diff --git a/extensions/_includes/accounts-config-example.yaml b/extensions/_includes/accounts-config-example.yaml index 6e7ba896eeb..0f1b2ad8e6a 100644 --- a/extensions/_includes/accounts-config-example.yaml +++ b/extensions/_includes/accounts-config-example.yaml @@ -38,7 +38,7 @@ http: grpc: addr: 127.0.0.1:9180 token_manager: - jwt_secret: Pive-Fumkiu4 + jwt_secret: "" asset: path: "" repo: diff --git a/extensions/_includes/accounts_configvars.md b/extensions/_includes/accounts_configvars.md index 2cb061c0e8b..8fd287725a4 100644 --- a/extensions/_includes/accounts_configvars.md +++ b/extensions/_includes/accounts_configvars.md @@ -10,7 +10,6 @@ | ACCOUNTS_HTTP_ROOT | string | / | The root path of the http service.| | ACCOUNTS_CACHE_TTL | int | 604800 | The cache time for the static assets.| | ACCOUNTS_GRPC_ADDR | string | 127.0.0.1:9180 | The address of the grpc service.| -| OCIS_JWT_SECRET;ACCOUNTS_JWT_SECRET | string | Pive-Fumkiu4 | The secret to mint jwt tokens.| | ACCOUNTS_ASSET_PATH | string | | The path to the ui assets.| | ACCOUNTS_STORAGE_BACKEND | string | CS3 | Defines which storage implementation is to be used| | ACCOUNTS_STORAGE_DISK_PATH | string | ~/.ocis/accounts | The path where the accounts data is stored.| diff --git a/extensions/_includes/appprovider-config-example.yaml b/extensions/_includes/appprovider-config-example.yaml index 7e0fe0dcc33..14cc94aa05e 100644 --- a/extensions/_includes/appprovider-config-example.yaml +++ b/extensions/_includes/appprovider-config-example.yaml @@ -14,14 +14,15 @@ debug: token: "" pprof: false zpages: false -supervised: false grpc: addr: 127.0.0.1:9164 protocol: tcp -jwtsecret: Pive-Fumkiu4 -gatewayendpoint: 127.0.0.1:9142 -skipusergroupsintoken: false -externaladdr: "" +token_manager: + jwt_secret: "" +reva: + address: 127.0.0.1:9142 +skip_user_groups_in_token: false +external_addr: "" driver: "" drivers: wopi: diff --git a/extensions/_includes/auth-basic-config-example.yaml b/extensions/_includes/auth-basic-config-example.yaml index 9b3765ef4cd..2e7ea1ed5f5 100644 --- a/extensions/_includes/auth-basic-config-example.yaml +++ b/extensions/_includes/auth-basic-config-example.yaml @@ -14,13 +14,14 @@ debug: token: "" pprof: false zpages: false -supervised: false grpc: addr: 127.0.0.1:9146 protocol: tcp -jwtsecret: Pive-Fumkiu4 -gatewayendpoint: 127.0.0.1:9142 -skipusergroupsintoken: false +token_manager: + jwt_secret: "" +reva: + address: 127.0.0.1:9142 +skip_user_groups_in_token: false auth_provider: ldap auth_providers: json: @@ -30,7 +31,7 @@ auth_providers: cacert: ~/.ocis/idm/ldap.crt insecure: false binddn: uid=reva,ou=sysusers,o=libregraph-idm - bindpassword: reva + bind_password: "" userbasedn: ou=users,o=libregraph-idm groupbasedn: ou=groups,o=libregraph-idm userscope: sub @@ -59,7 +60,7 @@ auth_providers: member: member owncloud_sql: dbusername: owncloud - dbpassword: secret + dbpassword: "" dbhost: mysql dbport: 3306 dbname: owncloud diff --git a/extensions/_includes/auth-basic_configvars.md b/extensions/_includes/auth-basic_configvars.md index f39b3fe24c1..5022f2dffa7 100644 --- a/extensions/_includes/auth-basic_configvars.md +++ b/extensions/_includes/auth-basic_configvars.md @@ -14,7 +14,7 @@ | LDAP_CACERT;AUTH_BASIC_LDAP_CACERT | string | ~/.ocis/idm/ldap.crt | | | LDAP_INSECURE;AUTH_BASIC_LDAP_INSECURE | bool | false | | | LDAP_BIND_DN;AUTH_BASIC_LDAP_BIND_DN | string | uid=reva,ou=sysusers,o=libregraph-idm | | -| LDAP_BIND_PASSWORD;AUTH_BASIC_LDAP_BIND_PASSWORD | string | reva | | +| LDAP_BIND_PASSWORD;AUTH_BASIC_LDAP_BIND_PASSWORD | string | | | | LDAP_USER_BASE_DN;AUTH_BASIC_LDAP_USER_BASE_DN | string | ou=users,o=libregraph-idm | | | LDAP_GROUP_BASE_DN;AUTH_BASIC_LDAP_GROUP_BASE_DN | string | ou=groups,o=libregraph-idm | | | LDAP_USER_SCOPE;AUTH_BASIC_LDAP_USER_SCOPE | string | sub | | diff --git a/extensions/_includes/auth-bearer-config-example.yaml b/extensions/_includes/auth-bearer-config-example.yaml index 6bee6f9e0b4..e7bb0c6b109 100644 --- a/extensions/_includes/auth-bearer-config-example.yaml +++ b/extensions/_includes/auth-bearer-config-example.yaml @@ -14,13 +14,14 @@ debug: token: "" pprof: false zpages: false -supervised: false grpc: addr: 127.0.0.1:9148 protocol: tcp -jwtsecret: Pive-Fumkiu4 -gatewayendpoint: 127.0.0.1:9142 -skipusergroupsintoken: false +token_manager: + jwt_secret: "" +reva: + address: 127.0.0.1:9142 +skip_user_groups_in_token: false auth_provider: ldap auth_providers: oidc: diff --git a/extensions/_includes/auth-machine-config-example.yaml b/extensions/_includes/auth-machine-config-example.yaml index 2639f87d647..29368b7efd2 100644 --- a/extensions/_includes/auth-machine-config-example.yaml +++ b/extensions/_includes/auth-machine-config-example.yaml @@ -14,14 +14,15 @@ debug: token: "" pprof: false zpages: false -supervised: false grpc: addr: 127.0.0.1:9166 protocol: tcp -jwtsecret: Pive-Fumkiu4 -gatewayendpoint: 127.0.0.1:9142 -skipusergroupsintoken: false +token_manager: + jwt_secret: "" +reva: + address: 127.0.0.1:9142 +skip_user_groups_in_token: false auth_provider: ldap auth_providers: machine: - api_key: change-me-please + api_key: "" diff --git a/extensions/_includes/auth-machine_configvars.md b/extensions/_includes/auth-machine_configvars.md index 49e6bc8c952..e1815bd3e98 100644 --- a/extensions/_includes/auth-machine_configvars.md +++ b/extensions/_includes/auth-machine_configvars.md @@ -9,4 +9,4 @@ | AUTH_MACHINE_GRPC_ADDR | string | 127.0.0.1:9166 | The address of the grpc service.| | AUTH_MACHINE_GRPC_PROTOCOL | string | tcp | The transport protocol of the grpc service.| | AUTH_MACHINE_AUTH_PROVIDER | string | ldap | The auth provider which should be used by the service| -| OCIS_MACHINE_AUTH_API_KEY;AUTH_MACHINE_PROVIDER_API_KEY | string | change-me-please | The api key for the machine auth provider.| \ No newline at end of file +| OCIS_MACHINE_AUTH_API_KEY;AUTH_MACHINE_PROVIDER_API_KEY | string | | The api key for the machine auth provider.| \ No newline at end of file diff --git a/extensions/_includes/frontend-config-example.yaml b/extensions/_includes/frontend-config-example.yaml index 729129f5b29..ca66d5f9fb4 100644 --- a/extensions/_includes/frontend-config-example.yaml +++ b/extensions/_includes/frontend-config-example.yaml @@ -14,35 +14,32 @@ debug: token: "" pprof: false zpages: false -supervised: false http: addr: 127.0.0.1:9140 protocol: tcp prefix: "" -jwt_secret: Pive-Fumkiu4 -gatewayendpoint: 127.0.0.1:9142 -skipusergroupsintoken: false +transfer_secret: "" +token_manager: + jwt_secret: "" +reva: + address: 127.0.0.1:9142 +machine_auth_api_key: "" +skip_users_groups_in_token: false favorites: false -enableprojectspaces: true +enable_project_spaces: true upload_max_chunk_size: 100000000 upload_http_method_override: "" default_upload_protocol: tus -transfer_secret: replace-me-with-a-transfer-secret public_url: https://localhost:9200 archiver: max_num_files: 10000 max_size: 1073741824 - prefix: archiver insecure: false -appprovider: +app_provider: external_addr: "" driver: "" - apps_url: "" - open_url: "" - new_url: "" - prefix: "" insecure: false -datagateway: +data_gateway: prefix: data ocs: prefix: ocs @@ -59,8 +56,6 @@ ocs: dbport: 0 dbname: "" namespace: "" -authmachine: - apikey: change-me-please checksums: supported_types: - sha1 @@ -69,4 +64,4 @@ checksums: preferred_upload_type: "" middleware: auth: - credentials_by_user_agenr: {} + credentials_by_user_agent: {} diff --git a/extensions/_includes/frontend_configvars.md b/extensions/_includes/frontend_configvars.md index 5f23de96027..cf313d23e75 100644 --- a/extensions/_includes/frontend_configvars.md +++ b/extensions/_includes/frontend_configvars.md @@ -8,8 +8,8 @@ | FRONTEND_DEBUG_ZPAGES | bool | false | | | FRONTEND_HTTP_ADDR | string | 127.0.0.1:9140 | The address of the http service.| | FRONTEND_HTTP_PROTOCOL | string | tcp | The transport protocol of the http service.