2015-08-21 11:56:54 +02:00
|
|
|
# Settings for Zulip Voyager
|
2013-11-14 05:14:18 +01:00
|
|
|
|
|
|
|
### MANDATORY SETTINGS
|
2015-08-21 05:40:53 +02:00
|
|
|
#
|
|
|
|
# These settings MUST be set in production. In a development environment,
|
|
|
|
# sensible default values will be used.
|
2013-10-23 23:28:03 +02:00
|
|
|
|
2013-11-14 05:25:45 +01:00
|
|
|
# The user-accessible Zulip hostname for this installation, e.g.
|
|
|
|
# zulip.example.com
|
2015-08-21 05:40:53 +02:00
|
|
|
EXTERNAL_HOST = 'zulip.example.com'
|
2013-10-17 16:33:04 +02:00
|
|
|
|
2013-11-14 05:25:45 +01:00
|
|
|
# The email address for the person or team who maintain the Zulip
|
2015-08-21 11:56:54 +02:00
|
|
|
# Voyager installation. Will also get support emails. (e.g. zulip-admin@example.com)
|
2015-08-21 08:07:52 +02:00
|
|
|
ZULIP_ADMINISTRATOR = 'zulip-admin@example.com'
|
2013-11-13 15:59:59 +01:00
|
|
|
|
2013-11-14 05:25:45 +01:00
|
|
|
# The domain for your organization, e.g. example.com
|
2015-08-21 08:07:52 +02:00
|
|
|
ADMIN_DOMAIN = 'example.com'
|
2013-11-04 19:37:05 +01:00
|
|
|
|
2013-11-13 15:59:59 +01:00
|
|
|
# Enable at least one of the following authentication backends.
|
|
|
|
AUTHENTICATION_BACKENDS = (
|
2015-09-30 07:23:25 +02:00
|
|
|
# 'zproject.backends.EmailAuthBackend', # Email and password; see SMTP setup below
|
2013-11-13 16:45:16 +01:00
|
|
|
# 'zproject.backends.ZulipRemoteUserBackend', # Local SSO
|
2015-09-26 22:50:28 +02:00
|
|
|
# 'zproject.backends.GoogleMobileOauth2Backend', # Google Apps, setup below
|
2015-09-30 08:12:48 +02:00
|
|
|
# 'zproject.backends.ZulipLDAPAuthBackend', # LDAP, setup below
|
2013-11-13 15:59:59 +01:00
|
|
|
)
