2024-06-15 10:05:31 +02:00
#############################################################################################################
# Welcome to settings file from #
# ____ _____ ___ ____ _ ___ _ _ ____ ____ ____ _____ #
# / ___|_ _|_ _| _ \| | |_ _| \ | |/ ___| | _ \| _ \| ___| #
# \___ \ | | | || |_) | | | || \| | | _ _____| |_) | | | | |_ #
# ___) || | | || _ <| |___ | || |\ | |_| |_____| __/| |_| | _| #
# |____/ |_| |___|_| \_\_____|___|_| \_|\____| |_| |____/|_| #
# #
# Do not comment out any entry, it will be removed on next startup #
# If you want to override with environment parameter follow parameter naming SECURITY_INITIALLOGIN_USERNAME #
#############################################################################################################
2023-08-27 00:38:17 +01:00
2023-08-26 12:27:52 +01:00
security:
enableLogin: false # set to 'true' to enable login
2024-12-10 11:17:50 +00:00
csrfDisabled: false # set to 'true' to disable CSRF protection (not recommended for production)
2024-08-23 15:46:09 +02:00
loginAttemptCount: 5 # lock user account after 5 tries; when using e.g. Fail2Ban you can deactivate the function with -1
2024-05-21 00:50:03 +02:00
loginResetTimeMinutes: 120 # lock account for 2 hours after x attempts
2025-02-01 00:36:50 +01:00
loginMethod: all # Accepts values like 'all' and 'normal'(only Login with Username/Password), 'oauth2'(only Login with OAuth2) or 'saml2'(only Login with SAML2)
2024-06-15 10:05:31 +02:00
initialLogin:
2024-11-03 08:20:10 +01:00
username: '' # initial username for the first login
password: '' # initial password for the first login
2024-06-15 10:05:31 +02:00
oauth2:
enabled: false # set to 'true' to enable login (Note: enableLogin must also be 'true' for this to work)
client:
keycloak:
issuer: '' # URL of the Keycloak realm's OpenID Connect Discovery endpoint
2024-11-03 08:20:10 +01:00
clientId: '' # client ID for Keycloak OAuth2
clientSecret: '' # client secret for Keycloak OAuth2
scopes: openid, profile, email # scopes for Keycloak OAuth2
2025-02-24 22:18:34 +00:00
useAsUsername: preferred_username # field to use as the username for Keycloak OAuth2. Available options are: [email | name | given_name | family_name | preferred_name]
2024-06-15 10:05:31 +02:00
google:
2024-11-03 08:20:10 +01:00
clientId: '' # client ID for Google OAuth2
clientSecret: '' # client secret for Google OAuth2
2025-02-24 22:18:34 +00:00
scopes: email, profile # scopes for Google OAuth2
useAsUsername: email # field to use as the username for Google OAuth2. Available options are: [email | name | given_name | family_name]
2024-06-15 10:05:31 +02:00
github:
2024-11-03 08:20:10 +01:00
clientId: '' # client ID for GitHub OAuth2
clientSecret: '' # client secret for GitHub OAuth2
scopes: read:user # scope for GitHub OAuth2
2025-02-24 22:18:34 +00:00
useAsUsername: login # field to use as the username for GitHub OAuth2. Available options are: [email | login | name]
issuer: '' # set to any Provider that supports OpenID Connect Discovery (/.well-known/openid-configuration) endpoint
clientId: '' # client ID from your Provider
clientSecret: '' # client secret from your Provider
2024-11-29 15:11:59 +00:00
autoCreateUser: true # set to 'true' to allow auto-creation of non-existing users
2024-08-16 12:57:37 +02:00
blockRegistration: false # set to 'true' to deny login with SSO without prior registration by an admin
2024-11-03 08:20:10 +01:00
useAsUsername: email # default is 'email'; custom fields can be used as the username
scopes: openid, profile, email # specify the scopes for which the application will request permissions
2025-02-24 22:18:34 +00:00
provider: google # set this to your OAuth Provider's name, e.g., 'google' or 'keycloak'
2024-11-03 08:20:10 +01:00
saml2:
2024-11-29 15:11:59 +00:00
enabled: false # Only enabled for paid enterprise clients (enterpriseEdition.enabled must be true)
2025-02-24 22:18:34 +00:00
provider: '' # The name of your Provider
2024-11-29 15:11:59 +00:00
autoCreateUser: true # set to 'true' to allow auto-creation of non-existing users
