1<?php 2 3/** 4 * This configuration file is only provided to document the different 5 * configuration options and their usage. 6 * 7 * DO NOT COMPLETELY BASE YOUR CONFIGURATION FILE ON THIS SAMPLE. THIS MAY BREAK 8 * YOUR INSTANCE. Instead, manually copy configuration switches that you 9 * consider important for your instance to your working ``config.php``, and 10 * apply configuration options that are pertinent for your instance. 11 * 12 * This file is used to generate the configuration documentation. 13 * Please consider following requirements of the current parser: 14 * * all comments need to start with `/**` and end with ` *\/` - each on their 15 * own line 16 * * add a `@see CONFIG_INDEX` to copy a previously described config option 17 * also to this line 18 * * everything between the ` *\/` and the next `/**` will be treated as the 19 * config option 20 * * use RST syntax 21 */ 22 23$CONFIG = [ 24 25 26/** 27 * Default Parameters 28 * 29 * These parameters are configured by the Nextcloud installer, and are required 30 * for your Nextcloud server to operate. 31 */ 32 33 34/** 35 * This is a unique identifier for your Nextcloud installation, created 36 * automatically by the installer. This example is for documentation only, 37 * and you should never use it because it will not work. A valid ``instanceid`` 38 * is created when you install Nextcloud. 39 * 40 * 'instanceid' => 'd3c944a9a', 41 */ 42'instanceid' => '', 43 44 /** 45 * The salt used to hash all passwords, auto-generated by the Nextcloud 46 * installer. (There are also per-user salts.) If you lose this salt you lose 47 * all your passwords. This example is for documentation only, and you should 48 * never use it. 49 * 50 * @deprecated This salt is deprecated and only used for legacy-compatibility, 51 * developers should *NOT* use this value for anything nowadays. 52 * 53 * 'passwordsalt' => 'd3c944a9af095aa08f', 54 */ 55'passwordsalt' => '', 56 57/** 58 * Your list of trusted domains that users can log into. Specifying trusted 59 * domains prevents host header poisoning. Do not remove this, as it performs 60 * necessary security checks. 61 * You can specify: 62 * 63 * - the exact hostname of your host or virtual host, e.g. demo.example.org. 64 * - the exact hostname with permitted port, e.g. demo.example.org:443. 65 * This disallows all other ports on this host 66 * - use * as a wildcard, e.g. ubos-raspberry-pi*.local will allow 67 * ubos-raspberry-pi.local and ubos-raspberry-pi-2.local 68 * - the IP address with or without permitted port, e.g. [2001:db8::1]:8080 69 * Using TLS certificates where commonName=<IP address> is deprecated 70 */ 71'trusted_domains' => 72 [ 73 'demo.example.org', 74 'otherdomain.example.org', 75 '10.111.112.113', 76 '[2001:db8::1]' 77 ], 78 79 80/** 81 * Where user files are stored. The SQLite database is also stored here, when 82 * you use SQLite. 83 * 84 * Default to ``data/`` in the Nextcloud directory. 85 */ 86'datadirectory' => '/usr/local/www/nextcloud/data', 87 88/** 89 * The current version number of your Nextcloud installation. This is set up 90 * during installation and update, so you shouldn't need to change it. 91 */ 92'version' => '', 93 94/** 95 * Identifies the database used with this installation. See also config option 96 * ``supportedDatabases`` 97 * 98 * Available: 99 * - sqlite3 (SQLite3) 100 * - mysql (MySQL/MariaDB) 101 * - pgsql (PostgreSQL) 102 * 103 * Defaults to ``sqlite3`` 104 */ 105'dbtype' => 'sqlite3', 106 107/** 108 * Your host server name, for example ``localhost``, ``hostname``, 109 * ``hostname.example.com``, or the IP address. To specify a port use 110 * ``hostname:####``; to specify a Unix socket use 111 * ``/path/to/directory/containing/socket`` e.g. ``/run/postgresql/``. 112 */ 113'dbhost' => '', 114 115/** 116 * The name of the Nextcloud database, which is set during installation. You 117 * should not need to change this. 118 */ 119'dbname' => 'nextcloud', 120 121/** 122 * The user that Nextcloud uses to write to the database. This must be unique 123 * across Nextcloud instances using the same SQL database. This is set up during 124 * installation, so you shouldn't need to change it. 125 */ 126'dbuser' => '', 127 128/** 129 * The password for the database user. This is set up during installation, so 130 * you shouldn't need to change it. 131 */ 132'dbpassword' => '', 133 134/** 135 * Prefix for the Nextcloud tables in the database. 136 * 137 * Default to ``oc_`` 138 */ 139'dbtableprefix' => '', 140 141 142/** 143 * Indicates whether the Nextcloud instance was installed successfully; ``true`` 144 * indicates a successful installation, and ``false`` indicates an unsuccessful 145 * installation. 146 * 147 * Defaults to ``false`` 148 */ 149'installed' => false, 150 151 152/** 153 * User Experience 154 * 155 * These optional parameters control some aspects of the user interface. Default 156 * values, where present, are shown. 157 */ 158 159/** 160 * This sets the default language on your Nextcloud server, using ISO_639-1 161 * language codes such as ``en`` for English, ``de`` for German, and ``fr`` for 162 * French. It overrides automatic language detection on public pages like login 163 * or shared items. User's language preferences configured under "personal -> 164 * language" override this setting after they have logged in. Nextcloud has two 165 * distinguished language codes for German, 'de' and 'de_DE'. 'de' is used for 166 * informal German and 'de_DE' for formal German. By setting this value to 'de_DE' 167 * you can enforce the formal version of German unless the user has chosen 168 * something different explicitly. 169 * 170 * Defaults to ``en`` 171 */ 172'default_language' => 'en', 173 174/** 175 * With this setting a language can be forced for all users. If a language is 176 * forced, the users are also unable to change their language in the personal 177 * settings. If users shall be unable to change their language, but users have 178 * different languages, this value can be set to ``true`` instead of a language 179 * code. 180 * 181 * Defaults to ``false`` 182 */ 183'force_language' => 'en', 184 185/** 186 * This sets the default locale on your Nextcloud server, using ISO_639 187 * language codes such as ``en`` for English, ``de`` for German, and ``fr`` for 188 * French, and ISO-3166 country codes such as ``GB``, ``US``, ``CA``, as defined 189 * in RFC 5646. It overrides automatic locale detection on public pages like 190 * login or shared items. User's locale preferences configured under "personal 191 * -> locale" override this setting after they have logged in. 192 * 193 * Defaults to ``en`` 194 */ 195'default_locale' => 'en_US', 196 197/** 198 * This sets the default region for phone numbers on your Nextcloud server, 199 * using ISO 3166-1 country codes such as ``DE`` for Germany, ``FR`` for France, … 200 * It is required to allow inserting phone numbers in the user profiles starting 201 * without the country code (e.g. +49 for Germany). 202 * 203 * No default value! 204 */ 205'default_phone_region' => 'GB', 206 207/** 208 * With this setting a locale can be forced for all users. If a locale is 209 * forced, the users are also unable to change their locale in the personal 210 * settings. If users shall be unable to change their locale, but users have 211 * different languages, this value can be set to ``true`` instead of a locale 212 * code. 213 * 214 * Defaults to ``false`` 215 */ 216'force_locale' => 'en_US', 217 218/** 219 * Set the default app to open on login. Use the app names as they appear in the 220 * URL after clicking them in the Apps menu, such as documents, calendar, and 221 * gallery. You can use a comma-separated list of app names, so if the first 222 * app is not enabled for a user then Nextcloud will try the second one, and so 223 * on. If no enabled apps are found it defaults to the dashboard app. 224 * 225 * Defaults to ``dashboard,files`` 226 */ 227'defaultapp' => 'dashboard,files', 228 229/** 230 * ``true`` enables the Help menu item in the user menu (top right of the 231 * Nextcloud Web interface). ``false`` removes the Help item. 232 */ 233'knowledgebaseenabled' => true, 234 235/** 236 * ``true`` allows users to change their display names (on their Personal 237 * pages), and ``false`` prevents them from changing their display names. 238 */ 239'allow_user_to_change_display_name' => true, 240 241/** 242 * Lifetime of the remember login cookie. This should be larger than the 243 * session_lifetime. If it is set to 0 remember me is disabled. 244 * 245 * Defaults to ``60*60*24*15`` seconds (15 days) 246 */ 247'remember_login_cookie_lifetime' => 60*60*24*15, 248 249/** 250 * The lifetime of a session after inactivity. 