Rev 502 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed
| Rev | Author | Line No. | Line |
|---|---|---|---|
| 261 | daniel-mar | 1 | |
| 2 | OVERVIEW OF ALL CONFIG.INC.PHP SETTINGS |
||
| 3 | ======================================= |
||
| 4 | |||
| 294 | daniel-mar | 5 | The file userdata/baseconfig/config.inc.php contains various settings |
| 261 | daniel-mar | 6 | which are essential to connect to your database and other |
| 7 | things that should be known before the database connection |
||
| 8 | is opened. |
||
| 294 | daniel-mar | 9 | Other settings are stored in the database (table "config") |
| 261 | daniel-mar | 10 | and can be accessed using the admin login area. |
| 11 | |||
| 294 | daniel-mar | 12 | The setup assistant (/setup/) will lead you through |
| 13 | the creation of the most important settings of config.inc.php. |
||
| 261 | daniel-mar | 14 | |
| 294 | daniel-mar | 15 | Below you will find a list of all possible config settings |
| 16 | of the default OIDplus installation/plugins. |
||
| 17 | Please note that a plugin can define any key. |
||
| 18 | |||
| 19 | |||
| 261 | daniel-mar | 20 | ------------------------------------- |
| 21 | (1) CONFIG SETTINGS PROVIDED BY SETUP |
||
| 22 | ------------------------------------- |
||
| 23 | |||
| 24 | OIDplus::baseConfig()->setValue('CONFIG_VERSION', 2.1); |
||
| 25 | Old 2.0 format: define('OIDPLUS_CONFIG_VERSION', 2.0); |
||
| 26 | |||
| 471 | daniel-mar | 27 | OIDplus::baseConfig()->setValue('ADMIN_PASSWORD', '<BCrypt hash, or base64 encoded SHA3-512 hash>'); |
| 28 | Old 2.0 format: define('OIDPLUS_ADMIN_PASSWORD', '<BCrypt hash, or base64 encoded SHA3-512 hash>'); |
||
| 261 | daniel-mar | 29 | |
| 30 | OIDplus::baseConfig()->setValue('DATABASE_PLUGIN', ''); |
||
| 31 | Old 2.0 format: define('OIDPLUS_DATABASE_PLUGIN', ''); |
||
| 32 | |||
| 33 | OIDplus::baseConfig()->setValue('ODBC_DSN', 'DRIVER={SQL Server};SERVER=localhost;DATABASE=oidplus;CHARSET=UTF8'); |
||
| 34 | Old 2.0 format: define('OIDPLUS_ODBC_DSN', 'DRIVER={SQL Server};SERVER=localhost;DATABASE=oidplus;CHARSET=UTF8'); |
||
| 35 | |||
| 36 | OIDplus::baseConfig()->setValue('ODBC_USERNAME', 'sa'); |
||
| 37 | Old 2.0 format: define('OIDPLUS_ODBC_USERNAME', 'sa'); |
||
| 38 | |||
| 39 | OIDplus::baseConfig()->setValue('ODBC_PASSWORD', base64_decode('<base64_encoded_password>')); // alternatively as plaintext |
||
| 40 | Old 2.0 format: define('OIDPLUS_ODBC_PASSWORD', '<base64_encoded_password>'); // must be base64 encoded |
||
| 41 | Information: The base64 encoding "protects" your password from being read if |
||
| 42 | someone quickly looks at your display while you have the configuration file opened. |
||
| 43 | |||
| 44 | OIDplus::baseConfig()->setValue('PDO_DSN', 'pgsql:host=localhost;dbname=oidplus'); |
||
| 45 | Old 2.0 format: define('OIDPLUS_PDO_DSN', 'pgsql:host=localhost;dbname=oidplus'); |
||
| 46 | |||
| 47 | OIDplus::baseConfig()->setValue('PDO_USERNAME', 'postgres'); |
||
| 48 | Old 2.0 format: define('OIDPLUS_PDO_USERNAME', 'postgres'); |
||
| 49 | |||
| 50 | OIDplus::baseConfig()->setValue('PDO_PASSWORD', base64_decode('<base64_encoded_password>')); // alternatively as plaintext |
||
| 51 | Old 2.0 format: define('OIDPLUS_PDO_PASSWORD', '<base64_encoded_password>'); // must be base64 encoded |
||
| 52 | Information: The base64 encoding "protects" your password from being read if |
||
| 53 | someone quickly looks at your display while you have the configuration file opened. |
||
| 54 | |||
| 55 | OIDplus::baseConfig()->setValue('MYSQL_HOST', 'localhost:3306'); |
||
