generate documentation from config.sample.php

2026-03-27 13:38:39 +07:00 · 2022-05-02 13:14:25 +00:00
parent 1a73799a21
commit 96ebb60327
1 changed files with 147 additions and 3 deletions
--- a/admin_manual/configuration_server/config_sample_php_parameters.rst
+++ b/admin_manual/configuration_server/config_sample_php_parameters.rst
@@ -387,6 +387,17 @@ Disabling this is discouraged for security reasons.

 Defaults to ``true``

+::
+
+	'auth.authtoken.v1.disabled' => false,
+
+Whether the authtoken v1 provider should be skipped
+
+The v1 provider is deprecated and removed in Nextcloud 24 onwards. It can be
+disabled already when the instance was installed after Nextcloud 14.
+
+Defaults to ``false``
+
 ::

 	'auth.webauthn.enabled' => true,
@@ -899,6 +910,11 @@ connection. If none of these hosts are reachable, the administration panel
 will show a warning. Set to an empty list to not do any such checks (warning
 will still be shown).

+If no protocol is provided, both http and https will be tested.
+For example, 'http://www.nextcloud.com' and 'https://www.nextcloud.com'
+will be tested for 'www.nextcloud.com'
+If a protocol is provided, only this one will be tested.
+
 Defaults to the following domains:

 - www.nextcloud.com
@@ -978,6 +994,14 @@ must be installed and active.

 Defaults to ``file``

+::
+
+	'log_type_audit' => 'file',
+
+This parameter determines where the audit logs are sent. See ``log_type`` for more information.
+
+Defaults to ``file``
+
 ::

 	'logfile' => '/var/log/nextcloud.log',
@@ -987,11 +1011,20 @@ Name of the file to which the Nextcloud logs are written if parameter

 Defaults to ``[datadirectory]/nextcloud.log``

+::
+
+	'logfile_audit' => '/var/log/audit.log',
+
+Name of the file to which the audit logs are written if parameter
+``log_type`` is set to ``file``.
+
+Defaults to ``[datadirectory]/audit.log``
+
 ::

 	'logfilemode' => 0640,

-Log file mode for the Nextcloud loggin type in octal notation.
+Log file mode for the Nextcloud logging type in octal notation.

 Defaults to 0640 (writeable by user, readable by group).

@@ -1015,6 +1048,17 @@ with a unique id. Only available if ``log_type`` is set to ``syslog`` or

 The default value is ``Nextcloud``.

+::
+
+	'syslog_tag_audit' => 'Nextcloud',
+
+If you maintain different instances and aggregate the logs, you may want
+to distinguish between them. ``syslog_tag_audit`` can be set per instance
+with a unique id. Only available if ``log_type`` is set to ``syslog`` or
+``systemd``.
+
+The default value is the value of ``syslog_tag``.
+
 ::

 	'log.condition' => [
@@ -1206,6 +1250,18 @@ likely show the default mimetype icon. Set to -1 for no limit.

 Defaults to ``50`` megabytes

+::
+
+	'preview_max_memory' => 128,
+
+max memory for generating image previews with imagegd (default behavior)
+Reads the image dimensions from the header and assumes 32 bits per pixel.
+
+If creating the image would allocate more memory, preview generation will
+be disabled and the default mimetype icon is shown. Set to -1 for no limit.
+
+Defaults to ``128`` megabytes
+
 ::

 	'preview_libreoffice_path' => '/usr/bin/libreoffice',
@@ -1230,7 +1286,6 @@ Defaults to ``''`` (empty string)
 		'OC\Preview\PNG',
 		'OC\Preview\JPEG',
 		'OC\Preview\GIF',
-		'OC\Preview\HEIC',
 		'OC\Preview\BMP',
 		'OC\Preview\XBitmap',
 		'OC\Preview\MP3',
@@ -1246,6 +1301,7 @@ The following providers are disabled by default due to performance or privacy
 concerns:

 - OC\\Preview\\Illustrator
+ - OC\\Preview\\HEIC
 - OC\\Preview\\Movie
 - OC\\Preview\\MSOffice2003
 - OC\\Preview\\MSOffice2007
@@ -1263,7 +1319,6 @@ Defaults to the following providers:

 - OC\\Preview\\BMP
 - OC\\Preview\\GIF
- - OC\\Preview\\HEIC
 - OC\\Preview\\JPEG
 - OC\\Preview\\MarkDown
 - OC\\Preview\\MP3
@@ -1345,6 +1400,21 @@ are kicked out of Nextcloud instantly.