251 * 252 * The maximum possible time is limited by the session.gc_maxlifetime php.ini setting 253 * which would overwrite this option if it is less than the value in the config.php 254 * 255 * Defaults to ``60*60*24`` seconds (24 hours) 256 */ 257'session_lifetime' => 60 * 60 * 24, 258 259/** 260 * Enable or disable session keep-alive when a user is logged in to the Web UI. 261 * Enabling this sends a "heartbeat" to the server to keep it from timing out. 262 * 263 * Defaults to ``true`` 264 */ 265'session_keepalive' => true, 266 267/** 268 * Enable or disable the automatic logout after session_lifetime, even if session 269 * keepalive is enabled. This will make sure that an inactive browser will be logged out 270 * even if requests to the server might extend the session lifetime. 271 * 272 * Defaults to ``false`` 273 */ 274'auto_logout' => false, 275 276/** 277 * Enforce token authentication for clients, which blocks requests using the user 278 * password for enhanced security. Users need to generate tokens in personal settings 279 * which can be used as passwords on their clients. 280 * 281 * Defaults to ``false`` 282 */ 283'token_auth_enforced' => false, 284 285/** 286 * The interval at which token activity should be updated. 287 * Increasing this value means that the last activty on the security page gets 288 * more outdated. 289 * 290 * Tokens are still checked every 5 minutes for validity 291 * max value: 300 292 * 293 * Defaults to ``300`` 294 */ 295'token_auth_activity_update' => 60, 296 297/** 298 * Whether the bruteforce protection shipped with Nextcloud should be enabled or not. 299 * 300 * Disabling this is discouraged for security reasons. 301 * 302 * Defaults to ``true`` 303 */ 304'auth.bruteforce.protection.enabled' => true, 305 306/** 307 * By default WebAuthn is available but it can be explicitly disabled by admins 308 */ 309'auth.webauthn.enabled' => true, 310 311/** 312 * By default the login form is always available. There are cases (SSO) where an 313 * admin wants to avoid users entering their credentials to the system if the SSO 314 * app is unavailable. 315 * 316 * This will show an error. But the the direct login still works with adding ?direct=1 317 */ 318'hide_login_form' => false, 319 320/** 321 * The directory where the skeleton files are located. These files will be 322 * copied to the data directory of new users. Leave empty to not copy any 323 * skeleton files. 324 * ``{lang}`` can be used as a placeholder for the language of the user. 325 * If the directory does not exist, it falls back to non dialect (from ``de_DE`` 326 * to ``de``). If that does not exist either, it falls back to ``default`` 327 * 328 * Defaults to ``core/skeleton`` in the Nextcloud directory. 329 */ 330'skeletondirectory' => '/path/to/nextcloud/core/skeleton', 331 332 333/** 334 * The directory where the template files are located. These files will be 335 * copied to the template directory of new users. Leave empty to not copy any 336 * template files. 337 * ``{lang}`` can be used as a placeholder for the language of the user. 338 * If the directory does not exist, it falls back to non dialect (from ``de_DE`` 339 * to ``de``). If that does not exist either, it falls back to ``default`` 340 * 341 * If this is not set creating a template directory will only happen if no custom 342 * ``skeletondirectory`` is defined, otherwise the shipped templates will be used 343 * to create a template directory for the user. 344 */ 345'templatedirectory' => '/path/to/nextcloud/templates', 346 347/** 348 * If your user backend does not allow password resets (e.g. when it's a 349 * read-only user backend like LDAP), you can specify a custom link, where the 350 * user is redirected to, when clicking the "reset password" link after a failed 351 * login-attempt. 352 * In case you do not want to provide any link, replace the url with 'disabled' 353 */ 354'lost_password_link' => 'https://example.org/link/to/password/reset', 355 356/** 357 * Mail Parameters 358 * 359 * These configure the email settings for Nextcloud notifications and password 360 * resets. 361 */ 362 363/** 364 * The return address that you want to appear on emails sent by the Nextcloud 365 * server, for example ``nc-admin@example.com``, substituting your own domain, 366 * of course. 367 */ 368'mail_domain' => 'example.com', 369 370/** 371 * FROM address that overrides the built-in ``sharing-noreply`` and 372 * ``lostpassword-noreply`` FROM addresses. 373 * 374 * Defaults to different from addresses depending on the feature. 375 */ 376'mail_from_address' => 'nextcloud', 377 378/** 379 * Enable SMTP class debugging. 380 * 381 * Defaults to ``false`` 382 */ 383'mail_smtpdebug' => false, 384 385/** 386 * Which mode to use for sending mail: ``sendmail``, ``smtp`` or ``qmail``. 387 * 388 * If you are using local or remote SMTP, set this to ``smtp``. 389 * 390 * For the ``sendmail`` option you need an installed and working email system on 391 * the server, with ``/usr/sbin/sendmail`` installed on your Unix system. 392 * 393 * For ``qmail`` the binary is /var/qmail/bin/sendmail, and it must be installed 394 * on your Unix system. 395 * 396 * Defaults to ``smtp`` 397 */ 398'mail_smtpmode' => 'smtp', 399 400/** 401 * This depends on ``mail_smtpmode``. Specify the IP address of your mail 402 * server host. This may contain multiple hosts separated by a semi-colon. If 403 * you need to specify the port number append it to the IP address separated by 404 * a colon, like this: ``127.0.0.1:24``. 405 * 406 * Defaults to ``127.0.0.1`` 407 */ 408'mail_smtphost' => '127.0.0.1', 409 410/** 411 * This depends on ``mail_smtpmode``. Specify the port for sending mail. 412 * 413 * Defaults to ``25`` 414 */ 415'mail_smtpport' => 25, 416 417/** 418 * This depends on ``mail_smtpmode``. This sets the SMTP server timeout, in 419 * seconds. You may need to increase this if you are running an anti-malware or 420 * spam scanner. 421 * 422 * Defaults to ``10`` seconds 423 */ 424'mail_smtptimeout' => 10, 425 426/** 427 * This depends on ``mail_smtpmode``. Specify when you are using ``ssl`` for SSL/TLS or 428 * ``tls`` for STARTTLS, or leave empty for no encryption. 429 * 430 * Defaults to ``''`` (empty string) 431 */ 432'mail_smtpsecure' => '', 433 434/** 435 * This depends on ``mail_smtpmode``. Change this to ``true`` if your mail 436 * server requires authentication. 437 * 438 * Defaults to ``false`` 439 */ 440'mail_smtpauth' => false, 441 442/** 443 * This depends on ``mail_smtpmode``. If SMTP authentication is required, choose 444 * the authentication type as ``LOGIN`` or ``PLAIN``. 445 * 446 * Defaults to ``LOGIN`` 447 */ 448'mail_smtpauthtype' => 'LOGIN', 449 450/** 451 * This depends on ``mail_smtpauth``. Specify the username for authenticating to 452 * the SMTP server. 453 * 454 * Defaults to ``''`` (empty string) 455 */ 456'mail_smtpname' => '', 457 458/** 459 * This depends on ``mail_smtpauth``. Specify the password for authenticating to 460 * the SMTP server. 461 * 462 * Default to ``''`` (empty string) 463 */ 464'mail_smtppassword' => '', 465 466/** 467 * Replaces the default mail template layout. This can be utilized if the 468 * options to modify the mail texts with the theming app is not enough. 469 * The class must extend ``\OC\Mail\EMailTemplate`` 470 */ 471'mail_template_class' => '\OC\Mail\EMailTemplate', 472 473/** 474 * Email will be send by default with an HTML and a plain text body. This option 475 * allows to only send plain text emails. 476 */ 477'mail_send_plaintext_only' => false, 478 479/** 480 * This depends on ``mail_smtpmode``. Array of additional streams options that 481 * will be passed to underlying Swift mailer implementation. 482 * Defaults to an empty array. 483 */ 484'mail_smtpstreamoptions' => [], 485 486/** 487 * Which mode is used for sendmail/qmail: ``smtp`` or ``pipe``. 488 * 489 * For ``smtp`` the sendmail binary is started with the parameter ``-bs``: 490 * - Use the SMTP protocol on standard input and output. 491 * 492 * For ``pipe`` the binary is started with the parameters ``-t``: 493 * - Read message from STDIN and extract recipients. 494 * 495 * Defaults to ``smtp`` 496 */ 497'mail_sendmailmode' => 'smtp', 498 499/** 500 * Proxy Configurations 501 */ 502 503/** 504 * The automatic hostname detection of Nextcloud can fail in certain reverse 505 * proxy and CLI/cron situations. This option allows you to manually override 506 * the automatic detection; for example ``www.example.com``, or specify the port 507 * ``www.example.com:8080``. 