start-wekan.sh 16 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322
  1. #!/bin/bash
  2. function wekan_repo_check(){
  3. git_remotes="$(git remote show 2>/dev/null)"
  4. res=""
  5. for i in $git_remotes; do
  6. res="$(git remote get-url $i | sed 's/.*wekan\/wekan.*/wekan\/wekan/')"
  7. if [[ "$res" == "wekan/wekan" ]]; then
  8. break
  9. fi
  10. done
  11. if [[ "$res" != "wekan/wekan" ]]; then
  12. echo "$PWD is not a wekan repository"
  13. exit;
  14. fi
  15. }
  16. # If you want to restart even on crash, uncomment while and done lines.
  17. #while true; do
  18. wekan_repo_check
  19. cd .build/bundle
  20. #---------------------------------------------
  21. # Debug OIDC OAuth2 etc.
  22. #export DEBUG=true
  23. #---------------------------------------------
  24. export MONGO_URL='mongodb://127.0.0.1:27019/wekan'
  25. #---------------------------------------------
  26. # Production: https://example.com/wekan
  27. # Local: http://localhost:2000
  28. #export ipaddress=$(ifdata -pa eth0)
  29. export ROOT_URL='http://localhost:2000'
  30. #---------------------------------------------
  31. # https://github.com/wekan/wekan/wiki/Troubleshooting-Mail
  32. # https://github.com/wekan/wekan-mongodb/blob/master/docker-compose.yml
  33. export MAIL_URL='smtp://user:[email protected]:25/'
  34. #---------------------------------------------
  35. #export KADIRA_OPTIONS_ENDPOINT=http://127.0.0.1:11011
  36. #---------------------------------------------
  37. # This is local port where Wekan Node.js runs, same as below on Caddyfile settings.
  38. export PORT=2000
  39. #---------------------------------------------
  40. # Wekan Export Board works when WITH_API=true.
  41. # If you disable Wekan API with false, Export Board does not work.
  42. export WITH_API='true'
  43. #---------------------------------------------------------------
  44. # ==== PASSWORD BRUTE FORCE PROTECTION ====
  45. #https://atmospherejs.com/lucasantoniassi/accounts-lockout
  46. #Defaults below. Uncomment to change. wekan/server/accounts-lockout.js
  47. #export ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURES_BEFORE=3
  48. #export ACCOUNTS_LOCKOUT_KNOWN_USERS_PERIOD=60
  49. #export ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURE_WINDOW=15
  50. #export ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURES_BERORE=3
  51. #export ACCOUNTS_LOCKOUT_UNKNOWN_USERS_LOCKOUT_PERIOD=60
  52. #export ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURE_WINDOW=15
  53. #---------------------------------------------
  54. # CORS: Set Access-Control-Allow-Origin header. Example: *
  55. #export CORS=*
  56. # To enable the Set Access-Control-Allow-Headers header. "Authorization,Content-Type" is required for cross-origin use of the API.
  57. #export CORS_ALLOW_HEADERS=Authorization,Content-Type
  58. # To enable the Set Access-Control-Expose-Headers header. This is not needed for typical CORS situations. Example: *
  59. #export CORS_EXPOSE_HEADERS=*
  60. #---------------------------------------------
  61. ## Optional: Integration with Matomo https://matomo.org that is installed to your server
  62. ## The address of the server where Matomo is hosted:
  63. ##export MATOMO_ADDRESS=https://example.com/matomo
  64. #export MATOMO_ADDRESS=
  65. ## The value of the site ID given in Matomo server for Wekan
  66. # Example: export MATOMO_SITE_ID=123456789
  67. #export MATOMO_SITE_ID=''
  68. ## The option do not track which enables users to not be tracked by matomo"
  69. #Example: export MATOMO_DO_NOT_TRACK=false
  70. #export MATOMO_DO_NOT_TRACK=true
  71. ## The option that allows matomo to retrieve the username:
  72. # Example: export MATOMO_WITH_USERNAME=true
  73. #export MATOMO_WITH_USERNAME='false'
  74. # Enable browser policy and allow one trusted URL that can have iframe that has Wekan embedded inside.