|
|
|
|
|
2015-09-26 22:50:46 +02:00
|
|
|
# Google Oauth requires a bit of configuration; you will need to go to
|
2015-09-28 19:05:58 +02:00
|
|
|
# do the following:
|
|
|
|
#
|
|
|
|
# (1) Visit https://console.developers.google.com, setup an
|
|
|
|
# Oauth2 client ID that allows redirects to
|
|
|
|
# e.g. https://zulip.example.com/accounts/login/google/done/.
|
|
|
|
#
|
|
|
|
# (2) Then click into the APIs and Auth section (in the sidebar on the
|
|
|
|
# left side of the page), APIs, then under "Social APIs" click on
|
|
|
|
# "Google+ API" and click the button to enable the API.
|
|
|
|
#
|
|
|
|
# (3) put your client secret as "google_oauth2_client_secret" in
|
|
|
|
# zulip-secrets.conf, and your client ID right here:
|
2015-09-26 22:50:46 +02:00
|
|
|
# GOOGLE_OAUTH2_CLIENT_ID=<your client ID from Google>
|
|
|
|
|
2013-11-14 05:25:45 +01:00
|
|
|
# If you are using the ZulipRemoteUserBackend authentication backend,
|
|
|
|
# set this to your domain (e.g. if REMOTE_USER is "username" and the
|
|
|
|
# corresponding email address is "username@example.com", set
|
|
|
|
# SSO_APPEND_DOMAIN = "example.com")
|
2013-11-13 15:59:59 +01:00
|
|
|
SSO_APPEND_DOMAIN = None
|
|
|
|
|
2015-09-30 03:54:30 +02:00
|
|
|
# Configure the outgoing SMTP server below. The default configuration
|
|
|
|
# is prepopulated for GMail servers. Change EMAIL_HOST for other
|
|
|
|
# hosts, or leave it unset or empty to skip sending email. Note if
|
|
|
|
# you are using a GMail account to send outgoing email, you will
|
|
|
|
# likely need to configure that account as "less secure" here:
|
|
|
|
# https://support.google.com/accounts/answer/6010255.
|
|
|
|
#
|
|
|
|
# With the exception of reading EMAIL_HOST_PASSWORD from the Zulip
|
|
|
|
# secrets file, Zulip uses Django's standard EmailBackend, so if
|
|
|
|
# you're having issues, you may want to search for documentation on
|
|
|
|
# using your email provider with Django.
|
2015-09-27 03:32:36 +02:00
|
|
|
#
|
|
|
|
# A common problem you may encounter when trying to get this working
|
2015-09-30 03:54:30 +02:00
|
|
|
# is that some hosting providers block outgoing SMTP traffic.
|
2013-10-25 21:19:30 +02:00
|
|
|
EMAIL_HOST = 'smtp.gmail.com'
|
2013-10-23 23:28:03 +02:00
|
|
|
EMAIL_HOST_USER = ''
|
2015-09-27 02:46:44 +02:00
|
|
|
# If you're using password auth, you will need to put the password in
|
2015-09-28 02:05:29 +02:00
|
|
|
# /etc/zulip/zulip-secrets.conf as email_password.
|
2013-10-23 23:28:03 +02:00
|
|
|
EMAIL_PORT = 587
|
2013-11-05 01:19:52 +01:00
|
|
|
EMAIL_USE_TLS = True
|
2013-10-23 23:28:03 +02:00
|
|
|
|
2013-11-16 00:47:17 +01:00
|
|
|
# The email From address to be used for automatically generated emails
|
|
|
|
DEFAULT_FROM_EMAIL = "Zulip <zulip@example.com>"
|
|
|
|
# The noreply address to be used as Reply-To for certain generated emails.
|
|
|
|
# Messages sent to this address should not be delivered anywhere.
|
|
|
|
NOREPLY_EMAIL_ADDRESS = "noreply@example.com"
|
|
|
|
|
2015-08-21 08:21:23 +02:00
|
|
|
# A list of strings representing the host/domain names that this
|
|
|
|
# Django site can serve. You should reset it to be a list of
|
|
|
|
# domains/IP addresses for your site. This is a security measure to
|
|
|
|
# prevent an attacker from poisoning caches and triggering password
|
|
|
|
# reset emails with links to malicious hosts by submitting requests
|
|
|
|
# with a fake HTTP Host header.
|
|
|
|
ALLOWED_HOSTS = ['*']
