diff --git a/etherpad/Makefile b/etherpad/Makefile index 8679ecf..aa010d5 100644 --- a/etherpad/Makefile +++ b/etherpad/Makefile @@ -16,8 +16,12 @@ install_deps: $(SRC_DIR)/node_modules $(SRC_DIR)/node_modules: $(SRC_DIR) $(SRC_DIR)/settings.json $(SRC_DIR)/package.json $(SRC_DIR)/pnpm-lock.yaml cd $(SRC_DIR) && pnpm install -$(SRC_DIR)/settings.json: $(SRC_DIR) settings.json - cp settings.json $(SRC_DIR)/settings.json +$(SRC_DIR)/settings.json: $(SRC_DIR) settings.json.template +ifdef ETHERPAD_PORT + ETHERPAD_PORT=$(ETHERPAD_PORT) envsubst -no-unset -i settings.json.template -o $(SRC_DIR)/settings.json +else + $(error ETHERPAD_PORT is not defined) +endif clean: rm -rf etherpad-*/ diff --git a/etherpad/settings.json b/etherpad/settings.json deleted file mode 100644 index eb7f990..0000000 --- a/etherpad/settings.json +++ /dev/null @@ -1,747 +0,0 @@ -/* - * This file must be valid JSON. But comments are allowed - * - * Please edit settings.json, not settings.json.template - * - * Please note that starting from Etherpad 1.6.0 you can store DB credentials in - * a separate file (credentials.json). - * - * - * ENVIRONMENT VARIABLE SUBSTITUTION - * ================================= - * - * All the configuration values can be read from environment variables using the - * syntax "${ENV_VAR}" or "${ENV_VAR:default_value}". - * - * This is useful, for example, when running in a Docker container. - * - * DETAILED RULES: - * - If the environment variable is set to the string "true" or "false", the - * value becomes Boolean true or false. - * - If the environment variable is set to the string "null", the value - * becomes null. - * - If the environment variable is set to the string "undefined", the setting - * is removed entirely, except when used as the member of an array in which - * case it becomes null. - * - If the environment variable is set to a string representation of a finite - * number, the string is converted to that number. - * - If the environment variable is set to any other string, including the - * empty string, the value is that string. - * - If the environment variable is unset and a default value is provided, the - * value is as if the environment variable was set to the provided default: - * - "${UNSET_VAR:}" becomes the empty string. - * - "${UNSET_VAR:foo}" becomes the string "foo". - * - "${UNSET_VAR:true}" and "${UNSET_VAR:false}" become true and false. - * - "${UNSET_VAR:null}" becomes null. - * - "${UNSET_VAR:undefined}" causes the setting to be removed (or be set - * to null, if used as a member of an array). - * - If the environment variable is unset and no default value is provided, - * the value becomes null. THIS BEHAVIOR MAY CHANGE IN A FUTURE VERSION OF - * ETHERPAD; if you want the default value to be null, you should explicitly - * specify "null" as the default value. - * - * EXAMPLE: - * "port": "${PORT:9001}" - * "minify": "${MINIFY}" - * "skinName": "${SKIN_NAME:colibris}" - * - * Would read the configuration values for those items from the environment - * variables PORT, MINIFY and SKIN_NAME. - * - * If PORT and SKIN_NAME variables were not defined, the default values 9001 and - * "colibris" would be used. - * The configuration value "minify", on the other hand, does not have a - * designated default value. Thus, if the environment variable MINIFY were - * undefined, "minify" would be null. - * - * REMARKS: - * 1) please note that variable substitution always needs to be quoted. - * - * "port": 9001, <-- Literal values. When not using - * "minify": false substitution, only strings must be - * "skinName": "colibris" quoted. Booleans and numbers must not. - * - * "port": "${PORT:9001}" <-- CORRECT: if you want to use a variable - * "minify": "${MINIFY:true}" substitution, put quotes around its name, - * "skinName": "${SKIN_NAME}" even if the required value is a number or - * a boolean. - * Etherpad will take care of rewriting it - * to the proper type if necessary. - * - * "port": ${PORT:9001} <-- ERROR: