mirror of
https://github.com/SuiteCRM/SuiteCRM-Core.git
synced 2025-08-29 01:10:42 +08:00
205 lines
6.8 KiB
Bash
205 lines
6.8 KiB
Bash
# In all environments, the following files are loaded if they exist,
|
|
# the latter taking precedence over the former:
|
|
#
|
|
# * .env contains default values for the environment variables needed by the app
|
|
# * .env.local uncommitted file with local overrides
|
|
# * .env.$APP_ENV committed environment-specific defaults
|
|
# * .env.$APP_ENV.local uncommitted environment-specific overrides
|
|
#
|
|
# Real environment variables win over .env files.
|
|
#
|
|
# DO NOT DEFINE PRODUCTION SECRETS IN THIS FILE NOR IN ANY OTHER COMMITTED FILES.
|
|
# https://symfony.com/doc/current/configuration/secrets.html
|
|
#
|
|
# Run "composer dump-env prod" to compile .env files for production use (requires symfony/flex >=1.2).
|
|
|
|
###> symfony/framework-bundle ###
|
|
APP_ENV=dev
|
|
#TRUSTED_PROXIES=127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
|
|
#TRUSTED_HOSTS='^localhost|example\.com$'
|
|
###< symfony/framework-bundle ###
|
|
|
|
###> nelmio/cors-bundle ###
|
|
CORS_ALLOW_ORIGIN='^https?://(localhost|127\.0\.0\.1)(:[0-9]+)?$'
|
|
###< nelmio/cors-bundle ###
|
|
|
|
###> AUTH_TYPE ###
|
|
AUTH_TYPE=native
|
|
###< AUTH_TYPE ###
|
|
|
|
###> LDAP CONFIG ###
|
|
LDAP_CONNECTION_STRING=~
|
|
LDAP_HOST=~
|
|
LDAP_PORT=389
|
|
LDAP_ENCRYPTION=tls
|
|
LDAP_PROTOCOL_VERSION=3
|
|
LDAP_REFERRALS=false
|
|
LDAP_DN_STRING=''
|
|
LDAP_QUERY_STRING=''
|
|
LDAP_SEARCH_DN=''
|
|
LDAP_SEARCH_PASSWORD=''
|
|
|
|
# check php error log
|
|
LDAP_CONNECTION_OPTION_DEBUG_LEVEL=~
|
|
LDAP_CONNECTION_OPTION_API_INFO=~
|
|
LDAP_CONNECTION_OPTION_DEREF=~
|
|
LDAP_CONNECTION_OPTION_SIZELIMIT=~
|
|
LDAP_CONNECTION_OPTION_TIMELIMIT=~
|
|
LDAP_CONNECTION_OPTION_RESTART=~
|
|
LDAP_CONNECTION_OPTION_SERVER_CONTROLS=~
|
|
LDAP_CONNECTION_OPTION_CLIENT_CONTROLS=~
|
|
LDAP_CONNECTION_OPTION_API_FEATURE_INFO=~
|
|
LDAP_CONNECTION_OPTION_HOST_NAME=~
|
|
LDAP_CONNECTION_OPTION_ERROR_NUMBER=~
|
|
LDAP_CONNECTION_OPTION_ERROR_STRING=~
|
|
LDAP_CONNECTION_OPTION_MATCHED_DN=~
|
|
|
|
LDAP_CONNECTION_OPTION_TIMEOUT=~
|
|
LDAP_CONNECTION_OPTION_NETWORK_TIMEOUT=~
|
|
LDAP_CONNECTION_OPTION_X_TLS_CACERTDIR=~
|
|
LDAP_CONNECTION_OPTION_X_TLS_CACERTFILE=~
|
|
LDAP_CONNECTION_OPTION_X_TLS_CERTFILE=~
|
|
LDAP_CONNECTION_OPTION_X_TLS_CRL_ALL=~
|
|
LDAP_CONNECTION_OPTION_X_TLS_CRL_NONE=~
|
|
LDAP_CONNECTION_OPTION_X_TLS_CRL_PEER=~
|
|
LDAP_CONNECTION_OPTION_X_TLS_KEYFILE=~
|
|
LDAP_CONNECTION_OPTION_X_TLS_REQUIRE_CERT=~
|
|
LDAP_CONNECTION_OPTION_X_TLS_PROTOCOL_MIN=~
|
|