  75. # Setting this to false is not recommended, it also disables all other browser policy protections
  76. # and allows all iframing etc. See wekan/server/policy.js
  77. # Default value: true
  78. export BROWSER_POLICY_ENABLED=true
  79. # When browser policy is enabled, HTML code at this Trusted URL can have iframe that embeds Wekan inside.
  80. # Example: export TRUSTED_URL=http://example.com
  81. export TRUSTED_URL=''
  82. # What to send to Outgoing Webhook, or leave out. Example, that includes all that are default: cardId,listId,oldListId,boardId,comment,user,card,commentId .
  83. # Example: export WEBHOOKS_ATTRIBUTES=cardId,listId,oldListId,boardId,comment,user,card,commentId
  84. export WEBHOOKS_ATTRIBUTES=''
  85. #---------------------------------------------
  86. # ==== OAUTH2 AZURE ====
  87. # https://github.com/wekan/wekan/wiki/Azure
  88. # 1) Register the application with Azure. Make sure you capture
  89. # the application ID as well as generate a secret key.
  90. # 2) Configure the environment variables. This differs slightly
  91. # by installation type, but make sure you have the following:
  92. #export OAUTH2_ENABLED=true
  93. # OAuth2 docs: https://github.com/wekan/wekan/wiki/OAuth2
  94. # OAuth2 login style: popup or redirect.
  95. #export OAUTH2_LOGIN_STYLE=redirect
  96. # Application GUID captured during app registration:
  97. #export OAUTH2_CLIENT_ID=xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx
  98. # Secret key generated during app registration:
  99. #export OAUTH2_SECRET=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
  100. #export OAUTH2_SERVER_URL=https://login.microsoftonline.com/
  101. #export OAUTH2_AUTH_ENDPOINT=/oauth2/v2.0/authorize
  102. #export OAUTH2_USERINFO_ENDPOINT=https://graph.microsoft.com/oidc/userinfo
  103. #export OAUTH2_TOKEN_ENDPOINT=/oauth2/v2.0/token
  104. # The claim name you want to map to the unique ID field:
  105. #export OAUTH2_ID_MAP=email
  106. # The claim name you want to map to the username field:
  107. #export OAUTH2_USERNAME_MAP=email
  108. # The claim name you want to map to the full name field:
  109. #export OAUTH2_FULLNAME_MAP=name
  110. # The claim name you want to map to the email field:
  111. #export OAUTH2_EMAIL_MAP=email
  112. #-----------------------------------------------------------------
  113. # ==== OAUTH2 KEYCLOAK ====
  114. # https://github.com/wekan/wekan/wiki/Keycloak <== MAPPING INFO, REQUIRED
  115. #export OAUTH2_ENABLED=true
  116. # OAuth2 login style: popup or redirect.
  117. #export OAUTH2_LOGIN_STYLE=redirect
  118. #export OAUTH2_CLIENT_ID=<Keycloak create Client ID>
  119. #export OAUTH2_SERVER_URL=<Keycloak server name>/auth
  120. #export OAUTH2_AUTH_ENDPOINT=/realms/<keycloak realm>/protocol/openid-connect/auth
  121. #export OAUTH2_USERINFO_ENDPOINT=/realms/<keycloak realm>/protocol/openid-connect/userinfo
  122. #export OAUTH2_TOKEN_ENDPOINT=/realms/<keycloak realm>/protocol/openid-connect/token
  123. #export OAUTH2_SECRET=<keycloak client secret>
  124. #-----------------------------------------------------------------
  125. # ==== OAUTH2 DOORKEEPER ====
  126. # OAuth2 docs: https://github.com/wekan/wekan/wiki/OAuth2
  127. # https://github.com/wekan/wekan/issues/1874
  128. # https://github.com/wekan/wekan/wiki/OAuth2
  129. # Enable the OAuth2 connection
  130. #export OAUTH2_ENABLED=true
  131. # OAuth2 login style: popup or redirect.
  132. #export OAUTH2_LOGIN_STYLE=redirect
  133. # OAuth2 Client ID.
  134. #export OAUTH2_CLIENT_ID=abcde12345
  135. # OAuth2 Secret.
