-
Notifications
You must be signed in to change notification settings - Fork 23
/
Copy pathconfig-defaults.edn
518 lines (453 loc) · 22.5 KB
/
config-defaults.edn
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
;; This file contains the default values of all config options supported by REMS.
;; Details of the the config options are also documented here.
;; REMS will log a warning if you use a config option not listed in this file.
;; See docs/configuration.md for more info.
{;; HTTP server port.
:port 3000 ; can be set to nil if only SSL is used
;; SSL configuration, if SSL is not terminated before
:ssl-port nil ; no SSL by default
:ssl-keystore nil ; Java keystore file
:ssl-keystore-password nil ; (optional) password of key file
;; Extra parameters to override HTTP server parameters
;; A useful parameter could be `{:h2? true}` to enable HTTP/2 if you have SSL configured
:jetty-extra-params {}
;; Url for this REMS installation. Should end with a /.
;; Used for generating links in emails, in OpenId authentication (:oidc),
;; and in the `iss` and `source` of generated GA4GH visas (see /api/permissions).
:public-url nil
;; When :nrepl-port is set, the application starts an nREPL server on load.
:nrepl-port nil
;; When true, enables development features
;; (should not be turned on in production)
:dev false
;; Uses :database-url if it's defined. Otherwise :database-jndi-name is used.
:database-url nil
:database-jndi-name "java:comp/env/jdbc/rems"
;; Value for PostgreSQL lock_timeout
:database-lock-timeout "10s"
;; Value for PostgreSQL idle_in_transaction_session_timeout
:database-idle-in-transaction-session-timeout "20s"
;; Extra parameters to override database connection pool settings on startup.
;; A useful debugging parameter could be :leak-detection-threshold for example.
;; For all possible configuration options, see https://github.com/brettwooldridge/HikariCP
:hikaricp-extra-params {}
;; Path to a writable directory where to store the Lucene search index files.
:search-index-path "search-index"
;; Supported authentication methods: :oidc, :fake
:authentication :fake
;; Log additional details about (OIDC) authentication. May leak secrets in the log, but useful for debugging.
:log-authentication-details false
;; Show link to an alternative login service
:alternative-login-url nil
;; What login data is used when :authentication :fake configuration is enabled.
;; Supported options: :test, :demo
:fake-authentication-data :test
;; For :oidc authentication
;; DEPRECATED, prefer :oidc-metadata-url instead
:oidc-domain nil
;; URL to OAuth Server Metadata metadata JSON, e.g.
;; :oidc-metadata-url "https://my.oidc.service/.well-known/openid-configuration"
:oidc-metadata-url nil
:oidc-client-id nil
:oidc-client-secret nil
;; Which scopes to pass to the authorization endpoint
:oidc-scopes "openid profile email"
;; Which id-token attribute to use as the rems userid. Must be a
;; list of attributes [{:attribute "multiple"} {:attribute "attributes"}] that are searched in
;; order and the first non-empty one used.
;; Attribute can be renamed using :rename keyword: {:attribute "sub" :rename "elixirId"}
:oidc-userid-attributes [{:attribute "sub"}]
;; Additional query parameters to add to the OIDC authorization_endpoint url when logging in
;; Example:
;; :oidc-additional-authorization-parameters "&acr_values=foo&ui_locales=sv"
:oidc-additional-authorization-parameters nil
;; List of attributes to try in order for a name, the first one will be used
:oidc-name-attributes ["name" "unique_name" "family_name"]
;; List of attributes to try in order for an email address, the first one will be used
:oidc-email-attributes ["email"]
;; List of additional attributes to read from OIDC claims. Each attribute can have keys:
;; :attribute (mandatory) - the name of the attribute as in the OIDC claim, a string
;; :name (optional) - a map with languages as keys and the localized name for the attribute as values
;;
;; Example:
;;
;; :oidc-extra-attributes [{:attribute "groups"
;; :name {:en "Groups" :fi "Ryhmät"}}
;; {:attribute "employeeNumber"}]
:oidc-extra-attributes []
;; For OIDC, the userid attribute is always required.
;; You can further specify if a name or email is required.
;; The default is to require a name.
