The to-do app to organize your life. Public API Roadmap here: https://my.vikunja.cloud/share/QFyzYEmEYfSyQfTOmIRSwLUpkFjboaBqQCnaPmWd/auth.
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
321 lines
16 KiB
321 lines
16 KiB
service: |
|
# This token is used to verify issued JWT tokens. |
|
# Default is a random token which will be generated at each startup of vikunja. |
|
# (This means all already issued tokens will be invalid once you restart vikunja) |
|
JWTSecret: "<jwt-secret>" |
|
# The duration of the issed JWT tokens in seconds. |
|
# The default is 259200 seconds (3 Days). |
|
jwtttl: 259200 |
|
# The duration of the "remember me" time in seconds. When the login request is made with |
|
# the long param set, the token returned will be valid for this period. |
|
# The default is 2592000 seconds (30 Days). |
|
jwtttllong: 2592000 |
|
# The interface on which to run the webserver |
|
interface: ":3456" |
|
# Path to Unix socket. If set, it will be created and used instead of tcp |
|
unixsocket: |
|
# Permission bits for the Unix socket. Note that octal values must be prefixed by "0o", e.g. 0o660 |
|
unixsocketmode: |
|
# The URL of the frontend, used to send password reset emails. |
|
frontendurl: "" |
|
# The base path on the file system where the binary and assets are. |
|
# Vikunja will also look in this path for a config file, so you could provide only this variable to point to a folder |
|
# with a config file which will then be used. |
|
rootpath: <rootpath> |
|
# Path on the file system to serve static files from. Set to the path of the frontend files to host frontend alongside the api. |
|
staticpath: "" |
|
# The max number of items which can be returned per page |
|
maxitemsperpage: 50 |
|
# Enable the caldav endpoint, see the docs for more details |
|
enablecaldav: true |
|
# Set the motd message, available from the /info endpoint |
|
motd: "" |
|
# Enable sharing of lists via a link |
|
enablelinksharing: true |
|
# Whether to let new users registering themselves or not |
|
enableregistration: true |
|
# Whether to enable task attachments or not |
|
enabletaskattachments: true |
|
# The time zone all timestamps are in. Please note that time zones have to use [the official tz database names](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones). UTC or GMT offsets won't work. |
|
timezone: GMT |
|
# Whether task comments should be enabled or not |
|
enabletaskcomments: true |
|
# Whether totp is enabled. In most cases you want to leave that enabled. |
|
enabletotp: true |
|
# If not empty, enables logging of crashes and unhandled errors in sentry. |
|
sentrydsn: '' |
|
# If not empty, this will enable `/test/{table}` endpoints which allow to put any content in the database. |
|
# Used to reset the db before frontend tests. Because this is quite a dangerous feature allowing for lots of harm, |
|
# each request made to this endpoint neefs to provide an `Authorization: <token>` header with the token from below. <br/> |
|
# **You should never use this unless you know exactly what you're doing** |
|
testingtoken: '' |
|
# If enabled, vikunja will send an email to everyone who is either assigned to a task or created it when a task reminder |
|
# is due. |
|
enableemailreminders: true |
|
# If true, will allow users to request the complete deletion of their account. When using external authentication methods |
|
# it may be required to coordinate with them in order to delete the account. This setting will not affect the cli commands |
|
# for user deletion. |
|
enableuserdeletion: true |
|
# The maximum size clients will be able to request for user avatars. |
|
# If clients request a size bigger than this, it will be changed on the fly. |
|
maxavatarsize: 1024 |
|
|
|
database: |
|
# Database type to use. Supported types are mysql, postgres and sqlite. |
|
type: "sqlite" |
|
# Database user which is used to connect to the database. |
|
user: "vikunja" |
|
# Database password |
|
password: "" |
|
# Database host |
|
host: "localhost" |
|
# Database to use |
|
database: "vikunja" |
|
# When using sqlite, this is the path where to store the data |
|
path: "./vikunja.db" |
|