508 */ 509'overwritehost' => '', 510 511/** 512 * When generating URLs, Nextcloud attempts to detect whether the server is 513 * accessed via ``https`` or ``http``. However, if Nextcloud is behind a proxy 514 * and the proxy handles the ``https`` calls, Nextcloud would not know that 515 * ``ssl`` is in use, which would result in incorrect URLs being generated. 516 * Valid values are ``http`` and ``https``. 517 */ 518'overwriteprotocol' => '', 519 520/** 521 * Nextcloud attempts to detect the webroot for generating URLs automatically. 522 * For example, if ``www.example.com/nextcloud`` is the URL pointing to the 523 * Nextcloud instance, the webroot is ``/nextcloud``. When proxies are in use, 524 * it may be difficult for Nextcloud to detect this parameter, resulting in 525 * invalid URLs. 526 */ 527'overwritewebroot' => '', 528 529/** 530 * This option allows you to define a manual override condition as a regular 531 * expression for the remote IP address. For example, defining a range of IP 532 * addresses starting with ``10.0.0.`` and ending with 1 to 3: 533 * ``^10\.0\.0\.[1-3]$`` 534 * 535 * Defaults to ``''`` (empty string) 536 */ 537'overwritecondaddr' => '', 538 539/** 540 * Use this configuration parameter to specify the base URL for any URLs which 541 * are generated within Nextcloud using any kind of command line tools (cron or 542 * occ). The value should contain the full base URL: 543 * ``https://www.example.com/nextcloud`` 544 * 545 * Defaults to ``''`` (empty string) 546 */ 547'overwrite.cli.url' => '', 548 549/** 550 * To have clean URLs without `/index.php` this parameter needs to be configured. 551 * 552 * This parameter will be written as "RewriteBase" on update and installation of 553 * Nextcloud to your `.htaccess` file. While this value is often simply the URL 554 * path of the Nextcloud installation it cannot be set automatically properly in 555 * every scenario and needs thus some manual configuration. 556 * 557 * In a standard Apache setup this usually equals the folder that Nextcloud is 558 * accessible at. So if Nextcloud is accessible via "https://mycloud.org/nextcloud" 559 * the correct value would most likely be "/nextcloud". If Nextcloud is running 560 * under "https://mycloud.org/" then it would be "/". 561 * 562 * Note that the above rule is not valid in every case, as there are some rare setup 563 * cases where this may not apply. However, to avoid any update problems this 564 * configuration value is explicitly opt-in. 565 * 566 * After setting this value run `occ maintenance:update:htaccess`. Now, when the 567 * following conditions are met Nextcloud URLs won't contain `index.php`: 568 * 569 * - `mod_rewrite` is installed 570 * - `mod_env` is installed 571 * 572 * Defaults to ``''`` (empty string) 573 */ 574'htaccess.RewriteBase' => '/', 575 576/** 577 * For server setups, that don't have `mod_env` enabled or restricted (e.g. suEXEC) 578 * this parameter has to be set to true and will assume mod_rewrite. 579 * 580 * Please check, if `mod_rewrite` is active and functional before setting this 581 * parameter and you updated your .htaccess with `occ maintenance:update:htaccess`. 582 * Otherwise your nextcloud installation might not be reachable anymore. 583 * For example, try accessing resources by leaving out `index.php` in the URL. 584 */ 585'htaccess.IgnoreFrontController' => false, 586 587/** 588 * The URL of your proxy server, for example ``proxy.example.com:8081``. 589 * 590 * Note: Guzzle (the http library used by Nextcloud) is reading the environment 591 * variables HTTP_PROXY (only for cli request), HTTPS_PROXY, and NO_PROXY by default. 592 * 593 * If you configure proxy with Nextcloud any default configuration by Guzzle 594 * is overwritten. Make sure to set ``proxyexclude`` accordingly if necessary. 595 * 596 * Defaults to ``''`` (empty string) 597 */ 598'proxy' => '', 599 600/** 601 * The optional authentication for the proxy to use to connect to the internet. 602 * The format is: ``username:password``. 603 * 604 * Defaults to ``''`` (empty string) 605 */ 606'proxyuserpwd' => '', 607 608/** 609 * List of host names that should not be proxied to. 610 * For example: ``['.mit.edu', 'foo.com']``. 611 * 612 * Hint: Use something like ``explode(',', getenv('NO_PROXY'))`` to sync this 613 * value with the global NO_PROXY option. 614 * 615 * Defaults to empty array. 616 */ 617'proxyexclude' => [], 618 619/** 620 * Allow remote servers with local addresses e.g. in federated shares, webcal services and more 621 * 622 * Defaults to false 623 */ 624'allow_local_remote_servers' => true, 625 626/** 627 * Deleted Items (trash bin) 628 * 629 * These parameters control the Deleted files app. 630 */ 631 632/** 633 * If the trash bin app is enabled (default), this setting defines the policy 634 * for when files and folders in the trash bin will be permanently deleted. 635 * The app allows for two settings, a minimum time for trash bin retention, 636 * and a maximum time for trash bin retention. 637 * Minimum time is the number of days a file will be kept, after which it 638 * may be deleted. Maximum time is the number of days at which it is guaranteed 639 * to be deleted. 640 * Both minimum and maximum times can be set together to explicitly define 641 * file and folder deletion. For migration purposes, this setting is installed 642 * initially set to "auto", which is equivalent to the default setting in 643 * Nextcloud. 644 * 645 * Available values: 646 * 647 * * ``auto`` 648 * default setting. keeps files and folders in the trash bin for 30 days 649 * and automatically deletes anytime after that if space is needed (note: 650 * files may not be deleted if space is not needed). 651 * * ``D, auto`` 652 * keeps files and folders in the trash bin for D+ days, delete anytime if 653 * space needed (note: files may not be deleted if space is not needed) 654 * * ``auto, D`` 655 * delete all files in the trash bin that are older than D days 656 * automatically, delete other files anytime if space needed 657 * * ``D1, D2`` 658 * keep files and folders in the trash bin for at least D1 days and 659 * delete when exceeds D2 days (note: files will not be deleted automatically if space is needed) 660 * * ``disabled`` 661 * trash bin auto clean disabled, files and folders will be kept forever 662 * 663 * Defaults to ``auto`` 664 */ 665'trashbin_retention_obligation' => 'auto', 666 667 668/** 669 * File versions 670 * 671 * These parameters control the Versions app. 672 */ 673 674/** 675 * If the versions app is enabled (default), this setting defines the policy 676 * for when versions will be permanently deleted. 677 * The app allows for two settings, a minimum time for version retention, 678 * and a maximum time for version retention. 679 * Minimum time is the number of days a version will be kept, after which it 680 * may be deleted. Maximum time is the number of days at which it is guaranteed 681 * to be deleted. 682 * Both minimum and maximum times can be set together to explicitly define 683 * version deletion. For migration purposes, this setting is installed 684 * initially set to "auto", which is equivalent to the default setting in 685 * Nextcloud. 686 * 687 * Available values: 688 * 689 * * ``auto`` 690 * default setting. Automatically expire versions according to expire 691 * rules. Please refer to :doc:`../configuration_files/file_versioning` for 692 * more information. 693 * * ``D, auto`` 694 * keep versions at least for D days, apply expire rules to all versions 695 * that are older than D days 696 * * ``auto, D`` 697 * delete all versions that are older than D days automatically, delete 698 * other versions according to expire rules 699 * * ``D1, D2`` 700 * keep versions for at least D1 days and delete when exceeds D2 days 701 * * ``disabled`` 702 * versions auto clean disabled, versions will be kept forever 703 * 704 * Defaults to ``auto`` 705 */ 706'versions_retention_obligation' => 'auto', 707 708/** 709 * Nextcloud Verifications 710 * 711 * Nextcloud performs several verification checks. There are two options, 712 * ``true`` and ``false``. 713 */ 714 715/** 716 * Checks an app before install whether it uses private APIs instead of the 717 * proper public APIs. If this is set to true it will only allow to install or 718 * enable apps that pass this check. 719 * 720 * Defaults to ``false`` 721 */ 722'appcodechecker' => true, 723 724/** 725 * Check if Nextcloud is up-to-date and shows a notification if a new version is 726 * available. It sends current version, php version, installation and last update 727 * time and release channel to the updater server which responds with the latest 728 * available version based on those metrics. 