| -| STORAGE_TRANSFER_SECRET | string | replace-me-with-a-transfer-secret | | +| STORAGE_TRANSFER_SECRET | string | | | +| OCIS_MACHINE_AUTH_API_KEY;FRONTEND_MACHINE_AUTH_API_KEY | string | | | | OCIS_URL;FRONTEND_PUBLIC_URL | string | https://localhost:9200 | | | OCIS_INSECURE;FRONTEND_ARCHIVER_INSECURE | bool | false | | -| OCIS_INSECURE;FRONTEND_APPPROVIDER_INSECURE | bool | false | | -| OCIS_MACHINE_AUTH_API_KEY | string | change-me-please | | \ No newline at end of file +| OCIS_INSECURE;FRONTEND_APPPROVIDER_INSECURE | bool | false | | \ No newline at end of file diff --git a/extensions/_includes/gateway-config-example.yaml b/extensions/_includes/gateway-config-example.yaml index dab8e94ecec..22669451a4a 100644 --- a/extensions/_includes/gateway-config-example.yaml +++ b/extensions/_includes/gateway-config-example.yaml @@ -14,36 +14,36 @@ debug: token: "" pprof: false zpages: false -supervised: false grpc: addr: 127.0.0.1:9142 protocol: tcp -jwtsecret: Pive-Fumkiu4 -gatewayendpoint: 127.0.0.1:9142 +token_manager: + jwt_secret: "" +reva: + address: 127.0.0.1:9142 skipusergroupsintoken: false -commitsharetostoragegrant: true -commitsharetostorageref: true -sharefolder: Shares -disablehomecreationonlogin: true -transfersecret: replace-me-with-a-transfer-secret -transferexpires: 86400 -homemapping: "" -etagcachettl: 0 -usersendpoint: localhost:9144 -groupsendpoint: localhost:9160 -permissionsendpoint: localhost:9191 -sharingendpoint: localhost:9150 -datagatewaypublicurl: "" -frontendpublicurl: https://localhost:9200 -authbasicendpoint: localhost:9146 -authbearerendpoint: localhost:9148 -authmachineendpoint: localhost:9166 -storagepubliclinkendpoint: localhost:9178 -storageusersendpoint: localhost:9157 -storagesharesendpoint: localhost:9154 -storageregistry: +commit_share_to_storage_grant: true +commit_share_to_storage_ref: true +share_folder: Shares +disable_home_creation_on_login: true +transfer_secret: "" +transfer_expires: 86400 +home_mapping: "" +etag_cache_ttl: 0 +users_endpoint: localhost:9144 +groups_endpoint: localhost:9160 +permissions_endpoint: localhost:9191 +sharing_endpoint: localhost:9150 +frontend_public_url: https://localhost:9200 +auth_basic_endpoint: localhost:9146 +auth_bearer_endpoint: localhost:9148 +auth_machine_endpoint: localhost:9166 +storage_public_link_endpoint: localhost:9178 +storage_users_endpoint: localhost:9157 +storage_shares_endpoint: localhost:9154 +storage_registry: driver: spaces rules: [] json: "" -appregistry: +app_registry: mimetypesjson: "" diff --git a/extensions/_includes/gateway_configvars.md b/extensions/_includes/gateway_configvars.md index 878348abca6..486ee3ac574 100644 --- a/extensions/_includes/gateway_configvars.md +++ b/extensions/_includes/gateway_configvars.md @@ -8,5 +8,5 @@ | GATEWAY_DEBUG_ZPAGES | bool | false | | | GATEWAY_GRPC_ADDR | string | 127.0.0.1:9142 | The address of the grpc service.| | GATEWAY_GRPC_PROTOCOL | string | tcp | The transport protocol of the grpc service.| -| STORAGE_TRANSFER_SECRET | string | replace-me-with-a-transfer-secret | | +| STORAGE_TRANSFER_SECRET | string | | | | OCIS_URL;GATEWAY_FRONTEND_PUBLIC_URL | string | https://localhost:9200 | | \ No newline at end of file diff --git a/extensions/_includes/graph-config-example.yaml b/extensions/_includes/graph-config-example.yaml index b1adc66e80e..0f5e37ccd76 100644 --- a/extensions/_includes/graph-config-example.yaml +++ b/extensions/_includes/graph-config-example.yaml @@ -20,7 +20,7 @@ http: reva: address: 127.0.0.1:9142 token_manager: - jwt_secret: Pive-Fumkiu4 + jwt_secret: "" spaces: webdav_base: https://localhost:9200 webdav_path: /dav/spaces/ @@ -33,7 +33,7 @@ identity: uri: ldaps://localhost:9235 insecure: true bind_dn: uid=libregraph,ou=sysusers,o=libregraph-idm - bind_password: idm + bind_password: "" use_server_uuid: false write_enabled: true user_base_dn: ou=users,o=libregraph-idm diff --git a/extensions/_includes/graph_configvars.md b/extensions/_includes/graph_configvars.md index 890b853283f..f2aa313a51f 100644 --- a/extensions/_includes/graph_configvars.md +++ b/extensions/_includes/graph_configvars.md @@ -8,8 +8,6 @@ | GRAPH_DEBUG_ZPAGES | bool | false | | | GRAPH_HTTP_ADDR | string | 127.0.0.1:9120 | | | GRAPH_HTTP_ROOT | string | /graph | | -| REVA_GATEWAY | string | 127.0.0.1:9142 | | -| OCIS_JWT_SECRET;GRAPH_JWT_SECRET | string | Pive-Fumkiu4 | | | OCIS_URL;GRAPH_SPACES_WEBDAV_BASE | string | https://localhost:9200 | | | GRAPH_SPACES_WEBDAV_PATH | string | /dav/spaces/ | | | GRAPH_SPACES_DEFAULT_QUOTA | string | 1000000000 | | @@ -19,7 +17,7 @@ | LDAP_URI;GRAPH_LDAP_URI | string | ldaps://localhost:9235 | | | OCIS_INSECURE;GRAPH_LDAP_INSECURE | bool | true | | | LDAP_BIND_DN;GRAPH_LDAP_BIND_DN | string | uid=libregraph,ou=sysusers,o=libregraph-idm | | -| LDAP_BIND_PASSWORD;GRAPH_LDAP_BIND_PASSWORD | string | idm | | +| LDAP_BIND_PASSWORD;GRAPH_LDAP_BIND_PASSWORD | string | | | | GRAPH_LDAP_SERVER_UUID | bool | false | | | GRAPH_LDAP_SERVER_WRITE_ENABLED | bool | true | | | LDAP_USER_BASE_DN;GRAPH_LDAP_USER_BASE_DN | string | ou=users,o=libregraph-idm | | diff --git a/extensions/_includes/group-config-example.yaml b/extensions/_includes/group-config-example.yaml index 0526ed21c17..472fcac23ac 100644 --- a/extensions/_includes/group-config-example.yaml +++ b/extensions/_includes/group-config-example.yaml @@ -14,14 +14,15 @@ debug: token: "" pprof: false zpages: false -supervised: false grpc: addr: 127.0.0.1:9160 protocol: tcp -jwtsecret: Pive-Fumkiu4 -gatewayendpoint: 127.0.0.1:9142 -skipusergroupsintoken: false -groupmemberscacheexpiration: 5 +token_manager: + jwt_secret: "" +reva: + address: 127.0.0.1:9142 +skip_user_groups_in_token: false +group_members_cache_expiration: 5 driver: ldap drivers: json: @@ -31,7 +32,7 @@ drivers: cacert: ~/.ocis/idm/ldap.crt insecure: false binddn: uid=reva,ou=sysusers,o=libregraph-idm - bindpassword: reva + bind_password: "" userbasedn: ou=users,o=libregraph-idm groupbasedn: ou=groups,o=libregraph-idm userscope: sub diff --git a/extensions/_includes/group_configvars.md b/extensions/_includes/group_configvars.md index bb453ed0c9a..fef00026c9d 100644 --- a/extensions/_includes/group_configvars.md +++ b/extensions/_includes/group_configvars.md @@ -12,7 +12,7 @@ | LDAP_CACERT;GROUPS_LDAP_CACERT | string | ~/.ocis/idm/ldap.crt | | | LDAP_INSECURE;GROUPS_LDAP_INSECURE | bool | false | | | LDAP_BIND_DN;GROUPS_LDAP_BIND_DN | string | uid=reva,ou=sysusers,o=libregraph-idm | | -| LDAP_BIND_PASSWORD;GROUPS_LDAP_BIND_PASSWORD | string | reva | | +| LDAP_BIND_PASSWORD;GROUPS_LDAP_BIND_PASSWORD | string | | | | LDAP_USER_BASE_DN;GROUPS_LDAP_USER_BASE_DN | string | ou=users,o=libregraph-idm | | | LDAP_GROUP_BASE_DN;GROUPS_LDAP_GROUP_BASE_DN | string | ou=groups,o=libregraph-idm | | | LDAP_USER_SCOPE;GROUPS_LDAP_USER_SCOPE | string | sub | | diff --git a/extensions/_includes/idm-config-example.yaml b/extensions/_includes/idm-config-example.yaml index 28b56f27ac7..09e9a50a977 100644 --- a/extensions/_includes/idm-config-example.yaml +++ b/extensions/_includes/idm-config-example.yaml @@ -21,7 +21,7 @@ idm: database: ~/.ocis/idm/ocis.boltdb create_demo_users: false service_user_passwords: - admin_password: admin - idm_password: idm - reva_password: reva - idp_password: idp + admin_password: "" + idm_password: "" + reva_password: "" + idp_password: "" diff --git a/extensions/_includes/idm_configvars.md b/extensions/_includes/idm_configvars.md index cb7ec87ab9f..cfceb3295e5 100644 --- a/extensions/_includes/idm_configvars.md +++ b/extensions/_includes/idm_configvars.md @@ -11,7 +11,7 @@ | IDM_LDAPS_KEY | string | ~/.ocis/idm/ldap.key | File name for the TLS certificate key for the server certificate| | IDM_DATABASE_PATH | string | ~/.ocis/idm/ocis.boltdb | Full path to the idm backend database| | IDM_CREATE_DEMO_USERS;ACCOUNTS_DEMO_USERS_AND_GROUPS | bool | false | Flag to enabe/disable the creation of the demo users| -| IDM_ADMIN_PASSWORD | string | admin | Password to set for the ocis "admin" user. Either cleartext or an argon2id hash| -| IDM_SVC_PASSWORD | string | idm | Password to set for the "idm" service user. Either cleartext or an argon2id hash| -| IDM_REVASVC_PASSWORD | string | reva | Password to set for the "reva" service user. Either cleartext or an argon2id hash| -| IDM_IDPSVC_PASSWORD | string | idp | Password to set for the "idp" service user. Either cleartext or an argon2id hash| \ No newline at end of file +| IDM_ADMIN_PASSWORD | string | | Password to set for the ocis "admin" user. Either cleartext or an argon2id hash| +| IDM_SVC_PASSWORD | string | | Password to set for the "idm" service user. Either cleartext or an argon2id hash| +| IDM_REVASVC_PASSWORD | string | | Password to set for the "reva" service user. Either cleartext or an argon2id hash| +| IDM_IDPSVC_PASSWORD | string | | Password to set for the "idp" service user. Either cleartext or an argon2id hash| \ No newline at end of file diff --git a/extensions/_includes/idp-config-example.yaml b/extensions/_includes/idp-config-example.yaml index d105e9e0d03..66245e8f166 100644 --- a/extensions/_includes/idp-config-example.yaml +++ b/extensions/_includes/idp-config-example.yaml @@ -59,7 +59,7 @@ ldap: uri: ldaps://localhost:9235 cacert: ~/.ocis/idm/ldap.crt bind_dn: uid=idp,ou=sysusers,o=libregraph-idm - bind_password: idp + bind_password: "" base_dn: ou=users,o=libregraph-idm scope: sub login_attribute: uid diff --git a/extensions/_includes/idp_configvars.md b/extensions/_includes/idp_configvars.md index f8737d8b5cf..e463e7cb3a8 100644 --- a/extensions/_includes/idp_configvars.md +++ b/extensions/_includes/idp_configvars.md @@ -38,7 +38,7 @@ | LDAP_URI;IDP_LDAP_URI | string | ldaps://localhost:9235 | | | LDAP_CACERT;IDP_LDAP_TLS_CACERT | string | ~/.ocis/idm/ldap.crt | | | LDAP_BIND_DN;IDP_LDAP_BIND_DN | string | uid=idp,ou=sysusers,o=libregraph-idm | | -| LDAP_BIND_PASSWORD;IDP_LDAP_BIND_PASSWORD | string | idp | | +| LDAP_BIND_PASSWORD;IDP_LDAP_BIND_PASSWORD | string | | | | LDAP_USER_BASE_DN,IDP_LDAP_BASE_DN | string | ou=users,o=libregraph-idm | | | LDAP_USER_SCOPE;IDP_LDAP_SCOPE | string | sub | | | IDP_LDAP_LOGIN_ATTRIBUTE | string | uid | | diff --git a/extensions/_includes/notifications-config-example.yaml b/extensions/_includes/notifications-config-example.yaml index e6a3fb2a5f1..57bcb74ceb8 100644 --- a/extensions/_includes/notifications-config-example.yaml +++ b/extensions/_includes/notifications-config-example.yaml @@ -20,4 +20,4 @@ notifications: events_cluster: ocis-cluster events_group: notifications reva_gateway: 127.0.0.1:9142 - machine_auth_api_key: change-me-please + machine_auth_api_key: "" diff --git a/extensions/_includes/notifications_configvars.md b/extensions/_includes/notifications_configvars.md index c465d89b61b..73e842e35cf 100644 --- a/extensions/_includes/notifications_configvars.md +++ b/extensions/_includes/notifications_configvars.md @@ -14,4 +14,4 @@ | NOTIFICATIONS_EVENTS_CLUSTER | string | ocis-cluster | | | NOTIFICATIONS_EVENTS_GROUP | string | notifications | | | REVA_GATEWAY;NOTIFICATIONS_REVA_GATEWAY | string | 127.0.0.1:9142 | | -| OCIS_MACHINE_AUTH_API_KEY;NOTIFICATIONS_MACHINE_AUTH_API_KEY | string | change-me-please | | \ No newline at end of file +| OCIS_MACHINE_AUTH_API_KEY;NOTIFICATIONS_MACHINE_AUTH_API_KEY | string | | | \ No newline at end of file diff --git a/extensions/_includes/ocdav-config-example.yaml b/extensions/_includes/ocdav-config-example.yaml index 4c9bdf26856..bdb5701b462 100644 --- a/extensions/_includes/ocdav-config-example.yaml +++ b/extensions/_includes/ocdav-config-example.yaml @@ -14,14 +14,15 @@ debug: token: "" pprof: false zpages: false -supervised: false http: addr: 127.0.0.1:0 protocol: tcp prefix: "" -jwt_secret: Pive-Fumkiu4 -gatewayendpoint: 127.0.0.1:9142 -skipusergroupsintoken: false +token_manager: + jwt_secret: "" +reva: + address: 127.0.0.1:9142 +skip_user_groups_in_token: false webdav_namespace: /users/{{.Id.OpaqueId}} files_namespace: /users/{{.Id.OpaqueId}} shares_namespace: /Shares diff --git a/extensions/_includes/ocs-config-example.yaml b/extensions/_includes/ocs-config-example.yaml index 95fd9436717..00e6f99378a 100644 --- a/extensions/_includes/ocs-config-example.yaml +++ b/extensions/_includes/ocs-config-example.yaml @@ -35,11 +35,11 @@ http: - X-Requested-With allowed_credentials: true token_manager: - jwt_secret: Pive-Fumkiu4 + jwt_secret: "" reva: address: 127.0.0.1:9142 identity_management: address: https://localhost:9200 account_backend: cs3 storage_users_driver: ocis -machine_auth_api_key: change-me-please +machine_auth_api_key: "" diff --git a/extensions/_includes/ocs_configvars.md b/extensions/_includes/ocs_configvars.md index d8aad8f2a37..39c33c571f3 100644 --- a/extensions/_includes/ocs_configvars.md +++ b/extensions/_includes/ocs_configvars.md @@ -8,9 +8,7 @@ | OCS_DEBUG_ZPAGES | bool | false | | | OCS_HTTP_ADDR | string | 127.0.0.1:9110 | | | OCS_HTTP_ROOT | string | /ocs | | -| OCIS_JWT_SECRET;OCS_JWT_SECRET | string | Pive-Fumkiu4 | | -| REVA_GATEWAY | string | 127.0.0.1:9142 | | | OCIS_URL;OCS_IDM_ADDRESS | string | https://localhost:9200 | | | OCS_ACCOUNT_BACKEND_TYPE | string | cs3 | | | STORAGE_USERS_DRIVER;OCS_STORAGE_USERS_DRIVER | string | ocis | | -| OCIS_MACHINE_AUTH_API_KEY;OCS_MACHINE_AUTH_API_KEY | string | change-me-please | | \ No newline at end of file +| OCIS_MACHINE_AUTH_API_KEY;OCS_MACHINE_AUTH_API_KEY | string | | | \ No newline at end of file diff --git a/extensions/_includes/proxy-config-example.yaml b/extensions/_includes/proxy-config-example.yaml index 3ea8b4c83f2..dc17179bc16 100644 --- a/extensions/_includes/proxy-config-example.yaml +++ b/extensions/_includes/proxy-config-example.yaml @@ -142,7 +142,7 @@ oidc: size: 1024 ttl: 10 token_manager: - jwt_secret: Pive-Fumkiu4 + jwt_secret: "" policy_selector: static: policy: ocis @@ -156,7 +156,7 @@ pre_signed_url: account_backend: cs3 user_oidc_claim: email user_cs3_claim: mail -machine_auth_api_key: change-me-please +machine_auth_api_key: "" auto_provision_accounts: false enable_basic_auth: false insecure_backends: false diff --git a/extensions/_includes/proxy_configvars.md b/extensions/_includes/proxy_configvars.md index 09ab54f17ab..08d72a23d08 100644 --- a/extensions/_includes/proxy_configvars.md +++ b/extensions/_includes/proxy_configvars.md @@ -11,17 +11,15 @@ | PROXY_TRANSPORT_TLS_CERT | string | ~/.ocis/proxy/server.crt | | | PROXY_TRANSPORT_TLS_KEY | string | ~/.ocis/proxy/server.key | | | PROXY_TLS | bool | true | | -| REVA_GATEWAY | string | 127.0.0.1:9142 | | | OCIS_URL;PROXY_OIDC_ISSUER | string | https://localhost:9200 | | | OCIS_INSECURE;PROXY_OIDC_INSECURE | bool | true | | | PROXY_OIDC_USERINFO_CACHE_SIZE | int | 1024 | | | PROXY_OIDC_USERINFO_CACHE_TTL | int | 10 | | -| OCIS_JWT_SECRET;PROXY_JWT_SECRET | string | Pive-Fumkiu4 | | | PROXY_ENABLE_PRESIGNEDURLS | bool | true | | | PROXY_ACCOUNT_BACKEND_TYPE | string | cs3 | | | PROXY_USER_OIDC_CLAIM | string | email | | | PROXY_USER_CS3_CLAIM | string | mail | | -| OCIS_MACHINE_AUTH_API_KEY;PROXY_MACHINE_AUTH_API_KEY | string | change-me-please | | +| OCIS_MACHINE_AUTH_API_KEY;PROXY_MACHINE_AUTH_API_KEY | string | | | | PROXY_AUTOPROVISION_ACCOUNTS | bool | false | | | PROXY_ENABLE_BASIC_AUTH | bool | false | | | PROXY_INSECURE_BACKENDS | bool | false | | \ No newline at end of file diff --git a/extensions/_includes/settings-config-example.yaml b/extensions/_includes/settings-config-example.yaml index 9c6c765d7f8..e4d8042784c 100644 --- a/extensions/_includes/settings-config-example.yaml +++ b/extensions/_includes/settings-config-example.yaml @@ -44,8 +44,8 @@ metadata_config: storage_addr: 127.0.0.1:9215 service_user_id: 95cb8724-03b2-11eb-a0a6-c33ef8ef53ad