this is not valid json. Quotes - * "minify": ${MINIFY} around variable names are missing. - * "skinName": ${SKIN_NAME} - * - * 2) Beware of undefined variables and default values: nulls and empty strings - * are different! - * - * This is particularly important for user's passwords (see the relevant - * section): - * - * "password": "${PASSW}" // if PASSW is not defined would result in password === null - * "password": "${PASSW:}" // if PASSW is not defined would result in password === '' - * - * If you want to use an empty value (null) as default value for a variable, - * simply do not set it, without putting any colons: "${SOFFICE}". - * - * 3) if you want to use newlines in the default value of a string parameter, - * use "\n" as usual. - * - * "defaultPadText" : "${DEFAULT_PAD_TEXT:Line 1\nLine 2}" - */ -{ - /* - * Name your instance! - */ - "title": "joeac's docs", - - /* - * Whether to show recent pads on the homepage or not. - */ - "showRecentPads": true, - - /* - * Pathname of the favicon you want to use. If null, the skin's favicon is - * used if one is provided by the skin, otherwise the default Etherpad favicon - * is used. If this is a relative path it is interpreted as relative to the - * Etherpad root directory. - */ - "favicon": null, - - /* - * Skin name. - * - * Its value has to be an existing directory under src/static/skins. - * You can write your own, or use one of the included ones: - * - * - "no-skin": an empty skin (default). This yields the unmodified, - * traditional Etherpad theme. - * - "colibris": the new experimental skin (since Etherpad 1.8), candidate to - * become the default in Etherpad 2.0 - */ - "skinName": "colibris", - - /* - * Skin Variants - * - * Use the UI skin variants builder at /p/test#skinvariantsbuilder - * - * For the colibris skin only, you can choose how to render the three main - * containers: - * - toolbar (top menu with icons) - * - editor (containing the text of the pad) - * - background (area outside of editor, mostly visible when using page style) - * - * For each of the 3 containers you can choose 4 color combinations: - * super-light, light, dark, super-dark. - * - * For example, to make the toolbar dark, you will include "dark-toolbar" into - * skinVariants. - * - * You can provide multiple skin variants separated by spaces. Default - * skinVariant is "super-light-toolbar super-light-editor light-background". - * - * For the editor container, you can also make it full width by adding - * "full-width-editor" variant (by default editor is rendered as a page, with - * a max-width of 900px). - */ - "skinVariants": "super-light-toolbar super-light-editor light-background", - - /* - * IP and port which Etherpad should bind at. - * - * Binding to a Unix socket is also supported: just use an empty string for - * the ip, and put the full path to the socket in the port parameter. - * - * EXAMPLE USING UNIX SOCKET: - * "ip": "", // <-- has to be an empty string - * "port" : "/somepath/etherpad.socket", // <-- path to a Unix socket - */ - "ip": "0.0.0.0", - "port": 9001, - - /* - * Option to hide/show the settings.json in admin page. - * - * Default option is set to true - */ - "showSettingsInAdminPage": true, - - /* - * Enable/disable the metrics endpoint. - * - * This is used by the monitoring plugins to collect metrics about Etherpad. - * If you do not use any monitoring plugins, you can disable this. - */ - "enableMetrics": "${ENABLE_METRICS:true}", - - /* - * Settings for cleanup of pads - */ - "cleanup": { - "enabled": false, - "keepRevisions": 5 - }, - - /* - * Node native SSL support - * - * This is disabled by default. - * Make sure to have the minimum and correct file access permissions set so - * that the Etherpad server can access them - */ - - /* - "ssl" : { - "key" : "/path-to-your/epl-server.key", - "cert" : "/path-to-your/epl-server.crt", - "ca": ["/path-to-your/epl-intermediate-cert1.crt", "/path-to-your/epl-intermediate-cert2.crt"] - }, - */ - - /* - * The