# This is the default configuration file databases: default: engine: 'django.db.backends.sqlite3' name: 'db.sqlite3' log: level: console: DEBUG file: DEBUG file: NUL syslog: host: 127.0.0.1 port: 514 email: host: localhost port: 25 user: '' password: '' use_tls: false use_ssl: false from: passbook web: listen: 0.0.0.0 port: 8000 threads: 30 debug: true secure_proxy_header: HTTP_X_FORWARDED_PROTO: https redis: localhost # Error reporting, sends stacktrace to sentry.services.beryju.org error_report_enabled: true passbook: sign_up: # Enables signup, created users are stored in internal Database and created in LDAP if ldap.create_users is true enabled: true password_reset: # Enable password reset, passwords are reset in internal Database and in LDAP if ldap.reset_password is true enabled: true # Verification the user has to provide in order to be able to reset passwords. Can be any combination of `email`, `2fa`, `security_questions` verification: - email # Text used in title, on login page and multiple other places branding: passbook login: # Override URL used for logo logo_url: null # Override URL used for Background on Login page bg_url: null # Optionally add a subtext, placed below logo on the login page subtext: null footer: links: # Optionally add links to the footer on the login page # - name: test # href: https://test # Specify which fields can be used to authenticate. Can be any combination of `username` and `email` uid_fields: - username session: remember_age: 2592000 # 60 * 60 * 24 * 30, one month # Provider-specific settings ldap: # Completely enable or disable LDAP provider enabled: false # AD Domain, used to generate `userPrincipalName` domain: corp.contoso.com # Base DN in which passbook should look for users base_dn: dn=corp,dn=contoso,dn=com # LDAP field which is used to set the django username username_field: sAMAccountName # LDAP server to connect to, can be set to `` server: name: corp.contoso.com use_tls: false # Bind credentials, used for account creation bind: username: Administraotr@corp.contoso.com password: VerySecurePassword! # Which field from `uid_fields` maps to which LDAP Attribute login_field_map: username: sAMAccountName email: mail # or userPrincipalName # Create new users in LDAP upon sign-up create_users: true # Reset LDAP password when user reset their password reset_password: true oauth_client: # List of python packages with sources types to load. types: - passbook.oauth_client.source_types.discord - passbook.oauth_client.source_types.facebook - passbook.oauth_client.source_types.github - passbook.oauth_client.source_types.google - passbook.oauth_client.source_types.reddit - passbook.oauth_client.source_types.supervisr - passbook.oauth_client.source_types.twitter saml_idp: signing: true autosubmit: false issuer: passbook assertion_valid_for: 86400 # List of python packages with provider types to load. types: - passbook.saml_idp.processors.generic - passbook.saml_idp.processors.gitlab - passbook.saml_idp.processors.nextcloud - passbook.saml_idp.processors.salesforce - passbook.saml_idp.processors.shibboleth - passbook.saml_idp.processors.wordpress_orange