wekan/releases/virtualbox/start-wekan.sh

# If you want to restart even on crash, uncomment while and done lines.

#while true; do
        cd ~/repos/wekan/.build/bundle
        #---------------------------------------------
        # Debug OIDC OAuth2 etc.
        #export export DEBUG=true
        #---------------------------------------------
        export MONGO_URL='mongodb://127.0.0.1:27017/admin'
        # ROOT_URL EXAMPLES FOR WEBSERVERS: https://github.com/wekan/wekan/wiki/Settings
        # Production: https://example.com/wekan
        # Local: http://localhost:3000
        #export ipaddress=$(ifdata -pa eth0)
        export ROOT_URL='http://localhost'
        #---------------------------------------------
        # Working email IS NOT REQUIRED to use Wekan.
        # https://github.com/wekan/wekan/wiki/Adding-users
        # https://github.com/wekan/wekan/wiki/Troubleshooting-Mail
        # https://github.com/wekan/wekan-mongodb/blob/master/docker-compose.yml
        export MAIL_URL='smtp://user:pass@mailserver.example.com:25/'
        export MAIL_FROM='Wekan Support <support@example.com>'
        # This is local port where Wekan Node.js runs, same as below on Caddyfile settings.
        export PORT=80
        #---------------------------------------------
        # Wekan Export Board works when WITH_API='true'.
        # If you disable Wekan API, Export Board does not work.
        export WITH_API='true'
        #---------------------------------------------------------------
        # ==== PASSWORD BRUTE FORCE PROTECTION ====
        #https://atmospherejs.com/lucasantoniassi/accounts-lockout
        #Defaults below. Uncomment to change. wekan/server/accounts-lockout.js
        #export ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURES_BEFORE=3
        #export ACCOUNTS_LOCKOUT_KNOWN_USERS_PERIOD=60
        #export ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURE_WINDOW=15
        #export ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURES_BERORE=3
        #export ACCOUNTS_LOCKOUT_UNKNOWN_USERS_LOCKOUT_PERIOD=60
        #export ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURE_WINDOW=15
        #---------------------------------------------
        # CORS: Set Access-Control-Allow-Origin header. Example: *
        #export CORS=*
        #---------------------------------------------
        ## Optional: Integration with Matomo https://matomo.org that is installed to your server
        ## The address of the server where Matomo is hosted:
        ##export MATOMO_ADDRESS=https://example.com/matomo
        #export MATOMO_ADDRESS=
        ## The value of the site ID given in Matomo server for Wekan
        # Example: export MATOMO_SITE_ID=123456789
        #export MATOMO_SITE_ID=''
        ## The option do not track which enables users to not be tracked by matomo"
        #Example: export MATOMO_DO_NOT_TRACK=false
        #export MATOMO_DO_NOT_TRACK=true
        ## The option that allows matomo to retrieve the username:
        # Example: export MATOMO_WITH_USERNAME=true
        #export MATOMO_WITH_USERNAME='false'
        # Enable browser policy and allow one trusted URL that can have iframe that has Wekan embedded inside.
        # Setting this to false is not recommended, it also disables all other browser policy protections
        # and allows all iframing etc. See wekan/server/policy.js
        # Default value: true
        export BROWSER_POLICY_ENABLED=true
        # When browser policy is enabled, HTML code at this Trusted URL can have iframe that embeds Wekan inside.
        # Example: export TRUSTED_URL=http://example.com
        export TRUSTED_URL=''
        # What to send to Outgoing Webhook, or leave out. Example, that includes all that are default: cardId,listId,oldListId,boardId,comment,user,card,commentId .
        # Example: export WEBHOOKS_ATTRIBUTES=cardId,listId,oldListId,boardId,comment,user,card,commentId
        export WEBHOOKS_ATTRIBUTES=''
