ownCloud
Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Back to homepage
Edit page

Service Configuration

Example YAML Config

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
# Autogenerated
# Filename: proxy-config-example.yaml

tracing:
  enabled: false
  type: ""
  endpoint: ""
  collector: ""
log:
  level: ""
  pretty: false
  color: false
  file: ""
debug:
  addr: 127.0.0.1:9205
  token: ""
  pprof: false
  zpages: false
http:
  addr: 0.0.0.0:9200
  root: /
  tls_cert: ~/.ocis/proxy/server.crt
  tls_key: ~/.ocis/proxy/server.key
  tls: true
reva:
  address: 127.0.0.1:9142
policies:
- name: ocis
  routes:
  - endpoint: /
    backend: http://localhost:9100
  - endpoint: /.well-known/
    backend: http://localhost:9130
  - endpoint: /konnect/
    backend: http://localhost:9130
  - endpoint: /signin/
    backend: http://localhost:9130
  - endpoint: /archiver
    backend: http://localhost:9140
  - type: regex
    endpoint: /ocs/v[12].php/cloud/user/signing-key
    backend: http://localhost:9110
  - endpoint: /ocs/
    backend: http://localhost:9140
  - type: query
    endpoint: /remote.php/?preview=1
    backend: http://localhost:9115
  - method: REPORT
    endpoint: /remote.php/dav/
    backend: http://localhost:9115
  - type: query
    endpoint: /dav/?preview=1
    backend: http://localhost:9115
  - type: query
    endpoint: /webdav/?preview=1
    backend: http://localhost:9115
  - endpoint: /remote.php/
    service: com.owncloud.web.ocdav
  - endpoint: /dav/
    service: com.owncloud.web.ocdav
  - endpoint: /webdav/
    service: com.owncloud.web.ocdav
  - endpoint: /status
    service: com.owncloud.web.ocdav
  - endpoint: /status.php
    service: com.owncloud.web.ocdav
  - endpoint: /index.php/
    service: com.owncloud.web.ocdav
  - endpoint: /apps/
    service: com.owncloud.web.ocdav
  - endpoint: /data
    backend: http://localhost:9140
  - endpoint: /app/
    backend: http://localhost:9140
  - endpoint: /graph/
    backend: http://localhost:9120
  - endpoint: /graph-explorer
    backend: http://localhost:9135
  - endpoint: /api/v0/settings
    backend: http://localhost:9190
  - endpoint: /settings.js
    backend: http://localhost:9190
oidc:
  issuer: https://localhost:9200
  insecure: true
  user_info_cache:
    size: 1024
    ttl: 10
token_manager:
  jwt_secret: ""
policy_selector:
  static:
    policy: ocis
  claims: null
  regex: null
pre_signed_url:
  allowed_http_methods:
  - GET
  enabled: true
account_backend: cs3
user_oidc_claim: email
user_cs3_claim: mail
machine_auth_api_key: ""
auto_provision_accounts: false
enable_basic_auth: false
insecure_backends: false
auth_middleware:
  credentials_by_user_agent: {}

Environment Variables

Name Type Default Value Description
OCIS_TRACING_ENABLED
PROXY_TRACING_ENABLED
bool false
OCIS_TRACING_TYPE
PROXY_TRACING_TYPE
string
OCIS_TRACING_ENDPOINT
PROXY_TRACING_ENDPOINT
string
OCIS_TRACING_COLLECTOR
PROXY_TRACING_COLLECTOR
string
OCIS_LOG_LEVEL
PROXY_LOG_LEVEL
string
OCIS_LOG_PRETTY
PROXY_LOG_PRETTY
bool false
OCIS_LOG_COLOR
PROXY_LOG_COLOR
bool false
OCIS_LOG_FILE
PROXY_LOG_FILE
string
PROXY_DEBUG_ADDR string 127.0.0.1:9205 Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.
PROXY_DEBUG_TOKEN string Token to secure the metrics endpoint
PROXY_DEBUG_PPROF bool false Enables pprof, which can be used for profiling
PROXY_DEBUG_ZPAGES bool false Enables zpages, which can be used for collecting and viewing traces in-me
PROXY_HTTP_ADDR string 0.0.0.0:9200
PROXY_HTTP_ROOT string /
PROXY_TRANSPORT_TLS_CERT string ~/.ocis/proxy/server.crt
PROXY_TRANSPORT_TLS_KEY string ~/.ocis/proxy/server.key
PROXY_TLS bool true
REVA_GATEWAY string 127.0.0.1:9142
OCIS_URL
OCIS_OIDC_ISSUER
PROXY_OIDC_ISSUER
string https://localhost:9200 URL of the OpenID connect identity provider.
OCIS_INSECURE
PROXY_OIDC_INSECURE
bool true Disable TLS certificate validation for connections to the IDP. (not recommended for production environments.
PROXY_OIDC_USERINFO_CACHE_SIZE int 1024
PROXY_OIDC_USERINFO_CACHE_TTL int 10
OCIS_JWT_SECRET
PROXY_JWT_SECRET
string
PROXY_ENABLE_PRESIGNEDURLS bool true
PROXY_ACCOUNT_BACKEND_TYPE string cs3 Account backend the proxy should use, currenly only ‘cs3’ is possible here.
PROXY_USER_OIDC_CLAIM string email The name of an OpenID Connect claim that should be used for resolving users with the account backend. Currently defaults to ‘email’.
PROXY_USER_CS3_CLAIM string mail The name of a CS3 user attribute (claim) that should be mapped to the ‘user_oidc_claim’. Currently defaults to ‘mail’ (other possible values are: ‘username’, ‘displayname’)
OCIS_MACHINE_AUTH_API_KEY
PROXY_MACHINE_AUTH_API_KEY
string
PROXY_AUTOPROVISION_ACCOUNTS bool false Set this to ‘true’ to automatically provsion users that do not yet exist in the users service on-demand upon first signin. To use this a write-enabled libregraph user backend needs to be setup an running.
PROXY_ENABLE_BASIC_AUTH bool false Set this to true to enable ‘basic’ (username/password) authentication. (Default: false)
PROXY_INSECURE_BACKENDS bool false Disable TLS certificate validation for all http backend connections. (Default: false)