Comments to clarify the purpose of session_keepalive.
Fixes issue in Nextcloud Documentation (https://github.com/nextcloud/documentation/issues/7244)
Signed-off-by: HelloDarkness <111370255+hellodarkness@users.noreply.github.com>
LibreOffice only allows one invocation per user profile.[^1]
The office provider set the user profile to /tmp/owncloud-instanceid and therefore only one invocation per instance is allowed. This was introduced a while ago, yet it's unclear if this was intentionally or just a side effect.[^2]
The limitation on one invocation leads to the situation that the preview generation only works for a couple of files if you upload a whole folder of emf or word files.
This commit removes the limitation by using a new user profile for each preview. That's done by using instance id plus file id as postfix for getTemporaryFolder.
This has some drawbacks:
- Overload protection: If you upload 100 emf files, you may end up with 100 LibreOffice invocations. Though, you can use preview_concurrency_new to limit the number of previews that can be generated concurrently when php-sysvsem is available.
- New profile: I assume it takes a few bits to generate a fresh LibreOffice user profile. It appears that there is no way to ask LibreOffice to not create a profile and just work with the defaults. The profile will be cleaned after use by our temp manager.
- Remove the configuration option preview_office_cl_parameters: This is not strictly necessary yet, but if you set the configuration option, the generated path for the user profile is also missing. The configuration option is not well documented (e.g., it's unclear that the last option needs to be --outdir) and actually, there should be no reason to change it after all.
[^1]: https://wiki.documentfoundation.org/UserProfile
[^2]: https://github.com/owncloud/core/pull/9784
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
The new global search UI is new and might be unstable, hence
we are giving users the option to use the old unified search UI, if
the encounter signficant bottlenecks.
Signed-off-by: fenn-cs <fenn25.fn@gmail.com>
Signed-off-by: nextcloud-command <nextcloud-command@users.noreply.github.com>
Auth tokens store the user's login password by default. If the password
changes externally (on LDAP), all connected clients stop syncing after 5
minutes max when the password is verified the next time. A web login
revivess those app passwords.
If storing the password is disabled, the tokens continue to work after
password change. But that also means the clients are not logged out the
same way. This can be fine for some setups and problematic for others.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
add preview_ffmpeg_path documentation.
document custom path for ffmpeg so it can be used by the previewprovider to create video previews with the snap package of nextcloud.
Signed-off-by: William <william.hak57@gmail.com>
The comments were not marked as verbatim and thus the Sphinx compiler to generate
the online admin manual interpreted backslashes as special chars. They disappeared
from the output.
By adding ``, it is marked as verbatim and the backslashes are not removed.
Signed-off-by: Christian Wolf <github@christianwolf.email>
This should not change anything but fix some documentation issues.
This change should not change anything in the implemenetation.
Signed-off-by: Christian Wolf <github@christianwolf.email>
The change should only affect the conmments and reorder the config lines
Copy modifications from https://github.com/nextcloud/documentation/pull/9166 into sample config file
Signed-off-by: Christian Wolf <github@christianwolf.email>
To avoid extra truncate on non WORM file systems, add a new config
option `localstorage.unlink_on_truncate`, which defaults to false.
The OC\Files\Storage\Local is update to respect that option.
Signed-off-by: Tigran Mkrtchyan <tigran.mkrtchyan@desy.de>
This adds an option to disable storing passwords in the database. This
might be desirable when using single use token as passwords or very
large passwords.
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
This adds a new config variable `loglevel_frontend`,
allowing to configure the logging level of the
browser part as requested in nextcloud/nextcloud-logger#141
If not configured the `loglevel` is used as the fallback.
Signed-off-by: Ferdinand Thiessen <rpm@fthiessen.de>
Commit 451c06d introduced override for umask value.
This is needed to avoid broken env configuration or dirty workers
to mess with the permissions when creating new files.
Most Nextcloud, that does not integrate with external software
would work fine with an hard-coded value (451c06d set it at 022).
Advanced install may require more flexibility, as such this commit
exposes the "umask override value" as configuration parameter:
`localstorage.umask`
It defaults to 0022 both in code and in config/config.sample.php .
Signed-off-by: Martin Brugnara <martin@0x6d62.eu>
Default to the more space-efficient binary encoding for newly encrypted files
instead of the traditional base64 encoding, eliminating the 33% overhead.
The new option 'encryption.use_legacy_encoding' allows to force the legacy
encoding format if needed. Files encoded in the old format remain readable.
Based on https://github.com/owncloud/encryption/pull/224 and
https://github.com/owncloud/core/pull/38249 by karakayasemi.
Signed-off-by: plumbeo <plumbeo@users.noreply.github.com>
Rename the settings and invert the meaning.
Increase default interval to one hour.
Changed the interval to be a number of seconds, to align with other
setting styles.
Signed-off-by: Vincent Petry <vincent@nextcloud.com>
For most image formats, the header specifies the width/height.
PHP allocates an image object from that size, even if the actual
image data is much smaller. This image object size is not limited
by the limit configured in PHP.
The memory limit can be configured through "config.php" setting
"preview_max_memory" and defaults to 128 MBytes which should be
enough for most images without filling up all memory.
Signed-off-by: Joachim Bauch <bauch@struktur.de>
Introduce a new config option to prevent web UI admins to create
or edit external storages of type "local".
Signed-off-by: Vincent Petry <vincent@nextcloud.com>
Also don't write to cache in this case to prevent cache and config file
being out of sync.
Fixes: #29901
Signed-off-by: Jonas Meurer <jonas@freesources.org>
In case they want to not allow this because they use SSO (and do not
want the users to enter their credentials there by accident).
?direct=1 still works.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
The threads option for the password_hash function does not define the maximum allowed number of CPU threads to be used by the hashing algorithm but the exact number of threads that is used.
Similarly the memory_cost option for the password_hash function does not define the maximum allowed memory to be used by the hashing algorithm, but the exact amount of memory that is used by the hashing table. The minimum value is 8 KiB per thread.
The time_cost option for the password_hash function does not define the allowed time in seconds, but the number of iterations for the hash function.
If the minimum values are understood, the minimum values are used instead.
Signed-off-by: MichaIng <micha@dietpi.com>
On some systems with a lot of users this creates a lot of extra DB
writes.
Being able to increase this interval helps there.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
The custom config allows to setup a proxy URI that is passed to
GuzzleHTTP client as request options. Guzzle has the option to receive
an array of proxies for each URI scheme as well as 'no' key value pair
to provide a list of host names that should not be proxied to.
Guzzle would automatically populate these options with HTTPS_PROXY
and NO_PROXY environment variables. However, when providing a 'proxy'
request option, default values will be overriden and it is required to
explicitly provide the 'no' value if needed.
More info:
http://docs.guzzlephp.org/en/stable/request-options.html#proxy
This commit will add support for a new config 'proxyexclude', which
takes a list of host names to be excluded.
It will also provide 'proxy' request option as an array instead of a
string to Guzzle, and populate 'http' and 'https' URI schemes with
proxy URI, and 'no' with 'proxyexclude' list.
Also, if no 'proxy' is configured, it will leave out 'proxy' request
option, so it won't override Guzzle default values.
Sample config file includes a hint on how to explicitly sync
'proxyexclude' with NO_PROXY, and a note about default values.
Signed-off-by: Mohammed Abdellatif <m.latief@gmail.com>
