# SPDX-FileCopyrightText: 2022 Gregor Kleen ,Sarah Vaupel ,Steffen Jost ,Wolfgang Witt # # SPDX-License-Identifier: AGPL-3.0-or-later # Values formatted like "_env:ENV_VAR_NAME:default_value" can be overridden by the specified environment variable. # See https://github.com/yesodweb/yesod/wiki/Configuration#overriding-configuration-values-with-environment-variables # NB: If you need a numeric value (e.g. 123) to parse as a String, wrap it in single quotes (e.g. "_env:PGPASS:'123'") # See https://github.com/yesodweb/yesod/wiki/Configuration#parsing-numeric-values-as-strings static-dir: "_env:STATIC_DIR:static" well-known-dir: "_env:WELL_KNOWN_DIR:well-known" well-known-link-file: html_code.html webpack-manifest: "_env:WEBPACK_MANIFEST:config/webpack.yml" host: "_env:HOST:*4" # any IPv4 host port: "_env:PORT:3000" ip-from-header: "_env:IP_FROM_HEADER:false" approot: "_env:APPROOT:http://localhost:3000" # approot: # default: "http://localhost:3000" # user-generated: "http://127.0.0.1:3000" mail-from: name: "_env:MAILFROM_NAME:Uni2work" email: "_env:MAILFROM_EMAIL:uniworx@localhost" mail-object-domain: "_env:MAILOBJECT_DOMAIN:localhost" mail-use-replyto-instead-sender: "_env:MAIL_USES_REPLYTO:true" mail-reroute-to: name: "_env:MAIL_REROUTE_TO_NAME:" email: "_env:MAIL_REROUTE_TO_EMAIL:" #mail-verp: # separator: "_env:VERP_SEPARATOR:+" # prefix: "_env:VERP_PREFIX:bounce" mail-support: name: "_env:MAILSUPPORT_NAME:" email: "_env:MAILSUPPORT:uni2work@ifi.lmu.de" mail-retain-sent: 31470547 legal-external: - language: "en" imprint: "https://www.fraport.com/en/tools/imprint.html" data-protection: "https://www.fraport.com/en/our-group/data-protection-statement.html" terms-of-use: "https://www.fraport.com/en/tools/legal-information.html" payments: "https://www.fraport.com/de/geschaeftsfelder/service/geschaeftspartner/richtlinien-und-zahlungsbedingungen.html" - language: "de" imprint: "https://www.fraport.com/de/tools/impressum.html" data-protection: "https://www.fraport.com/de/konzern/datenschutz.html" terms-of-use: "https://www.fraport.com/de/tools/disclaimer.html" payments: "https://www.fraport.com/de/geschaeftsfelder/service/geschaeftspartner/richtlinien-und-zahlungsbedingungen.html" job-workers: "_env:JOB_WORKERS:10" job-flush-interval: "_env:JOB_FLUSH:30" job-cron-interval: "_env:CRON_INTERVAL:60" job-stale-threshold: 1800 job-move-threshold: 30 notification-rate-limit: 3600 notification-collate-delay: 7200 notification-expiration: 259200 session-timeout: 7200 bearer-expiration: 604800 bearer-encoding: HS256 maximum-content-length: "_env:MAX_UPLOAD_SIZE:805306368" session-files-expire: 3600 prune-unreferenced-files-within: 604801 prune-unreferenced-files-interval: 3600 keep-unreferenced-files: 86400 health-check-interval: matching-cluster-config: "_env:HEALTHCHECK_INTERVAL_MATCHING_CLUSTER_CONFIG:600" http-reachable: "_env:HEALTHCHECK_INTERVAL_HTTP_REACHABLE:600" ldap-admins: "_env:HEALTHCHECK_INTERVAL_LDAP_ADMINS:600" smtp-connect: "_env:HEALTHCHECK_INTERVAL_SMTP_CONNECT:600" widget-memcached: "_env:HEALTHCHECK_INTERVAL_WIDGET_MEMCACHED:600" active-job-executors: "_env:HEALTHCHECK_INTERVAL_ACTIVE_JOB_EXECUTORS:60" does-flush: "_env:HEALTHCHECK_INTERVAL_DOES_FLUSH:15" health-check-delay-notify: "_env:HEALTHCHECK_DELAY_NOTIFY:true" health-check-http: "_env:HEALTHCHECK_HTTP:true" # Can we assume, that we can reach ourselves under APPROOT