- Add CORS https://enable-cors.org/server_meteor.html

- Add missing LDAP and TIMER environment variables.

Thanks to xet7 !

Closes wekan/wekan-snap#69

10 files changed, 464 insertions, 310 deletions

diff --git a/Dockerfile b/Dockerfile
index 96749eb0..966e0e1d 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -69,6 +69,7 @@ ARG LOGOUT_WITH_TIMER
 ARG LOGOUT_IN
 ARG LOGOUT_ON_HOURS
 ARG LOGOUT_ON_MINUTES
+ARG CORS
 
 # Set the environment variables (defaults where required)
 # DOES NOT WORK: paxctl fix for alpine linux: https://github.com/wekan/wekan/issues/1303
@@ -140,7 +141,8 @@ ENV BUILD_DEPS="apt-utils bsdtar gnupg gosu wget curl bzip2 build-essential pyth
     LOGOUT_WITH_TIMER="false" \
     LOGOUT_IN="" \
     LOGOUT_ON_HOURS="" \
-    LOGOUT_ON_MINUTES=""
+    LOGOUT_ON_MINUTES="" \
+    CORS=""
 
 # Copy the app to the image
 COPY ${SRC_PATH} /home/wekan/app
diff --git a/docker-compose-build.yml b/docker-compose-build.yml
index 58c5c525..a3ee2bd6 100644
--- a/docker-compose-build.yml
+++ b/docker-compose-build.yml
@@ -45,6 +45,8 @@ services:
       # Wekan Export Board works when WITH_API=true.
       # If you disable Wekan API with false, Export Board does not work.
       - WITH_API=true
+      # CORS: Set Access-Control-Allow-Origin header. Example: *
+      #- CORS=*
       # Optional: Integration with Matomo https://matomo.org that is installed to your server
       # The address of the server where Matomo is hosted.
       # example: - MATOMO_ADDRESS=https://example.com/matomo
@@ -209,6 +211,18 @@ services:
       # LDAP_DEFAULT_DOMAIN : The default domain of the ldap it is used to create email if the field is not map correctly with the LDAP_SYNC_USER_DATA_FIELDMAP
       # example :
       #- LDAP_DEFAULT_DOMAIN=
+      # LOGOUT_WITH_TIMER : Enables or not the option logout with timer
+      # example : LOGOUT_WITH_TIMER=true
+      #- LOGOUT_WITH_TIMER=
+      # LOGOUT_IN : The number of days
+      # example : LOGOUT_IN=1
+      #- LOGOUT_IN=
+      # LOGOUT_ON_HOURS : The number of hours
+      # example : LOGOUT_ON_HOURS=9
+      #- LOGOUT_ON_HOURS=
+      # LOGOUT_ON_MINUTES : The number of minutes
+      # example : LOGOUT_ON_MINUTES=55
+      #- LOGOUT_ON_MINUTES=
 
     depends_on:
       - wekandb
diff --git a/docker-compose-postgresql.yml b/docker-compose-postgresql.yml
index c8844408..ab15d978 100644
--- a/docker-compose-postgresql.yml
+++ b/docker-compose-postgresql.yml
@@ -67,6 +67,8 @@ services:
       # Wekan Export Board works when WITH_API='true'.
       # If you disable Wekan API, Export Board does not work.
       - WITH_API=true
+      # CORS: Set Access-Control-Allow-Origin header. Example: *
+      #- CORS=*
       # Optional: Integration with Matomo https://matomo.org that is installed to your server
       # The address of the server where Matomo is hosted.
       # example: - MATOMO_ADDRESS=https://example.com/matomo
@@ -231,7 +233,18 @@ services:
       # LDAP_DEFAULT_DOMAIN : The default domain of the ldap it is used to create email if the field is not map correctly with the LDAP_SYNC_USER_DATA_FIELDMAP
       # example :
       #- LDAP_DEFAULT_DOMAIN=
-
+      # LOGOUT_WITH_TIMER : Enables or not the option logout with timer
+      # example : LOGOUT_WITH_TIMER=true
+      #- LOGOUT_WITH_TIMER=
+      # LOGOUT_IN : The number of days
+      # example : LOGOUT_IN=1
+      #- LOGOUT_IN=
+      # LOGOUT_ON_HOURS : The number of hours
+      # example : LOGOUT_ON_HOURS=9
+      #- LOGOUT_ON_HOURS=
+      # LOGOUT_ON_MINUTES : The number of minutes
+      # example : LOGOUT_ON_MINUTES=55
+      #- LOGOUT_ON_MINUTES=
 
