From 2f1760f358da546c2c47d3b9a3517e0583cfee66 Mon Sep 17 00:00:00 2001
From: James Cole <thegrumpydictator@gmail.com>
Date: Sun, 14 Oct 2018 09:05:02 +0200
Subject: [PATCH] Sync up config files #1787

---
 .env.docker    | 60 ++++++++++++++++++++++++++++++++++++++++++++++++--
 .env.example   |  2 --
 .env.heroku    | 57 +++++++++++++++++++++++++++++++++++++++++++++++
 .env.sandstorm | 57 +++++++++++++++++++++++++++++++++++++++++++++++
 .env.testing   | 57 +++++++++++++++++++++++++++++++++++++++++++++++
 5 files changed, 229 insertions(+), 4 deletions(-)

diff --git a/.env.docker b/.env.docker
index e492ce875e..0e98690fc7 100644
--- a/.env.docker
+++ b/.env.docker
@@ -43,12 +43,25 @@ DB_HOST=${FF_DB_HOST}
 DB_PORT=${FF_DB_PORT}
 DB_DATABASE=${FF_DB_NAME}
 DB_USERNAME=${FF_DB_USER}
-DB_PASSWORD=${FF_DB_PASSWORD}
+DB_PASSWORD="${FF_DB_PASSWORD}"
 
 # If you're looking for performance improvements, you could install memcached.
 CACHE_DRIVER=file
 SESSION_DRIVER=file
 
+# You can configure another file storage backend if you cannot use the local storage option.
+# To set this up, fill in the following variables. The upload path is used to store uploaded
+# files and the export path is to store exported data (before download).
+SFTP_HOST=${SFTP_HOST}
+SFTP_PORT=${SFTP_PORT}
+SFTP_UPLOAD_PATH=${SFTP_UPLOAD_PATH}
+SFTP_EXPORT_PATH=${SFTP_EXPORT_PATH}
+
+# SFTP uses either the username/password combination or the private key to authenticate.
+SFTP_USERNAME=${SFTP_USERNAME}
+SFTP_PASSWORD="${SFTP_PASSWORD}"
+SFTP_PRIV_KEY=${SFTP_PRIV_KEY}
+
 # Cookie settings. Should not be necessary to change these.
 COOKIE_PATH="/"
 COOKIE_DOMAIN=
@@ -61,7 +74,7 @@ MAIL_HOST=${MAIL_HOST}
 MAIL_PORT=${MAIL_PORT}
 MAIL_FROM=${MAIL_FROM}
 MAIL_USERNAME=${MAIL_USERNAME}
-MAIL_PASSWORD=${MAIL_PASSWORD}
+MAIL_PASSWORD="${MAIL_PASSWORD}"
 MAIL_ENCRYPTION=${MAIL_ENCRYPTION}
 
 # Other mail drivers:
@@ -92,9 +105,52 @@ ANALYTICS_ID=${ANALYTICS_ID}
 # This makes it easier to migrate your database. Not that some fields will never be decrypted.
 USE_ENCRYPTION=true
 
