[authentication] # The cleartext password for access to the administrative part. It # can only be changed in this file, not via the administrative # interface. admin_password = admin123 # Which modules to use for authentication. Valid values are 'DB' and # 'LDAP'. You can use multiple modules separated by spaces. # # Multiple LDAP modules with different configurations can be used by # postfixing 'LDAP' with the name of the configuration section to use: # 'LDAP:ldap_fallback' would use the data from # '[authentication/ldap_fallback]'. The name defaults to 'ldap' if it # isn't given. # # Note that the LDAP module doesn't support changing the password. module = DB # The cookie name can be changed if desired. cookie_name = kivitendo_session_id # The number of minutes a session is valid. The default value is eight # hours. session_timeout = 480 # The number of seconds to penalize failed login attempts. 0 disables # it. failed_login_penalty = 5 [authentication/database] # Connection information for the database with the user and group # inforamtion. This information is always needed, even if LDAP is # used for authentication, as the user information is stored in this # database while LDAP is only used for password verification. # # If 'module' is set to 'DB' then this database also contains the # users' passwords. host = 127.0.0.1 port = 5432 db = kivitendo_auth user = postgres password = [authentication/ldap] # This section is only relevant if 'module' is set to 'LDAP'. It names # the LDAP server the passwords are verified against by doing a LDAP # bind operation. # # At least the parameters 'host', 'attribute' and 'base_dn' have to be # specified. # # tls: Activate encryption via TLS # verify: If 'tls' is used, how to verify the server's certificate. # Can be one of 'require' or 'none'. # attribute: Name of the LDAP attribute containing the user's login name # base_dn: Base DN the LDAP searches start from # filter: An optional LDAP filter specification. The string '<%login%>' # is replaced by the user's login name before the search is started. # bind_dn and bind_password: # If searching the LDAP tree requires user credentials # (e.g. ActiveDirectory) then these two parameters specify # the user name and password to use. # timeout: Timeout when connecting to the server in seconds. # # You can specify a fallback LDAP server to use in case the main one # isn't reachable by duplicating this whole section as # "[authentication/ldap_fallback]". # host = localhost port = 389 tls = 0 attribute = uid base_dn = filter = bind_dn = bind_password = timeout = 10 verify = require [system] # Set language for login and admin forms. Currently "de" (German) # and "en" (English, not perfect) are available. language = de # Set stylesheet for login and admin forms. Supported: # lx-office-erp # kivitendo - default # design40 stylesheet = kivitendo # MassPrint Timeout # must be less than cgi timeout # massprint_timeout = 30 # Set default_manager for admin forms. Currently "german" # and "swiss" are available. default_manager = german # The memory limits given here determine the maximum process size # (vsz, the total amount of memory this process uses including memory # swapped out or shared with other processes) or resident set size # (rss, the amount of memory not swapped out/shared with other # processes). If either limit is reached at the end of the request # then the kivitendo process will exit. # # This only applies for processes under FCGI and the task manager. # For CGI configurations the process will be terminated after each request # regardless of this setting. # # Note: this will only terminate processes with too high memory consumption. It # is assumed that an external managing service will start new instances. For # FCGI this will usually be apache or the wrapper scripts for nginx, for the # task server this will have to be the system manager. # # Numbers can be postfixed with KB, MB, GB. If no number is given or # the number is 0 then no checking will be performed. memory_limit_rss = memory_limit_vsz = [paths] # path to temporary files (must be writeable by the web server) userspath = users # spool directory for batch printing spool = spool # templates base directory templates = templates # Path to the old memberfile (ignored on new installations) memberfile = users/members # Path to ELSTER geierlein webserver path inside kivitendo # (must be inside kivitendo but you can set an ALIAS for apache/oe # if set the export to geierlein is enabled # geierlein_path = geierlein # # document path for FileSystem FileManagement: # (must be reachable read/write but not executable from webserver) # document_path = /var/local/kivi_documents # [mail_delivery] # Delivery method can be 'sendmail' or 'smtp'. For 'method = sendmail' the # parameter 'mail_delivery.sendmail' is used as the executable to call. If # 'applications.sendmail' still exists (backwards compatibility) then # 'applications.sendmail' will be used instead of 'mail_delivery.sendmail'. # If method is empty, mail