File: server.cfg

package info (click to toggle)
kopanocore 8.7.0-3
  • links: PTS, VCS
  • area: main
  • in suites: bullseye, buster, sid
  • size: 15,400 kB
  • sloc: cpp: 175,422; python: 24,623; perl: 7,319; php: 6,056; sh: 2,172; makefile: 1,294; xml: 45; ansic: 1
file content (493 lines) | stat: -rw-r--r-- 16,815 bytes parent folder | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
# If a directive is not used (i.e. commented out), the built-in server default
# is used, so to disable certain features, the empty string value must explicitly be
# set on them.

##############################################################
# SERVER SETTINGS

# Space-separated list of address:port specifiers for where the server should
# listen for unencrypted connections.
#
#    "*:236" — port 236, all protocols
#    "[::]:236" — port 236 on IPv6 only
#    "[2001:db8::1]:236" — port 236 on specific address only
#    To disable unencrypted connections, set to an empty value.
#
server_listen = *:236

# Space-separated list of paths for where to listen for AF_LOCAL
# connections.
# To disable, set to an empty value.
#
#server_pipe_name = /var/run/kopano/server.sock

# Space-separated list of paths for where to listen for AF_LOCAL
# connections to handle with raised priority.
# To disable, set to an empty value.
#
#server_pipe_priority = /var/run/kopano/prio.sock

# Name for identifying the server in a multi-server environment
#server_name =

# Override the hostname of this server, used by Kerberos SSO if enabled
#server_hostname =

# Database engine (mysql)
#database_engine = mysql

# Allow connections from normal users through the Unix socket
#allow_local_users = yes

# local admin users who can connect to any store (use this for the kopano-dagent)
# field is SPACE separated
# eg: local_admin_users = root vmail
# Default: root
local_admin_users = root kopano

# With owner_auto_full_access=true, the owner of an object is, in addition to
# any ACLs, implicitly granted "read", "create-in" and "is-visible" rights,
# even if the store belongs to another user, for example, when it has been
# moved via kopano-storeadm -D,-A.
#
#owner_auto_full_access = true

# e-mail address of the Kopano System user
#system_email_address = postmaster@localhost

# drop privileges and run the process as this user
run_as_user = kopano

# drop privileges and run the process as this group
run_as_group = kopano

# create a pid file for stopping the service via the init.d scripts
#pid_file = /var/run/kopano/server.pid

# run server in this path (when not using the -F switch)
#running_path = /var/lib/kopano/empty

# Use given allocator library. Values like libtcmalloc.so.4,
# libtcmalloc_minimal.so.4 and libjemalloc.so.2 would work.
#allocator_library = libtcmalloc_minimal.so.4

# create memory coredumps upon crash [no, systemdefault, yes]
#coredump_enabled = systemdefault

# session timeout for clients. Values lower than 300 will be upped to 300
# automatically. If the server hears nothing from a client in session_timeout
# seconds, then the session is killed.
#session_timeout = 300

# for temporary files
#tmp_path = /tmp

##############################################################
# LOG SETTINGS

# Logging method (syslog, file), syslog facility is 'mail'
#log_method = auto

# Logfile (for log_method = file, '-' for stderr)
#log_file = -

# Loglevel (0(none), 1(crit), 2(err), 3(warn), 4(notice), 5(info), 6(debug))
#log_level = 3

# Log timestamp - prefix each log line with timestamp in 'file' logging mode
#log_timestamp = yes

# Buffer logging in what sized blocks. 0 for line-buffered (syslog-style).
#log_buffer_size = 0

##############################################################
# AUDIT LOG SETTINGS

# Audit logging is by default not enabled
#audit_log_enabled = no

# Audit logging method (syslog, file), syslog facility is 'authpriv'
#audit_log_method = syslog

# Audit logfile (for log_method = file, '-' for stderr)
#audit_log_file = /var/log/kopano/audit.log

# Audit loglevel (0=no logging, 1=full logging)
#audit_log_level = 1

# Audit log timestamp - prefix each log line with timestamp in 'file' logging mode
#audit_log_timestamp = 1

##############################################################
# MYSQL SETTINGS (for database_engine = mysql)