service_user_idp: https://localhost:9200 - machine_auth_api_key: change-me-please + machine_auth_api_key: "" asset: path: "" token_manager: - jwt_secret: Pive-Fumkiu4 + jwt_secret: "" diff --git a/extensions/_includes/settings_configvars.md b/extensions/_includes/settings_configvars.md index 3b788a0251a..c78de17ce45 100644 --- a/extensions/_includes/settings_configvars.md +++ b/extensions/_includes/settings_configvars.md @@ -16,6 +16,5 @@ | STORAGE_GRPC_ADDR | string | 127.0.0.1:9215 | | | METADATA_SERVICE_USER_UUID | string | 95cb8724-03b2-11eb-a0a6-c33ef8ef53ad | | | OCIS_URL;METADATA_SERVICE_USER_IDP | string | https://localhost:9200 | | -| OCIS_MACHINE_AUTH_API_KEY | string | change-me-please | | -| SETTINGS_ASSET_PATH | string | | | -| OCIS_JWT_SECRET;SETTINGS_JWT_SECRET | string | Pive-Fumkiu4 | | \ No newline at end of file +| OCIS_MACHINE_AUTH_API_KEY | string | | | +| SETTINGS_ASSET_PATH | string | | | \ No newline at end of file diff --git a/extensions/_includes/sharing-config-example.yaml b/extensions/_includes/sharing-config-example.yaml index 19f3255bdb5..5817faa536f 100644 --- a/extensions/_includes/sharing-config-example.yaml +++ b/extensions/_includes/sharing-config-example.yaml @@ -14,15 +14,16 @@ debug: token: "" pprof: false zpages: false -supervised: false grpc: addr: 127.0.0.1:9150 protocol: tcp -jwtsecret: Pive-Fumkiu4 -gatewayendpoint: 127.0.0.1:9142 -skipusergroupsintoken: false -usersharingdriver: json -usersharingdrivers: +token_manager: + jwt_secret: "" +reva: + address: 127.0.0.1:9142 +skip_user_groups_in_token: false +user_sharing_driver: json +user_sharin_drivers: json: file: ~/.ocis/storage/shares.json sql: @@ -40,8 +41,8 @@ usersharingdrivers: serviceuserid: 95cb8724-03b2-11eb-a0a6-c33ef8ef53ad serviceuseridp: https://localhost:9200 machineauthapikey: "" -publicsharingdriver: json -publicsharingdrivers: +public_sharing_driver: json +public_sharing_drivers: json: file: ~/.ocis/storage/publicshares.json sql: diff --git a/extensions/_includes/storage-config-example.yaml b/extensions/_includes/storage-config-example.yaml index 51cf8b3087b..b0459de2d99 100644 --- a/extensions/_includes/storage-config-example.yaml +++ b/extensions/_includes/storage-config-example.yaml @@ -16,13 +16,13 @@ ocdav: public_url: https://localhost:9200 debug_addr: 127.0.0.1:9163 gateway_svc: 127.0.0.1:9142 - jwt_secret: Pive-Fumkiu4 + jwt_secret: "" insecure: false timeout: 84300 reva: - jwt_secret: Pive-Fumkiu4 + jwt_secret: "" skip_user_grooups_in_token: false - transfer_secret: replace-me-with-a-transfer-secret + transfer_secret: "" transfer_expires: 86400 oidc: issuer: https://localhost:9200 @@ -46,7 +46,7 @@ reva: - uid - mail bind_dn: uid=reva,ou=sysusers,o=libregraph-idm - bind_password: reva + bind_password: "" idp: https://localhost:9200 user_schema: id: ownclouduuid @@ -76,7 +76,7 @@ reva: target_api: "" user_owncloud_sql: db_username: owncloud - db_password: secret + db_password: "" db_host: mysql db_port: 3306 db_name: owncloud @@ -434,7 +434,7 @@ reva: context: null supervised: false auth_machine_config: - machine_auth_api_key: change-me-please + machine_auth_api_key: "" sharing: port: max_cpus: "" diff --git a/extensions/_includes/storage-metadata-config-example.yaml b/extensions/_includes/storage-metadata-config-example.yaml index 1b0509eb747..84af17279dd 100644 --- a/extensions/_includes/storage-metadata-config-example.yaml +++ b/extensions/_includes/storage-metadata-config-example.yaml @@ -14,7 +14,6 @@ debug: token: "" pprof: false zpages: false -supervised: false grpc: addr: 127.0.0.1:9215 protocol: tcp @@ -22,9 +21,11 @@ http: addr: 127.0.0.1:9216 protocol: tcp context: null -jwtsecret: Pive-Fumkiu4 -gatewayendpoint: 127.0.0.1:9142 -skipusergroupsintoken: false +token_manager: + jwt_secret: "" +reva: + address: 127.0.0.1:9142 +skip_user_groups_in_token: false driver: ocis drivers: eos: @@ -67,6 +68,6 @@ drivers: secret_key: "" endpoint: "" bucket: "" -dataserverurl: http://localhost:9216/data -tempfolder: ~/.ocis/tmp/metadata -dataproviderinsecure: false +data_server_url: http://localhost:9216/data +temp_folder: ~/.ocis/tmp/metadata +data_provider_insecure: false diff --git a/extensions/_includes/storage-publiclink-config-example.yaml b/extensions/_includes/storage-publiclink-config-example.yaml index 85675029e0d..c9e3071ce2d 100644 --- a/extensions/_includes/storage-publiclink-config-example.yaml +++ b/extensions/_includes/storage-publiclink-config-example.yaml @@ -14,16 +14,17 @@ debug: token: "" pprof: false zpages: false -supervised: false grpc: addr: 127.0.0.1:9178 protocol: tcp context: null -jwtsecret: Pive-Fumkiu4 -gatewayendpoint: 127.0.0.1:9142 -skipusergroupsintoken: false -authprovider: +token_manager: + jwt_secret: "" +reva: + address: 127.0.0.1:9142 +skip_user_groups_in_token: false +auth_provider: gatewayendpoint: 127.0.0.1:9142 -storageprovider: +storage_provider: mountid: 7993447f-687f-490d-875c-ac95e89a62a4 gatewayendpoint: 127.0.0.1:9142 diff --git a/extensions/_includes/storage-shares-config-example.yaml b/extensions/_includes/storage-shares-config-example.yaml index d1fa8b95687..310370c3fc4 100644 --- a/extensions/_includes/storage-shares-config-example.yaml +++ b/extensions/_includes/storage-shares-config-example.yaml @@ -14,16 +14,17 @@ debug: token: "" pprof: false zpages: false -supervised: false grpc: addr: 127.0.0.1:9154 protocol: tcp http: addr: 127.0.0.1:9155 protocol: tcp +token_manager: + jwt_secret: "" +reva: + address: 127.0.0.1:9142 context: null -jwtsecret: Pive-Fumkiu4 -gatewayendpoint: 127.0.0.1:9142 -skipusergroupsintoken: false +skip_user_groups_in_token: false readonly: false -sharesproviderendpoint: localhost:9150 +shares_provider_endpoint: localhost:9150 diff --git a/extensions/_includes/storage-users-config-example.yaml b/extensions/_includes/storage-users-config-example.yaml index 7a59189f3a9..86f260d0c29 100644 --- a/extensions/_includes/storage-users-config-example.yaml +++ b/extensions/_includes/storage-users-config-example.yaml @@ -14,7 +14,6 @@ debug: token: "" pprof: false zpages: false -supervised: false grpc: addr: 127.0.0.1:9157 protocol: tcp @@ -22,10 +21,12 @@ http: addr: 127.0.0.1:9158 protocol: tcp prefix: data +token_manager: + jwt_secret: "" +reva: + address: 127.0.0.1:9142 context: null -jwtsecret: Pive-Fumkiu4 -gatewayendpoint: 127.0.0.1:9142 -skipusergroupsintoken: false +skip_user_groups_in_token: false driver: ocis drivers: eos: @@ -89,12 +90,12 @@ drivers: db_port: 3306 db_name: owncloud usersproviderendpoint: "" -dataserverurl: http://localhost:9158/data -tempfolder: ~/.ocis/tmp/users -dataproviderinsecure: false +data_server_url: http://localhost:9158/data +temp_folder: ~/.ocis/tmp/users +data_provider_insecure: false events: addr: 127.0.0.1:9233 clusterid: ocis-cluster -mountid: 1284d238-aa92-42ce-bdc4-0b0000009157 -exposedataserver: false +mount_id: 1284d238-aa92-42ce-bdc4-0b0000009157 +expose_data_server: false readonly: false diff --git a/extensions/_includes/thumbnails-config-example.yaml b/extensions/_includes/thumbnails-config-example.yaml index c65ef583554..98104690463 100644 --- a/extensions/_includes/thumbnails-config-example.yaml +++ b/extensions/_includes/thumbnails-config-example.yaml @@ -34,5 +34,5 @@ thumbnail: cs3_allow_insecure: false reva_gateway: 127.0.0.1:9142 font_map_file: "" - transfer_token: changemeplease + transfer_secret: "" data_endpoint: http://127.0.0.1:9186/thumbnails/data diff --git a/extensions/_includes/thumbnails_configvars.md b/extensions/_includes/thumbnails_configvars.md index 5884e6ef252..8ac3afe0a5f 100644 --- a/extensions/_includes/thumbnails_configvars.md +++ b/extensions/_includes/thumbnails_configvars.md @@ -14,5 +14,5 @@ | OCIS_INSECURE;THUMBNAILS_CS3SOURCE_INSECURE | bool | false | | | REVA_GATEWAY | string | 127.0.0.1:9142 | | | THUMBNAILS_TXT_FONTMAP_FILE | string | | | -| THUMBNAILS_TRANSFER_TOKEN | string | changemeplease | | +| STORAGE_TRANSFER_TOKEN;THUMBNAILS_TRANSFER_TOKEN | string | | | | THUMBNAILS_DATA_ENDPOINT | string | http://127.0.0.1:9186/thumbnails/data | | \ No newline at end of file diff --git a/extensions/_includes/user-config-example.yaml b/extensions/_includes/user-config-example.yaml index 1715a5cbe88..f41a197f4ea 100644 --- a/extensions/_includes/user-config-example.yaml +++ b/extensions/_includes/user-config-example.yaml @@ -14,14 +14,15 @@ debug: token: "" pprof: false zpages: false -supervised: false grpc: addr: 127.0.0.1:9144 protocol: tcp -jwtsecret: Pive-Fumkiu4 -gatewayendpoint: 127.0.0.1:9142 -skipusergroupsintoken: false -userscacheexpiration: 5 +token_manager: + jwt_secret: "" +reva: + address: 127.0.0.1:9142 +skip_user_groups_in_token: false +users_cache_expiration: 5 driver: ldap drivers: json: @@ -31,7 +32,7 @@ drivers: cacert: ~/.ocis/idm/ldap.crt insecure: false binddn: uid=reva,ou=sysusers,o=libregraph-idm - bindpassword: reva + bind_password: "" userbasedn: ou=users,o=libregraph-idm groupbasedn: ou=groups,o=libregraph-idm userscope: sub diff --git a/extensions/_includes/user_configvars.md b/extensions/_includes/user_configvars.md index 172e36bc65d..b004ac4e5af 100644 --- a/extensions/_includes/user_configvars.md +++ b/extensions/_includes/user_configvars.md @@ -12,7 +12,7 @@ | LDAP_CACERT;USERS_LDAP_CACERT | string | ~/.ocis/idm/ldap.crt | | | LDAP_INSECURE;USERS_LDAP_INSECURE | bool | false | | | LDAP_BIND_DN;USERS_LDAP_BIND_DN | string | uid=reva,ou=sysusers,o=libregraph-idm | | -| LDAP_BIND_PASSWORD;USERS_LDAP_BIND_PASSWORD | string | reva | | +| LDAP_BIND_PASSWORD;USERS_LDAP_BIND_PASSWORD | string | | | | LDAP_USER_BASE_DN;USERS_LDAP_USER_BASE_DN | string | ou=users,o=libregraph-idm | | | LDAP_GROUP_BASE_DN;USERS_LDAP_GROUP_BASE_DN | string | ou=groups,o=libregraph-idm | | | LDAP_USER_SCOPE;USERS_LDAP_USER_SCOPE | string | sub | | diff --git a/extensions/accounts/tests.md b/extensions/accounts/tests.md index 07de8e5dc37..5fdb2b54968 100644 --- a/extensions/accounts/tests.md +++ b/extensions/accounts/tests.md @@ -19,9 +19,10 @@ Make sure you've cloned the [web frontend repo](https://github.com/owncloud/web/ {{< hint info >}} For now, an IDP configuration file gets generated once and will fail upon changing the oCIS url as done below. To avoid any clashes, remove this file before starting the tests: -``` +```bash rm ~/.ocis/idp/identifier-registration.yaml ``` + {{< /hint >}} ### In the web repo @@ -30,7 +31,7 @@ rm ~/.ocis/idp/identifier-registration.yaml Install dependencies and bundle the frontend with a watcher by running -``` +```bash yarn && yarn build:w ``` @@ -40,7 +41,7 @@ If you skip the step above, the currently bundled frontend from the oCIS binary Start the necessary acceptance test services by using Docker (Compose): -``` +```bash docker compose up selenium middleware-ocis vnc ``` @@ -50,7 +51,7 @@ docker compose up selenium middleware-ocis vnc Navigate into the accounts service via `cd ../accounts/` and install dependencies and build the bundled accounts UI with a watcher by running -``` +```bash yarn && yarn watch ``` @@ -58,13 +59,14 @@ yarn && yarn watch Navigate into the oCIS directory inside the oCIS repository and build the oCIS binary by running -``` +```bash make clean build ``` Then, start oCIS from the binary via -``` +```bash +./bin/ocis init OCIS_URL=https://host.docker.internal:9200 OCIS_INSECURE=true PROXY_ENABLE_BASIC_AUTH=true WEB_UI_CONFIG=../../web/dev/docker/ocis.web.config.json ./bin/ocis server ``` @@ -78,6 +80,6 @@ If you want visual feedback on the test run, visit http://host.docker.internal:6 Navigate into the accounts service via `cd ../accounts/` and start the acceptance tests by running -``` +```bash SERVER_HOST=https://host.docker.internal:9200 BACKEND_HOST=https://host.docker.internal:9200 RUN_ON_OCIS=true NODE_TLS_REJECT_UNAUTHORIZED=0 WEB_PATH=../../web WEB_UI_CONFIG=../../web/tests/drone/config-ocis.json MIDDLEWARE_HOST=http://host.docker.internal:3000 ./ui/tests/run-acceptance-test.sh ./ui/tests/acceptance/features/ ``` diff --git a/extensions/settings/tests.md b/extensions/settings/tests.md index 06a4b3fb5f5..b07ae587392 100644 --- a/extensions/settings/tests.md +++ b/extensions/settings/tests.md @@ -19,9 +19,10 @@ Make sure you've cloned the [web frontend repo](https://github.com/owncloud/web/ {{< hint info >}} For now, an IDP configuration file gets generated once and will fail upon changing the oCIS url as done below. To avoid any clashes, remove this file before starting the tests: -``` +```bash rm ~/.ocis/idp/identifier-registration.yaml ``` + {{< /hint >}} ### In the web repo @@ -30,7 +31,7 @@ rm ~/.ocis/idp/identifier-registration.yaml Install dependencies and bundle the frontend with a watcher by running -``` +```bash yarn && yarn build:w ``` @@ -40,7 +41,7 @@ If you skip the step above, the currently bundled frontend from the oCIS binary Start the necessary acceptance test services by using Docker (Compose): -``` +```bash docker compose up selenium middleware-ocis vnc ``` @@ -50,7 +51,7 @@ docker compose up selenium middleware-ocis vnc Navigate into the settings service via `cd ../settings/` and install dependencies and build the bundled settings UI with a watcher by running -``` +```bash yarn && yarn watch ``` @@ -58,13 +59,14 @@ yarn && yarn watch Navigate into the oCIS directory inside the oCIS repository and build the oCIS binary by running -``` +```bash make clean build ``` Then, start oCIS from the binary via -``` +```bash +ocis init OCIS_URL=https://host.docker.internal:9200 OCIS_INSECURE=true PROXY_ENABLE_BASIC_AUTH=true WEB_UI_CONFIG=../../web/dev/docker/ocis.web.config.json ./bin/ocis server ``` @@ -78,6 +80,6 @@ If you want visual feedback on the test run, visit http://host.docker.internal:6 Navigate into the settings service via `cd ../settings/` and start the acceptance tests by running -``` +```bash SERVER_HOST=https://host.docker.internal:9200 BACKEND_HOST=https://host.docker.internal:9200 RUN_ON_OCIS=true NODE_TLS_REJECT_UNAUTHORIZED=0 WEB_PATH=../../web WEB_UI_CONFIG=../../web/tests/drone/config-ocis.json MIDDLEWARE_HOST=http://host.docker.internal:3000 ./ui/tests/run-acceptance-test.sh ./ui/tests/acceptance/features/ ``` diff --git a/grpc_apis/ocis/messages/accounts/v0/grpc.md b/grpc_apis/ocis/messages/accounts/v0/grpc.md index 433c5f801bd..e8a377346af 100644 --- a/grpc_apis/ocis/messages/accounts/v0/grpc.md +++ b/grpc_apis/ocis/messages/accounts/v0/grpc.md @@ -1,7 +1,7 @@ --- title: "ocis.messages.accounts.v0" url: /grpc_apis/ocis_messages_accounts_v0 -date: 2022-05-02T01:06:35Z +date: 2022-05-02T07:32:35Z weight: 50 geekdocRepo: https://github.com/owncloud/ocis --- diff --git a/grpc_apis/ocis/messages/settings/v0/grpc.md b/grpc_apis/ocis/messages/settings/v0/grpc.md index 0dd94de1ce2..ab80ebae638 100644 --- a/grpc_apis/ocis/messages/settings/v0/grpc.md +++ b/grpc_apis/ocis/messages/settings/v0/grpc.md @@ -1,7 +1,7 @@ --- title: "ocis.messages.settings.v0" url: /grpc_apis/ocis_messages_settings_v0 -date: 2022-05-02T01:06:35Z +date: 2022-05-02T07:32:35Z weight: 50 geekdocRepo: https://github.com/owncloud/ocis --- diff --git a/grpc_apis/ocis/messages/store/v0/grpc.md b/grpc_apis/ocis/messages/store/v0/grpc.md index 70d8030c5a9..5ddf8c81a53 100644 --- a/grpc_apis/ocis/messages/store/v0/grpc.md +++ b/grpc_apis/ocis/messages/store/v0/grpc.md @@ -1,7 +1,7 @@ --- title: "ocis.messages.store.v0" url: /grpc_apis/ocis_messages_store_v0 -date: 2022-05-02T01:06:35Z +date: 2022-05-02T07:32:35Z weight: 50 geekdocRepo: https://github.com/owncloud/ocis --- diff --git a/grpc_apis/ocis/messages/thumbnails/v0/grpc.md b/grpc_apis/ocis/messages/thumbnails/v0/grpc.md index d3a8907308f..b37bbaaa9c7 100644 --- a/grpc_apis/ocis/messages/thumbnails/v0/grpc.md +++ b/grpc_apis/ocis/messages/thumbnails/v0/grpc.md @@ -1,7 +1,7 @@ --- title: "ocis.messages.thumbnails.v0" url: /grpc_apis/ocis_messages_thumbnails_v0 -date: 2022-05-02T01:06:35Z +date: 2022-05-02T07:32:35Z weight: 50 geekdocRepo: https://github.com/owncloud/ocis --- diff --git a/grpc_apis/ocis/services/accounts/v0/grpc.md b/grpc_apis/ocis/services/accounts/v0/grpc.md index 556a73676c6..2aef9cfdc14 100644 --- a/grpc_apis/ocis/services/accounts/v0/grpc.md +++ b/grpc_apis/ocis/services/accounts/v0/grpc.md @@ -1,7 +1,7 @@ --- title: "ocis.services.accounts.v0" url: /grpc_apis/ocis_services_accounts_v0 -date: 2022-05-02T01:06:35Z +date: 2022-05-02T07:32:35Z weight: 50 geekdocRepo: https://github.com/owncloud/ocis --- diff --git a/grpc_apis/ocis/services/settings/v0/grpc.md b/grpc_apis/ocis/services/settings/v0/grpc.md index 8a161496344..2a936fda51e 100644 --- a/grpc_apis/ocis/services/settings/v0/grpc.md +++ b/grpc_apis/ocis/services/settings/v0/grpc.md @@ -1,7 +1,7 @@ --- title: "ocis.services.settings.v0" url: /grpc_apis/ocis_services_settings_v0 -date: 2022-05-02T01:06:35Z +date: 2022-05-02T07:32:35Z weight: 50 geekdocRepo: https://github.com/owncloud/ocis --- diff --git a/grpc_apis/ocis/services/store/v0/grpc.md b/grpc_apis/ocis/services/store/v0/grpc.md index 8368065df32..178357314b8 100644 --- a/grpc_apis/ocis/services/store/v0/grpc.md +++ b/grpc_apis/ocis/services/store/v0/grpc.md @@ -1,7 +1,7 @@ --- title: "ocis.services.store.v0" url: /grpc_apis/ocis_services_store_v0 -date: 2022-05-02T01:06:35Z +date: 2022-05-02T07:32:35Z weight: 50 geekdocRepo: https://github.com/owncloud/ocis --- diff --git a/grpc_apis/ocis/services/thumbnails/v0/grpc.md b/grpc_apis/ocis/services/thumbnails/v0/grpc.md index ae9c01cf894..f903dc2f82e 100644 --- a/grpc_apis/ocis/services/thumbnails/v0/grpc.md +++ b/grpc_apis/ocis/services/thumbnails/v0/grpc.md @@ -1,7 +1,7 @@ --- title: "ocis.services.thumbnails.v0" url: /grpc_apis/ocis_services_thumbnails_v0 -date: 2022-05-02T01:06:35Z +date: 2022-05-02T07:32:35Z weight: 50 geekdocRepo: https://github.com/owncloud/ocis --- diff --git a/helpers/example-config-generator.go.tmpl b/helpers/example-config-generator.go.tmpl index 6e40721c1ca..277cfdc9dc2 100644 --- a/helpers/example-config-generator.go.tmpl +++ b/helpers/example-config-generator.go.tmpl @@ -22,9 +22,7 @@ func main() { {{- range $key, $value := .}} replacer.Replace("{{$value}}"): func() string { fmt.Println("Generating example YAML config for {{ $value -}}") - c := pkg{{$key}}.DefaultConfig() - pkg{{$key}}.EnsureDefaults(c) - pkg{{$key}}.Sanitize(c) + c := pkg{{$key}}.FullDefaultConfig() yml, err := yaml.Marshal(c) if err != nil { log.Fatalf("Marshalling yaml for pkg0 failed: %s\n", err) @@ -50,4 +48,3 @@ func main() { } } } - diff --git a/ocis/deployment/_index.md b/ocis/deployment/_index.md index e3fc175fda4..7da501f392b 100644 --- a/ocis/deployment/_index.md +++ b/ocis/deployment/_index.md @@ -27,38 +27,7 @@ oCIS deployments are super simple, yet there are many configurations possible fo ## Secure an oCIS instance -### Change default secrets -oCIS uses two system users which are needed for being operational: -- Reva Inter Operability Platform (bc596f3c-c955-4328-80a0-60d018b4ad57) -- Kopano IDP (820ba2a1-3f54-4538-80a4-2d73007e30bf) +oCIS no longer has any default secrets in versions later than oCIS 1.20.0. Therefore you're no +longer able to start oCIS without generating / setting all needed secrets. -Both have simple default passwords which need to be changed. Currently, changing a password is only possible on the command line. You need to run `ocis accounts update --password ` for both users. - -The new password for the Reva Inter Operability Platform user must be made available to oCIS by using the environment variable `STORAGE_LDAP_BIND_PASSWORD`. The same applies to the new Kopano IDP user password, which needs to be made available to oCIS in `IDP_LDAP_BIND_PASSWORD`. - -Furthermore, oCIS uses a shared secret to sign JWT tokens for inter service authorization, which also needs to be changed by the user. -You can change it by setting the `OCIS_JWT_SECRET` environment variable for oCIS to a random string. - -Another is used secret for singing JWT tokens for uploads and downloads, which also needs to be changed by the user. -You can change it by setting the `STORAGE_TRANSFER_SECRET` environment variable for oCIS to a random string. - -One more secret is used for machine auth, so that external applications can authenticate with an API key. -You can change it by setting the `OCIS_MACHINE_AUTH_API_KEY` environment variable for oCIS to a random string. - -### Delete demo users - -{{< hint info >}} -Before deleting the demo users mentioned below, you must create a new account for yourself and assign it to the administrator role. - -By default, oCIS doesn't create any demo users. During the first startup, it generates only the admin and one user for IDP and Reva respectively. -{{< /hint >}} - -oCIS ships with a few demo users besides the system users: -- Admin (ddc2004c-0977-11eb-9d3f-a793888cd0f8) -- Albert Einstein (4c510ada-c86b-4815-8820-42cdf82c3d51) -- Richard Feynman (932b4540-8d16-481e-8ef4-588e4b6b151c) -- Maurice Moss (058bff95-6708-4fe5-91e4-9ea3d377588b) -- Marie Curie (f7fbf8c8-139b-4376-b307-cf0a8c2d0d9c) - -You can view them in ownCloud Web if you log in as Admin user or list them by running `ocis accounts list`. -After adding your own user it is safe to delete the demo users in the web UI or with the command `ocis accounts remove `. Please do not delete the system users (see [change default secrets]({{< ref "./#change-default-secrets" >}})) or oCIS will not function properly anymore. +The recommended way is to use `ocis init` for that. It will generate a secure config file for you. diff --git a/ocis/deployment/basic-remote-setup.md b/ocis/deployment/basic-remote-setup.md index eaa95ac7025..461cb5b4b5a 100644 --- a/ocis/deployment/basic-remote-setup.md +++ b/ocis/deployment/basic-remote-setup.md @@ -15,6 +15,8 @@ If you need to access oCIS running in a docker container, on a VM or a remote ma ## Start the oCIS fullstack server from binary +Initialize the oCIS configuration by running `./bin/ocis init`. + Upon first start of the oCIS fullstack server with `./bin/ocis server` it will generate a directory tree skeleton in `$HOME/.ocis`. If that is already existing it will not be overwritten as it contains all relevant data for oCIS. In `$HOME/.ocis/idp` is a file `identifier-registration.yaml`. It is used to configure the built-in identity provider and therefore contains the OpenID Connect issuer and also information about relying parties, for example ownCloud Web and our desktop and mobile applications. @@ -23,10 +25,6 @@ In `$HOME/.ocis/idp` is a file `identifier-registration.yaml`. It is used to con The `identifier-registration.yaml` file will only be generated if it does not exist yet. If you want to change certain environment variables like `OCIS_URL`, please delete this file first before doing so. Otherwise your changes will not be applied correctly and you will run into errors. {{< /hint >}} -{{< hint warning >}} -oCIS is currently in a Tech Preview state and is shipped with demo users. In order to secure your oCIS instances please follow following guide: [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}) -{{< /hint >}} - For the following examples you need to have the oCIS binary in your current working directory, we assume it is named `ocis` and it needs to be marked as executable. See [Getting Started]({{< ref "../getting-started/#binaries" >}}) for where to get the binary from. ### Using automatically generated certificates diff --git a/ocis/deployment/oc10_ocis_parallel.md b/ocis/deployment/oc10_ocis_parallel.md index d5ff6e72e4b..d87f233ae57 100644 --- a/ocis/deployment/oc10_ocis_parallel.md +++ b/ocis/deployment/oc10_ocis_parallel.md @@ -122,8 +122,6 @@ See also [example server setup]({{< ref "preparing_server" >}}) Set your domain for the oC10 and oCIS frontend in `CLOUD_DOMAIN=`, e.g. `CLOUD_DOMAIN=cloud.owncloud.test`. - You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings e.g. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}). - By default ownCloud 10 will be started in the `latest` version. If you want to start a specific version of oCIS set the version to `OC10_DOCKER_TAG=`. Available versions can be found on [Docker Hub](https://hub.docker.com/r/owncloud/ocis/tags?page=1&ordering=last_updated). You can switch the default application of ownCloud 10 by setting`OWNCLOUD_DEFAULT_APP=files` in oder to have the classic UI as frontend, which is also the default. If you prefer ownCloud Web as the default application in ownCloud 10 just set `OWNCLOUD_DEFAULT_APP=web`. diff --git a/ocis/deployment/ocis_hello.md b/ocis/deployment/ocis_hello.md index afc6e441c11..312939a73a2 100644 --- a/ocis/deployment/ocis_hello.md +++ b/ocis/deployment/ocis_hello.md @@ -95,8 +95,6 @@ See also [example server setup]({{< ref "preparing_server" >}}) Set your domain for the oCIS frontend in `OCIS_DOMAIN=`, e.g. `OCIS_DOMAIN=ocis.owncloud.test`. - You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings e.g. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}). - By default the oCIS Hello extension will be started in the `latest` version. If you want to start a specific version of oCIS Hello set the version to `OCIS_HELLO_DOCKER_TAG=`. Available versions can be found on [Docker Hub](https://hub.docker.com/r/owncloud/ocis-hello/tags?page=1&ordering=last_updated). Now you have configured everything and can save the file. diff --git a/ocis/deployment/ocis_individual_services.md b/ocis/deployment/ocis_individual_services.md index ab2bebe9b34..718e5291a42 100644 --- a/ocis/deployment/ocis_individual_services.md +++ b/ocis/deployment/ocis_individual_services.md @@ -91,8 +91,6 @@ See also [example server setup]({{< ref "preparing_server" >}}) Set your domain for the oCIS frontend in `OCIS_DOMAIN=`, e.g. `OCIS_DOMAIN=ocis.owncloud.test`. - You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings e.g. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}). - You also can run more than one instance of the service by setting `OCIS_SCALE` to number greater than one. Now you have configured everything and can save the file. diff --git a/ocis/deployment/ocis_keycloak.md b/ocis/deployment/ocis_keycloak.md index 7495f661f5a..5708569e2a3 100644 --- a/ocis/deployment/ocis_keycloak.md +++ b/ocis/deployment/ocis_keycloak.md @@ -108,8 +108,6 @@ See also [example server setup]({{< ref "preparing_server" >}}) If you want to change the OIDC client id of th ownCloud Web frontend, you can do this by setting the name to `OCIS_OIDC_CLIENT_ID=`. - You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings e.g. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}). - Set your domain for the Keycloak administration panel and authentication endpoints to `KEYCLOAK_DOMAIN=` e.g. `KEYCLOAK_DOMAIN=keycloak.owncloud.test`. Changing the used Keycloak realm can be done by setting `KEYCLOAK_REALM=`. This defaults to the oCIS realm `KEYCLOAK_REALM=oCIS`. The oCIS realm will be automatically imported on startup and includes our demo users. diff --git a/ocis/deployment/ocis_ldap.md b/ocis/deployment/ocis_ldap.md index 7b0bea33546..8ec958451aa 100644 --- a/ocis/deployment/ocis_ldap.md +++ b/ocis/deployment/ocis_ldap.md @@ -93,8 +93,6 @@ See also [example server setup]({{< ref "preparing_server" >}}) Set your domain for the oCIS frontend in `OCIS_DOMAIN=`, e.g. `OCIS_DOMAIN=cloud.owncloud.test`. - You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings e.g. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}). - The OpenLDAP server in this example deployment has an admin users, which is also used as bind user in order to keep these examples simple. You can change the default password "admin" to a different one by setting it to `LDAP_ADMIN_PASSWORD=...`. Set your domain for the LDAP manager UI in `LDAP_MANAGER_DOMAIN=`, e.g. `ldap.owncloud.test`. diff --git a/ocis/deployment/ocis_s3.md b/ocis/deployment/ocis_s3.md index d98617aee62..38c2d9ddf2d 100644 --- a/ocis/deployment/ocis_s3.md +++ b/ocis/deployment/ocis_s3.md @@ -104,8 +104,6 @@ See also [example server setup]({{< ref "preparing_server" >}}) Set your domain for the oCIS frontend in `OCIS_DOMAIN=`, e.g. `OCIS_DOMAIN=ocis.owncloud.test`. - You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings e.g. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}). - Set your domain for the MinIO frontend in `MINIO_DOMAIN=`, e.g. `MINIO_DOMAIN=minio.owncloud.test`. If you are using other S3-compatible providers you need to configure the respective endpoint here. If you like you can change the default name of the S3 bucket by setting `MINIO_BUCKET=` to a different value. diff --git a/ocis/deployment/ocis_traefik.md b/ocis/deployment/ocis_traefik.md index a672577e2c4..ee6851d108c 100644 --- a/ocis/deployment/ocis_traefik.md +++ b/ocis/deployment/ocis_traefik.md @@ -88,8 +88,6 @@ See also [example server setup]({{< ref "preparing_server" >}}) Set your domain for the oCIS frontend in `OCIS_DOMAIN=`, e.g. `OCIS_DOMAIN=ocis.owncloud.test`. - You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings e.g. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}). - Now you have configured everything and can save the file. * Start the docker stack diff --git a/ocis/deployment/ocis_wopi.md b/ocis/deployment/ocis_wopi.md index 10c5fd04d3c..99f9713918e 100644 --- a/ocis/deployment/ocis_wopi.md +++ b/ocis/deployment/ocis_wopi.md @@ -130,8 +130,6 @@ See also [example server setup]({{< ref "preparing_server" >}}) Set your domain for the oCIS frontend in `OCIS_DOMAIN=`, e.g. `OCIS_DOMAIN=ocis.owncloud.test`. - You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings e.g. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}). - By default the CS3Org WOPI server will also be started in the `latest` version. If you want to start a specific version of it, you can set the version to `WOPISERVER_DOCKER_TAG=`. Available versions can be found on [Docker Hub](https://hub.docker.com/r/cs3org/wopiserver/tags?page=1&ordering=last_updated). Set your domain for the CS3Org WOPI server in `WOPISERVER_DOMAIN=`, where all office suites can download the files via the WOPI protocol. diff --git a/ocis/deployment/systemd.md b/ocis/deployment/systemd.md index d37d380f404..55d723e0462 100644 --- a/ocis/deployment/systemd.md +++ b/ocis/deployment/systemd.md @@ -39,11 +39,10 @@ WantedBy=multi-user.target For reasons of simplicity we are using the root user and group to run oCIS which is not recommended. Please use a non-root user in production environments and modify the oCIS service definition accordingly. - In the service definition we referenced `/etc/ocis/ocis.env` as our file containing environment variables for the oCIS process. In order to create the file we need first to create the folder `/etc/ocis/` and then we can add the actual `/etc/ocis/ocis.env` with following content: -``` +```bash OCIS_URL=https://some-hostname-or-ip:9200 PROXY_HTTP_ADDR=0.0.0.0:9200 OCIS_INSECURE=false @@ -60,9 +59,10 @@ Please change your `OCIS_URL` in order to reflect your actual deployment. If you oCIS will store all data in `/var/lib/ocis`, because we configured it so by setting `OCIS_BASE_DATA_PATH`. Therefore you need to create that directory and make it accessible to the user, you use to start oCIS. - ## Starting the oCIS service +Initialize the oCIS configuration by running `ocis init --config-path /etc/ocis`. + You can enable oCIS now by running `systemctl enable --now ocis`. It will ensure that oCIS also is restarted after a reboot of the host. If you need to restart oCIS because of configuration changes in `/etc/ocis/ocis.env`, run `systemctl restart ocis`. diff --git a/ocis/development/testing.md b/ocis/development/testing.md index 58270b65f1b..1439e67c6c7 100644 --- a/ocis/development/testing.md +++ b/ocis/development/testing.md @@ -89,7 +89,7 @@ We are using the ownCloud 10 acceptance test suite against oCIS. All you need to do to get the acceptance tests is check out the core repo: -``` +```bash git clone https://github.com/owncloud/core.git ``` @@ -97,7 +97,8 @@ git clone https://github.com/owncloud/core.git To start ocis: -``` +```bash +ocis init OCIS_INSECURE=true PROXY_ENABLE_BASIC_AUTH=true bin/ocis server ``` @@ -108,12 +109,13 @@ OCIS_INSECURE=true PROXY_ENABLE_BASIC_AUTH=true bin/ocis server First we will need to clone the testing app in owncloud which contains the skeleton files required for running the tests. In the ownCloud 10 core clone the testing app with the following command: -``` +```bash git clone https://github.com/owncloud/testing apps/testing ``` Then run the api acceptance tests with the following command from the root of the ownCloud 10 core repository: -``` + +```bash make test-acceptance-api \ TEST_SERVER_URL=https://localhost:9200 \ TEST_OCIS=true \ @@ -153,7 +155,7 @@ If you want to work on a specific issue E.g.: - ``` + ```bash make test-acceptance-api \ TEST_SERVER_URL=https://localhost:9200 \ TEST_OCIS=true \ @@ -174,7 +176,8 @@ If you want to work on a specific issue Instruction on setup is available [here](https://owncloud.dev/ocis/deployment/oc10_ocis_parallel/#local-setup) Edit the `.env` file and uncomment this line: -``` + +```bash COMPOSE_FILE=docker-compose.yml:testing/docker-compose-additions.yml ``` diff --git a/ocis/getting-started/_index.md b/ocis/getting-started/_index.md index 0838cafdd12..5a31560b831 100644 --- a/ocis/getting-started/_index.md +++ b/ocis/getting-started/_index.md @@ -42,14 +42,17 @@ curl https://download.owncloud.com/ocis/ocis/stable/1.20.0/ocis-1.20.0-linux-amd # make binary executable chmod +x ocis +# initialize a minimal oCIS configuration +./ocis init + # run with demo users -OCIS_INSECURE=true ACCOUNTS_DEMO_USERS_AND_GROUPS=true ./ocis server +IDM_CREATE_DEMO_USERS=true ./ocis server ``` The default primary storage location is `~/.ocis` or `/var/lib/ocis` depending on the packaging format and your operating system user. You can change that value by configuration. {{< hint info >}} -When you're using oCIS with self-signed certificates, you need to set the environment variable `OCIS_INSECURE=true`, in order to make oCIS work. +When you're using oCIS with self-signed certificates, you need to answer the the question for certificate checking with "yes" or set the environment variable `OCIS_INSECURE=true`, in order to make oCIS work. {{< /hint >}} {{< hint warning >}} @@ -64,7 +67,8 @@ The `latest` tag always reflects the current master branch. ```console docker pull owncloud/ocis -docker run --rm -ti -p 9200:9200 -e OCIS_INSECURE=true -e ACCOUNTS_DEMO_USERS_AND_GROUPS=true owncloud/ocis +docker run --rm -it -v ocis-config:/etc/ocis owncloud/ocis init +docker run --rm -p 9200:9200 -v ocis-config:/etc/ocis -v ocis-data:/var/lib/ocis -e IDM_CREATE_DEMO_USERS=true owncloud/ocis ``` {{< hint info >}} @@ -72,11 +76,11 @@ When you're using oCIS with self-signed certificates, you need to set the enviro {{< /hint >}} {{< hint warming >}} -When you're creating the [demo users]({{< ref "./demo-users" >}}) by setting `ACCOUNTS_DEMO_USERS_AND_GROUPS=true`, you need to be sure that this instance is not used in production because the passwords are public. +When you're creating the [demo users]({{< ref "./demo-users" >}}) by setting `IDM_CREATE_DEMO_USERS=true`, you need to be sure that this instance is not used in production because the passwords are public. {{< /hint >}} {{< hint warning >}} -In order to persist your data, you need to mount a docker volume or create a host bind-mount at `/var/lib/ocis`, for example with: `-v /some/host/dir:/var/lib/ocis` +We are using named volumes for the oCIS configuration and oCIS data in the above example (`-v ocis-config:/etc/ocis -v ocis-data:/var/lib/ocis`). You could instead also use host bind-mounts instead, eg. `-v /some/host/dir:/var/lib/ocis`. You cannot use bind mounts on MacOS, since extended attributes are not supported ([owncloud/ocis#182](https://github.com/owncloud/ocis/issues/182), [moby/moby#1070](https://github.com/moby/moby/issues/1070)). {{< /hint >}} @@ -91,6 +95,12 @@ Open [https://localhost:9200](https://localhost:9200) and [login using one of th The oCIS single binary contains multiple extensions and the `ocis` command helps you to manage them. You already used `ocis server` to run all available extensions in the [Run oCIS]({{< ref "#run-ocis" >}}) section. We now will show you some more management commands, which you may also explore by typing `ocis --help` or going to the [docs]({{< ref "../config" >}}). +To initialize the oCIS configuration: + +{{< highlight txt >}} +ocis init +{{< / highlight >}} + To start oCIS server: {{< highlight txt >}} diff --git a/ocis/getting-started/demo-users.md b/ocis/getting-started/demo-users.md index 15179f98bd4..470a1ed39df 100644 --- a/ocis/getting-started/demo-users.md +++ b/ocis/getting-started/demo-users.md @@ -16,13 +16,13 @@ To create the demo users, run the initial setup step with an additional environm Following users are available in the demo set: -| username | password | email | role | groups | -| --------- | ------------- | --------------------- | ----------- | ----------------------------------------------------------------------- | -| admin | admin | admin@example.org | admin | users | -| einstein | relativity | einstein@example.org | user | users, philosophy-haters, physics-lovers, sailing-lovers, violin-haters | -| marie | radioactivity | marie@example.org | user | users, physics-lovers, polonium-lovers, radium-lovers | -| moss | vista | moss@example.org | admin | users | -| richard | superfluidity | richard@example.org | user | users, philosophy-haters, physics-lovers, quantum-lovers | -| katherine | gemini | katherine@example.org | space admin | users, sailing-lovers, physics-lovers, quantum-lovers | +| username | password | email | role | groups | +| --------- | ----------------------------------------- | --------------------- | ----------- | ----------------------------------------------------------------------- | +| admin | admin or the one generated by `ocis init` | admin@example.org | admin | users | +| einstein | relativity | einstein@example.org | user | users, philosophy-haters, physics-lovers, sailing-lovers, violin-haters | +| marie | radioactivity | marie@example.org | user | users, physics-lovers, polonium-lovers, radium-lovers | +| moss | vista | moss@example.org | admin | users | +| richard | superfluidity | richard@example.org | user | users, philosophy-haters, physics-lovers, quantum-lovers | +| katherine | gemini | katherine@example.org | space admin | users, sailing-lovers, physics-lovers, quantum-lovers | You may also want to run oCIS with only your custom users by [deleting the demo users]({{< ref "../deployment#delete-demo-users" >}}). diff --git a/ocis/storage-backends/dcfsnfs.md b/ocis/storage-backends/dcfsnfs.md index 07e68fbf435..6ef13be37aa 100644 --- a/ocis/storage-backends/dcfsnfs.md +++ b/ocis/storage-backends/dcfsnfs.md @@ -53,12 +53,11 @@ The oCIS server can be instructed to set up the decomposed FS at a certain path The test setup started an oCIS tech preview single binary release using this start command: -``` +```bash +ocis init OCIS_BASE_DATA_PATH=/mnt/ocisdata/ OCIS_LOG_LEVEL=debug OCIS_INSECURE=true PROXY_HTTP_ADDR=0.0.0.0:9200 OCIS_URL=https://hostname:9200 ./ocis-1.18.0-linux-amd64 server ``` This starts oCIS and a decomposed FS skeleton file system structure is set up on the NFS share. The oCIS instance is passing a smoke test. - -