delivery is disabled. method = smtp # Location of sendmail for 'method = sendmail' sendmail = /usr/sbin/sendmail -t<%if myconfig_email%> -f <%myconfig_email%><%end%> # Settings for 'method = smtp'. Only set 'port' if your SMTP server # runs on a non-standard port (25 for 'security=none' or # 'security=tls', 465 for 'security=ssl'). host = localhost #port = 25 # Security can be 'tls', 'ssl' or 'none'. Unset equals 'none'. This # determines whether or not encryption is used and which kind. For # 'tls' the module 'Net::SSLGlue' is required; for 'ssl' # 'Net::SMTP::SSL' is required and 'none' only uses 'Net::SMTP'. security = none # Authentication is only used if 'login' is set. You should only use # that with 'tls' or 'ssl' encryption. login = password = [applications] # Location of OpenOffice.org/LibreOffice writer openofficeorg_writer = lowriter # Location of the html2ps binary html2ps = html2ps # Location of the Ghostscript binary ghostscript = gs # Location of the program to create PDFs from TeX documents latex = latexmk --pdflatex # Location of the Python interpreter to use when converting from # OpenDocument to PDF. Some distributions compile UNO support only # into binaries located in different locations than the main Python # binary. python_uno = python3 [environment] # Add the following paths to the PATH environment variable. path = /usr/local/bin:/usr/X11R6/bin:/usr/X11/bin # Add the following paths to the PERL5LIB environment variable. # "/sw/lib/perl5" is for Mac OS X with Fink's Perl. lib = /sw/lib/perl5 # Add the following paths to the PYTHONPATH environment variable for # locating Python modules. Python is used when converting OpenDocument # files into PDF files. python_uno_path = [print_templates] # If you have LaTeX installed set to 1 latex = 1 # Minimal support for Excel print templates excel = 0 # Enable or disable support for OpenDocument print templates opendocument = 1 # Chose whether or not OpenOffice/LibreOffice should remain running after a # conversion. If yes then the conversion of subsequent documents will # be a bit faster. You need to have Python and the Python UNO bindings # (part of OpenOffice/LibreOffice) installed. openofficeorg_daemon = 0 openofficeorg_daemon_port = 2002 [task_server] # Set to 1 for debug messages in /tmp/kivitendo-debug.log debug = 0 # Chose a system user the daemon should run under when started as root. run_as = # Task servers can run on multiple machines. Each needs its own unique # ID. If unset, it defaults to the host name. All but one task server # must have 'only_run_tasks_for_this_node' set to 1. node_id = only_run_tasks_for_this_node = 0 [task_server/notify_on_failure] # If you want email notifications for failed jobs then set this to a # kivitendo user (login) name. The subject can be changed as well. send_email_to = # The "From:" header for said email. email_from = kivitendo Daemon # The subject for said email. email_subject = kivitendo Task-Server: Hintergrundjob fehlgeschlagen # The template file used for the email's body. email_template = templates/webpages/task_server/failure_notification_email.txt [periodic_invoices] # The user name or email address a report about the posted and printed # invoices is sent to. send_email_to = # The "From:" header for said email. email_from = kivitendo Daemon # The subject for said email. email_subject = Benachrichtigung: automatisch erstellte Rechnungen # The template file used for the email's body. email_template = templates/webpages/oe/periodic_invoices_email.txt # Whether to always send the mail (0), or only if there were errors # (1). send_for_errors_only = 0 [self_test] # modules to be tested # Add without SL::BackgroundJob::SelfTest:: prefix # Separate with space. modules = Transactions # you probably don't want to be spammed with "everything ok" every day. enable # this when you add new tests to make sure they run correctly for a few days send_email_on_success = 0 # will log into the standard logfile log_to_file = 0 # user login (!) to send the email to. send_email_to = # will be used to send your report mail email_from = # The subject line for your report mail email_subject = kivitendo self test report # template. currently txt and html templates are recognized and correctly mime send. email_template = templates/mail/self_test/status_mail.txt [follow_up_reminder] # Email notifications for due follow ups. # The "From:" header for said email. email_from = kivitendo Daemon # The subject for said email. email_subject = kivitendo: fällige Wiedervorlagen # The template file used for the email's body. # If empty fu/follow_up_reminder_mail.html will be used. email_template = [console] # Automatic login will only work if both "client" and "login" are # given. "client" can be a client's database ID or its name. "login" # is simply a user's login name. client = login = # autorun lines will be executed after autologin. # be warned that loading huge libraries will noticably lengthen startup time. #autorun = require "bin/mozilla/common.pl"; # = use