# MySQL hostname to connect to for database access
#mysql_host = localhost

# MySQL port to connect with (usually 3306)
#mysql_port = 3306

# The user under which we connect with MySQL
#mysql_user = root

# The password for the user (leave empty for no password)
#mysql_password =

# Override the default MySQL socket to access mysql locally
# Works only if the mysql_host value is empty or 'localhost'
#mysql_socket =

# Database to connect to
#mysql_database = kopano

# MySQL engine, per default it is InnoDB, which is the only supported
# database engine. It is NOT advised to use a non-transactional engine
# like MyISAM, Aria, etc.
#mysql_engine = InnoDB

# Where to place attachments. Value can be 'database', 'files' or 's3'
#attachment_storage = files

# Enable fsync as method to make sure attachments are stored on disk where
# supported and will not be buffered by OS and/or filesystem. Please note
# this setting will lower attachment write performance depending on your
# environment but enhances data safety with disaster recovery.
# Only affects 'files' attachment storage backend.
#attachment_files_fsync = yes

# When attachment_storage is 'files', use this path to store the files
# When attachment_storage is 's3', use this path to set a prefix to all
# attachment data of a certain cluster, for example 'attach'
#attachment_path = /var/lib/kopano/attachments

# Compression level for attachments when attachment_storage is 'files'.
# Set compression level for attachments disabled=0, max=9
#attachment_compression = 6

##############################################################
# S3 STORAGE SETTINGS (for attachment_storage = s3)

# The hostname of the entry point to the S3 cloud where the bucket is located
# If you are using minio or another S3 compatible implementation that
# is using another port, you can specify the port with hostname:port.
#attachment_s3_hostname = s3-eu-west-1.amazonaws.com

# The region where the bucket is located, e.g. "eu-west-1"
#attachment_s3_region =

# The protocol that should be used to connect to S3, 'http' or 'https' (preferred)
#attachment_s3_protocol =

# The URL style of the bucket, "virtualhost" or "path"
#attachment_s3_uristyle =

# The access key id of your S3 account
#attachment_s3_accesskeyid =

# The secret access key of your S3 account
#attachment_s3_secretaccesskey =

# The bucket name in which the files will be stored
#attachment_s3_bucketname =

##############################################################
#  SSL SETTINGS

# Space-separated list of address:port specifiers for where to listen for
# TLS-encrypted connections.
#
#    "*:237" — port 237, all protocols
#    "[::]:237" — port 237 on IPv6 only
#    "[2001:db8::1]:237" — port 237 on specific address only
#    To disable encrypted connections, set to an empty value.
#
#server_listen_tls =

# Required Server certificate, contains the certificate and the private key parts
#server_ssl_key_file = /etc/kopano/ssl/server.pem

# Password of Server certificate
#server_ssl_key_pass =

# Required Certificate Authority of server
#server_ssl_ca_file = /etc/kopano/ssl/cacert.pem

# Path with CA certificates, e.g. /etc/ssl/certs
#server_ssl_ca_path =

# SSL protocols to use, space-separated list of protocols
# (SSLv3 TLSv1 TLSv1.1 TLSv1.2); prefix with ! to lock out a protocol.
#server_ssl_protocols =