| 56 | Old 2.0 format: define('OIDPLUS_MYSQL_HOST', 'localhost:3306'); |
||
| 57 | Information: Port is optional |
||
| 58 | |||
| 59 | OIDplus::baseConfig()->setValue('MYSQL_USERNAME', 'root'); |
||
| 60 | Old 2.0 format: define('OIDPLUS_MYSQL_USERNAME', 'root'); |
||
| 61 | |||
| 62 | OIDplus::baseConfig()->setValue('MYSQL_PASSWORD', base64_decode('<base64_encoded_password>')); // alternatively as plaintext |
||
| 63 | Old 2.0 format: define('OIDPLUS_MYSQL_PASSWORD', '<base64_encoded_password>'); // must be base64 encoded |
||
| 64 | Information: The base64 encoding "protects" your password from being read if |
||
| 65 | someone quickly looks at your display while you have the configuration file opened. |
||
| 66 | |||
| 67 | OIDplus::baseConfig()->setValue('MYSQL_DATABASE', 'oidplus'); |
||
| 68 | Old 2.0 format: define('OIDPLUS_MYSQL_DATABASE', 'oidplus'); |
||
| 69 | |||
| 70 | OIDplus::baseConfig()->setValue('PGSQL_HOST', 'localhost:5432'); |
||
| 71 | Old 2.0 format: define('OIDPLUS_PGSQL_HOST', 'localhost:5432'); |
||
| 72 | Information: Port is optional |
||
| 73 | |||
| 74 | OIDplus::baseConfig()->setValue('PGSQL_USERNAME', 'postgres'); |
||
| 75 | Old 2.0 format: define('OIDPLUS_PGSQL_USERNAME', 'postgres'); |
||
| 76 | |||
| 77 | OIDplus::baseConfig()->setValue('PGSQL_PASSWORD', base64_decode('<base64_encoded_password>')); // alternatively as plaintext |
||
| 78 | Old 2.0 format: define('OIDPLUS_PGSQL_PASSWORD', '<base64_encoded_password>'); // must be base64 encoded |
||
| 79 | Information: The base64 encoding "protects" your password from being read if |
||
| 80 | someone quickly looks at your display while you have the configuration file opened. |
||
| 81 | |||
| 82 | OIDplus::baseConfig()->setValue('PGSQL_DATABASE', 'oidplus'); |
||
| 83 | Old 2.0 format: define('OIDPLUS_PGSQL_DATABASE', 'oidplus'); |
||
| 84 | |||
| 264 | daniel-mar | 85 | |
| 294 | daniel-mar | 86 | OIDplus::baseConfig()->setValue('SQLITE3_FILE', 'userdata/database/oidplus.db'); |
| 87 | Old 2.0 format: define('OIDPLUS_SQLITE3_FILE', 'userdata/database/oidplus.db'); |
||
| 264 | daniel-mar | 88 | Attention: This file must be located in a location that is not world-readable/downloadable! |
| 89 | |||
| 90 | OIDplus::baseConfig()->setValue('SQLITE3_ENCRYPTION', ''); |
||
| 91 | Old 2.0 format: define('OIDPLUS_SQLITE3_ENCRYPTION', ''); |
||
| 92 | Note: Options |
||
| 93 | |||
| 261 | daniel-mar | 94 | OIDplus::baseConfig()->setValue('TABLENAME_PREFIX', 'oidplus_'); |
| 95 | Old 2.0 format: define('OIDPLUS_TABLENAME_PREFIX', 'oidplus_'); |
||
| 96 | |||
| 97 | OIDplus::baseConfig()->setValue('SERVER_SECRET', 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'); |
||
| 98 | Old 2.0 format: define('OIDPLUS_SESSION_SECRET', 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'); |
||
| 99 | Information: It is very very important that you choose a long sequence of |
||
| 100 | random characters. OIDplus uses this secret for various |
||
| 101 | security related purposes. If someone accidently received this secret, |
||
| 102 | please change the sequence. |
||
| 103 | |||
| 104 | OIDplus::baseConfig()->setValue('RECAPTCHA_ENABLED', true); |
||
| 105 | Old 2.0 format: define('RECAPTCHA_ENABLED', 0); |
||
| 106 | |||
| 107 | OIDplus::baseConfig()->setValue('RECAPTCHA_PUBLIC', ''); |
||
| 108 | Old 2.0 format: define('RECAPTCHA_PUBLIC', ''); |
||
| 109 | |||
| 110 | OIDplus::baseConfig()->setValue('RECAPTCHA_PRIVATE', ''); |
||
| 111 | Old 2.0 format: define('RECAPTCHA_PRIVATE', ''); |
||
| 112 | |||
| 113 | OIDplus::baseConfig()->setValue('ENFORCE_SSL', 2); |
||
| 114 | Old 2.0 format: define('OIDPLUS_ENFORCE_SSL', 2); |
