/
appsettings.json
678 lines (528 loc) · 23.1 KB
/
appsettings.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
{
"mode": {
// Use this flag to set Squidex to readonly, e.g. when you deploy a second instance for migration.
"isReadonly": false
},
"urls": {
// Set the base url of your application, to generate correct urls in background process.
"baseUrl": "https://localhost:5001",
// The base path when running Squidex behind a reverse proxy like nginx under a subfolder / subpath.
"basePath": "",
// Set it to true to redirect the user from http to https permanently.
"enforceHttps": false,
// Set it to true to return a 400 if the host does not match.
"enforceHost": false,
// A list of known proxies to make forward headers safer.
"knownProxies": [],
// Set it to true to use the X-Forwarded- headers for host name and scheme.
"enableForwardHeaders": true,
// A list of trusted hosts for redirects.
"trustedHosted": []
},
"fullText": {
// Define the type of the full text store.
//
// SUPPORTED: elastic (ElasticSearch), azure (Azure Cognitive Search), default. Default: default
"type": "default",
"elastic": {
// The configuration to your elastic search cluster.
//
// Read More: https://www.elastic.co/guide/en/elasticsearch/client/javascript-api/current/client-configuration.html
"configuration": "http://localhost:9200",
// The name of the index.
"indexName": "squidex",
// True, to use the Open Search client.
"openSearch": false
},
"azure": {
// The URL to your azure search instance.
//
// Read More: https://docs.microsoft.com/en-us/azure/search/search-create-service-portal#get-a-key-and-url-endpoint
"serviceEndpoint": "https://<name>.search.windows.net",
// The api key. See link above.
"apiKey": "",
// The name of the index.
"indexName": "squidex"
}
},
// Define optional paths to plugins.
"plugins": [
"Squidex.Extensions.dll"
],
"caching": {
// Set to true, to use strong etags.
"strongETag": false,
// Restrict the surrogate keys to the number of characters.
"maxSurrogateKeysSize": 0,
"replicated": {
// Set to true to enable a replicated cache for app, schemas and rules. Increases performance but reduces consistency.
"enable": true
},
"domainObjects": {
// The cache duration for domain objects.
"cacheDuration": "00:10:00"
}
},
"messaging": {
"type": "MongoDb"
},
"scripting": {
// The timeout for the whole script execution.
"timeoutExecution": "00:00:04",
// The timeout for the synchronous part of the script.
"timeoutScript": "00:00:00.200"
},
"languages": {
// Use custom languages where the key is the language code and the value is the english name.
"custom": ""
},
"rules": {
// The timeout to execute rule actions.
"executionTimeoutInSeconds": 10,
// The cache duration for rules.
"rulesCacheDuration": "00:00:10"
},
"ui": {
// Regex suggestions for the UI
"regexSuggestions": {
// Regex for emails.
"Email": "^[a-zA-Z0-9.!#$%&’*+\\/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:.[a-zA-Z0-9-]+)*$",
// Regex for phone numbers.
"Phone": "^\\(*\\+*[1-9]{0,3}\\)*-*[1-9]{0,3}[-. /]*\\(*[2-9]\\d{2}\\)*[-. /]*\\d{3}[-. /]*\\d{4} *e*x*t*\\.* *\\d{0,4}$",
// Regex for slugs (e.g. hello-world).
"Slug": "^[a-z0-9]+(\\-[a-z0-9]+)*$",
// Regex for urls.
"Url": "^(?:http(s)?:\\/\\/)?[\\w.-]+(?:\\.[\\w\\.-]+)+[\\w\\-\\._~:\\/?#%[\\]@!\\$&'\\(\\)\\*\\+,;=.]+$"
},
// True if only admins should be able to create apps.
"onlyAdminsCanCreateApps": false,
"map": {
// Define the type of the geolocation service.
//
// SUPPORTED: GoogleMaps, OSM
"type": "OSM",
"googleMaps": {
// The optional google maps API key. CREATE YOUR OWN PLEASE.
