forked from Github-Mirrors/canaille
73 lines
1.4 KiB
TOML
73 lines
1.4 KiB
TOML
SECRET_KEY = "change me before you go in production"
|
|
DEBUG = true
|
|
|
|
[CANAILLE]
|
|
NAME = "Canaille"
|
|
LOGO = "/static/img/canaille-head.webp"
|
|
FAVICON = "/static/img/canaille-c.webp"
|
|
EMAIL_CONFIRMATION = false
|
|
ENABLE_REGISTRATION = true
|
|
ADMIN_EMAIL = "admin@mydomain.tld"
|
|
|
|
[CANAILLE_LDAP]
|
|
URI = "ldap://ldap:389"
|
|
ROOT_DN = "dc=mydomain,dc=tld"
|
|
BIND_DN = "cn=admin,dc=mydomain,dc=tld"
|
|
BIND_PW = "admin"
|
|
TIMEOUT = 10
|
|
USER_BASE = "ou=users,dc=mydomain,dc=tld"
|
|
USER_RDN = "uid"
|
|
GROUP_BASE = "ou=groups,dc=mydomain,dc=tld"
|
|
|
|
[CANAILLE.ACL.DEFAULT]
|
|
PERMISSIONS = ["edit_self", "use_oidc"]
|
|
READ = [
|
|
"user_name",
|
|
"groups",
|
|
"lock_date",
|
|
]
|
|
WRITE = [
|
|
"photo",
|
|
"given_name",
|
|
"family_name",
|
|
"display_name",
|
|
"password",
|
|
"phone_numbers",
|
|
"emails",
|
|
"profile_url",
|
|
"formatted_address",
|
|
"street",
|
|
"postal_code",
|
|
"locality",
|
|
"region",
|
|
"preferred_language",
|
|
"employee_number",
|
|
"department",
|
|
"title",
|
|
"organization",
|
|
]
|
|
|
|
[CANAILLE.ACL.ADMIN]
|
|
FILTER = {groups = "admins"}
|
|
PERMISSIONS = [
|
|
"manage_users",
|
|
"manage_groups",
|
|
"manage_oidc",
|
|
"delete_account",
|
|
"impersonate_users",
|
|
]
|
|
WRITE = [
|
|
"groups",
|
|
"lock_date",
|
|
]
|
|
|
|
[CANAILLE.ACL.HALF_ADMIN]
|
|
FILTER = {groups = "moderators"}
|
|
PERMISSIONS = ["manage_users", "manage_groups", "delete_account"]
|
|
WRITE = ["groups"]
|
|
|
|
[CANAILLE_OIDC]
|
|
DYNAMIC_CLIENT_REGISTRATION_OPEN = true
|
|
DYNAMIC_CLIENT_REGISTRATION_TOKENS = [
|
|
"xxxxxxx-yyyyyyy-zzzzzz",
|
|
]
|