start-wekan.sh 14 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267
  1. # If you want to restart even on crash, uncomment while and done lines.
  2. #while true; do
  3. cd ~/repos/wekan/.build/bundle
  4. #---------------------------------------------
  5. # Debug OIDC OAuth2 etc.
  6. #export export DEBUG=true
  7. #---------------------------------------------
  8. export MONGO_URL='mongodb://127.0.0.1:27017/admin'
  9. # ROOT_URL EXAMPLES FOR WEBSERVERS: https://github.com/wekan/wekan/wiki/Settings
  10. # Production: https://example.com/wekan
  11. # Local: http://localhost:3000
  12. #export ipaddress=$(ifdata -pa eth0)
  13. export ROOT_URL='http://localhost'
  14. #---------------------------------------------
  15. # Working email IS NOT REQUIRED to use Wekan.
  16. # https://github.com/wekan/wekan/wiki/Adding-users
  17. # https://github.com/wekan/wekan/wiki/Troubleshooting-Mail
  18. # https://github.com/wekan/wekan-mongodb/blob/master/docker-compose.yml
  19. export MAIL_URL='smtp://user:pass@mailserver.example.com:25/'
  20. export MAIL_FROM='Wekan Support <support@example.com>'
  21. # This is local port where Wekan Node.js runs, same as below on Caddyfile settings.
  22. export PORT=80
  23. #---------------------------------------------
  24. # Wekan Export Board works when WITH_API='true'.
  25. # If you disable Wekan API, Export Board does not work.
  26. export WITH_API='true'
  27. #---------------------------------------------
  28. # CORS: Set Access-Control-Allow-Origin header. Example: *
  29. #export CORS=*
  30. #---------------------------------------------
  31. ## Optional: Integration with Matomo https://matomo.org that is installed to your server
  32. ## The address of the server where Matomo is hosted:
  33. ##export MATOMO_ADDRESS=https://example.com/matomo
  34. #export MATOMO_ADDRESS=
  35. ## The value of the site ID given in Matomo server for Wekan
  36. # Example: export MATOMO_SITE_ID=123456789
  37. #export MATOMO_SITE_ID=''
  38. ## The option do not track which enables users to not be tracked by matomo"
  39. #Example: export MATOMO_DO_NOT_TRACK=false
  40. #export MATOMO_DO_NOT_TRACK=true
  41. ## The option that allows matomo to retrieve the username:
  42. # Example: export MATOMO_WITH_USERNAME=true
  43. #export MATOMO_WITH_USERNAME='false'
  44. # Enable browser policy and allow one trusted URL that can have iframe that has Wekan embedded inside.
  45. # Setting this to false is not recommended, it also disables all other browser policy protections
  46. # and allows all iframing etc. See wekan/server/policy.js
  47. # Default value: true
  48. export BROWSER_POLICY_ENABLED=true
  49. # When browser policy is enabled, HTML code at this Trusted URL can have iframe that embeds Wekan inside.
  50. # Example: export TRUSTED_URL=http://example.com
  51. export TRUSTED_URL=''
  52. # What to send to Outgoing Webhook, or leave out. Example, that includes all that are default: cardId,listId,oldListId,boardId,comment,user,card,commentId .
  53. # Example: export WEBHOOKS_ATTRIBUTES=cardId,listId,oldListId,boardId,comment,user,card,commentId
  54. export WEBHOOKS_ATTRIBUTES=''
  55. #---------------------------------------------
  56. # ==== OAUTH2 AZURE ====
  57. # https://github.com/wekan/wekan/wiki/Azure
  58. # 1) Register the application with Azure. Make sure you capture
  59. # the application ID as well as generate a secret key.