:oidc-require-name true
:oidc-require-email false
;; Normally, a logout will happen in a REMS internal URL,
;; which performs:
;; - the OIDC token revocation (override with `:oidc-perform-revoke-on-logout`),
;; - REMS session termination, and
;; - redirect to REMS homepage (override with `:oidc-logout-redirect-url`).
;;
;; To which URL a user is redirected to after a successful logout?
:oidc-logout-redirect-url "/"
;; Should REMS POST to the revocation_endpoint received from OIDC metadata?
:oidc-perform-revoke-on-logout true
;; Should REMS use `state` parameter in the OIDC login.
;; If set to `:csrf-token` then REMS will send the `state` parameter
;; and check the return value in the callback. (default is not to send)
:oidc-use-state nil
;; Sending email.
;;
;; Either you specify `:smtp-host` and `:smtp-port` like here:
:smtp-host nil
:smtp-port 25
;;
;; Or you can specify a map under `:smtp` with host, port, authentication details etc.
;;
;; Example:
;; :smtp {:host "https://..." :pass "..." :port 587 :ssl true}
;;
;; For the full set of available keys see https://github.com/drewr/postal#smtp
:smtp nil
;; Other email parameters (in addition to the above):
:smtp-connectiontimeout 5000 ; milliseconds waiting for connection
:smtp-timeout 10000 ; milliseconds waiting for processing
:smtp-writetimeout 10000 ; milliseconds waiting for writes
:smtp-debug false ; print detailed debug
:mail-from nil
:email-retry-period "P3D" ;; in ISO 8601 duration format https://en.wikipedia.org/wiki/ISO_8601#Durations
;; External systems for pushing entitlements (v1). Another customizable way is using plugins.
;;
;; URLs to notify about granted and revoked entitlements.
:entitlements-target {:add nil
:remove nil}
;; Default length for entitlements, in days. This only affects the UI of the approve command.
;; The default, nil, means indefinite entitlements.
:entitlement-default-length-days nil
;; URLs to notify about new events. An array of targets. Targets can have keys:
;; :url (mandatory) - the url to send HTTP PUT requests to
;; :event-types (optional) - an array of event types to send. A missing value means "send everything".
;; :timeout (optional) - timeout for the PUT in seconds. Defaults to 60s.
;; :headers (optional) - a map of additional HTTP headers to send.
;; :send-application? (optional) - should application be sent in `:event/application` (defaults to true)
;;
;; See also: docs/event-notification.md
;;
;; Example:
;;
;; :event-notification-targets [{:url "http://events/everything"}
;;
;; {:url "http://events/just-the-event-is-lighter"
;; :send-application? false}
;;
;; {:url "http://events/filtered-by-type"
;; :event-types [:application.event/created :application.event/submitted]
;; :timeout 120
;; :headers {"Authorization" "abc123"
;; "X-Header" "value"}}]
:event-notification-targets []
;; Which database column to show as the application id.
;; Options: :id, :external-id, :generated-and-assigned-external-id
:application-id-column :external-id
;; List of supported languages. They will be selectable in the UI.
:languages [:en :fi]
:default-language :en
;; Path to a directory with translations for additional languages.
:translations-directory "translations/"
;; Path to an external theme file to override variables in :theme.
;; Will automatically set :theme-static-resources to a 'public' directory
;; next to the theme file.
:theme-path nil
;; Optional static resources directory for theme files.
:theme-static-resources nil
;; UI theme variables.
:theme {:color1 "#eee"
:color2 "#fff"
:color3 "#000"
:color4 "#000"
;; Images & logos
:img-path "../../img/" ; Path for static images, relative to /css/<lang>/screen.css
:logo-name nil ; Big logo, used on home page. Also used on other pages if :navbar-logo-name is not set.
:logo-name-en nil ; Localized big logo, defaults to :logo-name
:logo-name-sm nil ; Small version of big logo, used in mobile mode.
:logo-name-en-sm nil ; Localized small version of big logo, defaults to :logo-name-sm
:navbar-logo-name nil ; Small logo for navbar. Used on non-home pages instead of :logo-name.