  136. #export OAUTH2_SECRET=54321abcde
  137. # OAuth2 Server URL.
  138. #export OAUTH2_SERVER_URL=https://chat.example.com
  139. # OAuth2 Authorization Endpoint.
  140. #export OAUTH2_AUTH_ENDPOINT=/oauth/authorize
  141. # OAuth2 Userinfo Endpoint.
  142. #export OAUTH2_USERINFO_ENDPOINT=/oauth/userinfo
  143. # OAuth2 Token Endpoint.
  144. #export OAUTH2_TOKEN_ENDPOINT=/oauth/token
  145. # OAUTH2 ID Token Whitelist Fields.
  146. #export OAUTH2_ID_TOKEN_WHITELIST_FIELDS=[]
  147. # OAUTH2 Request Permissions.
  148. #export OAUTH2_REQUEST_PERMISSIONS='openid profile email'
  149. # OAuth2 ID Mapping
  150. #export OAUTH2_ID_MAP=
  151. # OAuth2 Username Mapping
  152. #export OAUTH2_USERNAME_MAP=
  153. # OAuth2 Fullname Mapping
  154. #export OAUTH2_FULLNAME_MAP=
  155. # OAuth2 Email Mapping
  156. #export OAUTH2_EMAIL_MAP=
  157. #---------------------------------------------
  158. # LDAP_ENABLE : Enable or not the connection by the LDAP
  159. # example : export LDAP_ENABLE=true
  160. #export LDAP_ENABLE=false
  161. # LDAP_PORT : The port of the LDAP server
  162. # example : export LDAP_PORT=389
  163. #export LDAP_PORT=389
  164. # LDAP_HOST : The host server for the LDAP server
  165. # example : export LDAP_HOST=localhost
  166. #export LDAP_HOST=
  167. # LDAP_BASEDN : The base DN for the LDAP Tree
  168. # example : export LDAP_BASEDN=ou=user,dc=example,dc=org
  169. #export LDAP_BASEDN=
  170. # LDAP_LOGIN_FALLBACK : Fallback on the default authentication method
  171. # example : export LDAP_LOGIN_FALLBACK=true
  172. #export LDAP_LOGIN_FALLBACK=false
  173. # LDAP_RECONNECT : Reconnect to the server if the connection is lost
  174. # example : export LDAP_RECONNECT=false
  175. #export LDAP_RECONNECT=true
  176. # LDAP_TIMEOUT : Overall timeout, in milliseconds
  177. # example : export LDAP_TIMEOUT=12345
  178. #export LDAP_TIMEOUT=10000
  179. # LDAP_IDLE_TIMEOUT : Specifies the timeout for idle LDAP connections in milliseconds
  180. # example : export LDAP_IDLE_TIMEOUT=12345
  181. #export LDAP_IDLE_TIMEOUT=10000
  182. # LDAP_CONNECT_TIMEOUT : Connection timeout, in milliseconds
  183. # example : export LDAP_CONNECT_TIMEOUT=12345
  184. #export LDAP_CONNECT_TIMEOUT=10000
  185. # LDAP_AUTHENTIFICATION : If the LDAP needs a user account to search
  186. # example : export LDAP_AUTHENTIFICATION=true
  187. #export LDAP_AUTHENTIFICATION=false
  188. # LDAP_AUTHENTIFICATION_USERDN : The search user DN
  189. # example : export LDAP_AUTHENTIFICATION_USERDN=cn=admin,dc=example,dc=org
  190. #export LDAP_AUTHENTIFICATION_USERDN=
  191. # LDAP_AUTHENTIFICATION_PASSWORD : The password for the search user
  192. # example : AUTHENTIFICATION_PASSWORD=admin
  193. #export LDAP_AUTHENTIFICATION_PASSWORD=
  194. # LDAP_LOG_ENABLED : Enable logs for the module
  195. # example : export LDAP_LOG_ENABLED=true
  196. #export LDAP_LOG_ENABLED=false
  197. # LDAP_BACKGROUND_SYNC : If the sync of the users should be done in the background
  198. # example : export LDAP_BACKGROUND_SYNC=true
  199. #export LDAP_BACKGROUND_SYNC=false
  200. # LDAP_BACKGROUND_SYNC_INTERVAL : At which interval does the background task sync in milliseconds
  201. # example : export LDAP_BACKGROUND_SYNC_INTERVAL=12345
  202. #export LDAP_BACKGROUND_SYNC_INTERVAL=100
  203. # LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED :
  204. # example : export LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=true
  205. #export LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=false
  206. # LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS :
  207. # example : export LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=true
  208. #export LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=false
  209. # LDAP_ENCRYPTION : If using LDAPS
  210. # example : export LDAP_ENCRYPTION=ssl
  211. #export LDAP_ENCRYPTION=false
  212. # LDAP_CA_CERT : The certification for the LDAPS server. Certificate needs to be included in this docker-compose.yml file.