|
|
|
|
|
2013-11-14 05:25:45 +01:00
|
|
|
### OPTIONAL SETTINGS
|
2013-11-14 05:14:18 +01:00
|
|
|
|
2013-11-14 05:25:45 +01:00
|
|
|
# Controls whether session cookies expire when the browser closes
|
2013-11-14 05:14:18 +01:00
|
|
|
SESSION_EXPIRE_AT_BROWSER_CLOSE = False
|
|
|
|
|
|
|
|
# Session cookie expiry in seconds after the last page load
|
2013-11-14 05:25:45 +01:00
|
|
|
SESSION_COOKIE_AGE = 60 * 60 * 24 * 7 * 2 # 2 weeks
|
2013-11-14 05:14:18 +01:00
|
|
|
|
2013-11-25 22:07:37 +01:00
|
|
|
# Controls whether or not there is a feedback button in the UI.
|
2015-08-21 04:42:04 +02:00
|
|
|
ENABLE_FEEDBACK = False
|
2013-11-13 16:59:03 +01:00
|
|
|
|
2013-11-25 22:07:37 +01:00
|
|
|
# By default, the feedback button will submit feedback to the Zulip
|
|
|
|
# developers. If you set FEEDBACK_EMAIL to be an email address
|
|
|
|
# (e.g. ZULIP_ADMINISTRATOR), feedback sent by your users will instead
|
|
|
|
# be sent to that email address.
|
2015-08-21 04:42:04 +02:00
|
|
|
FEEDBACK_EMAIL = ZULIP_ADMINISTRATOR
|
2013-11-25 22:07:37 +01:00
|
|
|
|
2013-11-14 05:25:45 +01:00
|
|
|
# Controls whether or not error reports are sent to Zulip. Error
|
|
|
|
# reports are used to improve the quality of the product and do not
|
|
|
|
# include message contents; please contact Zulip support with any
|
|
|
|
# questions.
|
2013-11-13 21:35:04 +01:00
|
|
|
ERROR_REPORTING = True
|
|
|
|
|
2013-11-14 14:37:39 +01:00
|
|
|
# Controls whether or not Zulip will provide inline image preview when
|
|
|
|
# a link to an image is referenced in a message.
|
|
|
|
INLINE_IMAGE_PREVIEW = True
|
|
|
|
|
2013-11-14 05:25:45 +01:00
|
|
|
# By default, files uploaded by users and user avatars are stored
|
2015-09-30 03:10:17 +02:00
|
|
|
# directly on the Zulip server. If file storage in Amazon S3 is
|
|
|
|
# desired, you can configure that by setting s3_key and s3_secret_key
|
|
|
|
# in /etc/zulip/zulip-secrets.conf to be the S3 access and secret keys
|
|
|
|
# that you want to use, and setting the S3_AUTH_UPLOADS_BUCKET and
|
|
|
|
# S3_AVATAR_BUCKET to be the S3 buckets you've created to store file
|
|
|
|
# uploads and user avatars, respectively.
|
2013-10-28 16:13:53 +01:00
|
|
|
LOCAL_UPLOADS_DIR = "/home/zulip/uploads"
|
2013-10-23 23:28:03 +02:00
|
|
|
|
2013-11-15 16:52:31 +01:00
|
|
|
# Controls whether name changes are completely disabled for this installation
|
|
|
|
# This is useful in settings where you're syncing names from an integrated LDAP/Active Directory
|
|
|
|
NAME_CHANGES_DISABLED = False
|
|
|
|
|
2013-11-15 22:25:02 +01:00
|
|
|
# Controls whether users who have not uploaded an avatar will receive an avatar
|
|
|
|
# from gravatar.com.
|
|
|
|
ENABLE_GRAVATAR = True
|
|
|
|
|
2013-11-18 16:58:39 +01:00
|
|
|
# To override the default avatar image if ENABLE_GRAVATAR is False, place your
|
|
|
|
# custom default avatar image at /home/zulip/local-static/default-avatar.png
|
|
|
|
# and uncomment the following line.
|
|
|
|
#DEFAULT_AVATAR_URI = '/local-static/default-avatar.png'
