Sharing Service Configuration
Configuration
Environment Variables
The sharing
service is configured via the following environment variables. Read the Environment Variable Types documentation for important details.
Name | Type | Default Value | Description |
---|---|---|---|
|
bool |
false |
Activates tracing. |
|
string |
|
The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now. |
|
string |
|
The endpoint of the tracing agent. |
|
string |
|
The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset. |
|
string |
|
The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'. |
|
bool |
false |
Activates pretty log output. |
|
bool |
false |
Activates colorized log output. |
|
string |
|
The path to the log file. Activates logging to this file if set. |
|
string |
127.0.0.1:9151 |
Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed. |
|
string |
|
Token to secure the metrics endpoint. |
|
bool |
false |
Enables pprof, which can be used for profiling. |
|
bool |
false |
Enables zpages, which can be used for collecting and viewing in-memory traces. |
|
string |
127.0.0.1:9150 |
The bind address of the GRPC service. |
|
string |
tcp |
The transport protocol of the GRPC service. |
|
string |
|
The secret to mint and validate jwt tokens. |
|
string |
com.owncloud.api.gateway |
The CS3 gateway endpoint. |
|
string |
|
TLS mode for grpc connection to the go-micro based grpc services. Possible values are 'off', 'insecure' and 'on'. 'off': disables transport security for the clients. 'insecure' allows using transport security, but disables certificate verification (to be used with the autogenerated self-signed certificates). 'on' enables transport security, including server certificate verification. |
|
string |
|
Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the go-micro based grpc services. |
|
string |
127.0.0.1:9233 |
The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. |
|
string |
ocis-cluster |
The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system. |
|
bool |
false |
Whether to verify the server TLS certificates. |
|
string |
|
The root CA certificate used to validate the server’s TLS certificate. If provided SHARING_EVENTS_TLS_INSECURE will be seen as false. |
|
bool |
false |
Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services.. |
|
bool |
false |
Disables the loading of user’s group memberships from the reva access token. |
|
string |
jsoncs3 |
Driver to be used to persist shares. Supported values are 'jsoncs3', 'json', 'cs3' and 'owncloudsql'. |
|
string |
com.owncloud.api.storage-system |
GRPC address of the STORAGE-SYSTEM service. |
|
string |
|
ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID for the STORAGE-SYSTEM system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format. |
|
string |
internal |
IDP of the oCIS STORAGE-SYSTEM system user. |
|
string |
|
API key for the STORAGE-SYSTEM system user. |
|
int |
0 |
TTL for the internal caches in seconds. |
|
string |
~/.ocis/storage/shares.json |
Path to the JSON file where shares will be persisted. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage. |
|
string |
com.owncloud.api.storage-system |
GRPC address of the STORAGE-SYSTEM service. |
|
string |
|
ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID for the STORAGE-SYSTEM system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format. |
|
string |
internal |
IDP of the oCIS STORAGE-SYSTEM system user. |
|
string |
|
API key for the STORAGE-SYSTEM system user. |
|
string |
owncloud |
Username for the database. |
|
string |
|
Password for the database. |
|
string |
mysql |
Hostname or IP of the database server. |
|
int |
3306 |
Port that the database server is listening on. |
|
string |
owncloud |
Name of the database to be used. |
|
string |
|
Mount ID of the ownCloudSQL users storage for mapping ownCloud 10 shares. |
|
string |
jsoncs3 |
Driver to be used to persist public shares. Supported values are 'jsoncs3', 'json' and 'cs3'. |
|
string |
~/.ocis/storage/publicshares.json |
Path to the JSON file where public share meta-data will be stored. This JSON file contains the information about public shares that have been created. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage. |
|
string |
com.owncloud.api.storage-system |
GRPC address of the STORAGE-SYSTEM service. |
|
string |
|
ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID for the STORAGE-SYSTEM system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format. |
|
string |
internal |
IDP of the oCIS STORAGE-SYSTEM system user. |
|
string |
|
API key for the STORAGE-SYSTEM system user. |
|
string |
com.owncloud.api.storage-system |
GRPC address of the STORAGE-SYSTEM service. |
|
string |
|
ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID for the STORAGE-SYSTEM system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format. |
|
string |
internal |
IDP of the oCIS STORAGE-SYSTEM system user. |
|
string |
|
API key for the STORAGE-SYSTEM system user. |
|
bool |
false |
Set this to true if you want to enforce passwords on Uploader, Editor or Contributor shares. If not using the global OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD, you must define the FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD in the frontend service. |
YAML Example
Note that the filename shown below has been chosen on purpose.
See the Configuration File Naming for details when setting up your own configuration.
# Autogenerated
# Filename: sharing-config-example.yaml
tracing:
enabled: false
type: ""
endpoint: ""
collector: ""
log:
level: ""
pretty: false
color: false
file: ""
debug:
addr: 127.0.0.1:9151
token: ""
pprof: false
zpages: false
grpc:
addr: 127.0.0.1:9150
tls: null
protocol: tcp
token_manager:
jwt_secret: ""
reva:
address: com.owncloud.api.gateway
tls:
mode: ""
cacert: ""
events:
endpoint: 127.0.0.1:9233
cluster: ocis-cluster
tls_insecure: false
tls_root_ca_cert_path: ""
enable_tls: false
skip_user_groups_in_token: false
user_sharing_driver: jsoncs3
user_sharing_drivers:
jsoncs3:
provider_addr: com.owncloud.api.storage-system
system_user_id: ""
system_user_idp: internal
system_user_api_key: ""
cache_ttl: 0
json:
file: ~/.ocis/storage/shares.json
cs3:
provider_addr: com.owncloud.api.storage-system
system_user_id: ""
system_user_idp: internal
system_user_api_key: ""
owncloudsql:
db_username: owncloud
db_password: ""
db_host: mysql
db_port: 3306
db_name: owncloud
user_storage_mount_id: ""
public_sharing_driver: jsoncs3
public_sharing_drivers:
json:
file: ~/.ocis/storage/publicshares.json
jsoncs3:
provider_addr: com.owncloud.api.storage-system
system_user_id: ""
system_user_idp: internal
system_user_api_key: ""
cs3:
provider_addr: com.owncloud.api.storage-system
system_user_id: ""
system_user_idp: internal
system_user_api_key: ""
public_sharing_writeableshare_must_have_password: false