github.com/cozy/cozy-stack@v0.0.0-20240603063001-31110fa4cae1/cozy.example.yaml (about) 1 # This file contain an example of cozy-stack configuration file. 2 # It provides a description for all available fields to configure the stack. 3 # 4 # It is possible to pass environnment variable to this configuration using the 5 # template language of golang, delimited by "{{" and "}}". See: 6 # 7 # https://golang.org/pkg/text/template/. 8 # 9 # The env map is available in the ".Env" variable. For instance 10 # ".Env.COUCHDB_PASSPHRASE" will access to "COUCHDB_PASSPHRASE" environment 11 # variable. The template is evaluated at startup of the stack. 12 13 # server host - flags: --host 14 # 15 # Specifies on which IP/domain the server will listen on. It also defines which 16 # IP versions will be available (IPv4 and/or IPv6). The server will be available 17 # only on the IP version you have defined in host. For domains it will favour 18 # the IPv4 version if available. 19 # 20 # There are two values with custom behaviours: 21 # - "localhost" -> will listen on both "127.0.0.1" on IPv4 and "[::1]" on IPv6 22 # - "0.0.0.0" and "[::]" -> will listen on both "0.0.0.0" on IPv4 and "[::]" on IPv6 23 host: localhost 24 # server port - flags: --port -p 25 port: 8080 26 27 # how to structure the subdomains for apps - flags: --subdomains 28 # values: 29 # - nested, like https://<app>.<user>.<domain>/ (well suited for self-hosted with Let's Encrypt) 30 # - flat, like https://<user>-<app>.<domain>/ (easier when using wildcard TLS certificate) 31 subdomains: nested 32 33 # defines a list of assets that can be fetched via the /remote/:asset-name 34 # route. 35 remote_assets: 36 bank: https://myassetserver.com/remote_asset.json 37 38 # path to the directory with the assets - flags: --assets 39 # default is to use the assets packed in the binary 40 # assets: "" 41 42 # administration endpoint parameters. this endpoint should be protected 43 admin: 44 # server host - flags: --admin-host 45 host: localhost 46 # server port - flags: --admin-port 47 port: 6060 48 # secret file name containing the derived passphrase to access to the 49 # administration endpoint. this secret file can be generated using the `cozy- 50 # stack config passwd` command. this file should be located in the same path 51 # as the configuration file. 52 secret_filename: cozy-admin-passphrase 53 54 # vault contains keyfiles informations 55 # See https://docs.cozy.io/en/cozy-stack/cli/cozy-stack_config_gen-keys/ 56 # to generate the keys 57 vault: 58 # the path to the key used to encrypt credentials 59 credentials_encryptor_key: /path/to/key.enc 60 # the path to the key used to decrypt credentials 61 credentials_decryptor_key: /path/to/key.dec 62 63 # file system parameters 64 fs: 65 # file system url - flags: --fs-url 66 # default url is the directory relative to the binary: ./storage 67 68 # url: file://localhost/var/lib/cozy 69 # url: swift://openstack/?UserName={{ .Env.OS_USERNAME }}&Password={{ .Env.OS_PASSWORD }}&ProjectName={{ .Env.OS_PROJECT_NAME }}&UserDomainName={{ .Env.OS_USER_DOMAIN_NAME }}&Timeout={{ .Env.GOSWIFT_TIMEOUT }} 70 71 # Swift FS can be used with advanced parameters to activate TLS properties. 72 # For using swift with https, you must use the "swift+https" scheme. 