Update docs

docs/_static/env-vars/auth-basic.yaml

@@ -22,8 +22,8 @@ skip_user_groups_in_token: false
 auth_provider: ldap
 auth_providers:
   ldap:
-    uri: ldaps://localhost:9235
-    ca_cert: /var/lib/opencloud/idm/ldap.crt
+    uri: ldap://localhost:9236
+    ca_cert: ""
     insecure: false
     bind_dn: uid=reva,ou=sysusers,o=libregraph-idm
     bind_password: ""

docs/_static/env-vars/auth-basic_configvars.md

@@ -15,8 +15,8 @@
 |`OC_GRPC_CLIENT_TLS_CACERT`| 1.0.0 |string|`Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the go-micro based grpc services.`|``|
 |`AUTH_BASIC_SKIP_USER_GROUPS_IN_TOKEN`| 1.0.0 |bool|`Disables the encoding of the user's group memberships in the reva access token. This reduces the token size, especially when users are members of a large number of groups.`|`false`|
 |`AUTH_BASIC_AUTH_MANAGER`| 1.0.0 |string|`The authentication manager to check if credentials are valid. Supported value is 'ldap'.`|`ldap`|
-|`OC_LDAP_URI`<br/>`AUTH_BASIC_LDAP_URI`| 1.0.0 |string|`URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' and 'ldap://'`|`ldaps://localhost:9235`|
-|`OC_LDAP_CACERT`<br/>`AUTH_BASIC_LDAP_CACERT`| 1.0.0 |string|`Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idm.`|`/var/lib/opencloud/idm/ldap.crt`|
+|`OC_LDAP_URI`<br/>`AUTH_BASIC_LDAP_URI`| 1.0.0 |string|`URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' and 'ldap://'`|`ldap://localhost:9236`|
+|`OC_LDAP_CACERT`<br/>`AUTH_BASIC_LDAP_CACERT`| 1.0.0 |string|`Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idm.`|``|
 |`OC_LDAP_INSECURE`<br/>`AUTH_BASIC_LDAP_INSECURE`| 1.0.0 |bool|`Disable TLS certificate validation for the LDAP connections. Do not set this in production environments.`|`false`|
 |`OC_LDAP_BIND_DN`<br/>`AUTH_BASIC_LDAP_BIND_DN`| 1.0.0 |string|`LDAP DN to use for simple bind authentication with the target LDAP server.`|`uid=reva,ou=sysusers,o=libregraph-idm`|
 |`OC_LDAP_BIND_PASSWORD`<br/>`AUTH_BASIC_LDAP_BIND_PASSWORD`| 1.0.0 |string|`Password to use for authenticating the 'bind_dn'.`|``|

docs/_static/env-vars/frontend_configvars.md

@@ -1,5 +1,5 @@
 
-2026-05-21-00-07-17
+2026-06-05-00-10-17
 
 ## Deprecation Notice
 
@@ -93,7 +93,8 @@
 |`OCDAV_GATEWAY_REQUEST_TIME`<br/>`FRONTENT_OUTOCDAV_GATEWAY_REQUEST_TIMEOUT`| 1.0.0 |int64|`Request timeout in seconds for requests from the oCDAV service to the GATEWAY service.`|`84300`|
 |`OC_MACHINE_AUTH_API_KEY`<br/>`OCDAV_MACHINE_AUTH_API_KEY`<br/>`FRONTENT_OCDAV_MACHINE_AUTH_API_KEY`| 1.0.0 |string|`Machine auth API key used to validate internal requests necessary for the access to resources from other services.`|``|
 |`OCDAV_ALLOW_PROPFIND_DEPTH_INFINITY`<br/>`FRONTENT_OCDAV_ALLOW_PROPFIND_DEPTH_INFINITY`| 1.0.0 |bool|`Allow the use of depth infinity in PROPFINDS. When enabled, a propfind will traverse through all subfolders. If many subfolders are expected, depth infinity can cause heavy server load and/or delayed response times.`|`false`|
-|`OCDAV_NAME_VALIDATION_INVALID_CHARS`<br/>`FRONTENT_OCDAV_NAME_VALIDATION_INVALID_CHARS`| 6.0.0 |[]string|`List of characters that are not allowed in file or folder names.`|`[\]`|
+|`OCDAV_NAME_VALIDATION_INVALID_CHARS`<br/>`FRONTENT_OCDAV_NAME_VALIDATION_INVALID_CHARS`| 6.0.0 |[]string|`List of characters that are not allowed in file or folder names.`|`[  
+ \]`|
 |`OCDAV_NAME_VALIDATION_MAX_LENGTH`<br/>`FRONTENT_OCDAV_NAME_VALIDATION_MAX_LENGTH`| 6.0.0 |int|`Max length of file or folder names.`|`255`|
 |`FRONTEND_CHECKSUMS_SUPPORTED_TYPES`| 1.0.0 |[]string|`A list of checksum types that indicate to clients which hashes the server can use to verify upload integrity. Supported types are 'sha1', 'md5' and 'adler32'. See the Environment Variable Types description for more details.`|`[sha1 md5 adler32]`|
 |`FRONTEND_CHECKSUMS_PREFERRED_UPLOAD_TYPE`| 1.0.0 |string|`The supported checksum type for uploads that indicates to clients supporting multiple hash algorithms which one is preferred by the server. Must be one out of the defined list of SUPPORTED_TYPES.`|`sha1`|