# SSL ciphers to use, set to 'ALL' for backward compatibility
#server_ssl_ciphers = ALL:!LOW:!SSLv2:!EXP:!aNULL

# Prefer the server's order of SSL ciphers over client's
#server_ssl_prefer_server_ciphers = no

# Path of SSL Public keys of clients
#sslkeys_path = /etc/kopano/sslkeys

##############################################################
# THREAD SETTINGS

# Number of server threads
#threads = 8

# Watchdog frequency. The number of watchdog checks per second.
#watchdog_frequency = 1

# Watchdog max age. The maximum age in ms of a task before a
# new thread is started.
#watchdog_max_age = 500

# SOAP recv timeout value (time between requests)
#server_recv_timeout = 5

# SOAP read timeout value (time during requests)
#server_read_timeout = 60

# SOAP send timeout value
#server_send_timeout = 60

##############################################################
#  OTHER SETTINGS

# Softdelete clean cycle (in days) 0=never running
#softdelete_lifetime = 30

# Sync lifetime, removes all changes remembered for a client after x days of inactivity
#sync_lifetime = 90

# Set to 'yes' if you have Kerberos, NTLM or OpenID Connect correctly configured for single sign-on
#enable_sso = no

# Set to 'yes' if you want to show the GAB to your users
#enable_gab = yes

# Let address book tables start out with zero entries until a criteria is (un)set
#abtable_initially_empty = no

# Authentication can be through plugin (default, recommended), pam or kerberos
#auth_method = plugin

# If auth_method is set to pam, you should provide the pam service name
#pam_service = passwd


#############################################################
# CACHE SETTINGS
#
# To see the live cache usage, use 'kopano-stats --system'.

# Size in bytes of the 'cell' cache (should be set as high as you can afford to set it)
#cache_cell_size = 256M

# Size in bytes of the 'object' cache
#cache_object_size = 16M

# Size in bytes of the 'indexed object' cache
#cache_indexedobject_size = 32M

# Size in bytes of the userquota details
#cache_quota_size = 1M

# Lifetime for userquota details
#cache_quota_lifetime = 1

# Size in bytes of the acl cache
#cache_acl_size = 1M

# Size in bytes of the store id/guid cache
#cache_store_size = 1M

# Size in bytes of the 'user id' cache (this is allocated twice)
#cache_user_size = 1M

# Size in bytes of the 'user details' cache
#cache_userdetails_size = 25M

# Lifetime for user details
#cache_userdetails_lifetime = 0

# Size in bytes of the server details (multiserver setups only)
#cache_server_size = 1M

# Lifetime for server details (multiserver setups only)
#cache_server_lifetime = 30


##############################################################
#  QUOTA SETTINGS

# The default Warning Quota Level. Set to 0 to disable this level.
# The user will receive an email when this level is reached. Value is in Mb. Default value is 0.
#quota_warn = 0

# The default Soft Quota Level. Set to 0 to disable this level.
# The user will still receive mail, but sending new mail is prohibited, until objects are removed from the store.
# VALUE is in Mb. Default value is 0.
#quota_soft = 0

# The default Hard Quota Level. Set to 0 to disable this level.
# The user can not receive and send mail, until objects are removed from the store.
# Value is in Mb. Default value is 0.
#quota_hard = 0

# The default Warning Quota Level for multitenant public stores. Set to 0 to disable this level.
# The tenant administrator will receive an email when this level is reached. Value is in Mb. Default value is 0.
#companyquota_warn = 0


##############################################################
#  USER PLUGIN SETTINGS

# Name of the plugin that handles users
# Required, default = db
# Values: ldap, unix, db
#user_plugin = db

# configuration file of the user plugin, examples can be found in /usr/share/doc/kopano/example-config
#user_plugin_config = /etc/kopano/ldap.cfg

# scripts which create stores for users from an external source
# used for ldap and unix plugins only
#createuser_script = /usr/lib/kopano/userscripts/createuser
#deleteuser_script = /usr/lib/kopano/userscripts/deleteuser
#creategroup_script = /usr/lib/kopano/userscripts/creategroup
#deletegroup_script = /usr/lib/kopano/userscripts/deletegroup
#createcompany_script = /usr/lib/kopano/userscripts/createcompany
#deletecompany_script = /usr/lib/kopano/userscripts/deletecompany

# Set this option to 'yes' to skip the creation and deletion of new users
# The action will be logged, so you can see if your changes to the plugin
# configuration are correct.
#user_safe_mode = no

##############################################################
# OPENID CONNECT SETTINGS

# Enable OpenID Connect Issuer Identifier
# When set, the server attempts OIDC discovery using the configured issuer
# identifier on startup. An Issuer Identifier is a case sensitive URL using the
# https scheme that contains scheme, host, and optionally, port number and path
# components. This no Issuer Identifier is set, OIDC support is disabled.
#kcoidc_issuer_identifier =