+# Firefly III has two options for user authentication. "eloquent" is the default,
+# and "adldap" for LDAP servers.
+# For full instructions on these settings please visit:
+# https://firefly-iii.readthedocs.io/en/latest/installation/authentication.html
+LOGIN_PROVIDER=${LOGIN_PROVIDER}
+
+# LDAP connection configuration
+ADLDAP_CONNECTION_SCHEME=${ADLDAP_CONNECTION_SCHEME}
+ADLDAP_AUTO_CONNECT=${ADLDAP_AUTO_CONNECT}
+
+# LDAP connection settings
+ADLDAP_CONTROLLERS=${ADLDAP_CONTROLLERS}
+ADLDAP_PORT=${ADLDAP_PORT}
+ADLDAP_TIMEOUT=${ADLDAP_TIMEOUT}
+ADLDAP_BASEDN="${ADLDAP_BASEDN}"
+ADLDAP_FOLLOW_REFFERALS=${ADLDAP_FOLLOW_REFFERALS}
+ADLDAP_USE_SSL=${ADLDAP_USE_SSL}
+ADLDAP_USE_TLS=${ADLDAP_USE_TLS}
+
+ADLDAP_ADMIN_USERNAME=${ADLDAP_ADMIN_USERNAME}
+ADLDAP_ADMIN_PASSWORD="${ADLDAP_ADMIN_PASSWORD}"
+
+ADLDAP_ACCOUNT_PREFIX="${ADLDAP_ACCOUNT_PREFIX}"
+ADLDAP_ACCOUNT_SUFFIX="${ADLDAP_ACCOUNT_SUFFIX}"
+ADLDAP_ADMIN_ACCOUNT_PREFIX="${ADLDAP_ADMIN_ACCOUNT_PREFIX}"
+ADLDAP_ADMIN_ACCOUNT_SUFFIX="${ADLDAP_ADMIN_ACCOUNT_SUFFIX}"
+
+# LDAP authentication settings.
+ADLDAP_PASSWORD_SYNC=${ADLDAP_PASSWORD_SYNC}
+ADLDAP_LOGIN_FALLBACK=${ADLDAP_LOGIN_FALLBACK}
+
+ADLDAP_SYNC_FIELD=${ADLDAP_SYNC_FIELD}
+ADLDAP_DISCOVER_FIELD=${ADLDAP_DISCOVER_FIELD}
+ADLDAP_AUTH_FIELD=${ADLDAP_AUTH_FIELD}
+
+# Will allow SSO if your server provides an AUTH_USER field.
+WINDOWS_SSO_DISCOVER=${WINDOWS_SSO_DISCOVER}
+WINDOWS_SSO_KEY=${WINDOWS_SSO_KEY}
+
+# field to sync as local username.
+ADLDAP_SYNC_FIELD=${ADLDAP_SYNC_FIELD}
+
 # Leave the following configuration vars as is.
 # Unless you like to tinker and know what you're doing.
 APP_NAME=FireflyIII
+ADLDAP_CONNECTION=default
 BROADCAST_DRIVER=log
 QUEUE_DRIVER=sync
 REDIS_HOST=127.0.0.1
diff --git a/.env.example b/.env.example
index b5834c0238..a5a2d85f48 100644
--- a/.env.example
+++ b/.env.example
@@ -62,8 +62,6 @@ SFTP_USERNAME=
 SFTP_PASSWORD=
 SFTP_PRIV_KEY=
 
-
-
 # Cookie settings. Should not be necessary to change these.
 COOKIE_PATH="/"
 COOKIE_DOMAIN=
diff --git a/.env.heroku b/.env.heroku
index c4db28823b..426a8900ca 100644
--- a/.env.heroku
+++ b/.env.heroku
@@ -49,6 +49,19 @@ DB_CONNECTION=pgsql
 CACHE_DRIVER=file
 SESSION_DRIVER=file
 
+# You can configure another file storage backend if you cannot use the local storage option.
+# To set this up, fill in the following variables. The upload path is used to store uploaded
+# files and the export path is to store exported data (before download).
+SFTP_HOST=
+SFTP_PORT=
+SFTP_UPLOAD_PATH=
+SFTP_EXPORT_PATH=
+
+# SFTP uses either the username/password combination or the private key to authenticate.
+SFTP_USERNAME=
+SFTP_PASSWORD=
+SFTP_PRIV_KEY=
+
 # Cookie settings. Should not be necessary to change these.
 COOKIE_PATH="/"
 COOKIE_DOMAIN=
@@ -73,6 +86,7 @@ SPARKPOST_SECRET=
 # Firefly III can send you the following messages
 SEND_REGISTRATION_MAIL=true
 SEND_ERROR_MESSAGE=true
+
 # These messages contain (sensitive) transaction information:
 SEND_REPORT_JOURNALS=true
 
@@ -91,9 +105,52 @@ ANALYTICS_ID=
 # This makes it easier to migrate your database. Not that some fields will never be decrypted.
 USE_ENCRYPTION=true
 