"key": "AIzaSyB_Z8l3nwUxZhMJykiDUJy6bSHXXlwcYMg"
}
},
// Redirect to login automatically.
"redirectToLogin": false,
// Hide the news dialog.
"hideNews": false,
// Hide all onboarding tooltips and dialogs.
"hideOnboarding": false,
// Hide the today and now button.
"hideDateButtons": false,
// Hide the Local/UTC button
"hideDateTimeModeButton": false,
// Show the exposed values as information on the apps overview page.
"showInfo": false,
// The number of content items for dropdown selector.
"referencesDropdownItemCount": 100
},
"email": {
"smtp": {
// The host name to your email server.
"server": "",
// The sender email address.
"sender": "hello@squidex.io",
// The username to authenticate to your email server.
"username": "",
// The password to authenticate to your email server.
"password": "",
// Always use SSL if possible.
"enableSsl": true,
// The port to your email server.
"port": 587
},
"notifications": {
// The email subject when a new user is added as contributor to an app.
"newUserSubject": "You have been invited to join Project $APP_NAME at Squidex CMS",
// The email body when a new user is added as contributor to an app.
"newUserBody": "Welcome to Squidex\r\nDear User,\r\n\r\n$ASSIGNER_NAME ($ASSIGNER_EMAIL) has invited you to join Project (also called an App) $APP_NAME at Squidex Headless CMS. Login with your Github, Google or Microsoft credentials to create a new user account and start editing content now.\r\n\r\nThank you very much,\r\nThe Squidex Team\r\n\r\n<<Start now!>> [$UI_URL]",
// The email subject when an existing user is added as contributor to an app.
"existingUserSubject": "[Squidex CMS] You have been invited to join App $APP_NAME",
// The email body when an existing user is added as contributor to an app.
"existingUserBody": "Dear User,\r\n\r\n$ASSIGNER_NAME ($ASSIGNER_EMAIL) has invited you to join App $APP_NAME at Squidex Headless CMS.\r\n\r\nLogin or reload the Management UI to see the App.\r\n\r\nThank you very much,\r\nThe Squidex Team\r\n\r\n<<Start now!>> [$UI_URL]",
// The email subject when a new user is added as contributor to a team.
"newUserTeamSubject": "You have been invited to join Team $TEAM_NAME at Squidex CMS",
// The email body when a new user is added as contributor to a team.
"newUserTeamBody": "Welcome to Squidex\r\nDear User,\r\n\r\n$ASSIGNER_NAME ($ASSIGNER_EMAIL) has invited you to join Team $TEAM_NAME at Squidex Headless CMS. Login with your Github, Google or Microsoft credentials to create a new user account and start managing the Team now.\r\n\r\nThank you very much,\r\nThe Squidex Team\r\n\r\n<<Start now!>> [$UI_URL]",
// The email subject when an existing user is added as contributor to a team.
"existingTeamUserSubject": "[Squidex CMS] You have been invited to join Team $TEAM_NAME",
// The email body when an existing user is added as contributor to a team.
"existingTeamUserBody": "Dear User,\r\n\r\n$ASSIGNER_NAME ($ASSIGNER_EMAIL) has invited you to join Team $TEAM_NAME at Squidex Headless CMS.\r\n\r\nLogin or reload the Management UI to see the Team.\r\n\r\nThank you very much,\r\nThe Squidex Team\r\n\r\n<<Start now!>> [$UI_URL]",
// The email subject when app usage reached
"usageSubject": "[Squidex CMS] You you are about to reach your usage limit for App $APP_NAME",
// The email body when app usage reached
"usageBody": "Dear User,\r\n\r\nYou you are about to reach your usage limit for App $APP_NAME at Squidex Headless CMS.\r\n\r\nYou have already used $API_CALLS of your monthy limit of $API_CALLS_LIMIT API calls.\r\n\r\nPlease check your clients or upgrade your plan!\r\n\r\n<<Go to Squidex!>> [$UI_URL]"
}
},
// Configure notifo if you want to have support for custom notifications.