via HTTP (reverse proxies or firewalls might prevent this)? health-check-active-job-executors-timeout: "_env:HEALTHCHECK_ACTIVE_JOB_EXECUTORS_TIMEOUT:5" health-check-active-widget-memcached-timeout: "_env:HEALTHCHECK_ACTIVE_WIDGET_MEMCACHED_TIMEOUT:2" health-check-smtp-connect-timeout: "_env:HEALTHCHECK_SMTP_CONNECT_TIMEOUT:5" health-check-ldap-admins-timeout: "_env:HEALTHCHECK_LDAP_ADMINS_TIMEOUT:60" health-check-http-reachable-timeout: "_env:HEALTHCHECK_HTTP_REACHABLE_TIMEOUT:2" health-check-matching-cluster-config-timeout: "_env:HEALTHCHECK_MATCHING_CLUSTER_CONFIG_TIMEOUT:2" synchronise-ldap-users-within: "_env:SYNCHRONISE_LDAP_WITHIN:1209600" synchronise-ldap-users-interval: "_env:SYNCHRONISE_LDAP_INTERVAL:3600" study-features-recache-relevance-within: 172800 study-features-recache-relevance-interval: 293 # Enqueue at specified hour, dequeue 30min later # qualification-check-hour: 3 log-settings: detailed: "_env:DETAILED_LOGGING:false" all: "_env:LOG_ALL:false" minimum-level: "_env:LOGLEVEL:warn" destination: "_env:LOGDEST:stderr" serializable-transaction-retry-limit: 2 ip-retention-time: 1209600 # Debugging auth-dummy-login: "_env:DUMMY_LOGIN:false" allow-deprecated: "_env:ALLOW_DEPRECATED:false" encrypt-errors: "_env:ENCRYPT_ERRORS:true" server-session-acid-fallback: "_env:SERVER_SESSION_ACID_FALLBACK:false" auth-pw-hash: algorithm: pbkdf2 strength: 14 # Optional values with the following production defaults. # In development, they default to the opposite. # reload-templates: false # mutable-static: false # skip-combining: false # clear-cache: false database: user: "_env:PGUSER:uniworx" password: "_env:PGPASS:uniworx" host: "_env:PGHOST:127.0.0.1" port: "_env:PGPORT:5432" # See config/test-settings.yml for an override during tests database: "_env:PGDATABASE:uniworx" poolsize: "_env:PGPOOLSIZE:990" auto-db-migrate: '_env:AUTO_DB_MIGRATE:true' ldap: - host: "_env:LDAPHOST:" tls: "_env:LDAPTLS:" port: "_env:LDAPPORT:389" user: "_env:LDAPUSER:" pass: "_env:LDAPPASS:" baseDN: "_env:LDAPBASE:" scope: "_env:LDAPSCOPE:WholeSubtree" timeout: "_env:LDAPTIMEOUT:5" search-timeout: "_env:LDAPSEARCHTIME:5" pool: stripes: "_env:LDAPSTRIPES:1" timeout: "_env:LDAPTIMEOUT:20" limit: "_env:LDAPLIMIT:10" ldap-re-test-failover: 60 lms-direct: upload-header: "_env:LMSUPLOADHEADER:true" upload-delimiter: "_env:LMSUPLOADDELIMITER:" download-header: "_env:LMSDOWNLOADHEADER:true" download-delimiter: "_env:LMSDOWNLOADDELIMITER:," download-cr-lf: "_env:LMSDOWNLOADCRLF:true" deletion-days: "_env:LMSDELETIONDAYS:7" avs: host: "_env:AVSHOST:skytest.fra.fraport.de" port: "_env:AVSPORT:443" user: "_env:AVSUSER:fradrive" pass: "_env:AVSPASS:" lpr: host: "_env:LPRHOST:fravm017173.fra.fraport.de" port: "_env:LPRPORT:515" queue: "_env:LPRQUEUE:fradrive" smtp: host: "_env:SMTPHOST:" port: "_env:SMTPPORT:25" ssl: "_env:SMTPSSL:starttls" auth: type: login user: "_env:SMTPUSER:" pass: "_env:SMTPPASS:" pool: stripes: "_env:SMTPSTRIPES:1" timeout: "_env:SMTPTIMEOUT:20" limit: "_env:SMTPLIMIT:10" widget-memcached: host: "_env:WIDGET_MEMCACHED_HOST:localhost" port: "_env:WIDGET_MEMCACHED_PORT:11211" auth: [] limit: "_env:WIDGET_MEMCACHED_LIMIT:1024" timeout: "_env:WIDGET_MEMCACHED_TIMEOUT:20" base-url: "_env:WIDGET_MEMCACHED_ROOT:" expiration: "_env:WIDGET_MEMCACHED_EXPIRATION:3600" session-memcached: host: "_env:SESSION_MEMCACHED_HOST:localhost" port: "_env:SESSION_MEMCACHED_PORT:11211" auth: [] limit: "_env:SESSION_MEMCACHED_LIMIT:1024" timeout: "_env:SESSION_MEMCACHED_TIMEOUT:20" expiration: "_env:SESSION_MEMCACHED_EXPIRATION:28807" memcached: host: "_env:MEMCACHED_HOST:localhost" port: "_env:MEMCACHED_PORT:11211" auth: [] limit: "_env:MEMCACHED_LIMIT:1024" timeout: "_env:MEMCACHED_TIMEOUT:20" expiration: "_env:MEMCACHED_EXPIRATION:300" memcache-auth: true memcached-local: maximum-ghost: 512 maximum-weight: 104857600 # 100MiB upload-cache: host: "_env:UPLOAD_S3_HOST:" # should be optional, but all file transfers will be empty without an S3 cache port: "_env:UPLOAD_S3_PORT:9000" access-key: "_env:UPLOAD_S3_KEY_ID:" secret-key: "_env:UPLOAD_S3_KEY" is-secure: "_env:UPLOAD_S3_SSL:false" region: "_env:UPLOAD_S3_REGION:" auto-discover-region: "_env:UPLOAD_S3_AUTO_DISCOVER_REGION:true" disable-cert-validation: "_env:UPLOAD_S3_DISABLE_CERT_VALIDATION:false" upload-cache-bucket: "uni2work-uploads" upload-tmp-bucket: "uni2work-tmp" inject-files: 601 rechunk-files: 1201 check-missing-files: 7207 file-upload-db-chunksize: 4194304 # 4MiB file-chunking-target-exponent: 21 # 2MiB file-chunking-hash-window: 4096 server-sessions: idle-timeout: 28807 absolute-timeout: 604801 timeout-resolution: 601 persistent-cookies: true session-token-start: null session-token-expiration: 28807 session-token-encoding: HS256 session-token-clock-leniency-start: 5 bearer-token-clock-leniency-start: 5 upload-token-clock-leniency-start: 5 cookies: SESSION: same-site: lax http-only: true secure: "_env:SERVER_SESSION_COOKIES_SECURE:true" XSRF-TOKEN: expires: null same-site: strict http-only: false secure: "_env:COOKIES_SECURE:true" LANG: expires: 12622780800 same-site: lax http-only: false secure: "_env:COOKIES_SECURE:true" SYSTEM-MESSAGE-STATE: expires: 12622780800 same-site: lax http-only: false secure: "_env:COOKIES_SECURE:true" ACTIVE-AUTH-TAGS: expires: 12622780800 same-site: lax http-only: true secure: "_env:COOKIES_SECURE:true" external-apis-ping-interval: 300 external-apis-pong-timeout: 600 external-apis-expiry: 1200 user-defaults: max-favourites: 0 max-favourite-terms: 2 theme: Default date-time-format: "%d %b %y %R" date-format: "%d %b %Y" time-format: "%R" download-files: false warning-days: 1209600 show-sex: false exam-office-get-synced: true exam-office-get-labels: true prefers-postal: true instance-id: "_env:INSTANCE_ID:instance" ribbon: "_env:RIBBON:" favourites-quick-actions-burstsize: 40 favourites-quick-actions-avg-inverse-rate: 50e3 # µs/token favourites-quick-actions-timeout: 40e-3 # s favourites-quick-actions-cache-ttl: 120 # s token-buckets: inject-files: depth: 20971520 # 20MiB inv-rate: 9.5e-7 # 1MiB/s initial-value: 0 inject-files-count: depth: 100 inv-rate: 1 initial-value: 0 prune-files: depth: 1572864000 # 1500MiB inv-rate: 1.9e-6 # 2MiB/s initial-value: 0 rechunk-files: depth: 20971520 # 20MiB inv-rate: 9.5e-7 # 1MiB/s initial-value: 0 fallback-personalised-sheet-files-keys-expire: 2419200 download-token-expire: 604801 file-source-arc: maximum-ghost: 512 maximum-weight: 1073741824 # 1GiB file-source-prewarm: maximum-weight: 1073741824 # 1GiB start: 1800 # 30m end: 600 # 10m inhibit: 3600 # 60m steps: 20 max-speedup: 3 bot-mitigations: - only-logged-in-table-sorting - unauthorized-form-honeypots volatile-cluster-settings-cache-time: 10 communication-attachments-max-size: 20971520 # 20MiB