:navbar-logo-name-en nil ; Localized small logo for navbar, defaults to :navbar-logo-name
:logo-bgcolor nil
:logo-content-origin nil
;; Phases
:phase-bgcolor "#eee"
:phase-color "#111"
:phase-bgcolor-active "#ccc"
:phase-color-active nil ; defaults to :phase-color
:phase-bgcolor-completed "#ccc"
:phase-color-completed nil ; defaults to :phase-color
;; Navbar
:button-navbar-font-weight 700
:navbar-color "#111" ; color of text in navbar
:nav-color nil ; color of links on navbar, defaults to :link-color
:nav-active-color nil ; defaults to :color4
:nav-hover-color nil ; defaults to :color4
:big-navbar-text-transform "none" ; can be used to e.g. uppercase the navbar text
;; Tables
:table-hover-color nil ; defaults to :table-text-color
:table-hover-bgcolor nil ; defaults to :color2
:table-bgcolor nil ; defaults to :color1
:table-shadow nil
:table-border "1px solid #ccc"
:table-heading-color "#fff"
:table-heading-bgcolor nil ; defaults to :color3
:table-selection-bgcolor nil ; defaults to a darkened :table-hover-bgcolor, :table-bgcolor or :color3
:table-text-color nil ; defaults to bootstrap colors
:table-stripe-color nil ; background for every second table row, defaults to :color1
;; Text
:header-border "3px solid #ccc"
:header-shadow nil ; defaults to :table-shadow
:link-color "#025b96"
:link-hover-color nil ; defaults to color4
:font-family "'Lato', sans-serif"
;; Text colors:
:text-primary nil
:bg-primary nil
:text-secondary nil
:bg-secondary nil
:text-success nil
:bg-success nil
:text-danger nil
:bg-danger nil
:text-warning "#ffc107!important"
:bg-warning nil
:text-info nil
:bg-info nil
:text-light nil
:bg-light nil
:text-dark nil
:bg-dark nil
:text-white nil
:bg-white nil
:text-muted nil
;; Alerts
:alert-primary-color nil ; defaults to bootstrap colors
:alert-primary-bgcolor nil ; defaults to bootstrap colors
:alert-primary-bordercolor nil ; defaults to :alert-primary-color
:alert-secondary-color nil ; defaults to bootstrap colors
:alert-secondary-bgcolor nil ; defaults to bootstrap colors
:alert-secondary-bordercolor nil ; defaults to :alert-secondary-color
:alert-success-color nil ; defaults to bootstrap colors
:alert-success-bgcolor nil ; defaults to bootstrap colors
:alert-success-bordercolor nil ; defaults to :alert-success-color
:alert-danger-color nil ; defaults to bootstrap colors
:alert-danger-bgcolor nil ; defaults to bootstrap colors
:alert-danger-bordercolor nil ; defaults to :alert-danger-color
:alert-warning-color nil ; defaults to bootstrap colors
:alert-warning-bgcolor nil ; defaults to bootstrap colors
:alert-warning-bordercolor nil ; defaults to :alert-warning-color
:alert-info-color nil ; defaults to bootstrap colors
:alert-info-bgcolor nil ; defaults to bootstrap colors
:alert-info-bordercolor nil ; defaults to :alert-info-color
:alert-light-color nil ; defaults to bootstrap colors
:alert-light-bgcolor nil ; defaults to bootstrap colors
:alert-light-bordercolor nil ; defaults to :alert-light-color
:alert-dark-color nil ; defaults to bootstrap colors
:alert-dark-bgcolor nil ; defaults to bootstrap colors
:alert-dark-bordercolor nil ; defaults to :alert-dark-color
;; Buttons
:primary-button-color "#fff"
:primary-button-bgcolor nil ; defaults to :color4
:primary-button-hover-color nil ; defaults to :primary-button-color
:primary-button-hover-bgcolor nil ; defaults to :primary-button-bgcolor
:secondary-button-color "#fff"
:secondary-button-bgcolor nil ; defaults to :color4
:secondary-button-hover-color nil ; defaults to :secondary-button-color
:secondary-button-hover-bgcolor nil ; defaults to :secondary-button-bgcolor
;; Misc
:footer-color nil ; defaults to :table-heading-color
:footer-bgcolor nil ; defaults to :table-heading-bgcolor or color3
:collapse-shadow nil ; defaults to :table-shadow
:collapse-bgcolor "#fff"
:collapse-color "#fff"}
;; Optional extra static resources directory.