||
| 115 | Information: Values 0 (off), 1 (on), 2 (auto detect) |
||
| 116 | |||
| 117 | |||
| 118 | ---------------------- |
||
| 374 | daniel-mar | 119 | (2) SYSTEM LIMITATIONS (defined and documented in includes/oidplus_limits.inc.php , can be overwritten by config.inc.php) |
| 261 | daniel-mar | 120 | ---------------------- |
| 121 | |||
| 122 | OIDplus::baseConfig()->setValue('LIMITS_MAX_OID_DEPTH', 30); |
||
| 123 | Old 2.0 format: define('OIDPLUS_MAX_OID_DEPTH', 30); |
||
| 374 | daniel-mar | 124 | Information: Please read the documentation in the file includes/oidplus_limits.inc.php |
| 261 | daniel-mar | 125 | |
| 126 | OIDplus::baseConfig()->setValue('LIMITS_MAX_ID_LENGTH', 255); |
||
| 127 | Old 2.0 format: define('OIDPLUS_MAX_OID_ARC_SIZE', 255); |
||
| 374 | daniel-mar | 128 | Information: Please read the documentation in the file includes/oidplus_limits.inc.php |
| 261 | daniel-mar | 129 | |
| 130 | OIDplus::baseConfig()->setValue('LIMITS_MAX_OID_ARC_SIZE', 50); |
||
| 131 | Old 2.0 format: define('OIDPLUS_MAX_OID_ARC_SIZE', 50); |
||
| 374 | daniel-mar | 132 | Information: Please read the documentation in the file includes/oidplus_limits.inc.php |
| 261 | daniel-mar | 133 | |
| 134 | OIDplus::baseConfig()->setValue('LIMITS_MAX_OID_ASN1_ID_LEN', 255); |
||
| 135 | Old 2.0 format: define('OIDPLUS_MAX_OID_ASN1_ID_LEN', 255); |
||
| 374 | daniel-mar | 136 | Information: Please read the documentation in the file includes/oidplus_limits.inc.php |
| 261 | daniel-mar | 137 | |
| 138 | OIDplus::baseConfig()->setValue('LIMITS_MAX_OID_UNICODE_LABEL_LEN', 255); |
||
| 139 | Old 2.0 format: define('OIDPLUS_MAX_OID_UNICODE_LABEL_LEN', 255); |
||
| 374 | daniel-mar | 140 | Information: Please read the documentation in the file includes/oidplus_limits.inc.php |
| 261 | daniel-mar | 141 | |
| 142 | |||
| 143 | ----------------------------------------- |
||
| 144 | (3) "HIDDEN"/UNDOCUMENTED CONFIG SETTINGS |
||
| 145 | ----------------------------------------- |
||
| 146 | |||
| 147 | OIDplus::baseConfig()->setValue('OIDINFO_API_URL', '<url>'); |
||
| 148 | Old 2.0 format: define('OIDINFO_API_URL', '<url>'); |
||
| 149 | Information: Currently only internal use for development utilities (dev/). |
||
| 502 | daniel-mar | 150 | The API to oid-info.com is currently not public. |
| 261 | daniel-mar | 151 | |
| 152 | OIDplus::baseConfig()->setValue('REGISTRATION_HIDE_SYSTEM', true); |
||
| 153 | Old 2.0 format: define('REGISTRATION_HIDE_SYSTEM', true); |
||
| 154 | Information: Set this if you have a clone of a productive system and you want |
||
| 155 | to avoid that the clone registers at the ViaThinkSoft directory |
||
| 156 | (which would overwrite the URL of the productive system and reveal |
||
| 157 | the URL of your testing system) |
||
| 158 | |||
| 159 | OIDplus::baseConfig()->setValue('MYSQL_FORCE_MYSQLND_SUPPLEMENT', false); |
||
| 160 | Old 2.0 format: define('OIDPLUS_MYSQL_FORCE_MYSQLND_SUPPLEMENT', false); |
||
| 161 | Information: The MySQLi plugin contains a supplement code to handle |
||
| 162 | prepared statements on servers which do not have the MySQLnd extension |
||
| 163 | installed. Set this flag to force the supplement to be used, |
||
| 164 | even if MySQLnd is available. (For testing purposes only) |
||
| 165 | |||
| 166 | OIDplus::baseConfig()->setValue('QUERY_LOGFILE', ''); |
||
| 167 | Old 2.0 format: define('OIDPLUS_MYSQL_QUERYLOG', false); |
||
| 168 | Information: Set this setting to a filename where all queries including timestamps would be written. |
||
| 169 | This is used for performance analysis. |
