# Copyright (C) The Arvados Authors. All rights reserved. # # SPDX-License-Identifier: Apache-2.0 # Copy this file to application.yml and edit to suit. # # Consult application.default.yml for the full list of configuration # settings. # # The order of precedence is: # 1. config/environments/{RAILS_ENV}.rb (deprecated) # 2. Section in application.yml corresponding to RAILS_ENV (e.g., development) # 3. Section in application.yml called "common" # 4. Section in application.default.yml corresponding to RAILS_ENV # 5. Section in application.default.yml called "common" common: uuid_prefix: abcde secret_token: zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz # The site name that will be used in text such as "Sign in to site_title" site_title: Arvados # After logging in, the title and URL of the link that will be presented to # the user as the default destination on the welcome page. default_link_title: Arvados default_link_url: "http://localhost:3000" ### ### Local account configuration. This is enabled if neither ### google_oauth2 or LDAP are enabled below. ### # If true, allow new creation of new accounts in the SSO server's internal # user database. allow_account_registration: true # If true, send an email confirmation before activating new accounts in the # SSO server's internal user database. require_email_confirmation: false ### ### Google+ OAuth2 authentication. ### # Google API tokens required for OAuth2 login. # # See https://github.com/zquestz/omniauth-google-oauth2 # # and https://developers.google.com/accounts/docs/OAuth2 google_oauth2_client_id: false google_oauth2_client_secret: false # Set this to your OpenId 2.0 realm to enable migration from Google OpenId # 2.0 to Google OAuth2 OpenId Connect (Google will provide OpenId 2.0 user # identifiers via the openid.realm parameter in the OAuth2 flow until 2017). google_openid_realm: false ### ### LDAP authentication. ### # # If you want to use LDAP, you need to provide # the following set of fields under the use_ldap key. # # If 'email_domain' field is set, it will be stripped from the email address # entered by the user prior attempting LDAP binding on 'uid'. This supports # the case where it is not possible to look up 'bob@example.com' but instead # must be looked up as 'uid=bob'. # # If it is possible to look up the email address directly (for example # setting "uid: mail") you should prefer that and leave 'email_domain' unset. # # If 'username' is set, this specifies the LDAP field that will be propagated # to the "username" field in the users table. This should be a # posix-compatible username (which may be different from the username part of # the email address.) # # Provide 'bind_dn' and 'password' if your LDAP server requires # a login before authenticating a user. # # use_ldap: # title: Example LDAP # host: ldap.example.com # port: 636 # method: ssl # base: "ou=Users, dc=example, dc=com" # uid: uid # username: uid # #email_domain: example.com # #bind_dn: "some_user" # #password: "some_password" # use_ldap: false