LDAP_CONNECTION_OPTION_X_TLS_CIPHER_SUITE=~
|
|
LDAP_CONNECTION_OPTION_X_TLS_RANDOM_FILE=~
|
|
LDAP_CONNECTION_OPTION_X_TLS_CRLFILE=~
|
|
LDAP_CONNECTION_OPTION_X_TLS_PACKAGE=~
|
|
LDAP_CONNECTION_OPTION_X_TLS_CRLCHECK=~
|
|
LDAP_CONNECTION_OPTION_X_TLS_DHFILE=~
|
|
LDAP_CONNECTION_OPTION_X_SASL_MECH=~
|
|
LDAP_CONNECTION_OPTION_X_SASL_REALM=~
|
|
LDAP_CONNECTION_OPTION_X_SASL_AUTHCID=~
|
|
LDAP_CONNECTION_OPTION_X_SASL_AUTHZID=~
|
|
LDAP_CONNECTION_OPTION_X_KEEPALIVE_IDLE=~
|
|
LDAP_CONNECTION_OPTION_X_KEEPALIVE_PROBES=~
|
|
LDAP_CONNECTION_OPTION_X_KEEPALIVE_INTERVAL=~
|
|
###< LDAP CONFIG ###
|
|
|
|
###> LDAP AUTO CREATE CONFIG ###
|
|
LDAP_AUTO_CREATE=disabled
|
|
LDAP_PROVIDER_BASE_DN=''
|
|
LDAP_PROVIDER_SEARCH_DN=''
|
|
LDAP_PROVIDER_SEARCH_PASSWORD=''
|
|
LDAP_PROVIDER_DEFAULT_ROLES=ROLE_USER
|
|
LDAP_PROVIDER_UID_KEY=''
|
|
LDAP_PROVIDER_FILTER=''
|
|
###< LDAP AUTO CREATE CONFIG ##
|
|
|
|
###> SAML CONFIG ###
|
|
|
|
# User mapping options
|
|
SAML_USERNAME_ATTRIBUTE=uid
|
|
SAML_USE_ATTRIBUTE_FRIENDLY_NAME=true
|
|
|
|
# Auto create options
|
|
SAML_AUTO_CREATE=disabled
|
|
SAML_AUTOCREATE_ATTRIBUTES_MAP='{}'
|
|
|
|
# Connection options
|
|
SAML_IDP_ENTITY_ID='https://idp.example.com'
|
|
SAML_IDP_SSO_URL='https://idp.example.com/sso'
|
|
SAML_IDP_SLO_URL='https://idp.example.com/slo'
|
|
SAML_IDP_X509CERT='MIIC...'
|
|
SAML_SP_ENTITY_ID=''
|
|
SAML_SP_PRIVATE_KEY=''
|
|
SAML_SP_CERT=''
|
|
SAML_STRICT=''
|
|
SAML_DEBUG=''
|
|
|
|
# Resquest options
|
|
SAML_NAME_ID_ENCRYPTED=false
|
|
SAML_AUTHN_REQUESTS_SIGNED=false
|
|
SAML_LOGOUT_REQUEST_SIGNED=false
|
|
SAML_LOGOUT_RESPONSE_SIGNED=false
|
|
SAML_SIGN_METADATA=false
|
|
SAML_WANT_MESSAGES_SIGNED=false
|
|
SAML_WANT_ASSERTIONS_ENCRYPTED=false
|
|
SAML_WANT_ASSERTIONS_SIGNED=false
|
|
SAML_WANT_NAME_ID=false
|
|
SAML_WANT_NAME_ID_ENCRYPTED=false
|
|
SAML_REQUESTED_AUTHN_CONTEXT=false
|
|
SAML_WANT_XML_VALIDATION=false
|
|
SAML_RELAX_DESTINATION_VALIDATION=false
|
|
SAML_DESTINATION_STRICTLY_MATCHES=false
|
|
SAML_ALLOW_REPEAT_ATTRIBUTE_NAME=false
|
|
SAML_REJECT_UNSOLICITED_RESPONSES_WITH_IN_RESPONSE_TO=false
|
|
SAML_LOWERCASE_URL_ENCODING=false
|
|
|
|
# Compression
|
|
SAML_COMPRESS_REQUESTS=false
|
|
SAML_COMPRESS_RESPONSES=false
|
|
|
|
# Contact information
|
|
SAML_CONTACT_TECHNICAL_GIVEN_NAME='Tech User'
|
|
SAML_CONTACT_TECHNICAL_EMAIL_ADDRESS='techuser@example.com'
|
|
SAML_CONTACT_SUPPORT_GIVEN_NAME='Support User'
|
|
SAML_CONTACT_SUPPORT_EMAIL_ADDRESS='supportuser@example.com'
|
|
SAML_CONTACT_ADMINISTRATIVE_GIVEN_NAME='Administrative User'
|
|
SAML_CONTACT_ADMINISTRATIVE_EMAIL_ADDRESS='administrativeuser@example.com'