+# Firefly III has two options for user authentication. "eloquent" is the default,
+# and "adldap" for LDAP servers.
+# For full instructions on these settings please visit:
+# https://firefly-iii.readthedocs.io/en/latest/installation/authentication.html
+LOGIN_PROVIDER=eloquent
+
+# LDAP connection configuration
+ADLDAP_CONNECTION_SCHEME=OpenLDAP # or FreeIPA or ActiveDirectory
+ADLDAP_AUTO_CONNECT=true
+
+# LDAP connection settings
+ADLDAP_CONTROLLERS=
+ADLDAP_PORT=389
+ADLDAP_TIMEOUT=5
+ADLDAP_BASEDN=""
+ADLDAP_FOLLOW_REFFERALS=false
+ADLDAP_USE_SSL=false
+ADLDAP_USE_TLS=false
+
+ADLDAP_ADMIN_USERNAME=
+ADLDAP_ADMIN_PASSWORD=
+
+ADLDAP_ACCOUNT_PREFIX=
+ADLDAP_ACCOUNT_SUFFIX=
+ADLDAP_ADMIN_ACCOUNT_PREFIX=
+ADLDAP_ADMIN_ACCOUNT_SUFFIX=
+
+# LDAP authentication settings.
+ADLDAP_PASSWORD_SYNC=false
+ADLDAP_LOGIN_FALLBACK=false
+
+ADLDAP_SYNC_FIELD=userprincipalname
+ADLDAP_DISCOVER_FIELD=distinguishedname
+ADLDAP_AUTH_FIELD=distinguishedname
+
+# Will allow SSO if your server provides an AUTH_USER field.
+WINDOWS_SSO_DISCOVER=samaccountname
+WINDOWS_SSO_KEY=AUTH_USER
+
+# field to sync as local username.
+ADLDAP_SYNC_FIELD=uid
+
 # Leave the following configuration vars as is.
 # Unless you like to tinker and know what you're doing.
 APP_NAME=FireflyIII
+ADLDAP_CONNECTION=default
 BROADCAST_DRIVER=log
 QUEUE_DRIVER=sync
 REDIS_HOST=127.0.0.1
diff --git a/.env.sandstorm b/.env.sandstorm
index aa7b70b1ff..83062e9530 100755
--- a/.env.sandstorm
+++ b/.env.sandstorm
@@ -49,6 +49,19 @@ DB_PASSWORD=firefly
 CACHE_DRIVER=file
 SESSION_DRIVER=file
 
+# You can configure another file storage backend if you cannot use the local storage option.
+# To set this up, fill in the following variables. The upload path is used to store uploaded
+# files and the export path is to store exported data (before download).
+SFTP_HOST=
+SFTP_PORT=
+SFTP_UPLOAD_PATH=
+SFTP_EXPORT_PATH=
+
+# SFTP uses either the username/password combination or the private key to authenticate.
+SFTP_USERNAME=
+SFTP_PASSWORD=
+SFTP_PRIV_KEY=
+
 # Cookie settings. Should not be necessary to change these.
 COOKIE_PATH="/"
 COOKIE_DOMAIN=
@@ -73,6 +86,7 @@ SPARKPOST_SECRET=
 # Firefly III can send you the following messages
 SEND_REGISTRATION_MAIL=true
 SEND_ERROR_MESSAGE=true
+
 # These messages contain (sensitive) transaction information:
 SEND_REPORT_JOURNALS=true
 
@@ -91,9 +105,52 @@ ANALYTICS_ID=
 # This makes it easier to migrate your database. Not that some fields will never be decrypted.
 USE_ENCRYPTION=true
 
+# Firefly III has two options for user authentication. "eloquent" is the default,
+# and "adldap" for LDAP servers.
+# For full instructions on these settings please visit:
+# https://firefly-iii.readthedocs.io/en/latest/installation/authentication.html
+LOGIN_PROVIDER=eloquent
+
+# LDAP connection configuration
+ADLDAP_CONNECTION_SCHEME=OpenLDAP # or FreeIPA or ActiveDirectory
+ADLDAP_AUTO_CONNECT=true
+
+# LDAP connection settings
+ADLDAP_CONTROLLERS=
+ADLDAP_PORT=389
+ADLDAP_TIMEOUT=5
+ADLDAP_BASEDN=""
+ADLDAP_FOLLOW_REFFERALS=false
+ADLDAP_USE_SSL=false
+ADLDAP_USE_TLS=false
+
+ADLDAP_ADMIN_USERNAME=
+ADLDAP_ADMIN_PASSWORD=
+
+ADLDAP_ACCOUNT_PREFIX=
+ADLDAP_ACCOUNT_SUFFIX=
+ADLDAP_ADMIN_ACCOUNT_PREFIX=
+ADLDAP_ADMIN_ACCOUNT_SUFFIX=
+
+# LDAP authentication settings.
+ADLDAP_PASSWORD_SYNC=false
+ADLDAP_LOGIN_FALLBACK=false
+
+ADLDAP_SYNC_FIELD=userprincipalname
+ADLDAP_DISCOVER_FIELD=distinguishedname
+ADLDAP_AUTH_FIELD=distinguishedname
+
+# Will allow SSO if your server provides an AUTH_USER field.
+WINDOWS_SSO_DISCOVER=samaccountname
+WINDOWS_SSO_KEY=AUTH_USER
+
+# field to sync as local username.
+ADLDAP_SYNC_FIELD=uid
+
 # Leave the following configuration vars as is.
 # Unless you like to tinker and know what you're doing.
 APP_NAME=FireflyIII
+ADLDAP_CONNECTION=default
 BROADCAST_DRIVER=log
 QUEUE_DRIVER=sync
 REDIS_HOST=127.0.0.1
diff --git a/.env.testing b/.env.testing
index 67757f6e23..312d28a9ec 100644
--- a/.env.testing
+++ b/.env.testing
@@ -49,6 +49,19 @@ DB_CONNECTION=sqlite
 CACHE_DRIVER=file
 SESSION_DRIVER=file
 