docs/_static/env-vars/graph.yaml

@@ -75,8 +75,8 @@ spaces:
 identity:
   backend: ldap
   ldap:
-    uri: ldaps://localhost:9235
-    cacert: /var/lib/opencloud/idm/ldap.crt
+    uri: ldap://localhost:9236
+    cacert: ""
     insecure: false
     bind_dn: uid=libregraph,ou=sysusers,o=libregraph-idm
     bind_password: ""

docs/_static/env-vars/graph_configvars.md

@@ -46,8 +46,8 @@
 |`OC_DEFAULT_LANGUAGE`| 1.0.0 |string|`The default language used by services and the WebUI. If not defined, English will be used as default. See the documentation for more details.`|``|
 |`OC_TRANSLATION_PATH`<br/>`GRAPH_TRANSLATION_PATH`| 1.0.0 |string|`(optional) Set this to a path with custom translations to overwrite the builtin translations. Note that file and folder naming rules apply, see the documentation for more details.`|``|
 |`GRAPH_IDENTITY_BACKEND`| 1.0.0 |string|`The user identity backend to use. Supported backend types are 'ldap' and 'cs3'.`|`ldap`|
-|`OC_LDAP_URI`<br/>`GRAPH_LDAP_URI`| 1.0.0 |string|`URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' and 'ldap://'`|`ldaps://localhost:9235`|
-|`OC_LDAP_CACERT`<br/>`GRAPH_LDAP_CACERT`| 1.0.0 |string|`Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idm.`|`/var/lib/opencloud/idm/ldap.crt`|
+|`OC_LDAP_URI`<br/>`GRAPH_LDAP_URI`| 1.0.0 |string|`URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' and 'ldap://'`|`ldap://localhost:9236`|
+|`OC_LDAP_CACERT`<br/>`GRAPH_LDAP_CACERT`| 1.0.0 |string|`Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idm.`|``|
 |`OC_LDAP_INSECURE`<br/>`GRAPH_LDAP_INSECURE`| 1.0.0 |bool|`Disable TLS certificate validation for the LDAP connections. Do not set this in production environments.`|`false`|
 |`OC_LDAP_BIND_DN`<br/>`GRAPH_LDAP_BIND_DN`| 1.0.0 |string|`LDAP DN to use for simple bind authentication with the target LDAP server.`|`uid=libregraph,ou=sysusers,o=libregraph-idm`|
 |`OC_LDAP_BIND_PASSWORD`<br/>`GRAPH_LDAP_BIND_PASSWORD`| 1.0.0 |string|`Password to use for authenticating the 'bind_dn'.`|``|