        #---------------------------------------------
        # ==== OAUTH2 AZURE ====
        # https://github.com/wekan/wekan/wiki/Azure
        # 1) Register the application with Azure. Make sure you capture
        #    the application ID as well as generate a secret key.
        # 2) Configure the environment variables. This differs slightly
        #     by installation type, but make sure you have the following:
        #export OAUTH2_ENABLED=true
        # OAuth2 login style: popup or redirect.
        #export OAUTH2_LOGIN_STYLE=redirect
        # Application GUID captured during app registration:
        #export OAUTH2_CLIENT_ID=xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx
        # Secret key generated during app registration:
        #export OAUTH2_SECRET=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
        #export OAUTH2_SERVER_URL=https://login.microsoftonline.com/
        #export OAUTH2_AUTH_ENDPOINT=/oauth2/v2.0/authorize
        #export OAUTH2_USERINFO_ENDPOINT=https://graph.microsoft.com/oidc/userinfo
        #export OAUTH2_TOKEN_ENDPOINT=/oauth2/v2.0/token
        # The claim name you want to map to the unique ID field:
        #export OAUTH2_ID_MAP=email
        # The claim name you want to map to the username field:
        #export OAUTH2_USERNAME_MAP=email
        # The claim name you want to map to the full name field:
        #export OAUTH2_FULLNAME_MAP=name
        # Tthe claim name you want to map to the email field:
        #export OAUTH2_EMAIL_MAP=email
        #-----------------------------------------------------------------
        # ==== OAUTH2 KEYCLOAK ====
        # https://github.com/wekan/wekan/wiki/Keycloak  <== MAPPING INFO, REQUIRED
        #export OAUTH2_ENABLED=true
        # OAuth2 login style: popup or redirect.
        #export OAUTH2_LOGIN_STYLE=redirect
        #export OAUTH2_CLIENT_ID=<Keycloak create Client ID>
        #export OAUTH2_SERVER_URL=<Keycloak server name>/auth
        #export OAUTH2_AUTH_ENDPOINT=/realms/<keycloak realm>/protocol/openid-connect/auth
        #export OAUTH2_USERINFO_ENDPOINT=/realms/<keycloak realm>/protocol/openid-connect/userinfo
        #export OAUTH2_TOKEN_ENDPOINT=/realms/<keycloak realm>/protocol/openid-connect/token
        #export OAUTH2_SECRET=<keycloak client secret>
        #-----------------------------------------------------------------
        # ==== OAUTH2 DOORKEEPER ====
        # OAuth2 docs: https://github.com/wekan/wekan/wiki/OAuth2
        # https://github.com/wekan/wekan/issues/1874
        # https://github.com/wekan/wekan/wiki/OAuth2
        # Enable the OAuth2 connection
        #export OAUTH2_ENABLED=true
        # OAuth2 login style: popup or redirect.
        #export OAUTH2_LOGIN_STYLE=redirect
        # OAuth2 Client ID.
        #export OAUTH2_CLIENT_ID=abcde12345
        # OAuth2 Secret.
        #export OAUTH2_SECRET=54321abcde
        # OAuth2 Server URL.
        #export OAUTH2_SERVER_URL=https://chat.example.com
        # OAuth2 Authorization Endpoint.
        #export OAUTH2_AUTH_ENDPOINT=/oauth/authorize
        # OAuth2 Userinfo Endpoint.
        #export OAUTH2_USERINFO_ENDPOINT=/oauth/userinfo
        # OAuth2 Token Endpoint.
        #export OAUTH2_TOKEN_ENDPOINT=/oauth/token
        # OAuth2 ID Mapping
        #export OAUTH2_ID_MAP=
        # OAuth2 Username Mapping
        #export OAUTH2_USERNAME_MAP=
        # OAuth2 Fullname Mapping
        #export OAUTH2_FULLNAME_MAP=
        # OAuth2 Email Mapping
        #export OAUTH2_EMAIL_MAP=
        #---------------------------------------------
        # LDAP_ENABLE : Enable or not the connection by the LDAP
        # example :  export LDAP_ENABLE=true
        #export LDAP_ENABLE=false
        # LDAP_PORT : The port of the LDAP server
        # example :  export LDAP_PORT=389
        #export LDAP_PORT=389
        # LDAP_HOST : The host server for the LDAP server
        # example :  export LDAP_HOST=localhost
        #export LDAP_HOST=
        # LDAP_BASEDN : The base DN for the LDAP Tree
        # example :  export LDAP_BASEDN=ou=user,dc=example,dc=org
        #export LDAP_BASEDN=
