Sharing Service Configuration

Introduction

The Infinite Scale Sharing service

Default Values

  • Sharing listens on port 9150 by default.

Configuration

Environment Variables

The sharing service is configured via the following environment variables. Read the Environment Variable Types documentation for important details.

  • 4.0.5

Environment variables for the sharing service
Name Type Default Value Description

OCIS_TRACING_ENABLED
SHARING_TRACING_ENABLED

bool

false

Activates tracing.

OCIS_TRACING_TYPE
SHARING_TRACING_TYPE

string

The type of tracing. Defaults to '', which is the same as 'jaeger'. Allowed tracing types are 'jaeger' and '' as of now.

OCIS_TRACING_ENDPOINT
SHARING_TRACING_ENDPOINT

string

The endpoint of the tracing agent.

OCIS_TRACING_COLLECTOR
SHARING_TRACING_COLLECTOR

string

The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. Only used if the tracing endpoint is unset.

OCIS_LOG_LEVEL
SHARING_LOG_LEVEL

string

The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'.

OCIS_LOG_PRETTY
SHARING_LOG_PRETTY

bool

false

Activates pretty log output.

OCIS_LOG_COLOR
SHARING_LOG_COLOR

bool

false

Activates colorized log output.

OCIS_LOG_FILE
SHARING_LOG_FILE

string

The path to the log file. Activates logging to this file if set.

SHARING_DEBUG_ADDR

string

127.0.0.1:9151

Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.

SHARING_DEBUG_TOKEN

string

Token to secure the metrics endpoint.

SHARING_DEBUG_PPROF

bool

false

Enables pprof, which can be used for profiling.

SHARING_DEBUG_ZPAGES

bool

false

Enables zpages, which can be used for collecting and viewing in-memory traces.

SHARING_GRPC_ADDR

string

127.0.0.1:9150

The bind address of the GRPC service.

SHARING_GRPC_PROTOCOL

string

tcp

The transport protocol of the GRPC service.

OCIS_JWT_SECRET
SHARING_JWT_SECRET

string

The secret to mint and validate jwt tokens.

OCIS_REVA_GATEWAY

string

com.owncloud.api.gateway

The CS3 gateway endpoint.

OCIS_GRPC_CLIENT_TLS_MODE

string

TLS mode for grpc connection to the go-micro based grpc services. Possible values are 'off', 'insecure' and 'on'. 'off': disables transport security for the clients. 'insecure' allows using transport security, but disables certificate verification (to be used with the autogenerated self-signed certificates). 'on' enables transport security, including server certificate verification.

OCIS_GRPC_CLIENT_TLS_CACERT

string

Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the go-micro based grpc services.

OCIS_EVENTS_ENDPOINT
SHARING_EVENTS_ENDPOINT

string

127.0.0.1:9233

The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture.

OCIS_EVENTS_CLUSTER
SHARING_EVENTS_CLUSTER

string

ocis-cluster

The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system.

OCIS_INSECURE
SHARING_EVENTS_TLS_INSECURE

bool

false

Whether to verify the server TLS certificates.

OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE
SHARING_EVENTS_TLS_ROOT_CA_CERT

string

The root CA certificate used to validate the server’s TLS certificate. If provided SHARING_EVENTS_TLS_INSECURE will be seen as false.

OCIS_EVENTS_ENABLE_TLS
SHARING_EVENTS_ENABLE_TLS

bool

false

Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services..

SHARING_SKIP_USER_GROUPS_IN_TOKEN

bool

false

Disables the loading of user’s group memberships from the reva access token.

SHARING_USER_DRIVER

string

jsoncs3

Driver to be used to persist shares. Supported values are 'jsoncs3', 'json', 'cs3' and 'owncloudsql'.

SHARING_USER_JSONCS3_PROVIDER_ADDR

string

com.owncloud.api.storage-system

GRPC address of the STORAGE-SYSTEM service.

OCIS_SYSTEM_USER_ID
SHARING_USER_JSONCS3_SYSTEM_USER_ID

string

ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID for the STORAGE-SYSTEM system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format.

OCIS_SYSTEM_USER_IDP
SHARING_USER_JSONCS3_SYSTEM_USER_IDP

string

internal

IDP of the oCIS STORAGE-SYSTEM system user.

OCIS_SYSTEM_USER_API_KEY
SHARING_USER_JSONCS3_SYSTEM_USER_API_KEY

string

API key for the STORAGE-SYSTEM system user.

SHARING_USER_JSONCS3_CACHE_TTL

int

0

TTL for the internal caches in seconds.

SHARING_USER_JSON_FILE

string

~/.ocis/storage/shares.json

Path to the JSON file where shares will be persisted. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage.

SHARING_USER_CS3_PROVIDER_ADDR

string

com.owncloud.api.storage-system

GRPC address of the STORAGE-SYSTEM service.

OCIS_SYSTEM_USER_ID
SHARING_USER_CS3_SYSTEM_USER_ID

string

ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID for the STORAGE-SYSTEM system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format.

OCIS_SYSTEM_USER_IDP
SHARING_USER_CS3_SYSTEM_USER_IDP

string

internal

IDP of the oCIS STORAGE-SYSTEM system user.