# Sets the max open connections to the database. Only used when using mysql and postgres. |
|
maxopenconnections: 100 |
|
# Sets the maximum number of idle connections to the db. |
|
maxidleconnections: 50 |
|
# The maximum lifetime of a single db connection in miliseconds. |
|
maxconnectionlifetime: 10000 |
|
# Secure connection mode. Only used with postgres. |
|
# (see https://pkg.go.dev/github.com/lib/pq?tab=doc#hdr-Connection_String_Parameters) |
|
sslmode: disable |
|
# The path to the client cert. Only used with postgres. |
|
sslcert: "" |
|
# The path to the client key. Only used with postgres. |
|
sslkey: "" |
|
# The path to the ca cert. Only used with postgres. |
|
sslrootcert: "" |
|
# Enable SSL/TLS for mysql connections. Options: false, true, skip-verify, preferred |
|
tls: false |
|
|
|
cache: |
|
# If cache is enabled or not |
|
enabled: false |
|
# Cache type. Possible values are "keyvalue", "memory" or "redis". |
|
# When choosing "keyvalue" this setting follows the one configured in the "keyvalue" section. |
|
# When choosing "redis" you will need to configure the redis connection seperately. |
|
type: keyvalue |
|
# When using memory this defines the maximum size an element can take |
|
maxelementsize: 1000 |
|
|
|
redis: |
|
# Whether to enable redis or not |
|
enabled: false |
|
# The host of the redis server including its port. |
|
host: 'localhost:6379' |
|
# The password used to authenicate against the redis server |
|
password: '' |
|
# 0 means default database |
|
db: 0 |
|
|
|
cors: |
|
# Whether to enable or disable cors headers. |
|
# Note: If you want to put the frontend and the api on seperate domains or ports, you will need to enable this. |
|
# Otherwise the frontend won't be able to make requests to the api through the browser. |
|
enable: true |
|
# A list of origins which may access the api. These need to include the protocol (`http://` or `https://`) and port, if any. |
|
origins: |
|
- "*" |
|
# How long (in seconds) the results of a preflight request can be cached. |
|
maxage: 0 |
|
|
|
mailer: |
|
# Whether to enable the mailer or not. If it is disabled, all users are enabled right away and password reset is not possible. |
|
enabled: false |
|
# SMTP Host |
|
host: "" |
|
# SMTP Host port |
|
port: 587 |
|
# SMTP username |
|
username: "user" |
|
# SMTP password |
|
password: "" |
|
# Wether to skip verification of the tls certificate on the server |
|
skiptlsverify: false |
|
# The default from address when sending emails |
|
fromemail: "mail@vikunja" |
|
# The length of the mail queue. |
|
queuelength: 100 |
|
# The timeout in seconds after which the current open connection to the mailserver will be closed. |
|
queuetimeout: 30 |
|
# By default, vikunja will try to connect with starttls, use this option to force it to use ssl. |
|
forcessl: false |
|
|
|
log: |
|
# A folder where all the logfiles should go. |
|
path: <rootpath>logs |
|
# Whether to show any logging at all or none |
|
enabled: true |
|
# Where the normal log should go. Possible values are stdout, stderr, file or off to disable standard logging. |
|
standard: "stdout" |
|
# Change the log level. Possible values (case-insensitive) are CRITICAL, ERROR, WARNING, NOTICE, INFO, DEBUG. |
|
level: "INFO" |
|
# Whether or not to log database queries. Useful for debugging. Possible values are stdout, stderr, file or off to disable database logging. |
|
database: "off" |
|
# The log level for database log messages. Possible values (case-insensitive) are CRITICAL, ERROR, WARNING, NOTICE, INFO, DEBUG. |
|
databaselevel: "WARNING" |
|
# Whether to log http requests or not. Possible values are stdout, stderr, file or off to disable http logging. |
|
http: "stdout" |
|
# Echo has its own logging which usually is unnessecary, which is why it is disabled by default. Possible values are stdout, stderr, file or off to disable standard logging. |
|
echo: "off" |
|
# Whether or not to log events. Useful for debugging. Possible values are stdout, stderr, file or off to disable events logging. |
|
events: "stdout" |
|
# The log level for event log messages. Possible values (case-insensitive) are ERROR, INFO, DEBUG. |
|