729 * 730 * Defaults to ``true`` 731 */ 732'updatechecker' => true, 733 734/** 735 * URL that Nextcloud should use to look for updates 736 * 737 * Defaults to ``https://updates.nextcloud.com/updater_server/`` 738 */ 739'updater.server.url' => 'https://updates.nextcloud.com/updater_server/', 740 741/** 742 * The channel that Nextcloud should use to look for updates 743 * 744 * Supported values: 745 * - ``daily`` 746 * - ``beta`` 747 * - ``stable`` 748 */ 749'updater.release.channel' => 'stable', 750 751/** 752 * Is Nextcloud connected to the Internet or running in a closed network? 753 * 754 * Defaults to ``true`` 755 */ 756'has_internet_connection' => true, 757 758/** 759 * Which domains to request to determine the availability of an Internet 760 * connection. If none of these hosts are reachable, the administration panel 761 * will show a warning. Set to an empty list to not do any such checks (warning 762 * will still be shown). 763 * 764 * Defaults to the following domains: 765 * 766 * - www.nextcloud.com 767 * - www.startpage.com 768 * - www.eff.org 769 * - www.edri.org 770 */ 771'connectivity_check_domains' => [ 772 'www.nextcloud.com', 773 'www.startpage.com', 774 'www.eff.org', 775 'www.edri.org' 776], 777 778/** 779 * Allows Nextcloud to verify a working .well-known URL redirects. This is done 780 * by attempting to make a request from JS to 781 * https://your-domain.com/.well-known/caldav/ 782 * 783 * Defaults to ``true`` 784 */ 785'check_for_working_wellknown_setup' => true, 786 787/** 788 * This is a crucial security check on Apache servers that should always be set 789 * to ``true``. This verifies that the ``.htaccess`` file is writable and works. 790 * If it is not, then any options controlled by ``.htaccess``, such as large 791 * file uploads, will not work. It also runs checks on the ``data/`` directory, 792 * which verifies that it can't be accessed directly through the Web server. 793 * 794 * Defaults to ``true`` 795 */ 796'check_for_working_htaccess' => true, 797 798/** 799 * In rare setups (e.g. on Openshift or docker on windows) the permissions check 800 * might block the installation while the underlying system offers no means to 801 * "correct" the permissions. In this case, set the value to false. 802 * 803 * In regular cases, if issues with permissions are encountered they should be 804 * adjusted accordingly. Changing the flag is discouraged. 805 * 806 * Defaults to ``true`` 807 */ 808'check_data_directory_permissions' => true, 809 810/** 811 * In certain environments it is desired to have a read-only configuration file. 812 * When this switch is set to ``true`` Nextcloud will not verify whether the 813 * configuration is writable. However, it will not be possible to configure 814 * all options via the Web interface. Furthermore, when updating Nextcloud 815 * it is required to make the configuration file writable again for the update 816 * process. 817 * 818 * Defaults to ``false`` 819 */ 820'config_is_read_only' => false, 821 822/** 823 * Logging 824 */ 825 826/** 827 * This parameter determines where the Nextcloud logs are sent. 828 * ``file``: the logs are written to file ``nextcloud.log`` in the default 829 * Nextcloud data directory. The log file can be changed with parameter 830 * ``logfile``. 831 * ``syslog``: the logs are sent to the system log. This requires a syslog daemon 832 * to be active. 833 * ``errorlog``: the logs are sent to the PHP ``error_log`` function. 834 * ``systemd``: the logs are sent to the Systemd journal. This requires a system 835 * that runs Systemd and the Systemd journal. The PHP extension ``systemd`` 836 * must be installed and active. 837 * 838 * Defaults to ``file`` 839 */ 840'log_type' => 'file', 841 842/** 843 * Name of the file to which the Nextcloud logs are written if parameter 844 * ``log_type`` is set to ``file``. 845 * 846 * Defaults to ``[datadirectory]/nextcloud.log`` 847 */ 848'logfile' => '/var/log/nextcloud/nextcloud.log', 849 850/** 851 * Log file mode for the Nextcloud loggin type in octal notation. 852 * 853 * Defaults to 0640 (writeable by user, readable by group). 854 */ 855'logfilemode' => 0640, 856 857/** 858 * Loglevel to start logging at. Valid values are: 0 = Debug, 1 = Info, 2 = 859 * Warning, 3 = Error, and 4 = Fatal. The default value is Warning. 860 * 861 * Defaults to ``2`` 862 */ 863'loglevel' => 2, 864 865/** 866 * If you maintain different instances and aggregate the logs, you may want 867 * to distinguish between them. ``syslog_tag`` can be set per instance 868 * with a unique id. Only available if ``log_type`` is set to ``syslog`` or 869 * ``systemd``. 870 * 871 * The default value is ``Nextcloud``. 872 */ 873'syslog_tag' => 'Nextcloud', 874 875/** 876 * Log condition for log level increase based on conditions. Once one of these 877 * conditions is met, the required log level is set to debug. This allows to 878 * debug specific requests, users or apps 879 * 880 * Supported conditions: 881 * - ``shared_secret``: if a request parameter with the name `log_secret` is set to 882 * this value the condition is met 883 * - ``users``: if the current request is done by one of the specified users, 884 * this condition is met 885 * - ``apps``: if the log message is invoked by one of the specified apps, 886 * this condition is met 887 * 888 * Defaults to an empty array. 889 */ 890'log.condition' => [ 891 'shared_secret' => '57b58edb6637fe3059b3595cf9c41b9', 892 'users' => ['sample-user'], 893 'apps' => ['files'], 894], 895 896/** 897 * This uses PHP.date formatting; see https://www.php.net/manual/en/function.date.php 898 * 899 * Defaults to ISO 8601 ``2005-08-15T15:52:01+00:00`` - see \DateTime::ATOM 900 * (https://www.php.net/manual/en/class.datetime.php#datetime.constants.atom) 901 */ 902'logdateformat' => 'F d, Y H:i:s', 903 904/** 905 * The timezone for logfiles. You may change this; see 906 * https://www.php.net/manual/en/timezones.php 907 * 908 * Defaults to ``UTC`` 909 */ 910'logtimezone' => 'Europe/Berlin', 911 912/** 913 * Append all database queries and parameters to the log file. Use this only for 914 * debugging, as your logfile will become huge. 915 */ 916'log_query' => false, 917 918/** 919 * Enables log rotation and limits the total size of logfiles. Set it to 0 for 920 * no rotation. Specify a size in bytes, for example 104857600 (100 megabytes 921 * = 100 * 1024 * 1024 bytes). A new logfile is created with a new name when the 922 * old logfile reaches your limit. If a rotated log file is already present, it 923 * will be overwritten. 924 * 925 * Defaults to 100 MB 926 */ 927'log_rotate_size' => 100 * 1024 * 1024, 928 929 930/** 931 * Alternate Code Locations 932 * 933 * Some of the Nextcloud code may be stored in alternate locations. 934 */ 935 936/** 937 * This section is for configuring the download links for Nextcloud clients, as 938 * seen in the first-run wizard and on Personal pages. 939 * 940 * Defaults to: 941 * - Desktop client: ``https://nextcloud.com/install/#install-clients`` 942 * - Android client: ``https://play.google.com/store/apps/details?id=com.nextcloud.client`` 943 * - iOS client: ``https://itunes.apple.com/us/app/nextcloud/id1125420102?mt=8`` 944 * - iOS client app id: ``1125420102`` 945 */ 946'customclient_desktop' => 947 'https://nextcloud.com/install/#install-clients', 948'customclient_android' => 949 'https://play.google.com/store/apps/details?id=com.nextcloud.client', 950'customclient_ios' => 951 'https://itunes.apple.com/us/app/nextcloud/id1125420102?mt=8', 952'customclient_ios_appid' => 953 '1125420102', 954/** 955 * Apps 956 * 957 * Options for the Apps folder, Apps store, and App code checker. 958 */ 959 960/** 961 * When enabled, admins may install apps from the Nextcloud app store. 962 * 963 * Defaults to ``true`` 964 */ 965'appstoreenabled' => true, 966 967/** 968 * Enables the installation of apps from a self hosted apps store. 969 * Requires that at least one of the configured apps directories is writeable. 970 * 971 * Defaults to ``https://apps.nextcloud.com/api/v1`` 972 */ 973'appstoreurl' => 'https://apps.nextcloud.com/api/v1', 974 975/** 976 * Filters allowed installable apps from the appstore. 977 * Empty array will prevent all apps from the store to be found. 978 */ 979'appsallowlist' => [], 980 981/** 982 * Use the ``apps_paths`` parameter to set the location of the Apps directory, 983 * which should be scanned for available apps, and where user-specific apps 984 * should be installed from the Apps store. The ``path`` defines the absolute 985 * file system path to the app folder. The key ``url`` defines the HTTP Web path 986 * to that folder, starting from the Nextcloud webroot. The key ``writable`` 987 * indicates if a Web server can write files to that folder. 