||
| 170 | Please choose a directory that cannot be accessed by world-wide. |
||
| 171 | |||
| 172 | OIDplus::baseConfig()->setValue('SESSION_LIFETIME', 30*60); |
||
| 173 | Old 2.0 format: define('SESSION_LIFETIME', 30*60); |
||
| 174 | Information: Session lifetime in seconds. |
||
| 175 | |||
| 176 | OIDplus::baseConfig()->setValue('OBJECT_CACHING', true); |
||
| 177 | Old 2.0 format: define('OIDPLUS_OBJECT_CACHING', true); |
||
| 178 | |||
| 179 | OIDplus::baseConfig()->setValue('FORCE_DBMS_SLANG', ''); |
||
| 180 | Old 2.0 format: define('DBMS_SLANG', ''); |
||
| 264 | daniel-mar | 181 | Information: Currently valid values: mysql, mssql, pgsql, sqlite |
| 261 | daniel-mar | 182 | |
| 502 | daniel-mar | 183 | OIDplus::baseConfig()->setValue('PREPARED_STATEMENTS_EMULATION', 'auto'); |
| 184 | Old 2.0 format: define('PREPARED_STATEMENTS_EMULATION', 'auto'); |
||
| 185 | Information: Currently only for ODBC database plugin. |
||
| 186 | 'auto' = Auto detect if prepared statements should be emulated |
||
| 187 | 'on' = Always emulate prepared statements |
||
| 188 | 'off' = Never emulate prepared statements |
||
| 189 | |||
| 261 | daniel-mar | 190 | OIDplus::baseConfig()->setValue('MINIFY_CSS', true); |
| 191 | Old 2.0 format: define('DO_MINIFY', true); |
||
| 417 | daniel-mar | 192 | This enables the compression of CSS definitions. |
| 193 | Compressed approx: 220 KB |
||
| 194 | Uncompressed approx: 224 KB |
||
| 261 | daniel-mar | 195 | |
| 196 | OIDplus::baseConfig()->setValue('MINIFY_JS', true); |
||
| 197 | Old 2.0 format: (Not available) |
||
| 417 | daniel-mar | 198 | This enables the compression of JavaScript code. |
| 199 | Please only disable this, if you want to debug |
||
| 200 | the code! You should not disable it on a productive |
||
| 201 | system, because otherwise the JavaScript code |
||
| 202 | would be several Megabytes large. |
||
| 203 | Compressed approx: 1133 KB |
||
| 204 | Unompressed approx: 2761 KB |
||
| 261 | daniel-mar | 205 | |
| 297 | daniel-mar | 206 | OIDplus::baseConfig()->setValue('DISABLE_PLUGIN_...', true); |
| 207 | Old 2.0 format: define('OIDPLUS_DISABLE_PLUGIN_...', true); |
||
| 208 | Information: This gives you the possibility to disable a plugin without |
||
| 209 | requiring it to be removed from the file system. |
||
| 210 | (Removing a plugin from the file system can result in various |
||
| 211 | problems, e.g. they can be re-added during a SVN/software update.) |
||
| 212 | Replace "..." with the main PHP class of the plugin you want to disable |
||
| 213 | Example: |
||
| 214 | "DISABLE_PLUGIN_OIDplusLoggerPluginUserdataLogfile" |
||
| 215 | disables the plugin "logger/300_userdata_logfile". |
||
| 316 | daniel-mar | 216 | |
| 217 | OIDplus::baseConfig()->setValue('DISABLE_AJAX_TRANSACTIONS', false); |
||
| 218 | Old 2.0 format: define('OIDPLUS_DISABLE_AJAX_TRANSACTIONS', false); |
||
| 219 | This will disable the usage of database transactions in ajax.php |
||
| 220 | Do only use this if you have severe problems with the system running. |
||
| 221 | It might result in inconsistent data e.g. if you update an OID |
||
| 222 | and an error occurs in the middle of that process. |
||
| 326 | daniel-mar | 223 | |
| 224 | OIDplus::baseConfig()->setValue('EXPLICIT_ABSOLUTE_SYSTEM_URL', ''); |
||
| 225 | Old 2.0 format: define('OIDPLUS_EXPLICIT_ABSOLUTE_SYSTEM_URL', ''); |
||
| 226 | This setting can override the absolute system URL, which is used at CLI WHOIS |
||
| 227 | and possibly other modules. It has no effect on relative URLs. |
||
| 228 | If this setting is not set, the last known absolute URL |