     depends_on:
       - mongodb
diff --git a/docker-compose.yml b/docker-compose.yml
index 5054e135..0cb58cff 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -34,6 +34,8 @@ services:
       # Wekan Export Board works when WITH_API=true.
       # If you disable Wekan API with false, Export Board does not work.
       - WITH_API=true
+      # CORS: Set Access-Control-Allow-Origin header. Example: *
+      #- CORS=*
       # Optional: Integration with Matomo https://matomo.org that is installed to your server
       # The address of the server where Matomo is hosted.
       # example: - MATOMO_ADDRESS=https://example.com/matomo
diff --git a/releases/virtualbox/start-wekan.sh b/releases/virtualbox/start-wekan.sh
index 388e3066..2aec8004 100755
--- a/releases/virtualbox/start-wekan.sh
+++ b/releases/virtualbox/start-wekan.sh
@@ -22,6 +22,9 @@
         # If you disable Wekan API, Export Board does not work.
 	export WITH_API='true'
         #---------------------------------------------
+        # CORS: Set Access-Control-Allow-Origin header. Example: *
+        #- CORS=*
+        #---------------------------------------------
         ## Optional: Integration with Matomo https://matomo.org that is installed to your server
         ## The address of the server where Matomo is hosted:
         ##export MATOMO_ADDRESS=https://example.com/matomo
@@ -187,6 +190,17 @@
         # LDAP_DEFAULT_DOMAIN : The default domain of the ldap it is used to create email if the field is not map correctly with the LDAP_SYNC_USER_DATA_FIELDMAP
         # example :
         #export LDAP_DEFAULT_DOMAIN=
+        # LOGOUT_WITH_TIMER : Enables or not the option logout with timer
+        # example : LOGOUT_WITH_TIMER=true
+        #- LOGOUT_WITH_TIMER=
+        # LOGOUT_IN : The number of days
+        # example : LOGOUT_IN=1
+        #- LOGOUT_IN=
+        #- LOGOUT_ON_HOURS=
+        # LOGOUT_ON_MINUTES : The number of minutes
+        # example : LOGOUT_ON_MINUTES=55
+        #- LOGOUT_ON_MINUTES=
+
 	node main.js & >> ~/repos/wekan.log
 	cd ~/repos
 #done
diff --git a/server/cors.js b/server/cors.js
new file mode 100644
index 00000000..80369a83
--- /dev/null
+++ b/server/cors.js
@@ -0,0 +1,11 @@
+Meteor.startup(() => {
+
+  if ( process.env.CORS ) {
+    // Listen to incoming HTTP requests, can only be used on the server
+    WebApp.rawConnectHandlers.use(function(req, res, next) {
+      res.setHeader('Access-Control-Allow-Origin', process.env.CORS);
+      return next();
+    });
+  }
+
+});
diff --git a/snap-src/bin/config b/snap-src/bin/config
index 4aa12475..ac39e71c 100755
--- a/snap-src/bin/config
+++ b/snap-src/bin/config
@@ -3,7 +3,7 @@
 # All supported keys are defined here together with descriptions and default values
 