2024-10-20 13:30:58 +02:00
blockRegistration: false # set to 'true' to deny login with SSO without prior registration by an admin
2025-02-24 22:18:34 +00:00
registrationId: stirling # The name of your Service Provider (SP) app name. Should match the name in the path for your SSO & SLO URLs
idpMetadataUri: https://dev-XXXXXXXX.okta.com/app/externalKey/sso/saml/metadata # The uri for your Provider's metadata
idpSingleLoginUrl: https://dev-XXXXXXXX.okta.com/app/dev-XXXXXXXX_stirlingpdf_1/externalKey/sso/saml # The URL for initiating SSO. Provided by your Provider
idpSingleLogoutUrl: https://dev-XXXXXXXX.okta.com/app/dev-XXXXXXXX_stirlingpdf_1/externalKey/slo/saml # The URL for initiating SLO. Provided by your Provider
idpIssuer: '' # The ID of your Provider
idpCert: classpath:okta.cert # The certificate your Provider will use to authenticate your app's SAML authentication requests. Provided by your Provider
privateKey: classpath:saml-private-key.key # Your private key. Generated from your keypair
spCert: classpath:saml-public-cert.crt # Your signing certificate. Generated from your keypair
2024-02-11 11:47:00 -05:00
2025-03-25 17:57:17 +00:00
premium:
2024-09-13 16:42:38 +01:00
key: 00000000-0000-0000-0000-000000000000
2025-03-25 17:57:17 +00:00
enabled: false # Enable license key checks for pro/enterprise features
proFeatures:
SSOAutoLogin: false
CustomMetadata:
autoUpdateMetadata: false
author: username
creator: Stirling-PDF
producer: Stirling-PDF
2024-09-13 16:42:38 +01:00
legal:
2024-11-03 08:20:10 +01:00
termsAndConditions: https://www.stirlingpdf.com/terms-and-conditions # URL to the terms and conditions of your application (e.g. https://example.com/terms). Empty string to disable or filename to load from local file in static folder
privacyPolicy: https://www.stirlingpdf.com/privacy-policy # URL to the privacy policy of your application (e.g. https://example.com/privacy). Empty string to disable or filename to load from local file in static folder
accessibilityStatement: '' # URL to the accessibility statement of your application (e.g. https://example.com/accessibility). Empty string to disable or filename to load from local file in static folder
cookiePolicy: '' # URL to the cookie policy of your application (e.g. https://example.com/cookie). Empty string to disable or filename to load from local file in static folder
impressum: '' # URL to the impressum of your application (e.g. https://example.com/impressum). Empty string to disable or filename to load from local file in static folder
2024-09-13 16:42:38 +01:00
2023-08-26 12:27:52 +01:00
system:
2024-11-03 08:20:10 +01:00
defaultLocale: en-US # set the default language (e.g. 'de-DE', 'fr-FR', etc)
2023-09-02 12:30:27 +02:00
googlevisibility: false # 'true' to allow Google visibility (via robots.txt), 'false' to disallow
2024-11-03 08:20:10 +01:00
enableAlphaFunctionality: false # set to enable functionality which might need more testing before it fully goes live (this feature might make no changes)
2024-05-26 15:31:34 +01:00
showUpdate: false # see when a new update is available
2024-11-03 08:20:10 +01:00
showUpdateOnlyAdmin: false # only admins can see when a new update is available, depending on showUpdate it must be set to 'true'
customHTMLFiles: false # enable to have files placed in /customFiles/templates override the existing template HTML files
tessdataDir: /usr/share/tessdata # path to the directory containing the Tessdata files. This setting is relevant for Windows systems. For Windows users, this path should be adjusted to point to the appropriate directory where the Tessdata files are stored.
Improved Configuration and YAML Management (#2966)
# Description of Changes
**What was changed:**
- **Configuration Updates:**
Replaced all calls to `GeneralUtils.saveKeyToConfig` with the new
`GeneralUtils.saveKeyToSettings` method across multiple classes (e.g.,
`LicenseKeyChecker`, `InitialSetup`, `SettingsController`, etc.). This
update ensures consistent management of configuration settings.