OCIS_SYSTEM_USER_API_KEY
SHARING_USER_CS3_SYSTEM_USER_API_KEY

string

API key for the STORAGE-SYSTEM system user.

SHARING_USER_OWNCLOUDSQL_DB_USERNAME

string

owncloud

Username for the database.

SHARING_USER_OWNCLOUDSQL_DB_PASSWORD

string

Password for the database.

SHARING_USER_OWNCLOUDSQL_DB_HOST

string

mysql

Hostname or IP of the database server.

SHARING_USER_OWNCLOUDSQL_DB_PORT

int

3306

Port that the database server is listening on.

SHARING_USER_OWNCLOUDSQL_DB_NAME

string

owncloud

Name of the database to be used.

SHARING_USER_OWNCLOUDSQL_USER_STORAGE_MOUNT_ID

string

Mount ID of the ownCloudSQL users storage for mapping ownCloud 10 shares.

SHARING_PUBLIC_DRIVER

string

jsoncs3

Driver to be used to persist public shares. Supported values are 'jsoncs3', 'json' and 'cs3'.

SHARING_PUBLIC_JSON_FILE

string

~/.ocis/storage/publicshares.json

Path to the JSON file where public share meta-data will be stored. This JSON file contains the information about public shares that have been created. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage.

SHARING_PUBLIC_JSONCS3_PROVIDER_ADDR

string

com.owncloud.api.storage-system

GRPC address of the STORAGE-SYSTEM service.

OCIS_SYSTEM_USER_ID
SHARING_PUBLIC_JSONCS3_SYSTEM_USER_ID

string

ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID for the STORAGE-SYSTEM system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format.

OCIS_SYSTEM_USER_IDP
SHARING_PUBLIC_JSONCS3_SYSTEM_USER_IDP

string

internal

IDP of the oCIS STORAGE-SYSTEM system user.

OCIS_SYSTEM_USER_API_KEY
SHARING_PUBLIC_JSONCS3_SYSTEM_USER_API_KEY

string

API key for the STORAGE-SYSTEM system user.

SHARING_PUBLIC_CS3_PROVIDER_ADDR

string

com.owncloud.api.storage-system

GRPC address of the STORAGE-SYSTEM service.

OCIS_SYSTEM_USER_ID
SHARING_PUBLIC_CS3_SYSTEM_USER_ID

string

ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID for the STORAGE-SYSTEM system user in this config option which is then used to reference the user. Any reasonable long string is possible, preferably this would be an UUIDv4 format.

OCIS_SYSTEM_USER_IDP
SHARING_PUBLIC_CS3_SYSTEM_USER_IDP

string

internal

IDP of the oCIS STORAGE-SYSTEM system user.

OCIS_SYSTEM_USER_API_KEY
SHARING_PUBLIC_CS3_SYSTEM_USER_API_KEY

string

API key for the STORAGE-SYSTEM system user.

OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD
SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD

bool

false

Set this to true if you want to enforce passwords on Uploader, Editor or Contributor shares. If not using the global OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD, you must define the FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD in the frontend service.

YAML Example

Note that the filename shown below has been chosen on purpose.
See the Configuration File Naming for details when setting up your own configuration.

  • 4.0.5

# Autogenerated
# Filename: sharing-config-example.yaml

tracing:
  enabled: false
  type: ""
  endpoint: ""
  collector: ""
log:
  level: ""
  pretty: false
  color: false
  file: ""
debug:
  addr: 127.0.0.1:9151
  token: ""
  pprof: false
  zpages: false
grpc:
  addr: 127.0.0.1:9150
  tls: null
  protocol: tcp
token_manager:
  jwt_secret: ""
reva:
  address: com.owncloud.api.gateway
  tls:
    mode: ""
    cacert: ""
events:
  endpoint: 127.0.0.1:9233
  cluster: ocis-cluster
  tls_insecure: false
  tls_root_ca_cert_path: ""
  enable_tls: false
skip_user_groups_in_token: false
user_sharing_driver: jsoncs3
user_sharing_drivers:
  jsoncs3:
    provider_addr: com.owncloud.api.storage-system
    system_user_id: ""
    system_user_idp: internal
    system_user_api_key: ""
    cache_ttl: 0
  json:
    file: ~/.ocis/storage/shares.json
  cs3:
    provider_addr: com.owncloud.api.storage-system
    system_user_id: ""
    system_user_idp: internal
    system_user_api_key: ""
  owncloudsql:
    db_username: owncloud
    db_password: ""
    db_host: mysql
    db_port: 3306
    db_name: owncloud
    user_storage_mount_id: ""
public_sharing_driver: jsoncs3
public_sharing_drivers:
  json:
    file: ~/.ocis/storage/publicshares.json
  jsoncs3:
    provider_addr: com.owncloud.api.storage-system
    system_user_id: ""
    system_user_idp: internal
    system_user_api_key: ""
  cs3:
    provider_addr: com.owncloud.api.storage-system
    system_user_id: ""
    system_user_idp: internal
    system_user_api_key: ""
public_sharing_writeableshare_must_have_password: false