docs/_static/env-vars/graph_readme.md

@@ -203,3 +203,5 @@ The output of this command includes the following information for each role:
 |                                      |          |                                |                                | libre.graph/driveItem/basic/read         |
 +--------------------------------------+----------+--------------------------------+--------------------------------+------------------------------------------+
 ```
+
+

docs/_static/env-vars/groups.yaml

@@ -22,8 +22,8 @@ skip_user_groups_in_token: false
 driver: ldap
 drivers:
   ldap:
-    uri: ldaps://localhost:9235
-    ca_cert: /var/lib/opencloud/idm/ldap.crt
+    uri: ldap://localhost:9236
+    ca_cert: ""
     insecure: false
     bind_dn: uid=reva,ou=sysusers,o=libregraph-idm
     bind_password: ""

docs/_static/env-vars/groups_configvars.md

@@ -15,8 +15,8 @@
 |`OC_GRPC_CLIENT_TLS_CACERT`| 1.0.0 |string|`Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the go-micro based grpc services.`|``|
 |`GROUPS_SKIP_USER_GROUPS_IN_TOKEN`| 1.0.0 |bool|`Disables the loading of user's group memberships from the reva access token.`|`false`|
 |`GROUPS_DRIVER`| 1.0.0 |string|`The driver which should be used by the groups service. Supported values are 'ldap' and 'owncloudsql'.`|`ldap`|
-|`OC_LDAP_URI`<br/>`GROUPS_LDAP_URI`| 1.0.0 |string|`URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' and 'ldap://'`|`ldaps://localhost:9235`|
-|`OC_LDAP_CACERT`<br/>`GROUPS_LDAP_CACERT`| 1.0.0 |string|`Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idm.`|`/var/lib/opencloud/idm/ldap.crt`|
+|`OC_LDAP_URI`<br/>`GROUPS_LDAP_URI`| 1.0.0 |string|`URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' and 'ldap://'`|`ldap://localhost:9236`|
+|`OC_LDAP_CACERT`<br/>`GROUPS_LDAP_CACERT`| 1.0.0 |string|`Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idm.`|``|
 |`OC_LDAP_INSECURE`<br/>`GROUPS_LDAP_INSECURE`| 1.0.0 |bool|`Disable TLS certificate validation for the LDAP connections. Do not set this in production environments.`|`false`|
 |`OC_LDAP_BIND_DN`<br/>`GROUPS_LDAP_BIND_DN`| 1.0.0 |string|`LDAP DN to use for simple bind authentication with the target LDAP server.`|`uid=reva,ou=sysusers,o=libregraph-idm`|
 |`OC_LDAP_BIND_PASSWORD`<br/>`GROUPS_LDAP_BIND_PASSWORD`| 1.0.0 |string|`Password to use for authenticating the 'bind_dn'.`|``|

docs/_static/env-vars/idm.yaml

@@ -8,9 +8,10 @@ debug:
   pprof: false
   zpages: false
 idm:
-  ldaps_addr: 127.0.0.1:9235
-  cert: /var/lib/opencloud/idm/ldap.crt
-  key: /var/lib/opencloud/idm/ldap.key
+  ldaps_addr: ""
+  ldapaddr: 127.0.0.1:9236
+  cert: ""
+  key: ""
   database: /var/lib/opencloud/idm/idm.boltdb
 create_demo_users: false
 demo_users_issuer_url: https://localhost:9200

docs/_static/env-vars/idm_configvars.md

@@ -7,9 +7,9 @@
 |`IDM_DEBUG_TOKEN`| 1.0.0 |string|`Token to secure the metrics endpoint.`|``|
 |`IDM_DEBUG_PPROF`| 1.0.0 |bool|`Enables pprof, which can be used for profiling.`|`false`|
 |`IDM_DEBUG_ZPAGES`| 1.0.0 |bool|`Enables zpages, which can be used for collecting and viewing in-memory traces.`|`false`|
-|`IDM_LDAPS_ADDR`| 1.0.0 |string|`Listen address for the LDAPS listener (ip-addr:port).`|`127.0.0.1:9235`|
-|`IDM_LDAPS_CERT`| 1.0.0 |string|`File name of the TLS server certificate for the LDAPS listener. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idm.`|`/var/lib/opencloud/idm/ldap.crt`|
-|`IDM_LDAPS_KEY`| 1.0.0 |string|`File name for the TLS certificate key for the server certificate. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idm.`|`/var/lib/opencloud/idm/ldap.key`|
+|`IDM_LDAPS_ADDR`| 1.0.0 |string|`Listen address for the LDAPS listener (ip-addr:port).`|``|
+|`IDM_LDAPS_CERT`| 1.0.0 |string|`File name of the TLS server certificate for the LDAPS listener. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idm.`|``|
+|`IDM_LDAPS_KEY`| 1.0.0 |string|`File name for the TLS certificate key for the server certificate. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idm.`|``|
 |`IDM_DATABASE_PATH`| 1.0.0 |string|`Full path to the IDM backend database. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idm.`|`/var/lib/opencloud/idm/idm.boltdb`|