eventslevel: "info" |
|
|
|
ratelimit: |
|
# whether or not to enable the rate limit |
|
enabled: false |
|
# The kind on which rates are based. Can be either "user" for a rate limit per user or "ip" for an ip-based rate limit. |
|
kind: user |
|
# The time period in seconds for the limit |
|
period: 60 |
|
# The max number of requests a user is allowed to do in the configured time period |
|
limit: 100 |
|
# The store where the limit counter for each user is stored. |
|
# Possible values are "keyvalue", "memory" or "redis". |
|
# When choosing "keyvalue" this setting follows the one configured in the "keyvalue" section. |
|
store: keyvalue |
|
|
|
files: |
|
# The path where files are stored |
|
basepath: ./files # relative to the binary |
|
# The maximum size of a file, as a human-readable string. |
|
# Warning: The max size is limited 2^64-1 bytes due to the underlying datatype |
|
maxsize: 20MB |
|
|
|
migration: |
|
# These are the settings for the wunderlist migrator |
|
wunderlist: |
|
# Wheter to enable the wunderlist migrator or not |
|
enable: false |
|
# The client id, required for making requests to the wunderlist api |
|
# You need to register your vikunja instance at https://developer.wunderlist.com/apps/new to get this |
|
clientid: |
|
# The client secret, also required for making requests to the wunderlist api |
|
clientsecret: |
|
# The url where clients are redirected after they authorized Vikunja to access their wunderlist stuff. |
|
# This needs to match the url you entered when registering your Vikunja instance at wunderlist. |
|
# This is usually the frontend url where the frontend then makes a request to /migration/wunderlist/migrate |
|
# with the code obtained from the wunderlist api. |
|
# Note that the vikunja frontend expects this to be /migrate/wunderlist |
|
redirecturl: |
|
todoist: |
|
# Wheter to enable the todoist migrator or not |
|
enable: false |
|
# The client id, required for making requests to the todoist api |
|
# You need to register your vikunja instance at https://developer.todoist.com/appconsole.html to get this |
|
clientid: |
|
# The client secret, also required for making requests to the todoist api |
|
clientsecret: |
|
# The url where clients are redirected after they authorized Vikunja to access their todoist items. |
|
# This needs to match the url you entered when registering your Vikunja instance at todoist. |
|
# This is usually the frontend url where the frontend then makes a request to /migration/todoist/migrate |
|
# with the code obtained from the todoist api. |
|
# Note that the vikunja frontend expects this to be /migrate/todoist |
|
redirecturl: <frontend url>/migrate/todoist |
|
trello: |
|
# Wheter to enable the trello migrator or not |
|
enable: false |
|
# The client id, required for making requests to the trello api |
|
# You need to register your vikunja instance at https://trello.com/app-key (log in before you visit that link) to get this |
|
key: |
|
# The url where clients are redirected after they authorized Vikunja to access their trello cards. |
|
# This needs to match the url you entered when registering your Vikunja instance at trello. |
|
# This is usually the frontend url where the frontend then makes a request to /migration/trello/migrate |
|
# with the code obtained from the trello api. |
|
# Note that the vikunja frontend expects this to end on /migrate/trello. |
|
redirecturl: <frontend url>/migrate/trello |
|
microsofttodo: |
|
# Wheter to enable the microsoft todo migrator or not |
|
enable: false |
|
# The client id, required for making requests to the microsoft graph api |
|
# See https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app#register-an-application |
|
# for information about how to register your vikuinja instance. |
|
clientid: |
|
# The client secret, also required for making requests to the microsoft graph api |
|
clientsecret: |
|
# The url where clients are redirected after they authorized Vikunja to access their microsoft todo tasks. |
|
# This needs to match the url you entered when registering your Vikunja instance at microsoft. |
|
