forked from cs3org/wopiserver
-
Notifications
You must be signed in to change notification settings - Fork 0
/
wopiserver.conf
218 lines (167 loc) · 8.48 KB
/
wopiserver.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
#
# wopiserver.conf
#
# Default configuration file for the WOPI server for CERNBox
#
##############################################################
[general]
# Storage access layer to be loaded in order to operate this WOPI server
# Supported values: local, xroot, cs3.
#storagetype =
# Port where to listen for WOPI requests
port = 8880
# The internal server engine to use (defaults to flask).
# Set to waitress for production installations.
#internalserver = flask
# Logging level. Debug enables the Flask debug mode as well.
# Valid values are: Debug, Info, Warning, Error.
loglevel = Info
# Logging handler. Sets the log handler to use.
# Valid values are: file, stream.
loghandler = file
# Logging destination.
# Valid values if 'loghandler = file' are: any existing file path.
# Valid values if 'loghandler = stream' are: stdout, stderr.
#logdest = /var/log/wopi/wopiserver.log
# URL of your WOPI server or your HA proxy in front of it
#wopiurl = https://your-wopi-server.org:8443
# Branding name of your EFSS service. When configured,
# Microsoft Office displays it as the Location on the
# status popup below the filename.
#brandingname =
# URL of your EFSS service for the branding name. When configured,
# Microsoft Office shows the branding name as an href.
#brandingurl =
# URL for direct download of files. The complete URL that is sent
# to WOPI apps will include the access_token argument.
# A route to the /wopi/iop/download endpoint could be used for this,
# though WOPI apps also work without this route configured.
#downloadurl =
# Optional URL to display a file sharing dialog. This enables
# a 'Share' button within the application. The URL may contain
# any of the `<path>`, `<endpoint>`, `<fileid>`, and `<app>`
# placeholders, which are dynamically replaced with actual values
# for the opened file.
#filesharingurl = https://your-efss-server.org/fileshare?filepath=<path>&app=<app>&fileId=<endpoint>!<fileid>
# URLs for the pages that embed the application in edit mode and
# preview mode. By default, the appediturl and appviewurl are used,
# but it is recommended to configure here a URL that displays apps
# within an iframe on your EFSS.
# Placeholders `<path>`, `<endpoint>`, `<fileid>`, and `<app>` are
# dynamically replaced similarly to the above. The suggested example
# reflects the ownCloud web implementation.
#hostediturl = https://your-efss-server.org/external?app=<app>&fileId=<endpoint>!<fileid>
#hostviewurl = https://your-efss-server.org/external?app=<app>&fileId=<endpoint>!<fileid>&viewmode=VIEW_MODE_PREVIEW
# Optional URL prefix for WebDAV access to the files. This enables
# a 'Edit in Desktop client' action on Windows-based clients
#webdavurl = https://your-efss-server.org/webdav
# List of file extensions deemed incompatible with LibreOffice:
# interoperable locking will be disabled for such files
nonofficetypes = .md .zmd .txt
# List of file extensions supported by Collabora
codeofficetypes = .odt .ott .ods .ots .odp .otp .odg .otg .doc .dot .xls .xlt .xlm .ppt .pot .pps .vsd .dxf .wmf .cdr .pages .number .key