988 */ 989'apps_paths' => [ 990 [ 991 'path'=> '/usr/local/www/nextcloud/apps', 992 'url' => '/apps', 993 'writable' => true, 994 ], 995 [ 996 'path'=> '/usr/local/www/nextcloud/apps-pkg', 997 'url' => '/apps-pkg', 998 'writable' => false, 999 ], 1000], 1001 1002/** 1003 * @see appcodechecker 1004 */ 1005 1006/** 1007 * Previews 1008 * 1009 * Nextcloud supports previews of image files, the covers of MP3 files, and text 1010 * files. These options control enabling and disabling previews, and thumbnail 1011 * size. 1012 */ 1013 1014/** 1015 * By default, Nextcloud can generate previews for the following filetypes: 1016 * 1017 * - Image files 1018 * - Covers of MP3 files 1019 * - Text documents 1020 * 1021 * Valid values are ``true``, to enable previews, or 1022 * ``false``, to disable previews 1023 * 1024 * Defaults to ``true`` 1025 */ 1026'enable_previews' => true, 1027/** 1028 * The maximum width, in pixels, of a preview. A value of ``null`` means there 1029 * is no limit. 1030 * 1031 * Defaults to ``4096`` 1032 */ 1033'preview_max_x' => 4096, 1034/** 1035 * The maximum height, in pixels, of a preview. A value of ``null`` means there 1036 * is no limit. 1037 * 1038 * Defaults to ``4096`` 1039 */ 1040'preview_max_y' => 4096, 1041 1042/** 1043 * max file size for generating image previews with imagegd (default behavior) 1044 * If the image is bigger, it'll try other preview generators, but will most 1045 * likely show the default mimetype icon. Set to -1 for no limit. 1046 * 1047 * Defaults to ``50`` megabytes 1048 */ 1049'preview_max_filesize_image' => 50, 1050 1051/** 1052 * custom path for LibreOffice/OpenOffice binary 1053 * 1054 * 1055 * Defaults to ``''`` (empty string) 1056 */ 1057'preview_libreoffice_path' => '/usr/bin/libreoffice', 1058/** 1059 * Use this if LibreOffice/OpenOffice requires additional arguments. 1060 * 1061 * Defaults to ``''`` (empty string) 1062 */ 1063'preview_office_cl_parameters' => 1064 ' --headless --nologo --nofirststartwizard --invisible --norestore '. 1065 '--convert-to png --outdir ', 1066 1067/** 1068 * Only register providers that have been explicitly enabled 1069 * 1070 * The following providers are disabled by default due to performance or privacy 1071 * concerns: 1072 * 1073 * - OC\Preview\Illustrator 1074 * - OC\Preview\HEIC 1075 * - OC\Preview\Movie 1076 * - OC\Preview\MSOffice2003 1077 * - OC\Preview\MSOffice2007 1078 * - OC\Preview\MSOfficeDoc 1079 * - OC\Preview\PDF 1080 * - OC\Preview\Photoshop 1081 * - OC\Preview\Postscript 1082 * - OC\Preview\StarOffice 1083 * - OC\Preview\SVG 1084 * - OC\Preview\TIFF 1085 * - OC\Preview\Font 1086 * 1087 * 1088 * Defaults to the following providers: 1089 * 1090 * - OC\Preview\BMP 1091 * - OC\Preview\GIF 1092 * - OC\Preview\JPEG 1093 * - OC\Preview\MarkDown 1094 * - OC\Preview\MP3 1095 * - OC\Preview\PNG 1096 * - OC\Preview\TXT 1097 * - OC\Preview\XBitmap 1098 * - OC\Preview\OpenDocument 1099 * - OC\Preview\Krita 1100 */ 1101'enabledPreviewProviders' => [ 1102 'OC\Preview\PNG', 1103 'OC\Preview\JPEG', 1104 'OC\Preview\GIF', 1105 'OC\Preview\BMP', 1106 'OC\Preview\XBitmap', 1107 'OC\Preview\MP3', 1108 'OC\Preview\TXT', 1109 'OC\Preview\MarkDown', 1110 'OC\Preview\OpenDocument', 1111 'OC\Preview\Krita', 1112], 1113 1114/** 1115 * LDAP 1116 * 1117 * Global settings used by LDAP User and Group Backend 1118 */ 1119 1120/** 1121 * defines the interval in minutes for the background job that checks user 1122 * existence and marks them as ready to be cleaned up. The number is always 1123 * minutes. Setting it to 0 disables the feature. 1124 * See command line (occ) methods ``ldap:show-remnants`` and ``user:delete`` 1125 * 1126 * Defaults to ``51`` minutes 1127 */ 1128'ldapUserCleanupInterval' => 51, 1129 1130/** 1131 * Sort groups in the user settings by name instead of the user count 1132 * 1133 * By enabling this the user count beside the group name is disabled as well. 1134 */ 1135'sort_groups_by_name' => false, 1136 1137/** 1138 * Comments 1139 * 1140 * Global settings for the Comments infrastructure 1141 */ 1142 1143/** 1144 * Replaces the default Comments Manager Factory. This can be utilized if an 1145 * own or 3rdParty CommentsManager should be used that – for instance – uses the 1146 * filesystem instead of the database to keep the comments. 1147 * 1148 * Defaults to ``\OC\Comments\ManagerFactory`` 1149 */ 1150'comments.managerFactory' => '\OC\Comments\ManagerFactory', 1151 1152/** 1153 * Replaces the default System Tags Manager Factory. This can be utilized if an 1154 * own or 3rdParty SystemTagsManager should be used that – for instance – uses the 1155 * filesystem instead of the database to keep the tags. 1156 * 1157 * Defaults to ``\OC\SystemTag\ManagerFactory`` 1158 */ 1159'systemtags.managerFactory' => '\OC\SystemTag\ManagerFactory', 1160 1161/** 1162 * Maintenance 1163 * 1164 * These options are for halting user activity when you are performing server 1165 * maintenance. 1166 */ 1167 1168/** 1169 * Enable maintenance mode to disable Nextcloud 1170 * 1171 * If you want to prevent users from logging in to Nextcloud before you start 1172 * doing some maintenance work, you need to set the value of the maintenance 1173 * parameter to true. Please keep in mind that users who are already logged-in 1174 * are kicked out of Nextcloud instantly. 1175 * 1176 * Defaults to ``false`` 1177 */ 1178'maintenance' => false, 1179 1180 1181/** 1182 * SSL 1183 */ 1184 1185/** 1186 * Extra SSL options to be used for configuration. 1187 * 1188 * Defaults to an empty array. 1189 */ 1190'openssl' => [ 1191 'config' => '/absolute/location/of/openssl.cnf', 1192], 1193 1194/** 1195 * Memory caching backend configuration 1196 * 1197 * Available cache backends: 1198 * 1199 * * ``\OC\Memcache\APCu`` APC user backend 1200 * * ``\OC\Memcache\ArrayCache`` In-memory array-based backend (not recommended) 1201 * * ``\OC\Memcache\Memcached`` Memcached backend 1202 * * ``\OC\Memcache\Redis`` Redis backend 1203 * 1204 * Advice on choosing between the various backends: 1205 * 1206 * * APCu should be easiest to install. Almost all distributions have packages. 1207 * Use this for single user environment for all caches. 1208 * * Use Redis or Memcached for distributed environments. 1209 * For the local cache (you can configure two) take APCu. 1210 */ 1211 1212/** 1213 * Memory caching backend for locally stored data 1214 * 1215 * * Used for host-specific data, e.g. file paths 1216 * 1217 * Defaults to ``none`` 1218 */ 1219'memcache.local' => '\OC\Memcache\APCu', 1220 1221/** 1222 * Memory caching backend for distributed data 1223 * 1224 * * Used for installation-specific data, e.g. database caching 1225 * * If unset, defaults to the value of memcache.local 1226 * 1227 * Defaults to ``none`` 1228 */ 1229'memcache.distributed' => '\OC\Memcache\Memcached', 1230 1231/** 1232 * Connection details for redis to use for memory caching in a single server configuration. 1233 * 1234 * For enhanced security it is recommended to configure Redis 1235 * to require a password. See http://redis.io/topics/security 1236 * for more information. 1237 * 1238 * We also support redis SSL/TLS encryption as of version 6. 1239 * See https://redis.io/topics/encryption for more information. 1240 */ 1241'redis' => [ 1242 'host' => 'localhost', // can also be a unix domain socket: '/tmp/redis.sock' 1243 'port' => 6379, 1244 'timeout' => 0.0, 1245 'read_timeout' => 0.0, 1246 'user' => '', // Optional, if not defined no password will be used. 1247 'password' => '', // Optional, if not defined no password will be used. 1248 'dbindex' => 0, // Optional, if undefined SELECT will not run and will use Redis Server's default DB Index. 1249 // If redis in-transit encryption is enabled, provide certificates 1250 // SSL context https://www.php.net/manual/en/context.ssl.php 1251 'ssl_context' => [ 1252 'local_cert' => '/certs/redis.crt', 1253 'local_pk' => '/certs/redis.key', 1254 'cafile' => '/certs/ca.crt' 1255 ] 1256], 1257 1258/** 1259 * Connection details for a Redis Cluster 1260 * 1261 * Only for use with Redis Clustering, for Sentinel-based setups use the single 1262 * server configuration above, and perform HA on the hostname. 1263 * 1264 * Redis Cluster support requires the php module phpredis in version 3.0.0 or 1265 * higher. 1266 * 1267 * Available failover modes: 1268 * - \RedisCluster::FAILOVER_NONE - only send commands to master nodes (default) 1269 * - \RedisCluster::FAILOVER_ERROR - failover to slaves for read commands if master is unavailable (recommended) 1270 * - \RedisCluster::FAILOVER_DISTRIBUTE - randomly distribute read commands across master and slaves 1271 * 1272 * WARNING: FAILOVER_DISTRIBUTE is a not recommended setting and we strongly 1273 * suggest to not use it if you use Redis for file locking. Due to the way Redis 1274 * is synchronized it could happen, that the read for an existing lock is 1275 * scheduled to a slave that is not fully synchronized with the connected master 1276 * which then causes a FileLocked exception. 