+# You can configure another file storage backend if you cannot use the local storage option.
+# To set this up, fill in the following variables. The upload path is used to store uploaded
+# files and the export path is to store exported data (before download).
+SFTP_HOST=
+SFTP_PORT=
+SFTP_UPLOAD_PATH=
+SFTP_EXPORT_PATH=
+
+# SFTP uses either the username/password combination or the private key to authenticate.
+SFTP_USERNAME=
+SFTP_PASSWORD=
+SFTP_PRIV_KEY=
+
 # Cookie settings. Should not be necessary to change these.
 COOKIE_PATH="/"
 COOKIE_DOMAIN=
@@ -73,6 +86,7 @@ SPARKPOST_SECRET=
 # Firefly III can send you the following messages
 SEND_REGISTRATION_MAIL=true
 SEND_ERROR_MESSAGE=false
+
 # These messages contain (sensitive) transaction information:
 SEND_REPORT_JOURNALS=true
 
@@ -91,9 +105,52 @@ ANALYTICS_ID=
 # This makes it easier to migrate your database. Not that some fields will never be decrypted.
 USE_ENCRYPTION=false
 
+# Firefly III has two options for user authentication. "eloquent" is the default,
+# and "adldap" for LDAP servers.
+# For full instructions on these settings please visit:
+# https://firefly-iii.readthedocs.io/en/latest/installation/authentication.html
+LOGIN_PROVIDER=eloquent
+
+# LDAP connection configuration
+ADLDAP_CONNECTION_SCHEME=OpenLDAP # or FreeIPA or ActiveDirectory
+ADLDAP_AUTO_CONNECT=true
+
+# LDAP connection settings
+ADLDAP_CONTROLLERS=
+ADLDAP_PORT=389
+ADLDAP_TIMEOUT=5
+ADLDAP_BASEDN=""
+ADLDAP_FOLLOW_REFFERALS=false
+ADLDAP_USE_SSL=false
+ADLDAP_USE_TLS=false
+
+ADLDAP_ADMIN_USERNAME=
+ADLDAP_ADMIN_PASSWORD=
+
+ADLDAP_ACCOUNT_PREFIX=
+ADLDAP_ACCOUNT_SUFFIX=
+ADLDAP_ADMIN_ACCOUNT_PREFIX=
+ADLDAP_ADMIN_ACCOUNT_SUFFIX=
+
+# LDAP authentication settings.
+ADLDAP_PASSWORD_SYNC=false
+ADLDAP_LOGIN_FALLBACK=false
+
+ADLDAP_SYNC_FIELD=userprincipalname
+ADLDAP_DISCOVER_FIELD=distinguishedname
+ADLDAP_AUTH_FIELD=distinguishedname
+
+# Will allow SSO if your server provides an AUTH_USER field.
+WINDOWS_SSO_DISCOVER=samaccountname
+WINDOWS_SSO_KEY=AUTH_USER
+
+# field to sync as local username.
+ADLDAP_SYNC_FIELD=uid
+
 # Leave the following configuration vars as is.
 # Unless you like to tinker and know what you're doing.
 APP_NAME=FireflyIII
+ADLDAP_CONNECTION=default
 BROADCAST_DRIVER=log
 QUEUE_DRIVER=sync
 REDIS_HOST=127.0.0.1