- **File Path and Exception Handling:**
Updated file path handling in `SPDFApplication` by creating `Path`
objects from string paths and logging these paths for clarity. Also
refined exception handling by catching more specific exceptions (e.g.,
using `IOException` instead of a generic `Exception`).
- **Analytics Flag and Rate Limiting:**
Changed the analytics flag in the application properties from a `String`
to a `Boolean`, and updated related logic in `AppConfig` and
`PostHogService`. The rate-limiting property retrieval in `AppConfig`
was also refined for clarity.
- **YAML Configuration Management:**
Replaced the previous manual, line-based YAML merging logic in
`ConfigInitializer` with a new `YamlHelper` class. This helper leverages
the SnakeYAML engine to load, update, and save YAML configurations more
robustly while preserving comments and formatting.
**Why the change was made:**
- **Improved Maintainability:**
Consolidating configuration update logic into a single utility method
(`saveKeyToSettings`) reduces code duplication and simplifies future
maintenance.
- **Enhanced Robustness:**
The new `YamlHelper` class ensures that configuration files are merged
accurately and safely, minimizing risks of data loss or format
corruption.
- **Better Type Safety and Exception Handling:**
Switching the analytics flag to a Boolean and refining exception
handling improves code robustness and debugging efficiency.
- **Clarity and Consistency:**
Standardizing file path handling and logging practices enhances code
readability across the project.
**Challenges encountered:**
- **YAML Merging Complexity:**
Integrating the new `YamlHelper` required careful handling to preserve
existing settings, comments, and formatting during merges.
- **Type Conversion and Backward Compatibility:**
Updating the analytics flag from a string to a Boolean required
extensive testing to ensure backward compatibility and proper
functionality.
- **Exception Granularity:**
Refactoring exception handling from a generic to a more specific
approach involved a detailed review to cover all edge cases.
Closes #<issue_number>
---
## Checklist
- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [ ] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings
### Documentation
- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)
### UI Changes (if applicable)
- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)
### Testing (if applicable)
- [x] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md#6-testing)
for more details.
---------
Co-authored-by: Anthony Stirling <77850077+Frooodle@users.noreply.github.com>
2025-02-25 22:52:59 +01:00
enableAnalytics: null # set to 'true' to enable analytics, set to 'false' to disable analytics; for enterprise users, this is set to true
2025-03-25 17:57:17 +00:00
enableUrlToPDF: false # Set to 'true' to enable URL to PDF, INTERNAL ONLY, known security issues, should not be used externally
2025-02-01 00:36:50 +01:00
disableSanitize: false # set to true to disable Sanitize HTML; (can lead to injections in HTML)
2025-01-06 18:58:26 +00:00
datasource:
2025-01-09 14:40:51 +00:00
enableCustomDatabase: false # Enterprise users ONLY, set this property to 'true' if you would like to use your own custom database configuration
customDatabaseUrl: '' # eg jdbc:postgresql://localhost:5432/postgres, set the url for your own custom database connection. If provided, the type, hostName, port and name are not necessary and will not be used
2025-01-06 18:58:26 +00:00
username: postgres # set the database username
password: postgres # set the database password
type: postgresql # the type of the database to set (e.g. 'h2', 'postgresql')
hostName: localhost # the host name to use for the database url. Set to 'localhost' when running the app locally. Set to match the name of the container name of your database container when running the app on a server (Docker configuration)
port: 5432 # set the port number of the database. Ensure this matches the port the database is listening to
name: postgres # set the name of your database. Should match the name of the database you create
2025-02-23 13:36:21 +00:00
customPaths:
pipeline:
watchedFoldersDir: "" #Defaults to /pipeline/watchedFolders
finishedFoldersDir: "" #Defaults to /pipeline/finishedFolders
operations:
weasyprint: "" #Defaults to /opt/venv/bin/weasyprint
unoconvert: "" #Defaults to /opt/venv/bin/unoconvert
2024-05-18 23:47:05 +02:00
2024-05-03 22:23:21 +01:00
ui:
2024-11-03 08:20:10 +01:00
appName: '' # application's visible name
homeDescription: '' # short description or tagline shown on the homepage
appNameNavbar: '' # name displayed on the navigation bar
Improved Configuration and YAML Management (#2966)
# Description of Changes
**What was changed:**
- **Configuration Updates:**
Replaced all calls to `GeneralUtils.saveKeyToConfig` with the new
`GeneralUtils.saveKeyToSettings` method across multiple classes (e.g.,
`LicenseKeyChecker`, `InitialSetup`, `SettingsController`, etc.). This
update ensures consistent management of configuration settings.