73 # 74 # root_ca: /ca-certificates.pem 75 # client_cert: /client_cert.pem 76 # client_key: /client_key 77 # pinned_key: 57c8ff33c9c0cfc3ef00e650a1cc910d7ee479a8bc509f6c9209a7c2a11399d6 78 # insecure_skip_validation: true 79 # can_query_info: true 80 # default_layout: 2 # 1 for layout v2 and 2 for layout v3 81 82 # auto_clean_trashed_after: 83 # context_a: 30D 84 # context_b: 3M 85 86 # versioning: 87 # max_number_of_versions_to_keep: 20 88 # min_delay_between_two_versions: 15m 89 90 # contexts: 91 # cozy_beta: 92 # max_number_of_versions_to_keep: 10 93 # min_delay_between_two_versions: 1h 94 95 # couchdb parameters 96 couchdb: 97 # CouchDB URL - flags: --couchdb-url 98 url: http://localhost:5984/ 99 100 # CouchDB advanced parameters to activate TLS properties: 101 # 102 # root_ca: /ca-certificates.pem 103 # client_cert: /client_cert.pem 104 # client_key: /client_key 105 # pinned_key: 57c8ff33c9c0cfc3ef00e650a1cc910d7ee479a8bc509f6c9209a7c2a11399d6 106 # insecure_skip_validation: true 107 108 # Multiple CouchDB clusters: 109 # clusters: 110 # - url: http://couchdb1:5984/ 111 # instance_creation: true 112 # - url: http://couchdb2:5984/ 113 # instance_creation: false 114 # - url: http://couchdb3:5984/ 115 # instance_creation: true 116 117 # jobs parameters to configure the job system 118 jobs: 119 # path to the imagemagick convert binary 120 # imagemagick_convert_cmd: convert 121 122 # Specify whether the given list of jobs is an allowlist or blocklist. In case 123 # of an allowlist, all jobs are deactivated by default and only the listed one 124 # are activated. 125 # 126 # allowlist: false 127 128 # workers individual configrations. 129 # 130 # For each worker type it is possible to configure the following fields: 131 # - concurrency: the maximum number of jobs executed in parallel. when set 132 # to zero, the worker is deactivated 133 # - max_exec_count: the maximum number of retries for one job in case of an 134 # error 135 # - timeout: the maximum amount of time allowed for one execution of a job 136 # 137 # List of available workers: 138 # 139 # - "clean-clients": delete unused OAuth clients 140 # - "export": exporting data from a cozy instance 141 # - "import": importing data into a cozy instance 142 # - "konnector": launching konnectors 143 # - "service": launching services 144 # - "migrations": transforming a VFS with Swift to layout v3 145 # - "notes-save": saving notes to the VFS 146 # - "push": sending push notifications 147 # - "sms": sending SMS notifications 148 # - "sendmail": sending mails 149 # - "share-group": for cozy to cozy sharing 150 # - "share-replicate": idem 151 # - "share-track": idem 152 # - "share-upload": idem 153 # - "thumbnail": creatings and deleting thumbnails for images 154 # - "thumbnailck": generate missing thumbnails for all images 155 # - "trash-files": async deletion of files in the trash 156 # - "clean-old-trashed": deletion of old files and directories after some time 157 # - "unzip": unzipping tarball 158 # - "zip": creating a zip tarball 159 # 160 # When no configuration is given for a worker, a default configuration is 161 # used. When a false boolean value is given, the worker is deactivated. 162 # 163 # To deactivate all workers, the workers field can be set to "false" or 164 # "none". 165 workers: 166 # thumbnail: 167 # concurrency: {{mul .NumCPU 4}} 168 # max_exec_count: 2 169 # timeout: 15s 170 171 # konnector: 172 # concurrency: {{.NumCPU}} 173 # max_exec_count: 2 174 # timeout: 200s 175 176 # service: 177 # concurrency: {{.NumCPU}} 178 # max_exec_count: 2 179 # timeout: 200s 180 181 # export: 182 # concurrency: 4 183 # max_exec_count: 1 184 # timeout: 200s 185 186 # push: false 187 # sms: false 188 # sendmail: false 189 190 # Sets the default duration of jobs database documents to keep 191 defaultDurationToKeep: "2W" # Keep 2 weeks 192 193 # konnectors execution parameters for executing external processes. 