-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathconfig.example.toml
81 lines (78 loc) · 2.61 KB
/
config.example.toml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
# Drawpile-LDAP-Auth-Server config
# Config options marked with "Env: NAME" may be configured in the environment as well
# Additionally, config options marked with "Arg: NAME" may be specified via command line arguments
# Base64-encoded Ed25519 private key
# See README for instructions on generating this
# Env: DRAWPILE_AUTH_TOKEN_SIGNING_KEY
# Arg: drawpile-auth-token-signing-key
signingKey = ""
# Port the auth server should listen on
# Default: 8081
# Env: PORT
# Arg: port
port = 8081
# Route to serve requests on
# Useful if you run this behind a reverse proxy on a shared domain
# Default: /ext-auth
# Env: ROUTE
# Arg: route
path = "/ext-auth"
# Should guests be allowed to authenticate with the server?
# Default: false
# Env: ALLOW_GUESTS
# Arg: allow-guests
allowGuests = true
# General LDAP settings
# Additional options may be found at https://github.com/ldapts/ldapts#create-a-client
[ldap]
# URL to connect to your LDAP server
# Env: LDAP_URL
# Arg: ldap-url
url = "ldap://localhost:389"
# DN of the LDAP user to bind to when looking up user info
# Env: LDAP_BIND_DN
# Arg: ldap-bind-dn
bindDN = "cn=admin,dc=example,dc=com"
# Password of the LDAP user to bind to when looking up user info
# Env: LDAP_BIND_PASS
# Arg: ldap-bind-pass
bindPW = "admin"
# DN where LDAP users are stored
# Env: LDAP_USER_DN
# Arg: ldap-user-dn
userDN = "ou=users,dc=example,dc=com"
# The search filter to apply when searching for users
# %u is replaced with the logging-in user's username
# Default: (uid=%u)
# Env: LDAP_USER_FILTER
# Arg: ldap-user-filter
userSearchFilter = "(uid=%u)"
# DN where LDAP groups are stored
# Since this library does all group lookups in this DN, you may
# consider making an OU for Drawpile groups specifically
# Env: LDAP_GROUP_DN
# Arg: ldap-group-dn
groupDN = "ou=drawpile,ou=groups,dc=example,dc=com"
# memberOf attribute used by your LDAP server
# You can probably leave this as the default
# Default: memberOf
# Env: LDAP_MEMBER_OF_ATTR
# Arg: ldap-member-of-attr
memberOfAttribute = "memberOf"
# LDAP attribute used to store the display name to use for users
# Optional; user display name defaults to provided username
# Env: LDAP_DISPLAY_NAME_ATTR
# Arg: ldap-display-name-attr
displayNameAttribute = "displayName"
# LDAP attribute used to store profile images for users
# Optional; no avatars will be served if this isn't set
# Drawpile must also be configured to request auth server avatars by setting
# extAuthAvatars = true
# Env: LDAP_IMAGE_ATTR
# Arg: ldap-image-attr
imageAttribute = "jpegPhoto"
[ldap.flagGroups]
# Defines a mapping between LDAP groups and Drawpile flags
# FLAG = "LDAP group"
MOD = "moderator"
HOST = "host"