"notifo": {
// The ID of the app in notifo.
"appId": "",
// The API key for your app in notifo.
"apiKey": "",
// The API URL.
"apiUrl": "https://app.notifo.io"
},
"robots": {
// The text for the robots.txt file
"text": "User-agent: *\nAllow: /api/assets/*"
},
"apps": {
// True to delete apps permanently.
//
// This process can take a while and is executed in the background.
"deletePermanent": false
},
"contents": {
// True to enable memory caching.
//
// This is only supported in GraphQL with the @cache(duration: 1000) directive.
"canCache": true,
// True to enable an optimization for self hosting.
//
// Creates one database per app and one collection per schema. Slows down inserts, but you can create custom indexes.
"optimizeForSelfHosting": false,
// False to not use transactions. Improves performance.
//
// Warning: Can cause consistency issues.
"useTransactions": false,
// The default page size if not specified by a query.
//
// Warning: Can slow down queries if increased.
"defaultPageSize": 200,
// The maximum number of items to return for each query.
//
// Warning: Use pagination and not large number of items.
"maxResults": 200,
// The timeout when searching for single items in the database.
"timeoutFind": "00:00:01",
// The timeout when searching for multiple items in the database.
"timeoutQuery": "00:00:05"
},
"assets": {
// True to enable memory caching.
//
// This is only supported in GraphQL with the @cache(duration: 1000) directive.
"canCache": true,
// The default page size if not specified by a query.
//
// Warning: Can slow down queries if increased.
"defaultPageSize": 200,
// The maximum number of items to return for each query.
//
// Warning: Use pagination and not large number of items.
"maxResults": 200,
// The maximum file size in bytes. Default: 5MB
"maxSize": 5242880,
// True to delete assets recursively.
"deleteRecursive": true,
// True to delete assets files permanently.
"deletePermanent": false,
// The timeout when searching for single items in the database.
"timeoutFind": "00:00:01",
// The timeout when searching for multiple items in the database.
"timeoutQuery": "00:00:05",
// Create one folder per app.
//
// WARNING: If you change this parameter, previous assets are not available anymore.
"folderPerApp": false,
// Points to another Squidex instance, which should be configured as resizer.
"resizerUrl": ""
},
"logging": {
// The log level of the implementation adapter.
//
// Trace, Debug, Information, Warning, Error, Fatal
"level": "Information",
// The log level of the default log adapter.
"logLevel": {
"default": "Information",
// Only logs issued tokens and general request information.
"OpenIddict": "Warning",
"Microsoft.AspNetCore": "Warning",
"Microsoft.Identity": "Warning",
"Runtime": "Warning"
},
// Setting the flag to true, enables well formatteds json logs.
"human": true,
// Set to true, to use colors.
"colors": true,
// Set to false to disable logging of http requests.
"logRequests": true,
// False to disable the log store.
"storeEnabled": true,
// The number of days request log items will be stored.
"storeRetentionInDays": 90,
"stackdriver": {
// True, to enable stackdriver integration.
"enabled": false,
// The ID of your Google Cloud project.
"projectId": ""
},
"otlp": {
// True, to enable OpenTelemetry Protocol integration.
"enabled": false,
// The endpoint to the agent.
"endpoint": "",
// The sample rate as double. 0.5 writes every second trace.
"sampling": 1.0
},
"zipkin": {
// True, to enable Zipkin integration.
"enabled": false,
"endpoint": "http://localhost:9411/api/v2/spans"
},
"applicationInsights": {
// True, to enable application insights integraon.
"enabled": false,
"connectionString": "InstrumentationKey=[key];IngestionEndpoint=https://[datacenter].in.applicationinsights.azure.com/"
}
},
"diagnostics": {
// The path to the dotnet-dump tool binary.
//
// REMARKS: Will be set automatically in the official Docker image.
"dumpTool": "",
// When more memory is allocated that the defined value (in MB) a dump will be created once automatically and written to the asset store.