 # list of supported keys
-keys="MONGODB_BIND_UNIX_SOCKET MONGODB_BIND_IP MONGODB_PORT MAIL_URL MAIL_FROM ROOT_URL PORT DISABLE_MONGODB CADDY_ENABLED CADDY_BIND_PORT WITH_API MATOMO_ADDRESS MATOMO_SITE_ID MATOMO_DO_NOT_TRACK MATOMO_WITH_USERNAME BROWSER_POLICY_ENABLED TRUSTED_URL WEBHOOKS_ATTRIBUTES OAUTH2_ENABLED OAUTH2_CLIENT_ID OAUTH2_SECRET OAUTH2_SERVER_URL OAUTH2_AUTH_ENDPOINT OAUTH2_USERINFO_ENDPOINT OAUTH2_TOKEN_ENDPOINT LDAP_ENABLE LDAP_PORT LDAP_HOST LDAP_BASEDN LDAP_LOGIN_FALLBACK LDAP_RECONNECT LDAP_TIMEOUT LDAP_IDLE_TIMEOUT LDAP_CONNECT_TIMEOUT LDAP_AUTHENTIFICATION LDAP_AUTHENTIFICATION_USERDN LDAP_AUTHENTIFICATION_PASSWORD LDAP_LOG_ENABLED LDAP_BACKGROUND_SYNC LDAP_BACKGROUND_SYNC_INTERVAL LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS LDAP_ENCRYPTION LDAP_CA_CERT LDAP_REJECT_UNAUTHORIZED LDAP_USER_SEARCH_FILTER LDAP_USER_SEARCH_SCOPE LDAP_USER_SEARCH_FIELD LDAP_SEARCH_PAGE_SIZE LDAP_SEARCH_SIZE_LIMIT LDAP_GROUP_FILTER_ENABLE LDAP_GROUP_FILTER_OBJECTCLASS LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT LDAP_GROUP_FILTER_GROUP_NAME LDAP_UNIQUE_IDENTIFIER_FIELD LDAP_UTF8_NAMES_SLUGIFY LDAP_USERNAME_FIELD LDAP_FULLNAME_FIELD LDAP_MERGE_EXISTING_USERS LDAP_SYNC_USER_DATA LDAP_SYNC_USER_DATA_FIELDMAP LDAP_SYNC_GROUP_ROLES LDAP_DEFAULT_DOMAIN LOGOUT_WITH_TIMER, LOGOUT_IN, LOGOUT_ON_HOURS, LOGOUT_ON_MINUTES"
+keys="MONGODB_BIND_UNIX_SOCKET MONGODB_BIND_IP MONGODB_PORT MAIL_URL MAIL_FROM ROOT_URL PORT DISABLE_MONGODB CADDY_ENABLED CADDY_BIND_PORT WITH_API CORS MATOMO_ADDRESS MATOMO_SITE_ID MATOMO_DO_NOT_TRACK MATOMO_WITH_USERNAME BROWSER_POLICY_ENABLED TRUSTED_URL WEBHOOKS_ATTRIBUTES OAUTH2_ENABLED OAUTH2_CLIENT_ID OAUTH2_SECRET OAUTH2_SERVER_URL OAUTH2_AUTH_ENDPOINT OAUTH2_USERINFO_ENDPOINT OAUTH2_TOKEN_ENDPOINT LDAP_ENABLE LDAP_PORT LDAP_HOST LDAP_BASEDN LDAP_LOGIN_FALLBACK LDAP_RECONNECT LDAP_TIMEOUT LDAP_IDLE_TIMEOUT LDAP_CONNECT_TIMEOUT LDAP_AUTHENTIFICATION LDAP_AUTHENTIFICATION_USERDN LDAP_AUTHENTIFICATION_PASSWORD LDAP_LOG_ENABLED LDAP_BACKGROUND_SYNC LDAP_BACKGROUND_SYNC_INTERVAL LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS LDAP_ENCRYPTION LDAP_CA_CERT LDAP_REJECT_UNAUTHORIZED LDAP_USER_SEARCH_FILTER LDAP_USER_SEARCH_SCOPE LDAP_USER_SEARCH_FIELD LDAP_SEARCH_PAGE_SIZE LDAP_SEARCH_SIZE_LIMIT LDAP_GROUP_FILTER_ENABLE LDAP_GROUP_FILTER_OBJECTCLASS LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT LDAP_GROUP_FILTER_GROUP_NAME LDAP_UNIQUE_IDENTIFIER_FIELD LDAP_UTF8_NAMES_SLUGIFY LDAP_USERNAME_FIELD LDAP_FULLNAME_FIELD LDAP_MERGE_EXISTING_USERS LDAP_SYNC_USER_DATA LDAP_SYNC_USER_DATA_FIELDMAP LDAP_SYNC_GROUP_ROLES LDAP_DEFAULT_DOMAIN LOGOUT_WITH_TIMER, LOGOUT_IN, LOGOUT_ON_HOURS, LOGOUT_ON_MINUTES"
 
 # default values
 DESCRIPTION_MONGODB_BIND_UNIX_SOCKET="mongodb binding unix socket:\n"\
@@ -52,6 +52,10 @@ DESCRIPTION_WITH_API="Enable/disable the api of wekan"
 DEFAULT_WITH_API="true"
 KEY_WITH_API="with-api"
 