1277 * 1278 * See https://redis.io/topics/cluster-spec for details about the Redis cluster 1279 * 1280 * Authentication works with phpredis version 4.2.1+. See 1281 * https://github.com/phpredis/phpredis/commit/c5994f2a42b8a348af92d3acb4edff1328ad8ce1 1282 */ 1283'redis.cluster' => [ 1284 'seeds' => [ // provide some/all of the cluster servers to bootstrap discovery, port required 1285 'localhost:7000', 1286 'localhost:7001', 1287 ], 1288 'timeout' => 0.0, 1289 'read_timeout' => 0.0, 1290 'failover_mode' => \RedisCluster::FAILOVER_ERROR, 1291 'user' => '', // Optional, if not defined no password will be used. 1292 'password' => '', // Optional, if not defined no password will be used. 1293 // If redis in-transit encryption is enabled, provide certificates 1294 // SSL context https://www.php.net/manual/en/context.ssl.php 1295 'ssl_context' => [ 1296 'local_cert' => '/certs/redis.crt', 1297 'local_pk' => '/certs/redis.key', 1298 'cafile' => '/certs/ca.crt' 1299 ] 1300], 1301 1302 1303/** 1304 * Server details for one or more memcached servers to use for memory caching. 1305 */ 1306'memcached_servers' => [ 1307 // hostname, port and optional weight. Also see: 1308 // https://www.php.net/manual/en/memcached.addservers.php 1309 // https://www.php.net/manual/en/memcached.addserver.php 1310 ['localhost', 11211], 1311 //array('other.host.local', 11211), 1312], 1313 1314/** 1315 * Connection options for memcached 1316 */ 1317'memcached_options' => [ 1318 // Set timeouts to 50ms 1319 \Memcached::OPT_CONNECT_TIMEOUT => 50, 1320 \Memcached::OPT_RETRY_TIMEOUT => 50, 1321 \Memcached::OPT_SEND_TIMEOUT => 50, 1322 \Memcached::OPT_RECV_TIMEOUT => 50, 1323 \Memcached::OPT_POLL_TIMEOUT => 50, 1324 1325 // Enable compression 1326 \Memcached::OPT_COMPRESSION => true, 1327 1328 // Turn on consistent hashing 1329 \Memcached::OPT_LIBKETAMA_COMPATIBLE => true, 1330 1331 // Enable Binary Protocol 1332 \Memcached::OPT_BINARY_PROTOCOL => true, 1333 1334 // Binary serializer vill be enabled if the igbinary PECL module is available 1335 //\Memcached::OPT_SERIALIZER => \Memcached::SERIALIZER_IGBINARY, 1336], 1337 1338 1339/** 1340 * Location of the cache folder, defaults to ``data/$user/cache`` where 1341 * ``$user`` is the current user. When specified, the format will change to 1342 * ``$cache_path/$user`` where ``$cache_path`` is the configured cache directory 1343 * and ``$user`` is the user. 1344 * 1345 * Defaults to ``''`` (empty string) 1346 */ 1347'cache_path' => '', 1348 1349/** 1350 * TTL of chunks located in the cache folder before they're removed by 1351 * garbage collection (in seconds). Increase this value if users have 1352 * issues uploading very large files via the Nextcloud Client as upload isn't 1353 * completed within one day. 1354 * 1355 * Defaults to ``60*60*24`` (1 day) 1356 */ 1357'cache_chunk_gc_ttl' => 60*60*24, 1358 1359/** 1360 * Using Object Store with Nextcloud 1361 */ 1362 1363/** 1364 * This example shows how to configure Nextcloud to store all files in a 1365 * swift object storage. 1366 * 1367 * It is important to note that Nextcloud in object store mode will expect 1368 * exclusive access to the object store container because it only stores the 1369 * binary data for each file. The metadata is currently kept in the local 1370 * database for performance reasons. 1371 * 1372 * WARNING: The current implementation is incompatible with any app that uses 1373 * direct file IO and circumvents our virtual filesystem. That includes 1374 * Encryption and Gallery. Gallery will store thumbnails directly in the 1375 * filesystem and encryption will cause severe overhead because key files need 1376 * to be fetched in addition to any requested file. 1377 * 1378 * One way to test is applying for a trystack account at http://trystack.org/ 1379 */ 1380'objectstore' => [ 1381 'class' => 'OC\\Files\\ObjectStore\\Swift', 1382 'arguments' => [ 1383 // trystack will use your facebook id as the user name 1384 'username' => 'facebook100000123456789', 1385 // in the trystack dashboard go to user -> settings -> API Password to 1386 // generate a password 1387 'password' => 'Secr3tPaSSWoRdt7', 1388 // must already exist in the objectstore, name can be different 1389 'container' => 'nextcloud', 1390 // prefix to prepend to the fileid, default is 'oid:urn:' 1391 'objectPrefix' => 'oid:urn:', 1392 // create the container if it does not exist. default is false 1393 'autocreate' => true, 1394 // required, dev-/trystack defaults to 'RegionOne' 1395 'region' => 'RegionOne', 1396 // The Identity / Keystone endpoint 1397 'url' => 'http://8.21.28.222:5000/v2.0', 1398 // required on dev-/trystack 1399 'tenantName' => 'facebook100000123456789', 1400 // dev-/trystack uses swift by default, the lib defaults to 'cloudFiles' 1401 // if omitted 1402 'serviceName' => 'swift', 1403 // The Interface / url Type, optional 1404 'urlType' => 'internal' 1405 ], 1406], 1407 1408/** 1409 * To use swift V3 1410 */ 1411'objectstore' => [ 1412 'class' => 'OC\\Files\\ObjectStore\\Swift', 1413 'arguments' => [ 1414 'autocreate' => true, 1415 'user' => [ 1416 'name' => 'swift', 1417 'password' => 'swift', 1418 'domain' => [ 1419 'name' => 'default', 1420 ], 1421 ], 1422 'scope' => [ 1423 'project' => [ 1424 'name' => 'service', 1425 'domain' => [ 1426 'name' => 'default', 1427 ], 1428 ], 1429 ], 1430 'tenantName' => 'service', 1431 'serviceName' => 'swift', 1432 'region' => 'regionOne', 1433 'url' => 'http://yourswifthost:5000/v3', 1434 'bucket' => 'nextcloud', 1435 ], 1436], 1437 1438/** 1439 * If this is set to true and a multibucket object store is configured then 1440 * newly created previews are put into 256 dedicated buckets. 1441 * 1442 * Those buckets are named like the mulibucket version but with the postfix 1443 * ``-preview-NUMBER`` where NUMBER is between 0 and 255. 1444 * 1445 * Keep in mind that only previews of files are put in there that don't have 1446 * some already. Otherwise the old bucket will be used. 1447 * 1448 * To migrate existing previews to this new multibucket distribution of previews 1449 * use the occ command ``preview:repair``. For now this will only migrate 1450 * previews that were generated before Nextcloud 19 in the flat 1451 * ``appdata_INSTANCEID/previews/FILEID`` folder structure. 1452 */ 1453'objectstore.multibucket.preview-distribution' => false, 1454 1455 1456/** 1457 * Sharing 1458 * 1459 * Global settings for Sharing 1460 */ 1461 1462/** 1463 * Replaces the default Share Provider Factory. This can be utilized if 1464 * own or 3rdParty Share Providers are used that – for instance – use the 1465 * filesystem instead of the database to keep the share information. 1466 * 1467 * Defaults to ``\OC\Share20\ProviderFactory`` 1468 */ 1469'sharing.managerFactory' => '\OC\Share20\ProviderFactory', 1470 1471/** 1472 * Define max number of results returned by the search for auto-completion of 1473 * users, groups, etc. The value must not be lower than 0 (for unlimited). 1474 * 1475 * If more, different sources are requested (e.g. different user backends; or 1476 * both users and groups), the value is applied per source and might not be 1477 * truncated after collecting the results. I.e. more results can appear than 1478 * configured here. 1479 * 1480 * Default is 25. 1481 */ 1482'sharing.maxAutocompleteResults' => 25, 1483 1484/** 1485 * Define the minimum length of the search string before we start auto-completion 1486 * Default is no limit (value set to 0) 1487 */ 1488'sharing.minSearchStringLength' => 0, 1489 1490/** 1491 * Set to true to enable that internal shares need to be accepted by the users by default. 1492 * Users can change this for their account in their personal sharing settings 1493 */ 1494'sharing.enable_share_accept' => false, 1495 1496/** 1497 * Set to true to enforce that internal shares need to be accepted 1498 */ 1499'sharing.force_share_accept' => false, 1500 1501/** 1502 * Set to false to prevent users from setting a custom share_folder 1503 */ 1504'sharing.allow_custom_share_folder' => true, 1505 1506/** 1507 * Set to false to stop sending a mail when users receive a share 1508 */ 1509'sharing.enable_share_mail' => true, 1510 1511/** 1512 * Set to true to always transfer incoming shares by default 1513 * when running "occ files:transfer-ownership". 1514 * Defaults to false, so incoming shares are not transferred if not specifically requested 1515 * by a command line argument. 