  60. # 2) Configure the environment variables. This differs slightly
  61. # by installation type, but make sure you have the following:
  62. #export OAUTH2_ENABLED=true
  63. # Application GUID captured during app registration:
  64. #export OAUTH2_CLIENT_ID=xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx
  65. # Secret key generated during app registration:
  66. #export OAUTH2_SECRET=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
  67. #export OAUTH2_SERVER_URL=https://login.microsoftonline.com/
  68. #export OAUTH2_AUTH_ENDPOINT=/oauth2/v2.0/authorize
  69. #export OAUTH2_USERINFO_ENDPOINT=https://graph.microsoft.com/oidc/userinfo
  70. #export OAUTH2_TOKEN_ENDPOINT=/oauth2/v2.0/token
  71. # The claim name you want to map to the unique ID field:
  72. #export OAUTH2_ID_MAP=email
  73. # The claim name you want to map to the username field:
  74. #export OAUTH2_USERNAME_MAP=email
  75. # The claim name you want to map to the full name field:
  76. #export OAUTH2_FULLNAME_MAP=name
  77. # Tthe claim name you want to map to the email field:
  78. #export OAUTH2_EMAIL_MAP=email
  79. #-----------------------------------------------------------------
  80. # ==== OAUTH2 KEYCLOAK ====
  81. # https://github.com/wekan/wekan/wiki/Keycloak <== MAPPING INFO, REQUIRED
  82. #export OAUTH2_ENABLED=true
  83. #export OAUTH2_CLIENT_ID=<Keycloak create Client ID>
  84. #export OAUTH2_SERVER_URL=<Keycloak server name>/auth
  85. #export OAUTH2_AUTH_ENDPOINT=/realms/<keycloak realm>/protocol/openid-connect/auth
  86. #export OAUTH2_USERINFO_ENDPOINT=/realms/<keycloak realm>/protocol/openid-connect/userinfo
  87. #export OAUTH2_TOKEN_ENDPOINT=/realms/<keycloak realm>/protocol/openid-connect/token
  88. #export OAUTH2_SECRET=<keycloak client secret>
  89. #-----------------------------------------------------------------
  90. # ==== OAUTH2 DOORKEEPER ====
  91. # https://github.com/wekan/wekan/issues/1874
  92. # https://github.com/wekan/wekan/wiki/OAuth2
  93. # Enable the OAuth2 connection
  94. #export OAUTH2_ENABLED=true
  95. # OAuth2 docs: https://github.com/wekan/wekan/wiki/OAuth2
  96. # OAuth2 Client ID.
  97. #export OAUTH2_CLIENT_ID=abcde12345
  98. # OAuth2 Secret.
  99. #export OAUTH2_SECRET=54321abcde
  100. # OAuth2 Server URL.
  101. #export OAUTH2_SERVER_URL=https://chat.example.com
  102. # OAuth2 Authorization Endpoint.
  103. #export OAUTH2_AUTH_ENDPOINT=/oauth/authorize
  104. # OAuth2 Userinfo Endpoint.
  105. #export OAUTH2_USERINFO_ENDPOINT=/oauth/userinfo
  106. # OAuth2 Token Endpoint.
  107. #export OAUTH2_TOKEN_ENDPOINT=/oauth/token
  108. # OAuth2 ID Mapping
  109. #export OAUTH2_ID_MAP=
  110. # OAuth2 Username Mapping
  111. #export OAUTH2_USERNAME_MAP=
  112. # OAuth2 Fullname Mapping
  113. #export OAUTH2_FULLNAME_MAP=
  114. # OAuth2 Email Mapping
  115. #export OAUTH2_EMAIL_MAP=
  116. # OAUTH2 ID Token Whitelist Fields.
  117. #export OAUTH2_ID_TOKEN_WHITELIST_FIELDS=[]
  118. # OAUTH2 Request Permissions.