  213. # example : export LDAP_CA_CERT=-----BEGIN CERTIFICATE-----MIIE+zCCA+OgAwIBAgIkAhwR/6TVLmdRY6hHxvUFWc0+Enmu/Hu6cj+G2FIdAgIC...-----END CERTIFICATE-----
  214. #export LDAP_CA_CERT=
  215. # LDAP_REJECT_UNAUTHORIZED : Reject Unauthorized Certificate
  216. # example : export LDAP_REJECT_UNAUTHORIZED=true
  217. #export LDAP_REJECT_UNAUTHORIZED=false
  218. # Option to login to the LDAP server with the user's own username and password, instead of an administrator key. Default: false (use administrator key).
  219. #export LDAP_USER_AUTHENTICATION=true
  220. # LDAP_USER_SEARCH_FILTER : Optional extra LDAP filters. Don't forget the outmost enclosing parentheses if needed
  221. # example : export LDAP_USER_SEARCH_FILTER=
  222. #export LDAP_USER_SEARCH_FILTER=
  223. # LDAP_USER_SEARCH_SCOPE : base (search only in the provided DN), one (search only in the provided DN and one level deep), or sub (search the whole subtree)
  224. # example : export LDAP_USER_SEARCH_SCOPE=one
  225. #export LDAP_USER_SEARCH_SCOPE=
  226. # LDAP_USER_SEARCH_FIELD : Which field is used to find the user
  227. # example : export LDAP_USER_SEARCH_FIELD=uid
  228. #export LDAP_USER_SEARCH_FIELD=
  229. # LDAP_SEARCH_PAGE_SIZE : Used for pagination (0=unlimited)
  230. # example : export LDAP_SEARCH_PAGE_SIZE=12345
  231. #export LDAP_SEARCH_PAGE_SIZE=0
  232. # LDAP_SEARCH_SIZE_LIMIT : The limit number of entries (0=unlimited)
  233. # example : export LDAP_SEARCH_SIZE_LIMIT=12345
  234. #export LDAP_SEARCH_SIZE_LIMIT=0
  235. # LDAP_GROUP_FILTER_ENABLE : Enable group filtering
  236. # example : export LDAP_GROUP_FILTER_ENABLE=true
  237. #export LDAP_GROUP_FILTER_ENABLE=false
  238. # LDAP_GROUP_FILTER_OBJECTCLASS : The object class for filtering
  239. # example : export LDAP_GROUP_FILTER_OBJECTCLASS=group
  240. #export LDAP_GROUP_FILTER_OBJECTCLASS=
  241. # LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE :
  242. # example :
  243. #export LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE=
  244. # LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE :
  245. # example :
  246. #export LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE=
  247. # LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT :
  248. # example :
  249. #export LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT=
  250. # LDAP_GROUP_FILTER_GROUP_NAME :
  251. # example :
  252. #export LDAP_GROUP_FILTER_GROUP_NAME=
  253. # LDAP_UNIQUE_IDENTIFIER_FIELD : This field is sometimes class GUID (Globally Unique Identifier)
  254. # example : export LDAP_UNIQUE_IDENTIFIER_FIELD=guid
  255. #export LDAP_UNIQUE_IDENTIFIER_FIELD=
  256. # LDAP_UTF8_NAMES_SLUGIFY : Convert the username to utf8
  257. # example : export LDAP_UTF8_NAMES_SLUGIFY=false
  258. #export LDAP_UTF8_NAMES_SLUGIFY=true
  259. # LDAP_USERNAME_FIELD : Which field contains the ldap username
  260. # example : export LDAP_USERNAME_FIELD=username