194 konnectors: 195 cmd: ./scripts/konnector-node-run.sh # run connectors with node 196 # cmd: ./scripts/konnector-node-run.sh # run connectors with node in dev mode 197 # cmd: ./scripts/konnector-rkt-run.sh # run connectors with rkt 198 # cmd: ./scripts/konnector-nsjail-node8-run.sh # run connectors with nsjail 199 200 # mail service parameters for sending email via SMTP 201 mail: 202 # mail noreply address - flags: --mail-noreply-address 203 noreply_address: noreply@localhost 204 noreply_name: My Cozy 205 reply_to: support@cozycloud.cc 206 # mail smtp host - flags: --mail-host 207 host: smtp.home 208 # mail smtp port - flags: --mail-port 209 port: 587 210 # mail smtp username - flags: --mail-username 211 username: {{.Env.COZY_MAIL_USERNAME}} 212 # mail smtp password - flags: --mail-password 213 password: {{.Env.COZY_MAIL_PASSWORD}} 214 # Use SSL connection (SMTPS) 215 # Means no STARTTLS 216 # flags: --mail-use-ssl 217 use_ssl: false 218 # disable mail STARTTLS 219 # Means using plain unencrypted SMTP 220 # flags: --mail-disable-tls 221 disable_tls: false 222 # skip the certificate validation (may be useful on localhost) 223 skip_certificate_validation: false 224 # Local Name 225 # The hostname sent to the SMTP server with the HELO command 226 # Defaults to localhost 227 # flags: --mail-local-name 228 local_name: cozy.domain.example 229 # It is also possible to override the mail server per context. 230 contexts: 231 beta: 232 # If the host is set to "-", no mail will be sent on this context 233 host: smtp.cozy.beta 234 port: 587 235 username: {{.Env.COZY_BETA_MAIL_USERNAME}} 236 password: {{.Env.COZY_BETA_MAIL_PASSWORD}} 237 238 # campaign mail service parameters for sending campaign emails via SMTP 239 # If campaign_mail.host is empty, the default mail config will be used. 240 campaign_mail: 241 # SMTP server host 242 # Defaults to empty string 243 host: smtp.home 244 # SMTP server port 245 # Defaults to 25 246 port: 587 247 # SMTP server username 248 # Defaults to empty string 249 username: {{.Env.COZY_MAIL_USERNAME}} 250 # SMTP server password 251 # Defaults to empty string 252 password: {{.Env.COZY_MAIL_PASSWORD}} 253 # Use SSL connection (SMTPS) 254 # Means no STARTTLS 255 # Defaults to false 256 use_ssl: false 257 # Disable STARTTLS for SMTP server 258 # Means using plain unencrypted SMTP 259 # Defaults to true 260 disable_tls: false 261 # Skip the certificate validation (may be useful on localhost) 262 # Defaults to false 263 skip_certificate_validation: false 264 # Local Name 265 # The hostname sent to the SMTP server with the HELO command 266 # Defaults to empty string 267 local_name: cozy.domain.example 268 # It is also possible to override the campaign mail config per context. 269 contexts: 270 beta: 271 # If the host is set to "-", no mail will be sent on this context 272 host: smtp.cozy.beta 273 port: 587 274 username: {{.Env.COZY_BETA_MAIL_USERNAME}} 275 password: {{.Env.COZY_BETA_MAIL_PASSWORD}} 276 277 # location of the database for IP -> City lookups - flags: --geodb 278 # See https://dev.maxmind.com/geoip/geoip2/geolite2/ 279 geodb: "" 280 281 # minimal duration between two password reset 282 password_reset_interval: 15m 283 284 # redis namespace to configure its usage for different part of the stack. redis 285 # is not mandatory and is specifically useful to run the stack in an 286 # environment where multiple stacks run simultaneously. 287 redis: 288 # the redis clients created can be configured to be used with a cluster of 289 # redis. if addrs field is left empty, redis is not used. 290 291 # either a single address or a seed list of host:port addresses 292 # of cluster/sentinel nodes separated by whitespaces. 