docs(config): document missing admin-configurable config keys#59911
Open
miaulalala wants to merge 1 commit intomasterfrom
Open
docs(config): document missing admin-configurable config keys#59911miaulalala wants to merge 1 commit intomasterfrom
miaulalala wants to merge 1 commit intomasterfrom
Conversation
Add documentation for config keys that are used in the server code but were absent from config.sample.php, making them invisible to admins and excluded from the auto-generated configuration reference. Keys added: User/auth settings: - allow_user_to_change_email (defaults true, falls back to allow_user_to_change_display_name) - auth_can_create_app_token (defaults true) - auth_onetime_token_validity (defaults 120s) - twofactor_enforced / twofactor_enforced_groups / twofactor_enforced_excluded_groups (managed via occ twofactorauth:enforce, documented here for direct config.php use) Server/networking: - dns_pinning (defaults true, prevents DNS rebinding attacks) - pollinterval (defaults 60s, sync client poll frequency) - webdav-root (defaults remote.php/webdav) - registration_link (defaults nextcloud.com/register, shown on login page) - enable_avatars (defaults true) App management: - app_install_overwrite (defaults [], bypass max-version check for listed apps) Previews: - preview_format (defaults jpeg, jpeg/webp/png for Imaginary service) File locking: - filelocking.enabled (defaults true, strongly discouraged to disable) Config Lexicon: - lexicon.default.userconfig (set server-wide defaults for user config keys) - lexicon.default.userconfig.enforced (prevent users from overriding specific values) Signed-off-by: Anna Larch <anna@larch.dev> Signed-off-by: Anna Larch <anna@nextcloud.com>
miaulalala
requested review from
ArtificialOwl,
artonge and
provokateurin
and removed request for
a team
miaulalala
added
the
♻️ refactor
come-nc
reviewed
Apr 27, 2026
| * | ||
| * Defaults to ``'remote.php/webdav'`` | ||
| */ | ||
| 'webdav-root' => 'remote.php/webdav', |
Contributor
There was a problem hiding this comment.
the only use I can find is in CoreCapabilities, does this actually have any effect?
come-nc
reviewed
Apr 27, 2026
Comment on lines
+1483
to
+1490
| /** | ||
| * Allow installing apps that declare a maximum version requirement lower than | ||
| * the current Nextcloud version. List the app IDs to override. | ||
| * | ||
| * Use with care: apps may be incompatible with the current server version. | ||
| * | ||
| * Defaults to ``[]`` | ||
| */ |
Contributor
There was a problem hiding this comment.
Maybe it should be noted that applications enabled with app:enable --force end up in there?
come-nc
reviewed
Apr 27, 2026
Comment on lines
1534
to
1553
| /** | ||
| * By default, Nextcloud can generate previews for the following filetypes: | ||
| * | ||
| * - Image files | ||
| * - Text documents | ||
| * | ||
| * Valid values are ``true``, to enable previews, or | ||
| * ``false``, to disable previews | ||
| * | ||
| * Defaults to ``true`` | ||
| */ | ||
| /** | ||
| * ``true`` enables avatar support. Set to ``false`` to disable avatars | ||
| * server-wide, which also removes the avatar section from personal settings. | ||
| * | ||
| * Defaults to ``true`` | ||
| */ | ||
| 'enable_avatars' => true, | ||
|
|
||
| 'enable_previews' => true, |
Contributor
There was a problem hiding this comment.
There is a copy paste issue here, documentation for enable_previews is not in the right place anymore.
come-nc
reviewed
Apr 27, 2026
Comment on lines
+2714
to
2724
| /** | ||
| * Enable transactional file locking. This prevents simultaneous processes | ||
| * from writing to the same files, which can cause data corruption. | ||
| * Disabling this is strongly discouraged unless you are using an external | ||
| * file locking provider. | ||
| * | ||
| * Defaults to ``true`` | ||
| */ | ||
| 'filelocking.enabled' => true, | ||
|
|
||
| 'filelocking.ttl' => 60 * 60, |
7 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Add documentation for config keys that are used in the server code but were absent from config.sample.php, making them invisible to admins and excluded from the auto-generated configuration reference.
Keys added:
User/auth settings:
Server/networking:
App management:
Previews:
File locking:
Config Lexicon:
Checklist
3. to review, feature component)stable32)AI (if applicable)