||
| 229 | will be remembered and used when a CLI call is made. |
||
| 430 | daniel-mar | 230 | |
| 456 | daniel-mar | 231 | OIDplus::baseConfig()->setValue('DEBUG', false); |
| 232 | Old 2.0 format: (Not available) |
||
| 233 | Enables some special checks for plugins (e.g. a self-test for auth plugins). |
||
| 234 | It is highly recommended that you enable DEBUG if you are developing |
||
| 235 | plugins! |
||
| 470 | daniel-mar | 236 | It is recommended to disable this switch in productive systems, |
| 237 | because the self-tests decrease the performance. |
||
| 238 | However, after installing a new plugin, you might want to enable |
||
| 239 | it for a few minutes, to make sure the plugin is working correctly. |
||
| 430 | daniel-mar | 240 | |
| 557 | daniel-mar | 241 | OIDplus::baseConfig()->setValue('COOKIE_SAMESITE_POLICY', 'Strict'); |
| 242 | Old 2.0 format: (Not available) |
||
| 243 | Defined which "SameSite" policy should be used for the cookies OIDplus uses. |
||
| 244 | Can be "None", "Lax" or "Strict". |
||
| 245 | "Strict" is the most secure setting. |
||
| 246 | "Lax" allows that people stay logged in if they follow a link pointing |
||
| 247 | to your OIDplus installation. |
||
| 248 | "None" is not recommended and is deprecated by modern web browsers. |
||
| 249 | However, OIDplus itself provides an Anti-CSRF mechanism, so you should be |
||
| 250 | still safe. |
||
| 456 | daniel-mar | 251 | |
| 557 | daniel-mar | 252 | |
| 430 | daniel-mar | 253 | ---------------------------------------------------- |
| 254 | (4) LDAP FIELDS (see document ldap_installation.txt) |
||
| 255 | ---------------------------------------------------- |
||
| 256 | |||
| 257 | OIDplus::baseConfig()->setValue('LDAP_ENABLED', true); |
||
| 258 | OIDplus::baseConfig()->setValue('LDAP_SERVER', 'ldap://shs.company.local'); |
||
| 259 | OIDplus::baseConfig()->setValue('LDAP_PORT', 389); |
||
| 260 | OIDplus::baseConfig()->setValue('LDAP_BASE_DN', 'DC=COMPANY,DC=local'); |
||
| 261 | OIDplus::baseConfig()->setValue('LDAP_CONTROLUSER_RDN', 'test@company.local'); // Can be any user that is able to search for users (in order to find who is owning an email address) |
||
| 262 | OIDplus::baseConfig()->setValue('LDAP_CONTROLUSER_PASSWORD', 'foobar'); |
||
| 482 | daniel-mar | 263 | OIDplus::baseConfig()->setValue('LDAP_USER_FILTER', '(&(objectClass=user)(cn=*))'); |
| 432 | daniel-mar | 264 | |
| 265 | |||
| 266 | ---------------------------------------------------------------------- |
||
| 267 | (5) GOOGLE OAUTH2 FIELDS (see document google_oauth2_installation.txt) |
||
| 268 | ---------------------------------------------------------------------- |
||
| 269 | |||
| 270 | OIDplus::baseConfig()->setValue('GOOGLE_OAUTH2_ENABLED', true); |
||
| 271 | OIDplus::baseConfig()->setValue('GOOGLE_OAUTH2_CLIENT_ID', '..............apps.googleusercontent.com'); |
||
| 272 | OIDplus::baseConfig()->setValue('GOOGLE_OAUTH2_CLIENT_SECRET', '.............'); |
||
| 436 | daniel-mar | 273 | |
| 274 | |||
| 275 | ------------------------------------------------------------------------- |
||
| 276 | (6) FACEBOOK OAUTH2 FIELDS (see document facebook_oauth2_installation.txt) |
||
| 277 | ------------------------------------------------------------------------- |
||
| 278 | |||
| 279 | OIDplus::baseConfig()->setValue('FACEBOOK_OAUTH2_ENABLED', true); |
||
| 280 | OIDplus::baseConfig()->setValue('FACEBOOK_OAUTH2_CLIENT_ID', '.............'); // Your App ID |
||
| 281 | OIDplus::baseConfig()->setValue('FACEBOOK_OAUTH2_CLIENT_SECRET', '.............'); // Your App Secret |