 Defaults to ``false``

+::
+
+	'maintenance_window_start' => 1,
+
+UTC Hour for maintenance windows
+
+Some background jobs only run once a day. When an hour is defined for this config,
+the background jobs which advertise themselves as not time sensitive will be
+delayed during the "working" hours and only run in the 4 hours after the given time.
+This is e.g. used for activity expiration, suspicious login training and update checks.
+
+A value of 1 e.g. will only run these background jobs between 01:00am UTC and 05:00am UTC.
+
+Defaults to ``100`` which disables the feature
+
 SSL
 ---

@@ -1404,8 +1474,17 @@ Defaults to ``none``
 		'host' => 'localhost', // can also be a unix domain socket: '/tmp/redis.sock'
 		'port' => 6379,
 		'timeout' => 0.0,
+		'read_timeout' => 0.0,
+		'user' =>  '', // Optional, if not defined no password will be used.
 		'password' => '', // Optional, if not defined no password will be used.
 		'dbindex' => 0, // Optional, if undefined SELECT will not run and will use Redis Server's default DB Index.
+		// If redis in-transit encryption is enabled, provide certificates
+		// SSL context https://www.php.net/manual/en/context.ssl.php
+		'ssl_context' => [
+			'local_cert' => '/certs/redis.crt',
+			'local_pk' => '/certs/redis.key',
+			'cafile' => '/certs/ca.crt'
+		]
 	],

 Connection details for redis to use for memory caching in a single server configuration.
@@ -1414,6 +1493,9 @@ For enhanced security it is recommended to configure Redis
 to require a password. See http://redis.io/topics/security
 for more information.

+We also support redis SSL/TLS encryption as of version 6.
+See https://redis.io/topics/encryption for more information.
+
 ::

 	'redis.cluster' => [
@@ -1424,7 +1506,15 @@ for more information.
 		'timeout' => 0.0,
 		'read_timeout' => 0.0,
 		'failover_mode' => \RedisCluster::FAILOVER_ERROR,
+		'user' =>  '', // Optional, if not defined no password will be used.
 		'password' => '', // Optional, if not defined no password will be used.
+		// If redis in-transit encryption is enabled, provide certificates
+		// SSL context https://www.php.net/manual/en/context.ssl.php
+		'ssl_context' => [
+			'local_cert' => '/certs/redis.crt',
+			'local_pk' => '/certs/redis.key',
+			'cafile' => '/certs/ca.crt'
+		]
 	],

 Connection details for a Redis Cluster
@@ -1666,6 +1756,16 @@ Set to true to enforce that internal shares need to be accepted

 Set to false to stop sending a mail when users receive a share

+::
+
+	'transferIncomingShares' => false,
+
+Set to true to always transfer incoming shares by default
+when running "occ files:transfer-ownership".
+
+Defaults to false, so incoming shares are not transferred if not specifically requested
+by a command line argument.
+
 All other configuration options
 -------------------------------

@@ -1721,6 +1821,25 @@ https://mariadb.com/kb/en/mariadb/xtradbinnodb-server-system-variables/#innodb_l
 http://www.tocker.ca/2013/10/31/benchmarking-innodb-page-compression-performance.html
 http://mechanics.flite.com/blog/2014/07/29/using-innodb-large-prefix-to-avoid-error-1071/

+::
+
+	'mysql.collation' => null,
+
+For search queries in the database, a default collation – depending on the
+character set – is chosen. In some cases a different behaviour is desired,
+for instances when a accent sensitive search is desired.
+
+MariaDB and MySQL have an overlap in available collations, but also
+incompatible ones, also depending on the version of the database server.
+
+This option allows to override the automatic choice. Example:
+
+'mysql.collation' => 'utf8mb4_0900_as_ci',
+
+This setting has no effect on setup or creating tables. In those cases
+always utf8[mb4]_bin is being used. This setting is only taken into
+consideration in SQL queries that utilize LIKE comparison operators.
+
 ::

 	'supportedDatabases' => [
@@ -1898,6 +2017,19 @@ unlikely.

 Defaults to ``1800`` (seconds)

+::
+
+	'files_external_allow_create_new_local' => true,
+
+Allows to create external storages of type "Local" in the web interface and APIs.
+
+When disable, it is still possible to create local storages with occ using
+the following command:
+
+% php occ files_external:create /mountpoint local null::null -c datadir=/path/to/data
+
+Defaults to ``true``
+
 ::

 	'filesystem_check_changes' => 0,
@@ -2148,6 +2280,18 @@ Some companies require it to be disabled to comply with their security policy.

 Simply set this property to "false", if you want to turn this feature off.

+::
+
+	'files_no_background_scan' => false,
+
+Disable background scanning of files
+
+By default, a background job runs every 10 minutes and execute a background
+scan to sync filesystem and database. Only users with unscanned files
+(size < 0 in filecache) are included. Maximum 500 users per job.
+
+Defaults to ``true``
+
 .. ALL_OTHER_SECTIONS_END
 .. Generated content above. Don't change this.