|
|
SAML_ORGANIZATION_NAME='Example'
|
|
SAML_ORGANIZATION_DISPLAY_NAME='Example'
|
|
SAML_ORGANIZATION_URL='http://example.com'
|
|
###< SAML CONFIG ###
|
|
|
|
###> symfony/lock ###
|
|
# Choose one of the stores below
|
|
# postgresql+advisory://db_user:db_password@localhost/db_name
|
|
LOCK_DSN=flock
|
|
###< symfony/lock ###
|
|
|
|
###> login throttling ###
|
|
LOGIN_THROTTLING_MAX_ATTEMPTS=5
|
|
###< login throttling ###
|
|
|
|
###> login throttling ###
|
|
LOGIN_THROTTLING_IP_LOGIN_MAX_ATTEMPTS=50
|
|
LOGIN_THROTTLING_INTERVAL="30 minutes"
|
|
###< login throttling ###
|
|
|
|
###> logs ###
|
|
MAIN_LOG_LEVEL=warning
|
|
DEPRECATION_LOG_LEVEL=error
|
|
SECURITY_LOG_LEVEL=error
|
|
# > LOG_DIR - When not set defaults to logs/<env>/, e.g: logs/prod/. Can also set absolute path, e.g. '/path-to-suitecrm/my_log_dir'
|
|
#LOG_DIR='my_log_dir'
|
|
# > MAIN_LOG_FILE_NAME - When not set defaults to prod.log or dev.log
|
|
#MAIN_LOG_FILE_NAME=my_main.log
|
|
# > DEPRECATION_LOG_FILE_NAME - When not set defaults to prod.deprecation.log or dev.deprecation.log
|
|
#DEPRECATION_LOG_FILE_NAME=my_main.deprecation.log
|
|
# > SECURITY_LOG_FILE_NAME - When not set defaults to prod.security.log or dev.security.log
|
|
#SECURITY_LOG_FILE_NAME=my_main.security.log
|
|
###< logs ###
|
|
|
|
###> doctrine/doctrine-bundle ###
|
|
# Format described at https://www.doctrine-project.org/projects/doctrine-dbal/en/latest/reference/configuration.html#connecting-using-a-url
|
|
# IMPORTANT: You MUST configure your server version, either here or in config/packages/doctrine.yaml
|
|
#
|
|
# DATABASE_URL="sqlite:///%kernel.project_dir%/var/data.db"
|
|
# DATABASE_URL="mysql://app:!ChangeMe!@127.0.0.1:3306/app?serverVersion=8.0.32&charset=utf8mb4"
|
|
# DATABASE_URL="mysql://app:!ChangeMe!@127.0.0.1:3306/app?serverVersion=10.11.2-MariaDB&charset=utf8mb4"
|
|
# DATABASE_URL="postgresql://app:!ChangeMe!@127.0.0.1:5432/app?serverVersion=15&charset=utf8"
|
|
DATABASE_URL=""
|
|
###< doctrine/doctrine-bundle ###
|
|
|
|
###> google/apiclient ###
|
|
# GOOGLE_API_KEY=
|
|
# GOOGLE_CLIENT_ID=
|
|
# GOOGLE_CLIENT_SECRET=
|
|
# GOOGLE_AUTH_CONFIG=%kernel.project_dir%/path/to/file.json
|
|
###< google/apiclient ###
|
|
|
|
###> symfony/messenger ###
|
|
# Choose one of the transports below
|
|
# MESSENGER_TRANSPORT_DSN=amqp://guest:guest@localhost:5672/%2f/messages
|
|
# MESSENGER_TRANSPORT_DSN=redis://localhost:6379/messages
|
|
#MESSENGER_TRANSPORT_DSN=doctrine://default?auto_setup=0
|
|
###< symfony/messenger ###
|
|
|
|
###> symfony/mailer ###
|
|
# MAILER_DSN=null://null
|
|
###< symfony/mailer ###
|
