TYPE=wekan TIMEOUT=300 ENABLE_AUTO_UPDATE=true LETS_ENCRYPT_ENV=production SECRET_OAUTH2_SECRET_VERSION=v1 COMPOSE_FILE="compose.yml" # Set this to run mongodb in replicaset mode (needs initialisation!) # COMPOSE_FILE="${COMPOSE_FILE}:compose.rs.yml" DOMAIN=wekan.example.com ROOT_URL=https://wekan.example.com DEBUG=false MAIL_URL=smtp://smtp:25/?ignoreTLS=true&tls={rejectUnauthorized:false} MAIL_FROM="[WeKan] Wekan Notifications " WITH_API=true RICHER_CARD_COMMENT_EDITOR=false # CORS=* # CORS_ALLOW_HEADERS=Authorization,Content-Type # CORS_EXPOSE_HEADERS=* # PASSWORD_LOGIN_ENABLED=false ### OAUTH2 ### OAUTH2_ENABLED=false # OAUTH2_LOGIN_STYLE=redirect # OAUTH2_CLIENT_ID=wekan # OAUTH2_SERVER_URL=https://authentik.example.com # OAUTH2_AUTH_ENDPOINT=/application/o/authorize/ # OAUTH2_USERINFO_ENDPOINT=/application/o/userinfo/ # OAUTH2_TOKEN_ENDPOINT=/application/o/token/ # OAUTH2_REQUEST_PERMISSIONS="openid profile email wekan" # OAUTH2_ID_MAP=preferred_username # OAUTH2_USERNAME_MAP=preferred_username # OAUTH2_FULLNAME_MAP=given_name # OAUTH2_EMAIL_MAP=email # PROPAGATE_OIDC_DATA=true # OIDC_REDIRECTION_ENABLED=true ### LDAP ### #COMPOSE_FILE="$COMPOSE_FILE:compose.ldap.yml" # DEFAULT_AUTHENTICATION_METHOD=ldap # LDAP_ENABLE=true # LDAP_PORT=389 # LDAP_HOST=ldap.example.org # LDAP_AD_SIMPLE_AUTH=false # LDAP_USER_AUTHENTICATION=true # LDAP_USER_AUTHENTICATION_FIELD=cn # LDAP_DEFAULT_DOMAIN=mydomain.com # LDAP_BASEDN=dc=ldap,dc=goauthentik,dc=io # LDAP_LOGIN_FALLBACK=false # LDAP_RECONNECT=true # LDAP_TIMEOUT=10000 # LDAP_IDLE_TIMEOUT=10000 # LDAP_CONNECT_TIMEOUT=10000 # LDAP_AUTHENTIFICATION=true # LDAP_AUTHENTIFICATION_USERDN=cn=admin,dc=ldap,dc=goauthentik,dc=io" # LDAP_AUTHENTIFICATION_PASSWORD=secret # LDAP_LOG_ENABLED=true # LDAP_BACKGROUND_SYNC=true # LDAP_BACKGROUND_SYNC_INTERVAL='every 1 hour' # LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=true # LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=true # LDAP_ENCRYPTION=false # LDAP_CA_CERT=-----BEGIN CERTIFICATE-----MIIE+G2FIdAgIC...-----END CERTIFICATE----- # LDAP_REJECT_UNAUTHORIZED=false # LDAP_USER_SEARCH_FILTER= # LDAP_USER_SEARCH_SCOPE=ou=users,dc=ldap,dc=goauthentik,dc=io # LDAP_USER_SEARCH_FIELD=cn # LDAP_SEARCH_PAGE_SIZE=0 # LDAP_SEARCH_SIZE_LIMIT=0 # Enable group filtering. Note the authenticated ldap user must be able to query all relevant group data with own login data from ldap. # LDAP_GROUP_FILTER_ENABLE=true # LDAP_GROUP_FILTER_OBJECTCLASS=group # LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE=cn # LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE=member # LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT=dn # LDAP_GROUP_FILTER_GROUP_NAME= # LDAP_UNIQUE_IDENTIFIER_FIELD=guid # LDAP_UTF8_NAMES_SLUGIFY=true # LDAP_USERNAME_FIELD=cn # LDAP_FULLNAME_FIELD=name # LDAP_MERGE_EXISTING_USERS=true # LDAP_EMAIL_MATCH_ENABLE=true # LDAP_EMAIL_MATCH_REQUIRE=true # LDAP_EMAIL_MATCH_VERIFIED=true # LDAP_EMAIL_FIELD=mail # LDAP_SYNC_USER_DATA=true # LDAP_SYNC_USER_DATA_FIELDMAP={"cn":"name", "mail":"email"} # LDAP_SYNC_GROUP_ROLES= # LDAP_SYNC_ADMIN_STATUS=true # LDAP_SYNC_ADMIN_GROUPS=admin