Cadoles/eole-collabora
21
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

ajout host autorisé / login pwd admin / logging file

Browse Source
This commit is contained in:
afornerot
2020-08-21 14:05:48 +02:00
parent 5162d6173a
commit 646c9b97c4
3 changed files with 31 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
tmpl/loolwsd.xml
View File

@ -54,7 +54,7 @@
See also: https://docs.libreoffice.org/sal/html/sal_log.html -->
<lokit_sal_log type="string" desc="Fine tune log messages from LOKit. Default is to suppress log messages from LOKit." default="-INFO-WARN">-INFO-WARN</lokit_sal_log>
<file enable="false">
<property name="path" desc="Log file path.">/var/log/loolwsd.log</property>
<property name="path" desc="Log file path.">/var/log/lool/loolwsd.log</property>
<property name="rotation" desc="Log file rotation strategy. See Poco FileChannel.">never</property>
<property name="archive" desc="Append either timestamp or number to the archived log filename.">timestamp</property>
<property name="compress" desc="Enable/disable log file compression.">true</property>
@ -69,7 +69,7 @@
</anonymize>
</logging>
<loleaflet_logging desc="Logging in the browser console" default="false">false</loleaflet_logging>
<loleaflet_logging desc="Logging in the browser console" default="false">true</loleaflet_logging>
<trace desc="Dump commands and notifications for replay. When 'snapshot' is true, the source file is copied to the path first." enable="false">
<path desc="Output path to hold trace file and docs. Use '%' for timestamp to avoid overwriting. For example: /some/path/to/looltrace-%.gz" compress="true" snapshot="false"></path>
@ -97,7 +97,7 @@
<host desc="The IPv4 private 172.17.0.0/16 subnet (Docker).">172\.17\.[0-9]{1,3}\.[0-9]{1,3}</host>
<host desc="Ditto, but as IPv4-mapped IPv6 addresses">::ffff:172\.17\.[0-9]{1,3}\.[0-9]{1,3}</host>
</post_allow>
<frame_ancestors desc="Specify who is allowed to embed the LO Online iframe (loolwsd and WOPI host are always allowed). Separate multiple hosts by space."></frame_ancestors>
<frame_ancestors desc="Specify who is allowed to embed the LO Online iframe (loolwsd and WOPI host are always allowed). Separate multiple hosts by space.">%%custom_join(%%loolwsd_permhost, ' ')"</frame_ancestors>
</net>
<ssl desc="SSL settings">
@ -136,6 +136,9 @@
<filesystem allow="false" />
<wopi desc="Allow/deny wopi storage. Mutually exclusive with webdav." allow="true">
<host desc="Regex pattern of hostname to allow or deny." allow="true">localhost</host>
%for %%host in %%loolwsd_permhost
<host desc="Regex pattern of hostname to allow or deny." allow="true">%%host</host>
%end for
<host desc="Regex pattern of hostname to allow or deny." allow="true">10\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}</host>
<host desc="Regex pattern of hostname to allow or deny." allow="true">172\.1[6789]\.[0-9]{1,3}\.[0-9]{1,3}</host>
<host desc="Regex pattern of hostname to allow or deny." allow="true">172\.2[0-9]\.[0-9]{1,3}\.[0-9]{1,3}</host>
@ -148,8 +151,11 @@
<refresh desc="How frequently we should re-acquire a lock with the storage server, in seconds (default 15 mins) or 0 for no refresh" type="int" default="900">900</refresh>
</locking>
</wopi>
<webdav desc="Allow/deny webdav storage. Mutually exclusive with wopi." allow="false">
<webdav desc="Allow/deny webdav storage. Mutually exclusive with wopi." allow="true">
<host desc="Hostname to allow" allow="false">localhost</host>
%for %%host in %%loolwsd_permhost
<host desc="Hostname to allow" allow="true">%%host</host>
%end for
</webdav>
<ssl desc="SSL settings">
<as_scheme type="bool" default="true" desc="When set we exclusively use the WOPI URI's scheme to enable SSL for storage">true</as_scheme>
@ -166,8 +172,8 @@
<admin_console desc="Web admin console settings.">
<enable desc="Enable the admin console functionality" type="bool" default="true">true</enable>
<enable_pam desc="Enable admin user authentication with PAM" type="bool" default="false">false</enable_pam>
<username desc="The username of the admin console. Ignored if PAM is enabled."></username>
<password desc="The password of the admin console. Deprecated on most platforms. Instead, use PAM or loolconfig to set up a secure password."></password>
<username desc="The username of the admin console. Ignored if PAM is enabled.">%%loolwsd_login</username>
<password desc="The password of the admin console. Deprecated on most platforms. Instead, use PAM or loolconfig to set up a secure password.">%%loolwsd_pwd</password>
</admin_console>
<monitors desc="Addresses of servers we connect to on start for monitoring">