English qw(-no_match_vars); # = use List::Util qw(min max); # = sub take { my $max = shift; my $r = ref($_[0]) eq 'ARRAY' ? $_[0] : \@_; return @{$r}[0..List::Util::min($max, scalar(@{$r})) - 1]; } # location of history file for permanent history history_file = users/console_history # location of a separate log file for the console. everything normally written # to the kivitendo log will be put here if triggered from the console log_file = /tmp/kivitendo_console_debug.log [testing] # Several tests need a database they can alter data in freely. This # database will be dropped & created before any other test is run. The # following parameters must be given: [testing/database] host = 127.0.0.1 port = 5432 db = user = postgres password = template = template1 superuser_user = postgres superuser_password = [devel] # Several settings related to the development of kivitendo. # "client" is used by several scripts (e.g. rose_auto_create_model.pl) # when they need access to the database. It can be either a client's # database ID or its name. client = [debug] # Use DBIx::Log4perl for logging DBI calls. The string LXDEBUGFILE # will be replaced by the file name configured for $::lxdebug. dbix_log4perl = 0 dbix_log4perl_config = log4perl.logger = FATAL, LOGFILE = log4perl.appender.LOGFILE=Log::Log4perl::Appender::File = log4perl.appender.LOGFILE.filename=LXDEBUGFILE = log4perl.appender.LOGFILE.mode=append = log4perl.appender.LOGFILE.Threshold = ERROR = log4perl.appender.LOGFILE.layout=PatternLayout = log4perl.appender.LOGFILE.layout.ConversionPattern=[%r] %F %L %c - %m%n = log4perl.logger.DBIx.Log4perl=DEBUG, A1 = log4perl.appender.A1=Log::Log4perl::Appender::File = log4perl.appender.A1.filename=LXDEBUGFILE = log4perl.appender.A1.mode=append = log4perl.appender.A1.layout=Log::Log4perl::Layout::PatternLayout = log4perl.appender.A1.layout.ConversionPattern=%d %p> %F{1}:%L %M - %m%n # Activate certain global debug messages. If you want to combine # several options then list them separated by spaces. # # Possible values include: # NONE - no debug output (default) # INFO # DEBUG1 # DEBUG2 # QUERY - Dump SQL queries (only in legacy code; see also "dbix_log4perl" above) # TRACE - Track function calls and returns # BACKTRACE_ON_ERROR - Print a function call backtrace when $form->error() is called # REQUEST_TIMER - Log timing of HTTP requests # REQUEST - Log each request. Careful! Passwords get filtered, but # there may be confidential information being logged here # WARN - warnings # SHOW_CALLER - include the file name & line number from where a call # to "message" or "dump" was called # ALL - all possible debug messages # # DEVEL - sames as "INFO QUERY TRACE BACKTRACE_ON_ERROR REQUEST_TIMER" # # Example: # global_level = TRACE QUERY global_level = NONE # Activate monitoring of the content of $form. If it is active then # monitoring can be turned on for certain variables with the # following: # $form->{"Watchdog::"} = 1; # Monitoring has a performance cost and is therefore deactivated by # default. watch_form = 0 # If you want to debug the creation of LaTeX files then set this to 1. # That way the temporary LaTeX files created during PDF creation are # not removed and remain in the "users" directory. keep_temp_files = 0 # Restart the FastCGI process if changes to the program or template # files have been detected. The restart will occur after the request # in which the changes have been detected has completed. restart_fcgi_process_on_changes = 0 # The file name where the debug messages are written to. file_name = /tmp/kivitendo-debug.log # If set to 1 then the installation will be kept unlocked even if a # database upgrade fails. keep_installation_unlocked = 0 # If set to 1 then all resource links (JavaScript, CSS files) output # via $::request->{layout}->use_stylesheet() / use_javascript() will # be made unique by appending a random GET parameter. This will cause # the web browser to always reload the resources. auto_reload_resources = 0 # If set to 1 each exception will include a full stack backtrace. backtrace_on_die = 0 [cti] # If you want phone numbers to be clickable then this must be set to a # command that does the actually dialing. Within this command three # variables are replaced before it is executed: # # 1. <%phone_extension%> and <%phone_password%> are taken from the user # configuration (changeable in the admin interface). # 2. <%number%> is the number to dial. It has already been sanitized # and formatted correctly regarding e.g. the international dialing # prefix. # # The following is an example that works with the OpenUC telephony # server: # dial_command = curl --insecure -X PUT https://<%phone_extension%>:<%phone_password%>@IP.AD.DR.ESS:8443/sipxconfig/rest/my/call/<%number%> dial_command = # If you need to dial something before the actual number then set # external_prefix to it. external_prefix = 0 # The prefix for international calls (numbers starting with +). international_dialing_prefix = 00 # Our own country code our_country_code = 49