1516 */ 1517'transferIncomingShares' => false, 1518 1519/** 1520 * All other configuration options 1521 */ 1522 1523/** 1524 * Additional driver options for the database connection, eg. to enable SSL 1525 * encryption in MySQL or specify a custom wait timeout on a cheap hoster. 1526 * 1527 * When setting up TLS/SSL for encrypting the connections, you need to ensure that 1528 * the passed keys and certificates are readable by the PHP process. In addition 1529 * PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT might need to be set to false, if the 1530 * database servers certificates CN does not match with the hostname used to connect. 1531 * The standard behavior here is different from the MySQL/MariaDB CLI client, which 1532 * does not verify the server cert except --ssl-verify-server-cert is passed manually. 1533 */ 1534'dbdriveroptions' => [ 1535 PDO::MYSQL_ATTR_SSL_CA => '/file/path/to/ca_cert.pem', 1536 PDO::MYSQL_ATTR_SSL_KEY => '/file/path/to/mysql-client-key.pem', 1537 PDO::MYSQL_ATTR_SSL_CERT => '/file/path/to/mysql-client-cert.pem', 1538 PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT => false, 1539 PDO::MYSQL_ATTR_INIT_COMMAND => 'SET wait_timeout = 28800' 1540], 1541 1542/** 1543 * sqlite3 journal mode can be specified using this configuration parameter - 1544 * can be 'WAL' or 'DELETE' see for more details https://www.sqlite.org/wal.html 1545 */ 1546'sqlite.journal_mode' => 'DELETE', 1547 1548/** 1549 * During setup, if requirements are met (see below), this setting is set to true 1550 * and MySQL can handle 4 byte characters instead of 3 byte characters. 1551 * 1552 * If you want to convert an existing 3-byte setup into a 4-byte setup please 1553 * set the parameters in MySQL as mentioned below and run the migration command: 1554 * ./occ db:convert-mysql-charset 1555 * The config setting will be set automatically after a successful run. 1556 * 1557 * Consult the documentation for more details. 1558 * 1559 * MySQL requires a special setup for longer indexes (> 767 bytes) which are 1560 * needed: 1561 * 1562 * [mysqld] 1563 * innodb_large_prefix=ON 1564 * innodb_file_format=Barracuda 1565 * innodb_file_per_table=ON 1566 * 1567 * Tables will be created with 1568 * * character set: utf8mb4 1569 * * collation: utf8mb4_bin 1570 * * row_format: compressed 1571 * 1572 * See: 1573 * https://dev.mysql.com/doc/refman/5.7/en/charset-unicode-utf8mb4.html 1574 * https://dev.mysql.com/doc/refman/5.7/en/innodb-parameters.html#sysvar_innodb_large_prefix 1575 * https://mariadb.com/kb/en/mariadb/xtradbinnodb-server-system-variables/#innodb_large_prefix 1576 * http://www.tocker.ca/2013/10/31/benchmarking-innodb-page-compression-performance.html 1577 * http://mechanics.flite.com/blog/2014/07/29/using-innodb-large-prefix-to-avoid-error-1071/ 1578 */ 1579'mysql.utf8mb4' => false, 1580 1581/** 1582 * For search queries in the database, a default collation – depending on the 1583 * character set – is chosen. In some cases a different behaviour is desired, 1584 * for instances when a accent sensitive search is desired. 1585 * 1586 * MariaDB and MySQL have an overlap in available collations, but also 1587 * incompatible ones, also depending on the version of the database server. 1588 * 1589 * This option allows to override the automatic choice. Example: 1590 * 1591 * 'mysql.collation' => 'utf8mb4_0900_as_ci', 1592 * 1593 * This setting has no effect on setup or creating tables. In those cases 1594 * always utf8[mb4]_bin is being used. This setting is only taken into 1595 * consideration in SQL queries that utilize LIKE comparison operators. 1596 */ 1597'mysql.collation' => null, 1598 1599/** 1600 * Database types that are supported for installation. 1601 * 1602 * Available: 1603 * - sqlite (SQLite3) 1604 * - mysql (MySQL) 1605 * - pgsql (PostgreSQL) 1606 * - oci (Oracle) 1607 * 1608 * Defaults to the following databases: 1609 * - sqlite (SQLite3) 1610 * - mysql (MySQL) 1611 * - pgsql (PostgreSQL) 1612 */ 1613'supportedDatabases' => [ 1614 'sqlite', 1615 'mysql', 1616 'pgsql', 1617 'oci', 1618], 1619 1620/** 1621 * Override where Nextcloud stores temporary files. Useful in situations where 1622 * the system temporary directory is on a limited space ramdisk or is otherwise 1623 * restricted, or if external storage which do not support streaming are in 1624 * use. 1625 * 1626 * The Web server user must have write access to this directory. 1627 */ 1628'tempdirectory' => '/tmp/nextcloudtemp', 1629 1630/** 1631 * Hashing 1632 */ 1633 1634/** 1635 * By default Nextcloud will use the Argon2 password hashing if available. 1636 * However if for whatever reason you want to stick with the PASSWORD_DEFAULT 1637 * of your php version. Then set the setting to true. 1638 */ 1639'hashing_default_password' => false, 1640 1641/** 1642 * 1643 * Nextcloud uses the Argon2 algorithm (with PHP >= 7.2) to create hashes by its 1644 * own and exposes its configuration options as following. More information can 1645 * be found at: https://www.php.net/manual/en/function.password-hash.php 1646 */ 1647 1648/** 1649 * The number of CPU threads to be used by the algorithm for computing a hash. 1650 * The value must be an integer, and the minimum value is 1. Rationally it does 1651 * not help to provide a number higher than the available threads on the machine. 1652 * Values that undershoot the minimum will be ignored in favor of the minimum. 1653 */ 1654'hashingThreads' => PASSWORD_ARGON2_DEFAULT_THREADS, 1655 1656/** 1657 * The memory in KiB to be used by the algorithm for computing a hash. The value 1658 * must be an integer, and the minimum value is 8 times the number of CPU threads. 1659 * Values that undershoot the minimum will be ignored in favor of the minimum. 1660 */ 1661'hashingMemoryCost' => PASSWORD_ARGON2_DEFAULT_MEMORY_COST, 1662 1663/** 1664 * The number of iterations that are used by the algorithm for computing a hash. 1665 * The value must be an integer, and the minimum value is 1. Values that 1666 * undershoot the minimum will be ignored in favor of the minimum. 1667 */ 1668'hashingTimeCost' => PASSWORD_ARGON2_DEFAULT_TIME_COST, 1669 1670/** 1671 * The hashing cost used by hashes generated by Nextcloud 1672 * Using a higher value requires more time and CPU power to calculate the hashes 1673 */ 1674'hashingCost' => 10, 1675 1676/** 1677 * Blacklist a specific file or files and disallow the upload of files 1678 * with this name. ``.htaccess`` is blocked by default. 1679 * WARNING: USE THIS ONLY IF YOU KNOW WHAT YOU ARE DOING. 1680 * 1681 * Defaults to ``array('.htaccess')`` 1682 */ 1683'blacklisted_files' => ['.htaccess'], 1684 1685/** 1686 * Define a default folder for shared files and folders other than root. 1687 * Changes to this value will only have effect on new shares. 1688 * 1689 * Defaults to ``/`` 1690 */ 1691'share_folder' => '/', 1692 1693/** 1694 * If you are applying a theme to Nextcloud, enter the name of the theme here. 1695 * The default location for themes is ``nextcloud/themes/``. 1696 * 1697 * Defaults to the theming app which is shipped since Nextcloud 9 1698 */ 1699'theme' => '', 1700 1701/** 1702 * The default cipher for encrypting files. Currently supported are: 1703 * - AES-256-CTR 1704 * - AES-128-CTR 1705 * - AES-256-CFB 1706 * - AES-128-CFB 1707 * 1708 * Defaults to ``AES-256-CTR`` 1709 */ 1710'cipher' => 'AES-256-CTR', 1711 1712/** 1713 * The minimum Nextcloud desktop client version that will be allowed to sync with 1714 * this server instance. All connections made from earlier clients will be denied 1715 * by the server. Defaults to the minimum officially supported Nextcloud desktop 1716 * clientversion at the time of release of this server version. 1717 * 1718 * When changing this, note that older unsupported versions of the Nextcloud desktop 1719 * client may not function as expected, and could lead to permanent data loss for 1720 * clients or other unexpected results. 1721 * 1722 * Defaults to ``2.0.0`` 1723 */ 1724'minimum.supported.desktop.version' => '2.0.0', 1725 1726/** 1727 * Option to allow local storage to contain symlinks. 1728 * WARNING: Not recommended. This would make it possible for Nextcloud to access 1729 * files outside the data directory and could be considered a security risk. 1730 * 1731 * Defaults to ``false`` 1732 */ 1733'localstorage.allowsymlinks' => false, 1734 1735/** 1736 * EXPERIMENTAL: option whether to include external storage in quota 1737 * calculation, defaults to false. 