"dumpTriggerInMB": 0,
// The path to the dotnet-gcdump tool binary.
//
// REMARKS: Will be set automatically in the official Docker image.
"gcdumpTool": "",
// When more memory is allocated than the defined value (in MB) a gcdump will be created once automatically and written to the asset store.
"gcumpTriggerInMB": 0,
"gc": {
// The maximum number of megabyte that the process can consume until it is marked as not healthy.
"threshold": 8192
}
},
"assetStore": {
// Define the type of the read store.
//
// SUPPORTED: Folder (local folder), MongoDb (GridFS), GoogleCloud (hosted in Google Cloud only), AzureBlob, AmazonS3, FTP (not recommended).
"type": "Folder",
"folder": {
// The relative or absolute path to the folder to store the assets.
"path": "Assets"
},
"googleCloud": {
// The name of the bucket in google cloud store.
"bucket": "squidex-assets"
},
"azureBlob": {
// The name of the container in the Azure Blob Storage
"containerName": "squidex-assets",
// The connection string to the azure storage service.
"connectionString": "UseDevelopmentStorage=true"
},
"amazonS3": {
// The url of the S3 API service. Leave it empty if using the one provided by Amazon
"serviceUrl": "",
// The name of your bucket.
"bucket": "squidex-test",
// The optional folder within the bucket.
"bucketFolder": "squidex-assets",
// The region name of your bucket.
"regionName": "eu-central-1",
// The access key for your user.
//
// Read More: https://supsystic.com/documentation/id-secret-access-key-amazon-s3/
"accessKey": "<MY_KEY>",
// The secret key for your user.
//
// Read More: https://supsystic.com/documentation/id-secret-access-key-amazon-s3/
"secretKey": "<MY_SECRET>",
// True, to disable the SigV4 payload signing.
//
// This might be needed for some S3-compatible storage solutions, for example Cloudflare R2.
"disablePayloadSigning": false,
// Force path style property for AmazonS3Config
"forcePathStyle": false
},
"mongoDb": {
// The connection string to your Mongo Server.
//
// Read More: https://docs.mongodb.com/manual/reference/connection-string/
"configuration": "mongodb://localhost",
// The name of the event store database.
"database": "SquidexAssets",
// The name of the Mongo Grid FS bucket.
"bucket": "fs"
},
"ftp": {
//The host of the ftp service
"serverHost": "",
//The host of the ftp service
"serverPort": "21",
// Credentials.
"username": "",
"password": "",
// The relative or absolute path to the folder to store the assets.
"path": "Assets"
},
// Allow to expose the url in GraphQL URL.
"exposeSourceUrl": false
},
"clustering": {
// Defines whether the current instance is a worker. You should have only one worker in your deployment.
"worker": true
},
"eventStore": {
// Define the type of the event store.
//
// SUPPORTED: MongoDb
"type": "MongoDb",
"mongoDb": {
// The connection string to your Mongo Server.
//
// Read More: https://docs.mongodb.com/manual/reference/connection-string/
"configuration": "mongodb://localhost",
// The name of the event store database.
"database": "Squidex"
}
},
"store": {
// Define the type of the read store.
//
// SUPPORTED: MongoDb
"type": "MongoDb",
"mongoDb": {
// The connection string to your Mongo Server.
//
// Read More: https://docs.mongodb.com/manual/reference/connection-string/
"configuration": "mongodb://localhost",
// The database for all your content collections (one collection per app).
"contentDatabase": "SquidexContent",
// The database for all your other read collections.
"database": "Squidex",
// Defines how key-value-store values are represented in MongoDB (e.g. app, rule, schema).
//
// SUPPORTED: Document, String, Binary (from slow to fast).
"valueRepresentation": "Undefined",
"atlas": {
// The organization id.
"groupId": "",
// The name of the cluster.
"clusterName": "",
// Credentials to your account.
"publicKey": "",
"privateKey": "",
// True, if you want to enable mongo atlas for full text search instead of MongoDB.
