forked from YunoHost/yunohost
-
Notifications
You must be signed in to change notification settings - Fork 0
/
config_global.toml
171 lines (142 loc) · 4.91 KB
/
config_global.toml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
version = "1.0"
i18n = "global_settings_setting"
[security]
name = "Security"
[security.password]
name = "Passwords"
[security.password.admin_strength]
type = "select"
choices.1 = "Require at least 8 chars"
choices.2 = "ditto, but also require at least one digit, one lower and one upper char"
choices.3 = "ditto, but also require at least one special char"
choices.4 = "ditto, but also require at least 12 chars"
default = "1"
[security.password.user_strength]
type = "select"
choices.1 = "Require at least 8 chars"
choices.2 = "ditto, but also require at least one digit, one lower and one upper char"
choices.3 = "ditto, but also require at least one special char"
choices.4 = "ditto, but also require at least 12 chars"
default = "1"
[security.password.passwordless_sudo]
type = "boolean"
# The actual value is dynamically computed by checking the sudoOption of cn=admins,ou=sudo
default = false
[security.ssh]
name = "SSH"
[security.ssh.ssh_compatibility]
type = "select"
choices.intermediate = "Intermediate (compatible with older softwares)"
choices.modern = "Modern (recommended)"
default = "modern"
[security.ssh.ssh_port]
type = "number"
default = 22
[security.ssh.ssh_password_authentication]
type = "boolean"
default = true
[security.nginx]
name = "NGINX (web server)"
[security.nginx.nginx_redirect_to_https]
type = "boolean"
default = true
[security.nginx.nginx_compatibility]
type = "select"
choices.intermediate = "Intermediate (compatible with Firefox 27, Android 4.4.2, Chrome 31, Edge, IE 11, Opera 20, and Safari 9)"
choices.modern = "Modern (compatible with Firefox 63, Android 10.0, Chrome 70, Edge 75, Opera 57, and Safari 12.1)"
default = "intermediate"
[security.postfix]
name = "Postfix (SMTP email server)"
[security.postfix.postfix_compatibility]
type = "select"
choices.intermediate = "Intermediate (allows TLS 1.2)"
choices.modern = "Modern (TLS 1.3 only)"
default = "intermediate"
[security.webadmin]
name = "Webadmin"
[security.webadmin.webadmin_allowlist_enabled]
type = "boolean"
default = false
[security.webadmin.webadmin_allowlist]
type = "tags"
visible = "webadmin_allowlist_enabled"
optional = true
default = ""
[security.root_access]
name = "Change root password"
[security.root_access.root_access_explain]
type = "alert"
style = "info"
icon = "info"
[security.root_access.root_password]
type = "password"
optional = true
default = ""
[security.root_access.root_password_confirm]
type = "password"
optional = true
default = ""
[security.experimental]
name = "Experimental"
[security.experimental.security_experimental_enabled]
type = "boolean"
default = false
[email]
name = "Email"
[email.pop3]
name = "POP3"
[email.pop3.pop3_enabled]
type = "boolean"
default = false
[email.smtp]
name = "SMTP"
[email.smtp.smtp_allow_ipv6]
type = "boolean"
default = true
[email.smtp.smtp_relay_enabled]
type = "boolean"
default = false
[email.smtp.smtp_relay_host]
type = "string"
default = ""
optional = true
visible="smtp_relay_enabled"
[email.smtp.smtp_relay_port]
type = "number"
default = 587
visible="smtp_relay_enabled"
[email.smtp.smtp_relay_user]
type = "string"
default = ""
optional = true
visible="smtp_relay_enabled"
[email.smtp.smtp_relay_password]
type = "password"
default = ""
optional = true
visible="smtp_relay_enabled"
help = "" # This is empty string on purpose, otherwise the core automatically set the 'good_practice_admin_password' string here which is not relevant, because the admin is not actually "choosing" the password ...
[misc]
name = "Other"
[misc.portal]
name = "User portal"
[misc.portal.ssowat_panel_overlay_enabled]
type = "boolean"
default = true
[misc.portal.portal_theme]
type = "select"
# Choices are loaded dynamically in the python code
default = "default"
[misc.backup]
name = "Backup"
[misc.backup.backup_compress_tar_archives]
type = "boolean"
default = false
[misc.network]
name = "Network"
[misc.network.dns_exposure]
type = "select"
choices.both = "Both"
choices.ipv4 = "IPv4 Only"
choices.ipv6 = "IPv6 Only"
default = "both"