1738 * 1739 * Defaults to ``false`` 1740 */ 1741'quota_include_external_storage' => false, 1742 1743/** 1744 * When an external storage is unavailable for some reasons, it will be flagged 1745 * as such for 10 minutes. When the trigger is a failed authentication attempt 1746 * the delay is higher and can be controlled with this option. The motivation 1747 * is to make account lock outs at Active Directories (and compatible) more 1748 * unlikely. 1749 * 1750 * Defaults to ``1800`` (seconds) 1751 */ 1752'external_storage.auth_availability_delay' => 1800, 1753 1754/** 1755 * Specifies how often the local filesystem (the Nextcloud data/ directory, and 1756 * NFS mounts in data/) is checked for changes made outside Nextcloud. This 1757 * does not apply to external storage. 1758 * 1759 * 0 -> Never check the filesystem for outside changes, provides a performance 1760 * increase when it's certain that no changes are made directly to the 1761 * filesystem 1762 * 1763 * 1 -> Check each file or folder at most once per request, recommended for 1764 * general use if outside changes might happen. 1765 * 1766 * Defaults to ``0`` 1767 */ 1768'filesystem_check_changes' => 0, 1769 1770/** 1771 * By default Nextcloud will store the part files created during upload in the 1772 * same storage as the upload target. Setting this to false will store the part 1773 * files in the root of the users folder which might be required to work with certain 1774 * external storage setups that have limited rename capabilities. 1775 * 1776 * Defaults to ``true`` 1777 */ 1778'part_file_in_storage' => true, 1779 1780/** 1781 * Where ``mount.json`` file should be stored, defaults to ``data/mount.json`` 1782 * in the Nextcloud directory. 1783 * 1784 * Defaults to ``data/mount.json`` in the Nextcloud directory. 1785 */ 1786'mount_file' => '/usr/local/www/nextcloud/data/mount.json', 1787 1788/** 1789 * When ``true``, prevent Nextcloud from changing the cache due to changes in 1790 * the filesystem for all storage. 1791 * 1792 * Defaults to ``false`` 1793 */ 1794'filesystem_cache_readonly' => false, 1795 1796/** 1797 * Secret used by Nextcloud for various purposes, e.g. to encrypt data. If you 1798 * lose this string there will be data corruption. 1799 */ 1800'secret' => '', 1801 1802/** 1803 * List of trusted proxy servers 1804 * 1805 * You may set this to an array containing a combination of 1806 * - IPv4 addresses, e.g. `192.168.2.123` 1807 * - IPv4 ranges in CIDR notation, e.g. `192.168.2.0/24` 1808 * - IPv6 addresses, e.g. `fd9e:21a7:a92c:2323::1` 1809 * 1810 * _(CIDR notation for IPv6 is currently work in progress and thus not 1811 * available as of yet)_ 1812 * 1813 * When an incoming request's `REMOTE_ADDR` matches any of the IP addresses 1814 * specified here, it is assumed to be a proxy instead of a client. Thus, the 1815 * client IP will be read from the HTTP header specified in 1816 * `forwarded_for_headers` instead of from `REMOTE_ADDR`. 1817 * 1818 * So if you configure `trusted_proxies`, also consider setting 1819 * `forwarded_for_headers` which otherwise defaults to `HTTP_X_FORWARDED_FOR` 1820 * (the `X-Forwarded-For` header). 1821 * 1822 * Defaults to an empty array. 1823 */ 1824'trusted_proxies' => ['203.0.113.45', '198.51.100.128', '192.168.2.0/24'], 1825 1826/** 1827 * Headers that should be trusted as client IP address in combination with 1828 * `trusted_proxies`. If the HTTP header looks like 'X-Forwarded-For', then use 1829 * 'HTTP_X_FORWARDED_FOR' here. 1830 * 1831 * If set incorrectly, a client can spoof their IP address as visible to 1832 * Nextcloud, bypassing access controls and making logs useless! 1833 * 1834 * Defaults to ``'HTTP_X_FORWARDED_FOR'`` 1835 */ 1836'forwarded_for_headers' => ['HTTP_X_FORWARDED', 'HTTP_FORWARDED_FOR'], 1837 1838/** 1839 * max file size for animating gifs on public-sharing-site. 1840 * If the gif is bigger, it'll show a static preview 1841 * 1842 * Value represents the maximum filesize in megabytes. Set to ``-1`` for 1843 * no limit. 1844 * 1845 * Defaults to ``10`` megabytes 1846 */ 1847'max_filesize_animated_gifs_public_sharing' => 10, 1848 1849 1850/** 1851 * Enables transactional file locking. 1852 * This is enabled by default. 1853 * 1854 * Prevents concurrent processes from accessing the same files 1855 * at the same time. Can help prevent side effects that would 1856 * be caused by concurrent operations. Mainly relevant for 1857 * very large installations with many users working with 1858 * shared files. 1859 * 1860 * Defaults to ``true`` 1861 */ 1862'filelocking.enabled' => true, 1863 1864/** 1865 * Set the lock's time-to-live in seconds. 1866 * 1867 * Any lock older than this will be automatically cleaned up. 1868 * 1869 * Defaults to ``60*60`` seconds (1 hour) or the php 1870 * max_execution_time, whichever is higher. 1871 */ 1872'filelocking.ttl' => 60*60, 1873 1874/** 1875 * Memory caching backend for file locking 1876 * 1877 * Because most memcache backends can clean values without warning using redis 1878 * is highly recommended to *avoid data loss*. 1879 * 1880 * Defaults to ``none`` 1881 */ 1882'memcache.locking' => '\\OC\\Memcache\\Redis', 1883 1884/** 1885 * Enable locking debug logging 1886 * 1887 * Note that this can lead to a very large volume of log items being written which can lead 1888 * to performance degradation and large log files on busy instance. 1889 * 1890 * Thus enabling this in production for longer periods of time is not recommended 1891 * or should be used together with the ``log.condition`` setting. 1892 */ 1893'filelocking.debug' => false, 1894 1895/** 1896 * Disable the web based updater 1897 */ 1898'upgrade.disable-web' => false, 1899 1900/** 1901 * Set this Nextcloud instance to debugging mode 1902 * 1903 * Only enable this for local development and not in production environments 1904 * This will disable the minifier and outputs some additional debug information 1905 * 1906 * Defaults to ``false`` 1907 */ 1908'debug' => false, 1909 1910/** 1911 * Sets the data-fingerprint of the current data served 1912 * 1913 * This is a property used by the clients to find out if a backup has been 1914 * restored on the server. Once a backup is restored run 1915 * ./occ maintenance:data-fingerprint 1916 * To set this to a new value. 1917 * 1918 * Updating/Deleting this value can make connected clients stall until 1919 * the user has resolved conflicts. 1920 * 1921 * Defaults to ``''`` (empty string) 1922 */ 1923'data-fingerprint' => '', 1924 1925/** 1926 * This entry is just here to show a warning in case somebody copied the sample 1927 * configuration. DO NOT ADD THIS SWITCH TO YOUR CONFIGURATION! 1928 * 1929 * If you, brave person, have read until here be aware that you should not 1930 * modify *ANY* settings in this file without reading the documentation. 1931 */ 1932'copied_sample_config' => true, 1933 1934/** 1935 * use a custom lookup server to publish user data 1936 */ 1937'lookup_server' => 'https://lookup.nextcloud.com', 1938 1939/** 1940 * set to true if the server is used in a setup based on Nextcloud's Global Scale architecture 1941 */ 1942'gs.enabled' => false, 1943 1944/** 1945 * by default federation is only used internally in a Global Scale setup 1946 * If you want to allow federation outside of your environment set it to 'global' 1947 */ 1948'gs.federation' => 'internal', 1949 1950/** 1951 * List of incompatible user agents opted out from Same Site Cookie Protection. 1952 * Some user agents are notorious and don't really properly follow HTTP 1953 * specifications. For those, have an opt-out. 1954 * 1955 * WARNING: only use this if you know what you are doing 1956 */ 1957'csrf.optout' => [ 1958 '/^WebDAVFS/', // OS X Finder 1959 '/^Microsoft-WebDAV-MiniRedir/', // Windows webdav drive 1960], 1961 1962/** 1963 * By default there is on public pages a link shown that allows users to 1964 * learn about the "simple sign up" - see https://nextcloud.com/signup/ 1965 * 1966 * If this is set to "false" it will not show the link. 1967 */ 1968'simpleSignUpLink.shown' => true, 1969 1970/** 1971 * By default autocompletion is enabled for the login form on Nextcloud's login page. 1972 * While this is enabled, browsers are allowed to "remember" login names and such. 1973 * Some companies require it to be disabled to comply with their security policy. 1974 * 1975 * Simply set this property to "false", if you want to turn this feature off. 1976 */ 1977 1978'login_form_autocomplete' => true, 1979 1980/** 1981 * Disable background scanning of files 1982 * 1983 * By default, a background job runs every 10 minutes and execute a background 1984 * scan to sync filesystem and database. Only users with unscanned files 1985 * (size < 0 in filecache) are included. Maximum 500 users per job. 1986 * 1987 * Defaults to ``true`` 1988 */ 1989'files_no_background_scan' => false, 1990]; 1991