# This is usually the frontend url where the frontend then makes a request to /migration/microsoft-todo/migrate |
|
# with the code obtained from the microsoft graph api. |
|
# Note that the vikunja frontend expects this to be /migrate/microsoft-todo |
|
redirecturl: <frontend url>/migrate/microsoft-todo |
|
|
|
avatar: |
|
# When using gravatar, this is the duration in seconds until a cached gravatar user avatar expires |
|
gravatarexpiration: 3600 |
|
|
|
backgrounds: |
|
# Whether to enable backgrounds for lists at all. |
|
enabled: true |
|
providers: |
|
upload: |
|
# Whethere to enable uploaded list backgrounds |
|
enabled: true |
|
unsplash: |
|
# Whether to enable setting backgrounds from unsplash as list backgrounds |
|
enabled: false |
|
# You need to create an application for your installation at https://unsplash.com/oauth/applications/new |
|
# and set the access token below. |
|
accesstoken: |
|
# The unsplash application id is only used for pingback and required as per their api guidelines. |
|
# You can find the Application ID in the dashboard for your API application. It should be a numeric ID. |
|
# It will only show in the UI if your application has been approved for Enterprise usage, therefore if |
|
# you’re in Demo mode, you can also find the ID in the URL at the end: https://unsplash.com/oauth/applications/:application_id |
|
applicationid: |
|
|
|
# Legal urls |
|
# Will be shown in the frontend if configured here |
|
legal: |
|
imprinturl: |
|
privacyurl: |
|
|
|
# Key Value Storage settings |
|
# The Key Value Storage is used for different kinds of things like metrics and a few cache systems. |
|
keyvalue: |
|
# The type of the storage backend. Can be either "memory" or "redis". If "redis" is chosen it needs to be configured seperately. |
|
type: "memory" |
|
|
|
auth: |
|
# Local authentication will let users log in and register (if enabled) through the db. |
|
# This is the default auth mechanism and does not require any additional configuration. |
|
local: |
|
# Enable or disable local authentication |
|
enabled: true |
|
# OpenID configuration will allow users to authenticate through a third-party OpenID Connect compatible provider.<br/> |
|
# The provider needs to support the `openid`, `profile` and `email` scopes.<br/> |
|
# **Note:** Some openid providers (like gitlab) only make the email of the user available through openid claims if they have set it to be publicly visible. |
|
# If the email is not public in those cases, authenticating will fail. |
|
# **Note 2:** The frontend expects to be redirected after authentication by the third party |
|
# to <frontend-url>/auth/openid/<auth key>. Please make sure to configure the redirect url with your third party |
|
# auth service accordingy if you're using the default vikunja frontend. |
|
# Take a look at the [default config file](https://kolaente.dev/vikunja/api/src/branch/main/config.yml.sample) for more information about how to configure openid authentication. |
|
openid: |
|
# Enable or disable OpenID Connect authentication |
|
enabled: false |
|
# The url to redirect clients to. Defaults to the configured frontend url. If you're using Vikunja with the official |
|
# frontend, you don't need to change this value. |
|
redirecturl: <frontend url> |
|
# A list of enabled providers |
|
providers: |
|
# The name of the provider as it will appear in the frontend. |
|
- name: |
|
# The auth url to send users to if they want to authenticate using OpenID Connect. |
|
authurl: |
|
# The client ID used to authenticate Vikunja at the OpenID Connect provider. |
|
clientid: |
|
# The client secret used to authenticate Vikunja at the OpenID Connect provider. |
|
clientsecret: |
|
|
|
# Prometheus metrics endpoint |
|
metrics: |
|
# If set to true, enables a /metrics endpoint for prometheus to collect metrics about Vikunja. |
|
enabled: false |
|
# If set to a non-empty value the /metrics endpoint will require this as a username via basic auth in combination with the password below. |
|
username: |
|
# If set to a non-empty value the /metrics endpoint will require this as a password via basic auth in combination with the username below. |
|
password:
|
|
|