# WOPI access token expiration time [seconds]
tokenvalidity = 86400
# WOPI lock expiration time [seconds]
# Note that Microsoft specifications state that WOPI locks MUST expire after 30 minutes,
# therefore the default value SHALL NOT be changed in production environments.
wopilockexpiration = 1800
# WOPI lock strict check: if True, WOPI locks will be compared according to specs,
# that is their representation must match. False (default) allows for a more relaxed
# comparison, which compensates incorrect lock requests from Microsoft Office Online
# on-premise setups.
#wopilockstrictcheck = False
# Enable the ability to force-unlock sessions to overcome issues with Microsoft Office:
# if a session (access token) includes the option to override a previous lock, and the
# corresponding file was saved more than the given evictlocktime seconds before the request
# for lock, the previous lock is force-unlocked in order to grant a lock to the new
# session. By default this behavior is disabled.
#evictlocktime =
# Enable support of rename operations from WOPI apps. This is currently
# disabled by default because the implementation is not complete,
# and it is to be enabled for testing purposes only for the time being.
#enablerename = False
# Detection of external Microsoft Office or LibreOffice locks. By default, lock files
# compatible with Office for Desktop applications are detected, assuming that the
# underlying storage can be mounted as a remote filesystem: in this case, WOPI GetLock
# and SetLock operations return such locks and prevent online apps from entering edit mode.
# This feature can be disabled in order to operate a pure WOPI server for online apps.
#detectexternallocks = True
# Location of the webconflict files. By default, such files are stored in the same path
# as the original file. If that fails (e.g. because of missing permissions),
# an attempt is made to store such files in this path if specified, otherwise
# the system falls back to the recovery space (cf. io|recoverypath).
# The keywords <user_initial> and <username> are replaced with the actual username's
# initial letter and the actual username, respectively, so you can use e.g.
# /your_storage/home/user_initial/username
#conflictpath = /
# Disable write ability (i.e. force read-only) when an open is requested for an ODF
# file with a Microsoft Office app. This allows to use MS Office as a pure viewer,
# without the risk to corrupt the file as it has been observed that MS Office may
# not preserve the correct formatting of ODF files.
#disablemswriteodf = False
# ownCloud's WOPI proxy configuration. Disabled by default.
#wopiproxy = https://external-wopi-proxy.com
#wopiproxysecretfile = /path/to/your/shared-key-file
#proxiedappname = Name of your proxied app
# A flag to enable the business flow with Microsoft Office as detailed in:
# https://learn.microsoft.com/en-us/microsoft-365/cloud-storage-partner-program/online/scenarios/business
#businessflow = False
### The following options are deprecated and not to be used with Reva
# URL of your Microsoft Office Online service (either local or remote)
#oosurl = https://your-oos-server.org
# URL of your Collabora Online service
#codeurl = https://your-collabora-server.org:9980
[security]
# Location of the secret files. Requires a restart of the
# WOPI server when either the files or their content change.
wopisecretfile = /etc/wopi/wopisecret
iopsecretfile = /etc/wopi/iopsecret
# Use https as opposed to http (requires certificate)
usehttps = no
# Certificate and key for https. Requires a restart
# to apply a change.
wopicert = /etc/grid-security/host.crt
wopikey = /etc/grid-security/host.key
[bridge]
# SSL certificate check for the connected apps
#sslverify = True
# Minimum time interval between two consecutive save operations [seconds]
#saveinterval = 200
# Minimum time interval before a closed file is WOPI-unlocked [seconds]
#unlockinterval = 90
# CodiMD: disable creating zipped bundles when files contain pictures
#disablezip = False
[io]
# Size used for buffered reads [bytes]
chunksize = 4194304
# Path to a recovery space in case of I/O errors when reaching to the remote storage.
# This is expected to be a local path, and it is provided in order to ease user support.
# Defaults to the indicated spool folder.
#recoverypath = /var/spool/wopirecovery
[xroot]
# URL of the default remote xroot storage server. This can be overridden
# if the end-point is passed on the /wopi/cbox/open call
#storageserver = root://your-xrootd-server.org
# Optional EOS top-level path that will be prepended to all user paths. Useful
# to map the cloud files in a subfolder of the underlying EOS storage. By default,
# this is not used and storagehomepath is empty.
#storagehomepath = /your/top/storage/path
# Optional timeout value [seconds] applied to all xroot requests.
# Note that for such value to be enforced you also need to override
# the timeout resolution time (15 [seconds] by default) by setting
# the XRD_TIMEOUTRESOLUTION environment variable.
#timeout = 10
[local]
# Location of the folder or mount point used as local storage
#storagehomepath = /mnt/your_local_storage
[cs3]
# Host and port of the Reva(-like) CS3-compliant GRPC gateway endpoint
#revagateway = your-reva-gateway-server.org:port
# HTTP (WebDAV) endpoint for uploading files
#datagateway = http://your-reva-server.org:port/data
# Reva/gRPC authentication token expiration time [seconds]
# The default value matches Reva's default
authtokenvalidity = 3600
# SSL certificate check for Reva
#sslverify = True