# Disable TLS validation for OpenID Connect requests
# When set to yes, TLS certificate validation is skipped for all requests
# related to OpenID connect. This is insecure and should not be used in
# production setups.
#kcoidc_insecure_skip_verify = no

# Timeout in seconds when to give up OpenID Connect discovery
# When the OIDC initialize timeout is reached, server continues startup without
# OIDC and all OIDC validation will fail until the discovery completes. When
# set to 0, the server startup does not wait for OIDC discovery at all.
#kcoidc_initialize_timeout = 60

##############################################################
# MISC SETTINGS

# Enable multi-tenancy environment
# When set to true it is possible to create tenants within the
# kopano instance and assign all users and groups to particular
# tenants.
# When set to false, the normal single-tenancy environment is created.
#enable_hosted_kopano = false

# Enable multi-server environment
# When set to true it is possible to place users and tenants on
# specific servers.
# When set to false, the normal single-server environment is created.
#enable_distributed_kopano = false

# Display format of store name
# Allowed variables:
#  %u Username
#  %f Full name
#  %c Tenant's name
#storename_format = %f

# Loginname format (for Multi-tenancy installations)
# When the user does not login through a system-wide unique
# username (like the email address) a unique name is created
# by combining the username and the tenantname.
# With this configuration option you can set how the
# loginname should be built up.
#
# Note: Do not use the = character in the format.
#
# Allowed variables:
#  %u Username
#  %c Teantname
#
#loginname_format = %u

# Everyone is a special internal group, which contains every user and group
# You may want to disable this group from the Global Addressbook by setting
# this option to 'yes'. Administrators will still be able to see the group.
#hide_everyone = no

# System is a special internal user, which has super-admin privileges
# You may want to disable this user from the Global Addressbook by setting
# this option to 'yes'. Administrators will still be able to see the user.
#hide_system = yes

# Use Indexing service for faster searching.
# Enabling this option requires the kopano-search service to
# be running.
#search_enabled = yes

# Path to the kopano-search service, this option is only required
# if the server is going to make use of the indexing service.
#search_socket = file:///var/run/kopano/search.sock

# Time (in seconds) to wait for a connection to the kopano-search service
# before terminating the indexed search request.
#search_timeout = 10

# Allow enhanced ICS operations to speedup synchronization with cached profiles.
#enable_enhanced_ics = yes

# SQL Procedures allow for some optimized queries when streaming with enhanced ICS.
# This is default disabled because you must set 'thread_stack = 256k' in your
# MySQL server config under the [mysqld] tag and restart your MySQL server.
#enable_sql_procedures = no

# Synchronize GAB users on every open of the GAB (otherwise, only on
# kopano-admin --sync)
#sync_gab_realtime = yes

# Disable features for users. This list is space separated.
# Currently valid values: imap pop3 mobile outlook webapp
#disabled_features = imap pop3

# Maximum number of deferred records in total
#max_deferred_records = 0

# Maximum number of deferred records per folder
#max_deferred_records_folder = 20

# Restrict the permissions that admins receive to folder permissions only. Please
# read the server.cfg manpage before enabling this option so you really understand
# the implications
#restrict_admin_permissions = no

# The maximum level of attachment recursion; Defines the number of
# attachment-in-attachment in-attachment levels are allowed when saving and
# replicating objects in the database. If you really want a higher level of
# recursion than about 20, you probably have to increase MySQL's stack_size
# to allow replication to work properly.
#embedded_attachment_limit = 20

# Header to detect whether a connection has been received through a proxy. The
# value of the header is not inspected. If the header exists then the connection
# is taken to be received via a proxy. An empty value disables proxy detection
# and the value of '*' is used to indicate that all connections are proxied
#proxy_header =

# Enable/disable reminders for shared stores
#shared_reminders = yes

!include debian-db.cfg