docspell.server { # This is shown in the top right corner of the web application app-name = "Docspell" # This is the id of this node. If you run more than one server, you # have to make sure to provide unique ids per node. app-id = "rest1" # This is the base URL this application is deployed to. This is used # to create absolute URLs and to configure the cookie. base-url = "http://localhost:7880" # Where the server binds to. bind { address = "localhost" port = 7880 } # Authentication. auth { # The secret for this server that is used to sign the authenicator # tokens. If multiple servers are running, all must share the same # secret. You can use base64 or hex strings (prefix with b64: and # hex:, respectively). server-secret = "hex:caffee" # How long an authentication token is valid. The web application # will get a new one periodically. session-valid = "5 minutes" } # This endpoint allows to upload files to any collective. The # intention is that local software integrates with docspell more # easily. Therefore the endpoint is not protected by the usual # means. # # For security reasons, this endpoint is disabled by default. If # enabled, you can choose from some ways to protect it. It may be a # good idea to further protect this endpoint using a firewall, such # that outside traffic is not routed. # # NOTE: If all protection methods are disabled, the endpoint is not # protected at all! integration-endpoint { enabled = false # The priority to use when submitting files through this endpoint. priority = "low" # IPv4 addresses to allow access. An empty list, if enabled, # prohibits all requests. IP addresses may be specified as simple # globs: a part marked as `*' matches any octet, like in # `192.168.*.*`. The `127.0.0.1' (the default) matches the # loopback address. allowed-ips { enabled = false ips = [ "127.0.0.1" ] } # Requests are expected to use http basic auth when uploading # files. http-basic { enabled = false realm = "Docspell Integration" user = "docspell-int" password = "docspell-int" } # Requests are expected to supply some specific header when # uploading files. http-header { enabled = false header-name = "Docspell-Integration" header-value = "some-secret" } } # Configuration for the backend. backend { # Enable or disable debugging for e-mail related functionality. This # applies to both sending and receiving mails. For security reasons # logging is not very extensive on authentication failures. Setting # this to true, results in a lot of data printed to stdout. mail-debug = false # The database connection. # # By default a H2 file-based database is configured. You can # provide a postgresql or mariadb connection here. When using H2 # use the PostgreSQL compatibility mode and AUTO_SERVER feature. jdbc { url = "jdbc:h2://"${java.io.tmpdir}"/docspell-demo.db;MODE=PostgreSQL;DATABASE_TO_LOWER=TRUE;AUTO_SERVER=TRUE" user = "sa" password = "" } # Configuration for registering new users. signup { # The mode defines if new users can signup or not. It can have # three values: # # - open: every new user can sign up # - invite: new users can sign up only if they provide a correct # invitation key. Invitation keys can be generated by the # server. # - closed: signing up is disabled. mode = "open" # If mode == 'invite', a password must be provided to generate # invitation keys. It must not be empty. new-invite-password = "" # If mode == 'invite', this is the period an invitation token is # considered valid. invite-time = "3 days" } files { # Defines the chunk size (in bytes) used to store the files. # This will affect the memory footprint when uploading and # downloading files. At most this amount is loaded into RAM for # down- and uploading. # # It also defines the chunk size used for the blobs inside the # database. chunk-size = 524288 # The file content types that are considered valid. Docspell # will only pass these files to processing. The processing code # itself has also checks for which files are supported and which # not. This affects the uploading part and can be used to # restrict file types that should be handed over to processing. # By default all files are allowed. valid-mime-types = [ ] } } }