293 addrs: # localhost:1234 localhost:4321 294 295 # the sentinel master name - only failover clients. 296 master: 297 298 # redis password 299 password: 300 301 # databases number for each part of the stack using a specific database. 302 databases: 303 jobs: 0 304 cache: 1 305 lock: 2 306 sessions: 3 307 downloads: 4 308 konnectors: 5 309 realtime: 6 310 log: 7 311 rate_limiting: 8 312 313 # advanced parameters for advanced users 314 315 # dial_timeout: 5s 316 # read_timeout: 3s 317 # write_timeout: 3s 318 # pool_size: max(25, 10 * runtime.NumCPU()) # pool_size cannot be below 25 319 # pool_timeout: 3s 320 # idle_timeout: 5m 321 322 # enables read only queries on slave nodes. 323 # read_only_slave: false 324 325 # Registries used for applications and konnectors 326 registries: 327 default: 328 - https://apps-registry.cozycloud.cc/ 329 330 # Wizard used for moving a Cozy from one place/hoster to another 331 move: 332 url: https://move.cozycloud.cc/ 333 334 # OnlyOffice server for collaborative edition of office documents 335 office: 336 default: 337 onlyoffice_url: https://documentserver.cozycloud.cc/ 338 onlyoffice_inbox_secret: inbox_secret 339 onlyoffice_outbox_secret: outbox_secret 340 341 # [internal usage] Cloudery configuration 342 clouderies: 343 default: 344 api: 345 url: https://manager.cozycloud.cc/ 346 token: xxxxxx 347 348 # All the deprecated apps listed here will see their OAUTH2 Authorization 349 # flow interupted and redirected to a page proposing to move to the new 350 # cozy application. 351 # 352 # The keys for `store_urls` can be: iphone/android/other 353 deprecated_apps: 354 apps: 355 # - software_id: "github.com/cozy/some-app" 356 # name: "some-app" 357 # store_urls: 358 # iphone: https://some-apple-store-url 359 # android: https://some-android-store-url 360 361 # The list of authorized hosts to redirect to when using the authentication 362 # confirm endpoint. 363 authorized_hosts_for_confirm_auth: 364 - sometool.cozycloud.cc 365 366 notifications: 367 # Activate development APIs (iOS only) 368 development: false 369 370 # Firebase Cloud Messaging API 371 fcm_credentials_file: /etc/cozy/fcm_credentials.json 372 373 # APNS/2 certificates for iOS notifications 374 # ios_certificate_key_path: path/to/certificate.p12 375 # ios_certificate_password: mycertificatepasswordifany 376 # ios_key_id: my_key_id_if_any 377 # ios_team_id: my_team_id_if_any 378 379 # Huawei notifications 380 # huawei_get_token: http://localhost:3001/api/notification-token/huawei 381 # huawei_send_message: https://push-api.cloud.huawei.com/v1/<your_appid>/messages:send 382 383 # Configure the SMS per context 384 contexts: 385 beta: 386 provider: api_sen 387 url: https://sms.cozy.beta/api/send 388 token: {{.Env.COZY_BETA_SMS_TOKEN}} 389 390 flagship: 391 contexts: 392 cozy_beta: 393 skip_certification: true 394 apk_package_names: 395 - io.cozy.drive.mobile 396 - io.cozy.flagship.mobile 397 apk_certificate_digests: 398 - 'xNnH7T1BSDh6erMzNysfakBVLLacbSbOMxVk8jEPgdU=' 399 play_integrity_decryption_keys: 400 - 'bVcBAv0eO64NKIvDoRHpnTOZVxAkhMuFwRHrTEMr23U=' 401 play_integrity_verification_keys: 402 - 'MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAElTF2uARN7oxfoDWyERYMe6QutI2NqS+CAtVmsPDIRjBBxF96fYojFVXRRsMb86PjkE21Ol+sO1YuspY+YuDRMw==' 403 apple_app_ids: 404 - 3AKXFMV43J.io.cozy.drive.mobile 405 - 3AKXFMV43J.io.cozy.flagship.mobile 406 407 # Allowed domains for the CSP policy used in hosted web applications 408 csp_allowlist: 409 # script: https://allowed1.domain.com/ https://allowed2.domain.com/ 410 # img: https://allowed.domain.com/ 411 # style: https://allowed.domain.com/ 412 # font: https://allowed.domain.com/ 413 414 # It is also possible to configure the CSP policy per context. The values are 415 # cumulative with the global csp allowlist. 