:extra-static-resources nil
;; Optional extra script files loaded when UI loads
:extra-scripts {:root "/dev/null" :files []}
;; Optional extra stylesheets loaded when UI loads.
;; Use to set custom fonts for example
:extra-stylesheets {:root "./" :files ["/example-theme/extra-styles.css"]}
;; Optional extra pages shown in the navigation bar.
;;
;; Example: define two pages
;;
;; :extra-pages [;; This is a page that's hosted at an external URL, only for logged-in users
;; {:id "hello"
;; :roles [:logged-in] ; only for this role
;; :heading false ; don't show the heading, write any Markdown heading you like, defaults to true
;; :url "http://example.org/hello.html" ; fallback URL
;; :translations {:fi {:title "Hei"
;; :url "http://example.org/fi/hello.html"} ; specific localized URL
;; :en {:title "Hello"}}}
;;
;; ;; This is a page that's a markdown file, localized into two languages.
;; ;; The files are searched under :extra-pages-path (see below).
;; {:id "about"
;; :filename "about.md" ; fallback file
;; :translations {:fi {:title "Info"
;; :filename "about-fi.md"} ; specific localized file
;; :en {:title "About"
;; :filename "about-en.md"}}}]
;;
;; Additional options (for any type):
;; :show-menu true ; show in top menu, defaults to true
;; :show-footer false ; show in footer, defaults to false
;; :roles ; Can be used to configure which users see and can access the extra page.
;; ; The :logged-in, or more specific roles are possible.
;; ; The default is to show the page to everyone.
;;
;; NB: Pages not accessible through menus will be served in the corresponding
;; url `/extra-pages/<id>` and can be accessed through a link for example.
;;
;; Assets such as images can also be hosted by REMS if included the theme directory.
;; See `:theme-path`.
;;
;; For example with this Markdown you can include an image:
;; 
;;
:extra-pages []
;; Path to the markdown files for the extra pages.
:extra-pages-path nil
;; The character used as the separator in csv files.
:csv-separator ","
;; Optional, the number of days until the deadline for making a decision
;; on an application, starting from the first submission.
:application-deadline-days nil
;; List of commands to disable. See the swagger model of
;; /api/applications/{application-id} field application/permissions
;; for all possible values.
;;
;; Example:
;; :disable-commands [:application.command/assign-external-id :application.command/change-resources]
:disable-commands []
;; Show "Assign external id" action button in UI for handlers
:enable-assign-external-id-ui false
;; Maximum size of attachment files in bytes (10000000 = 10MB).
;; nil = no limit
:attachment-max-size 10000000
;; Should applications be deleted after having been inactive for a set period of time?
;; Use map with key as required application state, and value as a map:
;; {:application.state/draft {:delete-after "P90D" :reminder-before "P7D"}}
;; :delete-after - delete application after period of time since last activity
;; :reminder-before - (optional) send reminder about expiration to application members (as period of time before expiration)
;; nil = feature not enabled.
;; NB: currently :application.state/draft is the only supported application state
;; NB: expirer-bot user must be created before enabling application expiration. see docs/bots.md for more information
;; https://en.wikipedia.org/wiki/ISO_8601#Durations for duration formatting reference.
:application-expiration nil
;; How many applications may application expiration process at a time?
;; defaults to 50
:application-expiration-process-limit nil
;; enable /api/permissions/:user
;; see also docs/ga4gh-visas.md
:enable-permissions-api false
;; Keys for signing GA4GH Visas produced by permissions API.
;; Format: path to file containing key in JWK (Json Web Key) format
:ga4gh-visa-private-key nil
:ga4gh-visa-public-key nil
;; set of trusted issuers and jku values for claims
;; e.g. [{:iss "https://ega.ebi.ac.uk:8443/ega-openid-connect-server/" :jku "https://ega.ebi.ac.uk:8443/ega-openid-connect-server/jwk"}]
:ga4gh-visa-trusted-issuers []
;; Should the catalogue be public and visible to everyone, i.e. also to not logged-in users.
:catalogue-is-public false
;; Options used only for development
:test-database-url nil
:accessibility-report false ; should the axe accessibility tooling be included?