|
|
|
|
|
2013-11-14 05:25:45 +01:00
|
|
|
### TWITTER INTEGRATION
|
|
|
|
|
|
|
|
# Zulip supports showing inline Tweet previews when a tweet is linked
|
|
|
|
# to in a message. To support this, Zulip must have access to the
|
|
|
|
# Twitter API via OAuth. To obtain the various access tokens needed
|
|
|
|
# below, you must register a new application under your Twitter
|
|
|
|
# account by doing the following:
|
2013-10-25 21:19:30 +02:00
|
|
|
#
|
|
|
|
# 1. Log in to http://dev.twitter.com.
|
|
|
|
# 2. In the menu under your username, click My Applications. From this page, create a new application.
|
2015-09-29 20:26:34 +02:00
|
|
|
# 3. Click on the application you created and click "create my access token".
|
|
|
|
# 4. Fill in the values for twitter_consumer_key, twitter_consumer_secret, twitter_access_token_key,
|
|
|
|
# and twitter_access_token_secret in /etc/zulip/zulip-secrets.conf.
|
2013-10-25 21:19:30 +02:00
|
|
|
|
2013-11-14 05:25:45 +01:00
|
|
|
### EMAIL GATEWAY INTEGRATION
|
|
|
|
|
|
|
|
# The email gateway provides, for each stream, an email address that
|
|
|
|
# you can send email to in order to have the email's content be posted
|
|
|
|
# to that stream. Emails received at the per-stream email address
|
|
|
|
# will be converted into a Zulip message
|
2013-11-12 16:19:38 +01:00
|
|
|
|
2014-02-03 20:22:56 +01:00
|
|
|
# There are two ways to make use of local email mirroring:
|
|
|
|
# 1. Local delivery: A MTA runs locally and passes mail directly to Zulip
|
|
|
|
# 2. Polling: Checks an IMAP inbox every minute for new messages.
|
|
|
|
|
|
|
|
# A Puppet manifest for local delivery via Postfix is available in
|
|
|
|
# puppet/zulip/manifests/postfix_localmail.pp. To use the manifest, add it to
|
|
|
|
# puppet_classes in /etc/zulip/zulip.conf. This manifest assumes you'll receive
|
|
|
|
# mail addressed to the hostname of your Zulip server.
|
|
|
|
#
|
|
|
|
# Users of other mail servers will need to configure it to pass mail to the
|
|
|
|
# email mirror; see `python manage.py email-mirror --help` for details.
|
|
|
|
|
2013-11-12 16:19:38 +01:00
|
|
|
# The email address pattern to use for auto-generated stream emails
|
|
|
|
# The %s will be replaced with a unique token, and the resulting email
|
2013-11-14 05:25:45 +01:00
|
|
|
# must be delivered to the EMAIL_GATEWAY_IMAP_FOLDER of the
|
2014-02-03 20:22:56 +01:00
|
|
|
# EMAIL_GATEWAY_LOGIN account below, or piped in to the email-mirror management
|
|
|
|
# command as indicated above.
|
2013-11-14 05:25:45 +01:00
|
|
|
#
|
|
|
|
# Example: zulip+%s@example.com
|
2013-11-12 16:19:38 +01:00
|
|
|
EMAIL_GATEWAY_PATTERN = ""
|
|
|
|
|
2014-02-03 20:22:56 +01:00
|
|
|
|
|
|
|
# The following options are relevant if you're using mail polling.
|
|
|
|
#
|
|
|
|
# A sample cron job for mail polling is available at puppet/zulip/files/cron.d/email-mirror
|
|
|
|
#
|
2013-11-14 05:25:45 +01:00
|
|
|
# The Zulip username of the bot that the email pattern should post as.
|
|
|
|
# Example: emailgateway@example.com
|
2013-11-12 16:19:38 +01:00
|
|
|
EMAIL_GATEWAY_BOT = ""
|
|
|
|
|
|
|
|
# Configuration of the email mirror mailbox
|
|
|
|
# The IMAP login and password
|
|
|
|
EMAIL_GATEWAY_LOGIN = ""
|
|
|
|
EMAIL_GATEWAY_PASSWORD = ""
|
|
|
|
# The IMAP server & port to connect to
|
|
|
|
EMAIL_GATEWAY_IMAP_SERVER = ""
|
|
|
|
EMAIL_GATEWAY_IMAP_PORT = 993
|
|
|
|
# The IMAP folder name to check for emails. All emails sent to EMAIL_GATEWAY_PATTERN above
|
|
|
|
# must be delivered to this folder
|
|
|
|
EMAIL_GATEWAY_IMAP_FOLDER = "INBOX"