416 contexts: 417 beta: 418 img: https://allowed2.domain.com/ 419 420 # It can useful to disable the CSP policy to debug and test things in local 421 # disable_csp: true 422 423 log: 424 # logger level (debug, info, warning, panic, fatal) - flags: --log-level 425 level: info 426 # send logs to the local syslog - flags: --log-syslog 427 syslog: false 428 429 # It is possible to customize some behaviors of cozy-stack in function of the 430 # context of an instance (the context field of the settings document of this 431 # instance). Here, the "beta" context is customized with. 432 contexts: 433 beta: 434 # Indicates if debug related features should be enabled in front 435 # applications. 436 debug: false 437 # Redirect to a specific route of Cozy-Home after the onboarding 438 # Format: appslug/#/path/to/route 439 onboarded_redirection: home/#/discovery/?intro 440 # Redirect to the photos application after login 441 default_redirection: drive/#/folder 442 # This domain will be used as a suggestion for the members of a sharing 443 # when they are asked for the URL of their Cozy instance 444 sharing_domain: mycozy.cloud 445 # Allow to customize the cozy-bar link to the help 446 help_link: https://forum.cozy.io/ 447 # claudy actions list 448 claudy_actions: 449 - desktop 450 - mobile 451 # konnectors slugs to exclude from cozy-collect 452 exclude_konnectors: 453 - a_konnector_slug 454 # If enabled, this option will skip permissions verification during 455 # webapp/konnectors installs & updates processes 456 permissions_skip_verification: false 457 # By default, only the store app can install and update applications. But, 458 # if this setting is enabled, it allows other applications with the right 459 # permission to install and update applications. 460 allow_install_via_a_permission: true 461 # Tells if the photo folder should be created or not during the instance 462 # creation (default: true) 463 init_photos_folder: true 464 # Tells if the administrative folder should be created or not during the 465 # instance creation (default: true) 466 init_administrative_folder: true 467 # Allows to override the default template "Cozy" title by your own title 468 templates_title: "My Personal Cloud" 469 # Use a different noreply mail for this context 470 noreply_address: noreply@cozy.beta 471 noreply_name: My Cozy Beta 472 reply_to: support@cozy.beta 473 # Configure the error page 474 support_address: support@cozy.beta 475 # Change the limit on the number of members for a sharing 476 max_members_per_sharing: 50 477 # Use a different wizard for moving a Cozy 478 move_url: https://move.cozy.beta/ 479 # Feature flags 480 features: 481 - hide_konnector_errors 482 # List of applications that can be automatically updated even if the 483 # permissions have changed 484 additional_platform_apps: 485 - superapp 486 # Provides custom logo used in some cozy app (e.g. Home footer) 487 # Use type key if you want defined a logo as main 488 logos: 489 coachco2: 490 light: 491 - src: /logos/main_cozy.png 492 alt: Cozy Cloud 493 dark: 494 - src: /logos/main_cozy.png 495 alt: Cozy Cloud 496 home: 497 light: 498 - src: /logos/main_cozy.png 499 alt: Cozy Cloud 500 type: main 501 - src: /logos/1_partner.png 502 alt: Partner n°1 503 type: secondary 504 dark: 505 - src: /logos/main_cozy.png 506 alt: Cozy Cloud 507 type: main 508 - src: /logos/1_partner.png 509 alt: Partner n°1 510 type: secondary