  119. #export OAUTH2_REQUEST_PERMISSIONS=[openid profile email]
  120. #---------------------------------------------
  121. # LDAP_ENABLE : Enable or not the connection by the LDAP
  122. # example : export LDAP_ENABLE=true
  123. #export LDAP_ENABLE=false
  124. # LDAP_PORT : The port of the LDAP server
  125. # example : export LDAP_PORT=389
  126. #export LDAP_PORT=389
  127. # LDAP_HOST : The host server for the LDAP server
  128. # example : export LDAP_HOST=localhost
  129. #export LDAP_HOST=
  130. # LDAP_BASEDN : The base DN for the LDAP Tree
  131. # example : export LDAP_BASEDN=ou=user,dc=example,dc=org
  132. #export LDAP_BASEDN=
  133. # LDAP_LOGIN_FALLBACK : Fallback on the default authentication method
  134. # example : export LDAP_LOGIN_FALLBACK=true
  135. #export LDAP_LOGIN_FALLBACK=false
  136. # LDAP_RECONNECT : Reconnect to the server if the connection is lost
  137. # example : export LDAP_RECONNECT=false
  138. #export LDAP_RECONNECT=true
  139. # LDAP_TIMEOUT : Overall timeout, in milliseconds
  140. # example : export LDAP_TIMEOUT=12345
  141. #export LDAP_TIMEOUT=10000
  142. # LDAP_IDLE_TIMEOUT : Specifies the timeout for idle LDAP connections in milliseconds
  143. # example : export LDAP_IDLE_TIMEOUT=12345
  144. #export LDAP_IDLE_TIMEOUT=10000
  145. # LDAP_CONNECT_TIMEOUT : Connection timeout, in milliseconds
  146. # example : export LDAP_CONNECT_TIMEOUT=12345
  147. #export LDAP_CONNECT_TIMEOUT=10000
  148. # LDAP_AUTHENTIFICATION : If the LDAP needs a user account to search
  149. # example : export LDAP_AUTHENTIFICATION=true
  150. #export LDAP_AUTHENTIFICATION=false
  151. # LDAP_AUTHENTIFICATION_USERDN : The search user DN
  152. # example : export LDAP_AUTHENTIFICATION_USERDN=cn=admin,dc=example,dc=org
  153. #export LDAP_AUTHENTIFICATION_USERDN=
  154. # LDAP_AUTHENTIFICATION_PASSWORD : The password for the search user
  155. # example : AUTHENTIFICATION_PASSWORD=admin
  156. #export LDAP_AUTHENTIFICATION_PASSWORD=
  157. # LDAP_LOG_ENABLED : Enable logs for the module
  158. # example : export LDAP_LOG_ENABLED=true
  159. #export LDAP_LOG_ENABLED=false
  160. # LDAP_BACKGROUND_SYNC : If the sync of the users should be done in the background
  161. # example : export LDAP_BACKGROUND_SYNC=true
  162. #export LDAP_BACKGROUND_SYNC=false
  163. # LDAP_BACKGROUND_SYNC_INTERVAL : At which interval does the background task sync in milliseconds
  164. # example : export LDAP_BACKGROUND_SYNC_INTERVAL=12345
  165. #export LDAP_BACKGROUND_SYNC_INTERVAL=100
  166. # LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED :
  167. # example : export LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=true
  168. #export LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=false
  169. # LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS :
  170. # example : export LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=true
  171. #export LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=false
  172. # LDAP_ENCRYPTION : If using LDAPS
  173. # example : export LDAP_ENCRYPTION=ssl
  174. #export LDAP_ENCRYPTION=false
  175. # LDAP_CA_CERT : The certification for the LDAPS server. Certificate needs to be included in this docker-compose.yml file.
  176. # example : export LDAP_CA_CERT=-----BEGIN CERTIFICATE-----MIIE+zCCA+OgAwIBAgIkAhwR/6TVLmdRY6hHxvUFWc0+Enmu/Hu6cj+G2FIdAgIC...-----END CERTIFICATE-----
  177. #export LDAP_CA_CERT=
  178. # LDAP_REJECT_UNAUTHORIZED : Reject Unauthorized Certificate
  179. # example : export LDAP_REJECT_UNAUTHORIZED=true
  180. #export LDAP_REJECT_UNAUTHORIZED=false
  181. # LDAP_USER_SEARCH_FILTER : Optional extra LDAP filters. Don't forget the outmost enclosing parentheses if needed
  182. # example : export LDAP_USER_SEARCH_FILTER=
  183. #export LDAP_USER_SEARCH_FILTER=
  184. # LDAP_USER_SEARCH_SCOPE : base (search only in the provided DN), one (search only in the provided DN and one level deep), or sub (search the whole subtree)
  185. # example : export LDAP_USER_SEARCH_SCOPE=one
  186. #export LDAP_USER_SEARCH_SCOPE=