 |`IDM_CREATE_DEMO_USERS`| 1.0.0 |bool|`Flag to enable or disable the creation of the demo users.`|`false`|
 |`OC_URL`<br/>`OC_OIDC_ISSUER`| 1.0.0 |string|`The OIDC issuer URL to assign to the demo users.`|`https://localhost:9200`|

docs/_static/env-vars/idp.yaml

@@ -97,8 +97,8 @@ clients:
   origins: []
   application_type: native
 ldap:
-  uri: ldaps://localhost:9235
-  cacert: /var/lib/opencloud/idm/ldap.crt
+  uri: ldap://localhost:9236
+  cacert: ""
   bind_dn: uid=idp,ou=sysusers,o=libregraph-idm
   bind_password: ""
   base_dn: ou=users,o=libregraph-idm

docs/_static/env-vars/idp_configvars.md

@@ -39,8 +39,8 @@
 |`IDP_ID_TOKEN_EXPIRATION`| 1.0.0 |uint64|`ID token lifespan in seconds (time before an ID token is expired).`|`300`|
 |`IDP_REFRESH_TOKEN_EXPIRATION`| 1.0.0 |uint64|`Refresh token lifespan in seconds (time before an refresh token is expired). This also limits the duration of an idle offline session.`|`2592000`|
 |`IDP_DYNAMIC_CLIENT_SECRET_DURATION`| 1.0.0 |uint64|`Lifespan in seconds of a dynamically registered OIDC client.`|`0`|
-|`OC_LDAP_URI`<br/>`IDP_LDAP_URI`| 1.0.0 |string|`Url of the LDAP service to use as IDP.`|`ldaps://localhost:9235`|
-|`OC_LDAP_CACERT`<br/>`IDP_LDAP_TLS_CACERT`| 1.0.0 |string|`Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idp.`|`/var/lib/opencloud/idm/ldap.crt`|
+|`OC_LDAP_URI`<br/>`IDP_LDAP_URI`| 1.0.0 |string|`Url of the LDAP service to use as IDP.`|`ldap://localhost:9236`|
+|`OC_LDAP_CACERT`<br/>`IDP_LDAP_TLS_CACERT`| 1.0.0 |string|`Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idp.`|``|
 |`OC_LDAP_BIND_DN`<br/>`IDP_LDAP_BIND_DN`| 1.0.0 |string|`LDAP DN to use for simple bind authentication with the target LDAP server.`|`uid=idp,ou=sysusers,o=libregraph-idm`|
 |`OC_LDAP_BIND_PASSWORD`<br/>`IDP_LDAP_BIND_PASSWORD`| 1.0.0 |string|`Password to use for authenticating the 'bind_dn'.`|``|
 |`OC_LDAP_USER_BASE_DN`<br/>`IDP_LDAP_BASE_DN`| 1.0.0 |string|`Search base DN for looking up LDAP users.`|`ou=users,o=libregraph-idm`|

docs/_static/env-vars/storage-users_configvars.md

@@ -1,5 +1,5 @@
 
-2026-05-21-00-07-17
+2026-06-05-00-10-17
 
 ## Deprecation Notice
 

docs/_static/env-vars/users.yaml

@@ -22,8 +22,8 @@ skip_user_groups_in_token: false
 driver: ldap
 drivers:
   ldap:
-    uri: ldaps://localhost:9235
-    ca_cert: /var/lib/opencloud/idm/ldap.crt
+    uri: ldap://localhost:9236
+    ca_cert: ""
     insecure: false
     bind_dn: uid=reva,ou=sysusers,o=libregraph-idm
     bind_password: ""

docs/_static/env-vars/users_configvars.md

@@ -15,8 +15,8 @@
 |`OC_GRPC_CLIENT_TLS_CACERT`| 1.0.0 |string|`Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the go-micro based grpc services.`|``|
 |`USERS_SKIP_USER_GROUPS_IN_TOKEN`| 1.0.0 |bool|`Disables the loading of user's group memberships from the reva access token.`|`false`|
 |`USERS_DRIVER`| 1.0.0 |string|`The driver which should be used by the users service. Supported values are 'ldap' and 'owncloudsql'.`|`ldap`|
-|`OC_LDAP_URI`<br/>`USERS_LDAP_URI`| 1.0.0 |string|`URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' and 'ldap://'`|`ldaps://localhost:9235`|
-|`OC_LDAP_CACERT`<br/>`USERS_LDAP_CACERT`| 1.0.0 |string|`Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idm.`|`/var/lib/opencloud/idm/ldap.crt`|
+|`OC_LDAP_URI`<br/>`USERS_LDAP_URI`| 1.0.0 |string|`URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' and 'ldap://'`|`ldap://localhost:9236`|
+|`OC_LDAP_CACERT`<br/>`USERS_LDAP_CACERT`| 1.0.0 |string|`Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root directory derives from $OC_BASE_DATA_PATH/idm.`|``|
 |`OC_LDAP_INSECURE`<br/>`USERS_LDAP_INSECURE`| 1.0.0 |bool|`Disable TLS certificate validation for the LDAP connections. Do not set this in production environments.`|`false`|
 |`OC_LDAP_BIND_DN`<br/>`USERS_LDAP_BIND_DN`| 1.0.0 |string|`LDAP DN to use for simple bind authentication with the target LDAP server.`|`uid=reva,ou=sysusers,o=libregraph-idm`|
 |`OC_LDAP_BIND_PASSWORD`<br/>`USERS_LDAP_BIND_PASSWORD`| 1.0.0 |string|`Password to use for authenticating the 'bind_dn'.`|``|

docs/_static/env-vars/web_configvars.md

@@ -1,5 +1,5 @@
 
-2026-05-21-00-07-17
+2026-06-05-00-10-17
 
 ## Deprecation Notice