"fullTextEnabled": false
}
}
},
"identity": {
// Set to true to show PII (Personally Identifiable Information) in the logs.
"showPII": true,
// Enable password auth. Set this to false if you want to disable local login, leaving only 3rd party login options.
"allowPasswordAuth": true,
// Specifies whether to suppress the generation of X-Frame-Options header which is used to prevent ClickJacking.
"suppressXFrameOptionsHeader": false,
// Initial admin user.
"adminEmail": "",
"adminPassword": "",
// Recreate the admin if it does not exist or the password does not match.
"adminRecreate": false,
// Client with all admin permissions.
"adminClientId": "",
"adminClientSecret": "",
// The apps which should be visible on the dashboard for the admin.
"adminApps": [],
// Settings for Google auth (keep empty to disable).
"googleClient": "1006817248705-t3lb3ge808m9am4t7upqth79hulk456l.apps.googleusercontent.com",
"googleSecret": "QsEi-fHqkGw2_PjJmtNHf2wg",
// Settings for Github auth (keep empty to disable).
"githubClient": "211ea00e726baf754c78",
"githubSecret": "d0a0d0fe2c26469ae20987ac265b3a339fd73132",
// Settings for Microsoft auth (keep empty to disable).3
//
// NOTE: Tennant is optional for using a specific AzureAD tenant
"microsoftClient": "b55da740-6648-4502-8746-b9003f29d5f1",
"microsoftSecret": "idWbANxNYEF4cB368WXJhjN",
"microsoftTenant": null,
// Set this to true if you use multiple domains.
"multipleDomains": false,
// Settings for your custom oidc server.
"oidcName": "OIDC",
"oidcAuthority": "",
"oidcClient": "",
"oidcSecret": "",
"oidcMetadataAddress": "",
"oidcScopes": [
"email"
],
"oidcResponseType": "id_token", // or "code"
"oidcGetClaimsFromUserInfoEndpoint": false,
"oidcOverridePermissionsWithCustomClaimsOnLogin": false,
"oidcOnSignoutRedirectUrl": "",
// Lock new users automatically, the administrator must unlock them.
"lockAutomatically": false,
// The url to you privacy statements, if you host squidex by yourself.
"privacyUrl": "https://squidex.io/privacy"
},
"news": {
// The app name where the news are stored.
"appName": "squidex-website",
// The credentials to the app (Readonly).
"clientId": "squidex-website:default",
"clientSecret": "QGgqxd7bDHBTEkpC6fj8sbdPWgZrPrPfr3xzb3LKoec="
},
"translations": {
"deepl": {
// The deepl api key if you want to support automated translations.
"authKey": "",
"mapping": {
"zh-TW": "zh-TW",
"zh-CN": "zh-CN"
}
},
"googleCloud": {
// The google cloud project id if you want to support automated translations.
"projectId": ""
}
},
"rebuild": {
// Set to true to rebuild apps.
"apps": false,
// Set to true to rebuild assets.
"assets": false,
// Set to true to create dummy asset files if they do not exist. Useful when a backup fail.
"assetFiles": false,
// Set to true to rebuild contents.
"contents": false,
// Set to true to rebuild rules.
"rules": false,
// Set to true to rebuild schemas.
"schemas": false
},
// A list of configuration values that should be exposed from the info endpoint and in the UI.
"exposedConfiguration": {
"version": "squidex:version"
},
// Kafka Producer configuration
"kafka": {
"bootstrapServers": ""
},
// The client information for twitter.
"twitter": {
"clientId": "QZhb3HQcGCvE6G8yNNP9ksNet",
"clientSecret": "Pdu9wdN72T33KJRFdFy1w4urBKDRzIyuKpc0OItQC2E616DuZD"
},
// Tthe template repositories
"templates": {
"repositories": [
{
// The url to download readme files.
"contentUrl": "https://raw.githubusercontent.com/Squidex/templates/main",
// The url to the git repository.
"gitUrl": "https://github.com/Squidex/templates.git"
}
]
}
}