type of the database. - * - * You can choose between many DB drivers, for example: dirty, postgres, - * sqlite, mysql. - * - * You shouldn't use "dirty" for for anything else than testing or - * development. - * - * - * Database specific settings are dependent on dbType, and go in dbSettings. - * Remember that since Etherpad 1.6.0 you can also store this information in - * credentials.json. - * - * For a complete list of the supported drivers, please refer to: - * https://www.npmjs.com/package/ueberdb2 - */ - - "dbType": "sqlite", - "dbSettings": { - "filename": "var/etherpad.sq3" - }, - - /* - * An Example of MySQL Configuration (commented out). - * - * See: https://github.com/ether/etherpad/wiki/How-to-use-Etherpad-Lite-with-MySQL - */ - - /* - "dbType" : "mysql", - "dbSettings" : { - "user": "etherpaduser", - "host": "localhost", - "port": 3306, - "password": "PASSWORD", - "database": "etherpad_lite_db", - "charset": "utf8mb4" - }, - */ - - /* - * The default text of a pad - */ - "defaultPadText" : "", - - /* - * Default Pad behavior. - * - * Change them if you want to override. - */ - "padOptions": { - "noColors": false, - "showControls": true, - "showChat": true, - "showLineNumbers": true, - "useMonospaceFont": false, - "userName": null, - "userColor": null, - "rtl": false, - "alwaysShowChat": false, - "chatAndUsers": false, - "lang": null - }, - - /* - * Pad Shortcut Keys - */ - "padShortcutEnabled" : { - "altF9": true, /* focus on the File Menu and/or editbar */ - "altC": true, /* focus on the Chat window */ - "cmdShift2": true, /* shows a gritter popup showing a line author */ - "delete": true, - "return": true, - "esc": true, /* in mozilla versions 14-19 avoid reconnecting pad */ - "cmdS": true, /* save a revision */ - "tab": true, /* indent */ - "cmdZ": true, /* undo/redo */ - "cmdY": true, /* redo */ - "cmdI": true, /* italic */ - "cmdB": true, /* bold */ - "cmdU": true, /* underline */ - "cmd5": true, /* strike through */ - "cmdShiftL": true, /* unordered list */ - "cmdShiftN": true, /* ordered list */ - "cmdShift1": true, /* ordered list */ - "cmdShiftC": true, /* clear authorship */ - "cmdH": true, /* backspace */ - "ctrlHome": true, /* scroll to top of pad */ - "pageUp": true, - "pageDown": true - }, - - /* - * Enables the use of a different server. We have a different one that syncs changes from the original server. - * It is hosted on GitHub and should not be blocked by many firewalls. - * https://etherpad.org/ep_infos - */ - - "updateServer": "https://etherpad.org/ep_infos", - - /* - * Should we suppress errors from being visible in the default Pad Text? - */ - "suppressErrorsInPadText": false, - - /* - * If this option is enabled, a user must have a session to access pads. - * This effectively allows only group pads to be accessed. - */ - "requireSession": false, - - /* - * Users may edit pads but not create new ones. - * - * Pad creation is only via the API. - * This applies both to group pads and regular pads. - */ - "editOnly": false, - - /* - * If true, all css & js will be minified before sending to the client. - * - * This will improve the loading performance massively, but makes it difficult - * to debug the javascript/css - */ - "minify": true, - - /* - * How long may clients use served javascript code (in seconds)? - * - * Not setting this may cause problems during deployment. - * Set to 0 to disable caching. - */ - "maxAge": 21600, // 60 * 60 * 6 = 6 hours - - /* - * This is the absolute path to the soffice executable. - * - * LibreOffice is used for advanced import/export of pads (docx, pdf, odt). - * Setting it to null disables LibreOffice and will only allow plain text - * and HTML import/exports. - */ - "soffice": null, - - /* - * When true (the default), the "Microsoft Word" export button downloads a .docx file via - * LibreOffice (requires "soffice" to be set). Set to false to revert to legacy .doc output - * (which also requires "soffice"). - */ - "docxExport": true, - - /* - * txt, doc, docx, rtf, odt, html & htm - */ - "allowUnknownFileEnds": true, - - /* - * This setting is used if you require authentication of all users. - * - * Note: "/admin" always requires authentication. - */ - "requireAuthentication": false, - - /* - * Require authorization by a module, or a user with is_admin set, see below. - */ - "requireAuthorization": false, - - /* - * When you use NGINX or another proxy/load-balancer set this to true. - * - * This is especially necessary when the reverse proxy performs SSL - * termination, otherwise the cookies will not have the "secure" flag. - * - * The other effect will be that the logs will contain the real client's IP, - * instead of the reverse proxy's IP. - */ - "trustProxy": false, - - /* - * Settings controlling the session cookie issued by Etherpad. - */ - "cookie": { - /* - * Prefix for all cookie names set by Etherpad. Set this to "ep_" or similar - * if Etherpad's cookie names (token, sessionID, etc.) conflict with those - * of another application on the same domain. Default: "" (no prefix). - */ - // "prefix": "ep_", - - /* - * How often (in milliseconds) the key used to sign the express_sid cookie - * should be rotated. Long rotation intervals reduce signature verification - * overhead (because there are fewer historical keys to check) and database - * load (fewer historical keys to store, and less frequent queries to - * get/update the keys). Short rotation intervals are slightly more secure. - * - * Multiple Etherpad processes sharing the same database (table) is - * supported as long as the clock sync error is significantly less than this - * value. - * - * Key rotation can be disabled (not recommended) by setting this to 0 or - * null, or by disabling session expiration (see sessionLifetime). - */ - "keyRotationInterval": 86400000, // = 1d * 24h/d * 60m/h * 60s/m * 1000ms/s - - /* - * Value of the SameSite cookie property. "Lax" is recommended unless - * Etherpad will be embedded in an iframe from another site, in which case - * this must be set to "None". Note: "None" will not work (the browser will - * not send the cookie to Etherpad) unless https is used to access Etherpad - * (either directly or via a reverse proxy with "trustProxy" set to true). - * - * "Strict" is not recommended because it has few security benefits but - * significant usability drawbacks vs. "Lax". See - * https://stackoverflow.com/q/41841880 for discussion. - */ - "sameSite": "Lax", - - /* - * How long (in milliseconds) after navigating away from Etherpad before the - * user is required to log in again. (The express_sid cookie is set to - * expire at time now + sessionLifetime when first created, and its - * expiration time is periodically refreshed to a new now + sessionLifetime - * value.) If requireAuthentication is false then this value does not really - * matter. - * - * The "best" value depends on your users' usage patterns and the amount of - * convenience you desire. A long lifetime is more convenient (users won't - * have to log back in as often) but has some drawbacks: - * - It increases the amount of state kept in the database. - * - It might weaken security somewhat: The cookie expiration is refreshed - * indefinitely without consulting authentication or authorization - * hooks, so once a user has accessed a pad, the user can continue to - * use the pad until the user leaves for longer than sessionLifetime. - * - More historical keys (sessionLifetime / keyRotationInterval) must be - * checked when verifying signatures. - * - * Session lifetime can be set to infinity (not recommended) by setting this - * to null or 0. Note that if the session does not expire, most browsers - * will delete the cookie when the browser exits, but a session record is - * kept in the database forever. - */ - "sessionLifetime": 864000000, // = 10d * 24h/d * 60m/h * 60s/m * 1000ms/s - - /* - * How long (in milliseconds) before the expiration time of an active user's - * session is refreshed (to now + sessionLifetime). This