# This is the default configuration file databases: default: engine: 'django.db.backends.sqlite3' name: 'db.sqlite3' log: level: console: DEBUG file: DEBUG file: /dev/null syslog: host: 127.0.0.1 port: 514 email: host: localhost port: 25 user: '' password: '' use_tls: false use_ssl: false from: passbook web: listen: 0.0.0.0 port: 8000 threads: 30 debug: false secure_proxy_header: HTTP_X_FORWARDED_PROTO: https redis: localhost # Error reporting, sends stacktrace to sentry.services.beryju.org error_report_enabled: true secret_key: 9$@r!d^1^jrn#fk#1#@ks#9&i$^s#1)_13%$rwjrhd=e8jfi_s passbook: sign_up: # Enables signup, created users are stored in internal Database and created in LDAP if ldap.create_users is true enabled: true password_reset: # Enable password reset, passwords are reset in internal Database and in LDAP if ldap.reset_password is true enabled: true # Verification the user has to provide in order to be able to reset passwords. Can be any combination of `email`, `2fa`, `security_questions` verification: - email # Text used in title, on login page and multiple other places branding: passbook login: # Override URL used for logo logo_url: null # Override URL used for Background on Login page bg_url: null # Optionally add a subtext, placed below logo on the login page subtext: null footer: links: # Optionally add links to the footer on the login page # - name: test # href: https://test # Specify which fields can be used to authenticate. Can be any combination of `username` and `email` uid_fields: - username - email factors: - passbook.core.auth.factors.backend - passbook.core.auth.factors.dummy - passbook.captcha_factor.factor session: remember_age: 2592000 # 60 * 60 * 24 * 30, one month # Provider-specific settings ldap: # # Completely enable or disable LDAP provider # enabled: false # # AD Domain, used to generate `userPrincipalName` # domain: corp.contoso.com # # Base DN in which passbook should look for users # base_dn: dn=corp,dn=contoso,dn=com # # LDAP field which is used to set the django username # username_field: sAMAccountName # # LDAP server to connect to, can be set to `` # server: # name: corp.contoso.com # use_tls: false # # Bind credentials, used for account creation # bind: # username: Administraotr@corp.contoso.com # password: VerySecurePassword! # Which field from `uid_fields` maps to which LDAP Attribute login_field_map: username: sAMAccountName email: mail # or userPrincipalName user_attribute_map: active_directory: sAMAccountName: username mail: email given_name: first_name name: last_name # # Create new users in LDAP upon sign-up # create_users: true # # Reset LDAP password when user reset their password # reset_password: true oauth_client: # List of python packages with sources types to load. types: - passbook.oauth_client.source_types.discord - passbook.oauth_client.source_types.facebook - passbook.oauth_client.source_types.github - passbook.oauth_client.source_types.google - passbook.oauth_client.source_types.reddit - passbook.oauth_client.source_types.supervisr - passbook.oauth_client.source_types.twitter saml_idp: issuer: passbook # List of python packages with provider types to load. types: - passbook.saml_idp.processors.generic - passbook.saml_idp.processors.aws - passbook.saml_idp.processors.gitlab - passbook.saml_idp.processors.nextcloud - passbook.saml_idp.processors.salesforce - passbook.saml_idp.processors.shibboleth - passbook.saml_idp.processors.wordpress_orange