t$ snap set $SNAP_NAME wait-spinner='Bounce'"
|
|
echo -e "\n"
|
|
# parse config file for supported settings keys
|
|
echo -e "wekan supports settings keys"
|
|
echo -e "values can be changed by calling\n$ snap set $SNAP_NAME <key name>='<key value>'"
|
|
echo -e "list of supported keys:"
|
|
for key in ${keys[@]}
|
|
do
|
|
default_value="DEFAULT_$key"
|
|
description="DESCRIPTION_$key"
|
|
snappy_key="KEY_$key"
|
|
echo -e "\t${!snappy_key}: ${!description}"
|
|
if [ "x" == "x${!key}" ]; then
|
|
echo -e "\t\tNo value set, using default value: '${!default_value}'"
|
|
else
|
|
echo -e "\t\tCurrent value set to: '${!key}', (default value: '${!default_value}')"
|
|
fi
|
|
done
|
|
|
|
echo -e "\n!!!! Some changes result in restart of some or all services, use with caution !!!!!"
|