setting affects the - * following: - * - How often a new session expiration time will be written to the - * database. - * - How often each user's browser will ping the Etherpad server to - * refresh the expiration time of the session cookie. - * - * High values reduce the load on the database and the load from browsers, - * but can shorten the effective session lifetime if Etherpad is restarted - * or the user navigates away. - * - * Automatic session refreshes can be disabled (not recommended) by setting - * this to null. - */ - "sessionRefreshInterval": 86400000, // = 1d * 24h/d * 60m/h * 60s/m * 1000ms/s - - /* - * Whether to periodically clean up expired and stale sessions from the - * database. Set to false to disable. Default: true. - */ - "sessionCleanup": true - }, - - /* - * Privacy: disable IP logging - */ - "disableIPlogging": false, - - /* - * Time (in seconds) to automatically reconnect pad when a "Force reconnect" - * message is shown to user. - * - * Set to 0 to disable automatic reconnection. - */ - "automaticReconnectionTimeout": 0, - - /* - * By default, when caret is moved out of viewport, it scrolls the minimum - * height needed to make this line visible. - */ - "scrollWhenFocusLineIsOutOfViewport": { - - /* - * Percentage of viewport height to be additionally scrolled. - * - * E.g.: use "percentage.editionAboveViewport": 0.5, to place caret line in - * the middle of viewport, when user edits a line above of the - * viewport - * - * Set to 0 to disable extra scrolling - */ - "percentage": { - "editionAboveViewport": 0, - "editionBelowViewport": 0 - }, - - /* - * Time (in milliseconds) used to animate the scroll transition. - * Set to 0 to disable animation - */ - "duration": 0, - - /* - * Flag to control if it should scroll when user places the caret in the - * last line of the viewport - */ - "scrollWhenCaretIsInTheLastLineOfViewport": false, - - /* - * Percentage of viewport height to be additionally scrolled when user - * presses arrow up in the line of the top of the viewport. - * - * Set to 0 to let the scroll to be handled as default by Etherpad - */ - "percentageToScrollWhenUserPressesArrowUp": 0 - }, - - /* - * User accounts. These accounts are used by: - * - default HTTP basic authentication if no plugin handles authentication - * - some but not all authentication plugins - * - some but not all authorization plugins - * - * User properties: - * - password: The user's password. Some authentication plugins will ignore - * this. - * - is_admin: true gives access to /admin. Defaults to false. If you do not - * uncomment this, /admin will not be available! - * - readOnly: If true, this user will not be able to create new pads or - * modify existing pads. Defaults to false. - * - canCreate: If this is true and readOnly is false, this user can create - * new pads. Defaults to true. - * - * Authentication and authorization plugins may define additional properties. - * - * WARNING: passwords should not be stored in plaintext in this file. - * If you want to mitigate this, please install ep_hash_auth and - * follow the section "secure your installation" in README.md - */ - - "users": { - "admin": { - // 1) "password" can be replaced with "hash" if you install ep_hash_auth - // 2) please note that if password is null, the user will not be created - "password": "admin", - "is_admin": true - } - }, - - /* - * Restrict socket.io transport methods - */ - "socketTransportProtocols" : ["websocket", "polling"], - - "socketIo": { - /* - * Maximum permitted client message size (in bytes). This controls the - * maximum single-message size for socket.io and directly affects large - * paste operations. All messages from clients that are larger than this - * will be rejected. Large values make it possible to paste large amounts - * of text, and plugins may require a larger value to work properly, but - * increasing the value increases susceptibility to denial of service - * attacks (malicious clients can exhaust