:enable-doi false ; should the DOI features be shown in the UI. See https://www.doi.org/
:enable-duo false ; should the DUO features be shown in the UI. See `docs/architecture/019-duo.md` and https://www.ga4gh.org/product/data-use-ontology-duo/
:enable-catalogue-table true ; show catalogue page table of items
:enable-catalogue-tree false ; show catalogue page tree of items
:catalogue-tree-show-matching-parents true ; should parent categories be shown if children match?
:enable-cart true ; show shopping cart and allow bundling multiple resources into one application
:enable-save-compaction false ; whether to merge consecutive saves into one event (EXPERIMENTAL)
:enable-autosave false ; whether to automatically save the application as the applicant types (EXPERIMENTAL)
;; Extended logging for routes that should additionally log content of entity mutation.
;; logging is at INFO level and the log message is prefixed with "extended-logging (:uri request)"
:enable-extended-logging false
;; which columns in applications list(s) should be hidden in UI
;; allowed values: [:description :resource :applicant :handlers :state :todo :created :submitted :last-activity :view]
:application-list-hidden-columns []
:show-resources-section true ; should resources section be shown in the application UI
:show-attachment-zip-action true ; should the attachment download be shown in the application actions UI
:show-pdf-action true ; should PDF button be shown in the application actions UI
:enable-handler-emails true ; should notification emails be sent to the handlers. Invitation emails and requests will be sent regardless, reminders are also sent if configured.
;; Optional metadata to be passed to the PDF generation.
;;
;; See https://github.com/clj-pdf/clj-pdf#metadata
;;
;; Example:
;; :pdf-metadata {:font {:encoding :unicode
;; :ttf-name "custom-font-file.ttf"}}
;;
:pdf-metadata {}
;; REMS can be extended using plugins:
;;
;; Define the plugins with `:plugins` and then
;; attach them to the extension points using `:extension-points`.
;;
;; Example:
;; :plugins [{:id :plugin/group-split
;; :filename "plugins/group-split.md"
;; :attribute-name "user_groups"
;; :split-with ";"}
;;
;; :extension-points {:extension-point/transform-user-data [:plugin/group-split] ; should match the previous id
;; :extension-point/validate-user-data [...
;; ]}
;;
;; See docs/plugins.md for more information.
:plugins nil ; by default no plugins
:extension-points nil ; by default no plugins
:enable-voting false ; voting (experimental)
:enable-processing-states false
;; If `:scanner-path` is defined, it is assumed to be an executable that:
;; can take a binary file from `STDIN` and return a status code of zero if and only if the file passes the scan.
;;
;; Disabling `:logging` will make REMS discard output of the malware scanner executable.
:malware-scanning {:scanner-path nil
:logging true}
;; REMS tables can have some parameters tuned.
;; Not every attribute may work in every table yet.
;;
;; key - identity of the table (e.g. `:rems.catalogue/catalogue`)
;; value - a map
;; `:paging?` - whether to use paging (defaults to true)
;; `:page-size` - defaults to 50
;; `:max-rows` - how many rows to show ever
;;
;; Currently (2023-10-18) the relevant tables are:
;; :rems.administration.blacklist/blacklist
;; :rems.administration.catalogue-items/catalogue
;; :rems.administration.categories/categories
;; :rems.administration.change-catalogue-item-form/catalogue
;; :rems.administration.forms/forms
;; :rems.administration.licenses/licenses
;; :rems.administration.organizations/organizations
;; :rems.administration.resources/resources
;; :rems.administration.workflows/workflows
;; :rems.catalogue/catalogue
;; :rems.catalogue/draft-applications
;; :rems.actions/todo-applications
;; :rems.actions/handled-applications
;; :rems.application/previous-applications-except-current
;; :rems.applications/my-applications
;; :rems.applications/all-applications
:tables {}
;; REMS can be configured to avoid heavy work
;; (cache reloading) during pre-defined buzy hours.
;;
;; For example config:
;;
;; :buzy-hours [["07:00" "11:00"]
;; ["12:00" "17:00"]]
;;
;; would define the buzy hours to be (server time) from seven (07:00) in
;; the morning to eleven (11:00). Then after a break another buzy hour period
;; from noon (12:00) until five (17:00) in the evening.
;;
;; As few or as many periods can be defined.
:buzy-hours nil}