diff options
Diffstat (limited to '')
-rw-r--r-- | README.md | 5 |
1 files changed, 3 insertions, 2 deletions
@@ -171,11 +171,11 @@ There are some config settings you need to change in the files below. | `HMD_LDAP_URL` | `ldap://example.com` | URL of LDAP server | | `HMD_LDAP_BINDDN` | no example | bindDn for LDAP access | | `HMD_LDAP_BINDCREDENTIALS` | no example | bindCredentials for LDAP access | -| `HMD_LDAP_TOKENSECRET` | `supersecretkey` | secret used for generating access/refresh tokens | | `HMD_LDAP_SEARCHBASE` | `o=users,dc=example,dc=com` | LDAP directory to begin search from | | `HMD_LDAP_SEARCHFILTER` | `(uid={{username}})` | LDAP filter to search with | | `HMD_LDAP_SEARCHATTRIBUTES` | `displayName, mail` | LDAP attributes to search with (use comma to separate) | -| `HMD_LDAP_USERNAMEFIELD` | `uid` | The LDAP field which is used as the username on HackMD | +| `HMD_LDAP_USERIDFIELD` | `uidNumber` or `uid` or `sAMAccountName` | The LDAP field which is used uniquely identify a user on HackMD | +| `HMD_LDAP_USERNAMEFIELD` | Fallback to userid | The LDAP field which is used as the username on HackMD | | `HMD_LDAP_TLS_CA` | `server-cert.pem, root.pem` | Root CA for LDAP TLS in PEM format (use comma to separate) | | `HMD_LDAP_PROVIDERNAME` | `My institution` | Optional name to be displayed at login form indicating the LDAP provider | | `HMD_SAML_IDPSSOURL` | `https://idp.example.com/sso` | authentication endpoint of IdP. for details, see [guide](docs/guides/auth.md#saml-onelogin). | @@ -207,6 +207,7 @@ There are some config settings you need to change in the files below. | `HMD_HSTS_MAX_AGE` | `31536000` | max duration in seconds to tell clients to keep HSTS status (default is a year) | | `HMD_HSTS_PRELOAD` | `true` | whether to allow preloading of the site's HSTS status (e.g. into browsers) | | `HMD_CSP_ENABLE` | `true` | whether to enable Content Security Policy (directives cannot be configured with environment variables) | +| `HMD_CSP_REPORTURI` | `https://<someid>.report-uri.com/r/d/csp/enforce` | Allows to add a URL for CSP reports in case of violations | ## Application settings `config.json` |