memory). - * - * 1MB accommodates large pastes while still preventing abuse. - */ - "maxHttpBufferSize": 1000000 - }, - - /* - * Allow Load Testing tools to hit the Etherpad Instance. - * - * WARNING: this will disable security on the instance. - */ - "loadTest": false, - - /** - * Disable dump of objects preventing a clean exit - */ - "dumpOnUncleanExit": false, - - /* - * Disable indentation on new line when previous line ends with some special - * chars (':', '[', '(', '{') - */ - - /* - "indentationOnNewLine": false, - */ - - /* - * From Etherpad 1.8.3 onwards, import and export of pads is always rate - * limited. - * - * The default is to allow at most 10 requests per IP in a 90 seconds window. - * After that the import/export request is rejected. - * - * See https://github.com/nfriedly/express-rate-limit for more options - */ - "importExportRateLimiting": { - // duration of the rate limit window (milliseconds) - "windowMs": 90000, - - // maximum number of requests per IP to allow during the rate limit window - "max": 10 - }, - - /* - * From Etherpad 1.8.3 onwards, the maximum allowed size for a single imported - * file is always bounded. - * - * File size is specified in bytes. Default is 50 MB. - */ - "importMaxFileSize": 52428800, // 50 * 1024 * 1024 - - /* - The authentication method used by the server. - The default value is sso - If you want to use the old authentication system, change this to apikey - */ - "authenticationMethod": "${AUTHENTICATION_METHOD:sso}", - - /** - * Allow setting dark mode for the enduser. This is so if the user has preferred dark mode in their browser, Etherpad will respect that. - * Of course this overrides all the skin variants and the skinName set by the administrator. - **/ - "enableDarkMode": "${ENABLE_DARK_MODE:true}", - - /** - * Enable creator-owned Pad-wide Settings and new-pad default seeding from My View. - * Disabled by default to preserve the legacy single-settings behavior. - **/ - "enablePadWideSettings": "${ENABLE_PAD_WIDE_SETTINGS:false}", - - /* - * From Etherpad 1.8.5 onwards, when Etherpad is in production mode commits from individual users are rate limited - * - * The default is to allow at most 10 changes per IP in a 1 second window. - * After that the change is rejected. - * - * See https://github.com/animir/node-rate-limiter-flexible/wiki/Overall-example#websocket-single-connection-prevent-flooding for more options - */ - "commitRateLimiting": { - // duration of the rate limit window (seconds) - "duration": 1, - - // maximum number of changes per IP to allow during the rate limit window - "points": 10 - }, - - /* - * Toolbar buttons configuration. - * - * Uncomment to customize. - */ - - /* - "toolbar": { - "left": [ - ["bold", "italic", "underline", "strikethrough"], - ["orderedlist", "unorderedlist", "indent", "outdent"], - ["undo", "redo"], - ["clearauthorship"] - ], - "right": [ - ["importexport", "timeslider", "savedrevision"], - ["settings", "embed", "home"], - ["showusers"] - ], - "timeslider": [ - ["timeslider_export", "timeslider_returnToPad"] - ] - }, - */ - - /* - * Expose Etherpad version in the web interface and in the Server http header. - * - * Do not enable on production machines. - */ - "exposeVersion": false, - - /* - * The log level we are using. - * - * Valid values: DEBUG, INFO, WARN, ERROR - */ - "loglevel": "INFO", - - /* - * The log layout type to use. - * - * Valid values: basic, colored - */ - "logLayoutType": "colored", - - /* Override any strings found in locale directories */ - "customLocaleStrings": {}, - - /* Disable Admin UI tests */ - "enableAdminUITests": false, - - /* - * Enable/Disable case-insensitive pad names. - */ - "lowerCasePadIds": false, - - "sso": { - "issuer": "${SSO_ISSUER:http://localhost:9001}", - "clients": [ - { - "client_id": "${ADMIN_CLIENT:admin_client}", - "client_secret": "${ADMIN_SECRET:admin}", - "grant_types": ["authorization_code"], - "response_types": ["code"], - "redirect_uris": ["${ADMIN_REDIRECT:http://localhost:9001/admin/}"] - }, - { - "client_id": "${USER_CLIENT:user_client}", - "client_secret": "${USER_SECRET:user}", - "grant_types": ["authorization_code"], - "response_types": ["code"], - "redirect_uris": ["${USER_REDIRECT:http://localhost:9001/}"] - } - ] - } - - /* Set the time to live for the tokens - This is the time of seconds a user is logged into Etherpad - "ttl": { - "AccessToken": 3600, - "AuthorizationCode": 600, - "ClientCredentials": 3600, - "IdToken": 3600, - "RefreshToken": 86400 - } - */ -} diff --git a/etherpad/settings.json.template b/etherpad/settings.json.template new file mode 100644 index 0000000..09cf5c7 --- /dev/null +++ b/etherpad/settings.json.template @@ -0,0 +1,134 @@ +{ + "title": "joeac's docs", + "showRecentPads": true, + "favicon": null, + "skinName": "colibris", + "skinVariants": "super-light-toolbar super-light-editor light-background", + "ip": "0.0.0.0", + "port": ${ETHERPAD_PORT}, + "showSettingsInAdminPage": true, + "enableMetrics": "$${ENABLE_METRICS:true}", + "cleanup": { + "enabled": false, + "keepRevisions": 5 + }, + "dbType": "sqlite", + "dbSettings": { + "filename": "var/etherpad.sq3" + }, + "defaultPadText" : "", + "padOptions": { + "noColors": false, + "showControls": true, + "showChat": true, + "showLineNumbers": true, + "useMonospaceFont": false, + "userName": null, + "userColor": null, + "rtl": false, + "alwaysShowChat": false, + "chatAndUsers": false, + "lang": null + }, + "padShortcutEnabled" : { + "altF9": true, + "altC": true, + "cmdShift2": true, + "delete": true, + "return": true, + "esc": true, + "cmdS": true, + "tab": true, + "cmdZ": true, + "cmdY": true, + "cmdI": true, + "cmdB": true, + "cmdU": true, + "cmd5": true, + "cmdShiftL": true, + "cmdShiftN": true, + "cmdShift1": true, + "cmdShiftC": true, + "cmdH": true, + "ctrlHome": true, + "pageUp": true, + "pageDown": true + }, + "updateServer": "https://etherpad.org/ep_infos", + "suppressErrorsInPadText": false, + "requireSession": false, + "editOnly": false, + "minify": true, + "maxAge": 21600, + "soffice": null, + "docxExport": true, + "allowUnknownFileEnds": true, + "requireAuthentication": false, + "requireAuthorization": false, + "trustProxy": false, + "cookie": { + "keyRotationInterval": 86400000, + "sameSite": "Lax", + "sessionLifetime": 864000000, + "sessionRefreshInterval": 86400000, + "sessionCleanup": true + }, + "disableIPlogging": false, + "automaticReconnectionTimeout": 0, + "scrollWhenFocusLineIsOutOfViewport": { + "percentage": { + "editionAboveViewport": 0, + "editionBelowViewport": 0 + }, + "duration": 0, + "scrollWhenCaretIsInTheLastLineOfViewport": false, + "percentageToScrollWhenUserPressesArrowUp": 0 + }, + "users": { + "admin": { + "password": "admin", + "is_admin": true + } + }, + "socketTransportProtocols" : ["websocket", "polling"], + "socketIo": { + "maxHttpBufferSize": 1000000 + }, + "loadTest": false, + "dumpOnUncleanExit": false, + "importExportRateLimiting": { + "windowMs": 90000, + "max": 10 + }, + "importMaxFileSize": 52428800, // 50 * 1024 * 1024 + "authenticationMethod": "$${AUTHENTICATION_METHOD:sso}", + "enableDarkMode": "$${ENABLE_DARK_MODE:true}", + "enablePadWideSettings": "$${ENABLE_PAD_WIDE_SETTINGS:false}", + "commitRateLimiting": { + "duration": 1, + "points": 10 + }, + "logLayoutType": "colored", + "customLocaleStrings": {}, + "enableAdminUITests": false, + "lowerCasePadIds": false, + "sso": { + "issuer": "$${SSO_ISSUER:http://localhost:${ETHERPAD_PORT}}", + "clients": [ + { + "client_id": "$${ADMIN_CLIENT:admin_client}", + "client_secret": "$${ADMIN_SECRET:admin}", + "grant_types": ["authorization_code"], + "response_types": ["code"], + "redirect_uris": ["$${ADMIN_REDIRECT:http://localhost:${ETHERPAD_PORT}/admin/}"] + }, + { + "client_id": "$${USER_CLIENT:user_client}", + "client_secret": "$${USER_SECRET:user}", + "grant_types": ["authorization_code"], + "response_types": ["code"], + "redirect_uris": ["$${USER_REDIRECT:http://localhost:${ETHERPAD_PORT}/}"] + } + ] + } +}