        # LDAP_LOGIN_FALLBACK : Fallback on the default authentication method
        # example :  export LDAP_LOGIN_FALLBACK=true
        #export LDAP_LOGIN_FALLBACK=false
        # LDAP_RECONNECT : Reconnect to the server if the connection is lost
        # example :  export LDAP_RECONNECT=false
        #export LDAP_RECONNECT=true
        # LDAP_TIMEOUT : Overall timeout, in milliseconds
        # example :  export LDAP_TIMEOUT=12345
        #export LDAP_TIMEOUT=10000
        # LDAP_IDLE_TIMEOUT : Specifies the timeout for idle LDAP connections in milliseconds
        # example :  export LDAP_IDLE_TIMEOUT=12345
        #export LDAP_IDLE_TIMEOUT=10000
        # LDAP_CONNECT_TIMEOUT : Connection timeout, in milliseconds
        # example :  export LDAP_CONNECT_TIMEOUT=12345
        #export LDAP_CONNECT_TIMEOUT=10000
        # LDAP_AUTHENTIFICATION : If the LDAP needs a user account to search
        # example :  export LDAP_AUTHENTIFICATION=true
        #export LDAP_AUTHENTIFICATION=false
        # LDAP_AUTHENTIFICATION_USERDN : The search user DN
        # example :  export LDAP_AUTHENTIFICATION_USERDN=cn=admin,dc=example,dc=org
        #export LDAP_AUTHENTIFICATION_USERDN=
        # LDAP_AUTHENTIFICATION_PASSWORD : The password for the search user
        # example : AUTHENTIFICATION_PASSWORD=admin
        #export LDAP_AUTHENTIFICATION_PASSWORD=
        # LDAP_LOG_ENABLED : Enable logs for the module
        # example :  export LDAP_LOG_ENABLED=true
        #export LDAP_LOG_ENABLED=false
        # LDAP_BACKGROUND_SYNC : If the sync of the users should be done in the background
        # example :  export LDAP_BACKGROUND_SYNC=true
        #export LDAP_BACKGROUND_SYNC=false
        # LDAP_BACKGROUND_SYNC_INTERVAL : At which interval does the background task sync in milliseconds
        # example :  export LDAP_BACKGROUND_SYNC_INTERVAL=12345
        #export LDAP_BACKGROUND_SYNC_INTERVAL=100
        # LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED :
        # example :  export LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=true
        #export LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=false
        # LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS :
        # example :  export LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=true
        #export LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=false
        # LDAP_ENCRYPTION : If using LDAPS
        # example :  export LDAP_ENCRYPTION=ssl
        #export LDAP_ENCRYPTION=false
        # LDAP_CA_CERT : The certification for the LDAPS server. Certificate needs to be included in this docker-compose.yml file.
        # example :  export LDAP_CA_CERT=-----BEGIN CERTIFICATE-----MIIE+zCCA+OgAwIBAgIkAhwR/6TVLmdRY6hHxvUFWc0+Enmu/Hu6cj+G2FIdAgIC...-----END CERTIFICATE-----
        #export LDAP_CA_CERT=
        # LDAP_REJECT_UNAUTHORIZED : Reject Unauthorized Certificate
        # example :  export LDAP_REJECT_UNAUTHORIZED=true
        #export LDAP_REJECT_UNAUTHORIZED=false
        # LDAP_USER_SEARCH_FILTER : Optional extra LDAP filters. Don't forget the outmost enclosing parentheses if needed
        # example :  export LDAP_USER_SEARCH_FILTER=
        #export LDAP_USER_SEARCH_FILTER=
        # LDAP_USER_SEARCH_SCOPE : base (search only in the provided DN), one (search only in the provided DN and one level deep), or sub (search the whole subtree)
        # example :  export LDAP_USER_SEARCH_SCOPE=one
        #export LDAP_USER_SEARCH_SCOPE=
        # LDAP_USER_SEARCH_FIELD : Which field is used to find the user
        # example :  export LDAP_USER_SEARCH_FIELD=uid
        #export LDAP_USER_SEARCH_FIELD=
        # LDAP_SEARCH_PAGE_SIZE : Used for pagination (0=unlimited)
        # example :  export LDAP_SEARCH_PAGE_SIZE=12345
        #export LDAP_SEARCH_PAGE_SIZE=0
        # LDAP_SEARCH_SIZE_LIMIT : The limit number of entries (0=unlimited)
        # example :  export LDAP_SEARCH_SIZE_LIMIT=12345
        #export LDAP_SEARCH_SIZE_LIMIT=0
        # LDAP_GROUP_FILTER_ENABLE : Enable group filtering
        # example :  export LDAP_GROUP_FILTER_ENABLE=true
        #export LDAP_GROUP_FILTER_ENABLE=false
        # LDAP_GROUP_FILTER_OBJECTCLASS : The object class for filtering