  261. #export LDAP_USERNAME_FIELD=
  262. # LDAP_FULLNAME_FIELD : Which field contains the ldap fullname
  263. # example : export LDAP_FULLNAME_FIELD=fullname
  264. #export LDAP_FULLNAME_FIELD=
  265. # LDAP_MERGE_EXISTING_USERS :
  266. # example : export LDAP_MERGE_EXISTING_USERS=true
  267. #export LDAP_MERGE_EXISTING_USERS=false
  268. # LDAP_EMAIL_MATCH_ENABLE : allow existing account matching by e-mail address when username does not match
  269. # example: LDAP_EMAIL_MATCH_ENABLE=true
  270. #export LDAP_EMAIL_MATCH_ENABLE=false
  271. # LDAP_EMAIL_MATCH_REQUIRE : require existing account matching by e-mail address when username does match
  272. # example: LDAP_EMAIL_MATCH_REQUIRE=true
  273. #export LDAP_EMAIL_MATCH_REQUIRE=false
  274. # LDAP_EMAIL_MATCH_VERIFIED : require existing account email address to be verified for matching
  275. # example: LDAP_EMAIL_MATCH_VERIFIED=true
  276. #export LDAP_EMAIL_MATCH_VERIFIED=false
  277. # LDAP_EMAIL_FIELD : which field contains the LDAP e-mail address
  278. # example: LDAP_EMAIL_FIELD=mail
  279. #export LDAP_EMAIL_FIELD=
  280. # LDAP_SYNC_USER_DATA :
  281. # example : export LDAP_SYNC_USER_DATA=true
  282. #export LDAP_SYNC_USER_DATA=false
  283. # LDAP_SYNC_USER_DATA_FIELDMAP :
  284. # example : export LDAP_SYNC_USER_DATA_FIELDMAP={"cn":"name", "mail":"email"}
  285. #export LDAP_SYNC_USER_DATA_FIELDMAP=
  286. # LDAP_SYNC_GROUP_ROLES :
  287. # example :
  288. #export LDAP_SYNC_GROUP_ROLES=
  289. # LDAP_DEFAULT_DOMAIN : The default domain of the ldap it is used to create email if the field is not map correctly with the LDAP_SYNC_USER_DATA_FIELDMAP
  290. # example :
  291. #export LDAP_DEFAULT_DOMAIN=
  292. # Enable/Disable syncing of admin status based on ldap groups:
  293. #export LDAP_SYNC_ADMIN_STATUS=true
  294. # Comma separated list of admin group names to sync.
  295. #export LDAP_SYNC_ADMIN_GROUPS=group1,group2
  296. #---------------------------------------------------------------------
  297. # Login to LDAP automatically with HTTP header.
  298. # In below example for siteminder, at right side of = is header name.
  299. #export HEADER_LOGIN_ID=HEADERUID
  300. #export HEADER_LOGIN_FIRSTNAME=HEADERFIRSTNAME
  301. #export HEADER_LOGIN_LASTNAME=HEADERLASTNAME
  302. #export HEADER_LOGIN_EMAIL=HEADEREMAILADDRESS
  303. #---------------------------------------------------------------------
  304. # LOGOUT_WITH_TIMER : Enables or not the option logout with timer
  305. # example : LOGOUT_WITH_TIMER=true
  306. #export LOGOUT_WITH_TIMER=
  307. # LOGOUT_IN : The number of days
  308. # example : LOGOUT_IN=1
  309. #export LOGOUT_IN=
  310. #export LOGOUT_ON_HOURS=
  311. # LOGOUT_ON_MINUTES : The number of minutes
  312. # example : LOGOUT_ON_MINUTES=55
  313. #export LOGOUT_ON_MINUTES=
  314. node main.js
  315. # & >> ../../wekan.log
  316. cd ../..
  317. #done