|
|
|
|
|
2013-11-21 01:30:20 +01:00
|
|
|
### LDAP integration configuration
|
2015-09-30 08:12:48 +02:00
|
|
|
# Zulip supports retrieving information about users via LDAP, and
|
2015-10-13 22:22:27 +02:00
|
|
|
# optionally using LDAP as an authentication mechanism.
|
|
|
|
#
|
|
|
|
# In either configuration, you will need to do the following:
|
|
|
|
#
|
|
|
|
# * Fill in the LDAP configuration options below so that Zulip can
|
|
|
|
# connect to your LDAP server
|
|
|
|
#
|
|
|
|
# * Setup the mapping between email addresses (used as login names in
|
|
|
|
# Zulip) and LDAP usernames. There are two supported ways to setup
|
|
|
|
# the username mapping:
|
|
|
|
#
|
|
|
|
# (A) If users' email addresses are in LDAP, set
|
|
|
|
# LDAP_APPEND_DOMAIN = None
|
|
|
|
# AUTH_LDAP_USER_SEARCH to lookup users by email address
|
|
|
|
#
|
|
|
|
# (B) If LDAP only has usernames but email addresses are of the form
|
|
|
|
# username@example.com, you should set:
|
|
|
|
# LDAP_APPEND_DOMAIN = example.com and
|
|
|
|
# AUTH_LDAP_USER_SEARCH to lookup users by username
|
|
|
|
#
|
|
|
|
# You can quickly test whether your configuration works by running:
|
|
|
|
# ./manage.py query_ldap username@example.com
|
|
|
|
# From the root of your Zulip installation; if your configuration is working
|
|
|
|
# that will output the full name for your user.
|
|
|
|
#
|
|
|
|
# -------------------------------------------------------------
|
|
|
|
#
|
|
|
|
# If you are using LDAP for authentication, you will need to enable
|
|
|
|
# the zproject.backends.ZulipLDAPAuthBackend auth backend in
|
|
|
|
# AUTHENTICATION_BACKENDS above. After doing so, you should be able
|
|
|
|
# to login to Zulip by entering your email address and LDAP password
|
|
|
|
# on the Zulip login form.
|
|
|
|
#
|
|
|
|
# If you are using LDAP to populate names in Zulip, once you finish
|
|
|
|
# configuring this integration, you will need to run:
|
|
|
|
# ./manage.py sync_ldap_user_data
|
|
|
|
# To sync names for existing users; you may want to run this in a cron
|
|
|
|
# job to pick up name changes made on your LDAP server.
|
2013-11-21 01:30:20 +01:00
|
|
|
import ldap
|
|
|
|
from django_auth_ldap.config import LDAPSearch, GroupOfNamesType
|
|
|
|
|
|
|
|
# URI of your LDAP server. If set, LDAP is used to prepopulate a user's name in
|
|
|
|
# Zulip. Example: "ldaps://ldap.example.com"
|
|
|
|
AUTH_LDAP_SERVER_URI = ""
|
|
|
|
|
|
|
|
# This DN and password will be used to bind to your server. If unset, anonymous
|
|
|
|
# binds are performed.
|
|
|
|
AUTH_LDAP_BIND_DN = ""
|
|
|
|
AUTH_LDAP_BIND_PASSWORD = ""
|
|
|
|
|
2013-11-22 22:58:22 +01:00
|
|
|
# Specify the search base and the property to filter on that corresponds to the
|
2013-11-21 01:30:20 +01:00
|
|
|
# username.
|
|
|
|
AUTH_LDAP_USER_SEARCH = LDAPSearch("ou=users,dc=example,dc=com",
|
|
|
|
ldap.SCOPE_SUBTREE, "(uid=%(user)s)")
|
|
|
|
|
|
|
|
# If the value of a user's "uid" (or similar) property is not their email
|
|
|
|
# address, specify the domain to append here.
|
2013-11-22 22:58:22 +01:00
|
|
|
LDAP_APPEND_DOMAIN = ADMIN_DOMAIN
|
2013-11-21 01:30:20 +01:00
|
|
|
|
2013-11-22 22:58:22 +01:00
|
|
|
# This map defines how to populate attributes of a Zulip user from LDAP.
|
2013-11-21 01:30:20 +01:00
|
|
|
AUTH_LDAP_USER_ATTR_MAP = {
|
|
|
|
# Populate the Django user's name from the LDAP directory.
|
|
|
|
"full_name": "cn",
|
|
|
|
}
|
2015-08-21 01:27:35 +02:00
|
|
|
|
|
|
|
CAMO_URI = ''
|