- **File Path and Exception Handling:**
Updated file path handling in `SPDFApplication` by creating `Path`
objects from string paths and logging these paths for clarity. Also
refined exception handling by catching more specific exceptions (e.g.,
using `IOException` instead of a generic `Exception`).
- **Analytics Flag and Rate Limiting:**
Changed the analytics flag in the application properties from a `String`
to a `Boolean`, and updated related logic in `AppConfig` and
`PostHogService`. The rate-limiting property retrieval in `AppConfig`
was also refined for clarity.
- **YAML Configuration Management:**
Replaced the previous manual, line-based YAML merging logic in
`ConfigInitializer` with a new `YamlHelper` class. This helper leverages
the SnakeYAML engine to load, update, and save YAML configurations more
robustly while preserving comments and formatting.
**Why the change was made:**
- **Improved Maintainability:**
Consolidating configuration update logic into a single utility method
(`saveKeyToSettings`) reduces code duplication and simplifies future
maintenance.
- **Enhanced Robustness:**
The new `YamlHelper` class ensures that configuration files are merged
accurately and safely, minimizing risks of data loss or format
corruption.
- **Better Type Safety and Exception Handling:**
Switching the analytics flag to a Boolean and refining exception
handling improves code robustness and debugging efficiency.
- **Clarity and Consistency:**
Standardizing file path handling and logging practices enhances code
readability across the project.
**Challenges encountered:**
- **YAML Merging Complexity:**
Integrating the new `YamlHelper` required careful handling to preserve
existing settings, comments, and formatting during merges.
- **Type Conversion and Backward Compatibility:**
Updating the analytics flag from a string to a Boolean required
extensive testing to ensure backward compatibility and proper
functionality.
- **Exception Granularity:**
Refactoring exception handling from a generic to a more specific
approach involved a detailed review to cover all edge cases.
Closes #<issue_number>
---
## Checklist
- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [ ] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings
### Documentation
- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)
### UI Changes (if applicable)
- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)
### Testing (if applicable)
- [x] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md#6-testing)
for more details.
---------
Co-authored-by: Anthony Stirling <77850077+Frooodle@users.noreply.github.com>
2025-02-25 22:52:59 +01:00
languages: [] # If empty, all languages are enabled. To display only German and Polish ["de_DE", "pl_PL"]. British English is always enabled.
2023-08-26 12:27:52 +01:00
endpoints:
2024-11-03 08:20:10 +01:00
toRemove: [] # list endpoints to disable (e.g. ['img-to-pdf', 'remove-pages'])
groupsToRemove: [] # list groups to disable (e.g. ['LibreOffice'])
2023-08-26 12:27:52 +01:00
metrics:
2023-09-02 12:30:27 +02:00
enabled: true # 'true' to enable Info APIs (`/api/*`) endpoints, 'false' to disable
2024-05-03 20:43:48 +01:00
# Automatically Generated Settings (Do Not Edit Directly)
AutomaticallyGenerated:
2024-08-15 11:43:56 +02:00
key: example
2024-10-14 22:34:41 +01:00
UUID: example
2024-12-10 11:17:50 +00:00
appVersion: 0.35.0
2025-02-01 00:36:50 +01:00
2024-11-06 17:43:57 -07:00
processExecutor:
sessionLimit: # Process executor instances limits
libreOfficeSessionLimit: 1
pdfToHtmlSessionLimit: 1
2024-11-26 20:50:35 +00:00
qpdfSessionLimit: 4
tesseractSessionLimit: 1
2024-11-06 17:43:57 -07:00
pythonOpenCvSessionLimit: 8
weasyPrintSessionLimit: 16
installAppSessionLimit: 1
calibreSessionLimit: 1
timeoutMinutes: # Process executor timeout in minutes
libreOfficetimeoutMinutes: 30
pdfToHtmltimeoutMinutes: 20
pythonOpenCvtimeoutMinutes: 30
weasyPrinttimeoutMinutes: 30
installApptimeoutMinutes: 60
calibretimeoutMinutes: 30
2024-11-26 20:50:35 +00:00
tesseractTimeoutMinutes: 30