        # example :  export LDAP_GROUP_FILTER_OBJECTCLASS=group
        #export LDAP_GROUP_FILTER_OBJECTCLASS=
        # LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE :
        # example :
        #export LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE=
        # LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE :
        # example :
        #export LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE=
        # LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT :
        # example :
        #export LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT=
        # LDAP_GROUP_FILTER_GROUP_NAME :
        # example :
        #export LDAP_GROUP_FILTER_GROUP_NAME=
        # LDAP_UNIQUE_IDENTIFIER_FIELD : This field is sometimes class GUID (Globally Unique Identifier)
        # example :  export LDAP_UNIQUE_IDENTIFIER_FIELD=guid
        #export LDAP_UNIQUE_IDENTIFIER_FIELD=
        # LDAP_UTF8_NAMES_SLUGIFY : Convert the username to utf8
        # example :  export LDAP_UTF8_NAMES_SLUGIFY=false
        #export LDAP_UTF8_NAMES_SLUGIFY=true
        # LDAP_USERNAME_FIELD : Which field contains the ldap username
        # example :  export LDAP_USERNAME_FIELD=username
        #export LDAP_USERNAME_FIELD=
        # LDAP_FULLNAME_FIELD : Which field contains the ldap fullname
        # example :  export LDAP_FULLNAME_FIELD=fullname
        #export LDAP_FULLNAME_FIELD=
        # LDAP_MERGE_EXISTING_USERS :
        # example :  export LDAP_MERGE_EXISTING_USERS=true
        #export LDAP_MERGE_EXISTING_USERS=false
        # LDAP_EMAIL_MATCH_ENABLE : allow existing account matching by e-mail address when username does not match
        # example: LDAP_EMAIL_MATCH_ENABLE=true
        #export LDAP_EMAIL_MATCH_ENABLE=false
        # LDAP_EMAIL_MATCH_REQUIRE : require existing account matching by e-mail address when username does match
        # example: LDAP_EMAIL_MATCH_REQUIRE=true
        #export LDAP_EMAIL_MATCH_REQUIRE=false
        # LDAP_EMAIL_MATCH_VERIFIED : require existing account email address to be verified for matching
        # example: LDAP_EMAIL_MATCH_VERIFIED=true
        #export LDAP_EMAIL_MATCH_VERIFIED=false
        # LDAP_EMAIL_FIELD : which field contains the LDAP e-mail address
        # example: LDAP_EMAIL_FIELD=mail
        #export LDAP_EMAIL_FIELD=
        # LDAP_SYNC_USER_DATA :
        # example :  export LDAP_SYNC_USER_DATA=true
        #export LDAP_SYNC_USER_DATA=false
        # LDAP_SYNC_USER_DATA_FIELDMAP :
        # example :  export LDAP_SYNC_USER_DATA_FIELDMAP={"cn":"name", "mail":"email"}
        #export LDAP_SYNC_USER_DATA_FIELDMAP=
        # LDAP_SYNC_GROUP_ROLES :
        # example :
        #export LDAP_SYNC_GROUP_ROLES=
        # LDAP_DEFAULT_DOMAIN : The default domain of the ldap it is used to create email if the field is not map correctly with the LDAP_SYNC_USER_DATA_FIELDMAP
        # example :
        #export LDAP_DEFAULT_DOMAIN=
        # Enable/Disable syncing of admin status based on ldap groups:
        #export LDAP_SYNC_ADMIN_STATUS=true
        # Comma separated list of admin group names.
        #export LDAP_SYNC_ADMIN_GROUPS=group1,group2
        #---------------------------------------------------------------------
        # Login to LDAP automatically with HTTP header.
        # In below example for siteminder, at right side of = is header name.
        #export HEADER_LOGIN_ID=BNPPUID
        #export HEADER_LOGIN_FIRSTNAME=BNPPFIRSTNAME
        #export HEADER_LOGIN_LASTNAME=BNPPLASTNAME
        #export HEADER_LOGIN_EMAIL=BNPPEMAILADDRESS
        #---------------------------------------------------------------------
        # LOGOUT_WITH_TIMER : Enables or not the option logout with timer
        # example : LOGOUT_WITH_TIMER=true
        #export LOGOUT_WITH_TIMER=
        # LOGOUT_IN : The number of days
        # example : LOGOUT_IN=1
        #export LOGOUT_IN=
        #export LOGOUT_ON_HOURS=
        # LOGOUT_ON_MINUTES : The number of minutes
        # example : LOGOUT_ON_MINUTES=55
        #export LOGOUT_ON_MINUTES=

        node main.js & >> ~/repos/wekan.log
        cd ~/repos
#done