  187. # LDAP_USER_SEARCH_FIELD : Which field is used to find the user
  188. # example : export LDAP_USER_SEARCH_FIELD=uid
  189. #export LDAP_USER_SEARCH_FIELD=
  190. # LDAP_SEARCH_PAGE_SIZE : Used for pagination (0=unlimited)
  191. # example : export LDAP_SEARCH_PAGE_SIZE=12345
  192. #export LDAP_SEARCH_PAGE_SIZE=0
  193. # LDAP_SEARCH_SIZE_LIMIT : The limit number of entries (0=unlimited)
  194. # example : export LDAP_SEARCH_SIZE_LIMIT=12345
  195. #export LDAP_SEARCH_SIZE_LIMIT=0
  196. # LDAP_GROUP_FILTER_ENABLE : Enable group filtering
  197. # example : export LDAP_GROUP_FILTER_ENABLE=true
  198. #export LDAP_GROUP_FILTER_ENABLE=false
  199. # LDAP_GROUP_FILTER_OBJECTCLASS : The object class for filtering
  200. # example : export LDAP_GROUP_FILTER_OBJECTCLASS=group
  201. #export LDAP_GROUP_FILTER_OBJECTCLASS=
  202. # LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE :
  203. # example :
  204. #export LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE=
  205. # LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE :
  206. # example :
  207. #export LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE=
  208. # LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT :
  209. # example :
  210. #export LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT=
  211. # LDAP_GROUP_FILTER_GROUP_NAME :
  212. # example :
  213. #export LDAP_GROUP_FILTER_GROUP_NAME=
  214. # LDAP_UNIQUE_IDENTIFIER_FIELD : This field is sometimes class GUID (Globally Unique Identifier)
  215. # example : export LDAP_UNIQUE_IDENTIFIER_FIELD=guid
  216. #export LDAP_UNIQUE_IDENTIFIER_FIELD=
  217. # LDAP_UTF8_NAMES_SLUGIFY : Convert the username to utf8
  218. # example : export LDAP_UTF8_NAMES_SLUGIFY=false
  219. #export LDAP_UTF8_NAMES_SLUGIFY=true
  220. # LDAP_USERNAME_FIELD : Which field contains the ldap username
  221. # example : export LDAP_USERNAME_FIELD=username
  222. #export LDAP_USERNAME_FIELD=
  223. # LDAP_FULLNAME_FIELD : Which field contains the ldap fullname
  224. # example : export LDAP_FULLNAME_FIELD=fullname
  225. #export LDAP_FULLNAME_FIELD=
  226. # LDAP_MERGE_EXISTING_USERS :
  227. # example : export LDAP_MERGE_EXISTING_USERS=true
  228. #export LDAP_MERGE_EXISTING_USERS=false
  229. # LDAP_EMAIL_MATCH_ENABLE : allow existing account matching by e-mail address when username does not match
  230. # example: LDAP_EMAIL_MATCH_ENABLE=true
  231. #export LDAP_EMAIL_MATCH_ENABLE=false
  232. # LDAP_EMAIL_MATCH_REQUIRE : require existing account matching by e-mail address when username does match
  233. # example: LDAP_EMAIL_MATCH_REQUIRE=true
  234. #export LDAP_EMAIL_MATCH_REQUIRE=false
  235. # LDAP_EMAIL_MATCH_VERIFIED : require existing account email address to be verified for matching
  236. # example: LDAP_EMAIL_MATCH_VERIFIED=true
  237. #export LDAP_EMAIL_MATCH_VERIFIED=false
  238. # LDAP_EMAIL_FIELD : which field contains the LDAP e-mail address
  239. # example: LDAP_EMAIL_FIELD=mail
  240. #export LDAP_EMAIL_FIELD=
  241. # LDAP_SYNC_USER_DATA :
  242. # example : export LDAP_SYNC_USER_DATA=true
  243. #export LDAP_SYNC_USER_DATA=false
  244. # LDAP_SYNC_USER_DATA_FIELDMAP :
  245. # example : export LDAP_SYNC_USER_DATA_FIELDMAP={"cn":"name", "mail":"email"}
  246. #export LDAP_SYNC_USER_DATA_FIELDMAP=
  247. # LDAP_SYNC_GROUP_ROLES :
  248. # example :
  249. #export LDAP_SYNC_GROUP_ROLES=
  250. # LDAP_DEFAULT_DOMAIN : The default domain of the ldap it is used to create email if the field is not map correctly with the LDAP_SYNC_USER_DATA_FIELDMAP
  251. # example :
  252. #export LDAP_DEFAULT_DOMAIN=
  253. # LOGOUT_WITH_TIMER : Enables or not the option logout with timer
  254. # example : LOGOUT_WITH_TIMER=true
  255. #export LOGOUT_WITH_TIMER=
  256. # LOGOUT_IN : The number of days
  257. # example : LOGOUT_IN=1
  258. #export LOGOUT_IN=
  259. #export LOGOUT_ON_HOURS=
  260. # LOGOUT_ON_MINUTES : The number of minutes
  261. # example : LOGOUT_ON_MINUTES=55
  262. #export LOGOUT_ON_MINUTES=
  263. node main.js & >> ~/repos/wekan.log
  264. cd ~/repos
  265. #done