+DESCRIPTION_CORS="Enable/disable CORS: Set Access-Control-Allow-Origin header. Example: *"
+DEFAULT_CORS=""
+KEY_CORS="cors"
+
 DESCRIPTION_MATOMO_ADDRESS="The address of the server where matomo is hosted"
 DEFAULT_MATOMO_ADDRESS=""
 KEY_MATOMO_ADDRESS="matomo-address"
diff --git a/snap-src/bin/wekan-help b/snap-src/bin/wekan-help
index 4bd7c277..804f9ad6 100755
--- a/snap-src/bin/wekan-help
+++ b/snap-src/bin/wekan-help
@@ -33,6 +33,11 @@ echo -e "\t$ snap set $SNAP_NAME WITH_API='true'"
 echo -e "\t-Disable the API:"
 echo -e "\t$ snap set $SNAP_NAME WITH_API='false'"
 echo -e "\n"
+echo -e "To enable the CORS of wekan, to set Access-Control-Allow-Origin header:"
+echo -e "\t$ snap set $SNAP_NAME CORS='*'"
+echo -e "\t-Disable the CORS:"
+echo -e "\t$ snap set $SNAP_NAME CORS=''"
+echo -e "\n"
 echo -e "Enable browser policy and allow one trusted URL that can have iframe that has Wekan embedded inside."
 echo -e "\t\t Setting this to false is not recommended, it also disables all other browser policy protections"
 echo -e "\t\t and allows all iframing etc. See wekan/server/policy.js"
diff --git a/start-wekan.bat b/start-wekan.bat
index 3b1e8e77..fee3e18a 100644
--- a/start-wekan.bat
+++ b/start-wekan.bat
@@ -4,175 +4,245 @@ SET MAIL_URL=smtp://user:pass@mailserver.example.com:25/
 SET MAIL_FROM=admin@example.com
 SET PORT=2000
 
-REM If you disable Wekan API with false, Export Board does not work.
+REM # If you disable Wekan API with false, Export Board does not work.
 SET WITH_API=true
 
-REM Optional: Integration with Matomo https://matomo.org that is installed to your server
-REM The address of the server where Matomo is hosted.
-REM  example: - MATOMO_ADDRESS=https://example.com/matomo
+REM # Optional: Integration with Matomo https://matomo.org that is installed to your server
+REM # The address of the server where Matomo is hosted.
+REM # example: - MATOMO_ADDRESS=https://example.com/matomo
 REM SET MATOMO_ADDRESS=
-REM  The value of the site ID given in Matomo server for Wekan
-REM  example: - MATOMO_SITE_ID=12345
+
+REM # The value of the site ID given in Matomo server for Wekan
+REM # example: - MATOMO_SITE_ID=12345
 REM SET MATOMO_SITE_ID=
-REM  The option do not track which enables users to not be tracked by matomo
-REM  example:  - MATOMO_DO_NOT_TRACK=false
+
+REM # The option do not track which enables users to not be tracked by matomo
+REM # example:  - MATOMO_DO_NOT_TRACK=false
 REM SET MATOMO_DO_NOT_TRACK=
-REM  The option that allows matomo to retrieve the username:
-REM  example: MATOMO_WITH_USERNAME=true
+
+REM # The option that allows matomo to retrieve the username:
+REM # example: MATOMO_WITH_USERNAME=true
 REM SET MATOMO_WITH_USERNAME=false
 
-REM  Enable browser policy and allow one trusted URL that can have iframe that has Wekan embedded inside.
-REM  Setting this to false is not recommended, it also disables all other browser policy protections
-REM  and allows all iframing etc. See wekan/server/policy.js
+REM # Enable browser policy and allow one trusted URL that can have iframe that has Wekan embedded inside.
+REM # Setting this to false is not recommended, it also disables all other browser policy protections
+REM # and allows all iframing etc. See wekan/server/policy.js
 SET BROWSER_POLICY_ENABLED=true
-REM  When browser policy is enabled, HTML code at this Trusted URL can have iframe that embeds Wekan inside.
+
+REM # When browser policy is enabled, HTML code at this Trusted URL can have iframe that embeds Wekan inside.
 REM SET TRUSTED_URL=
 
-REM  What to send to Outgoing Webhook, or leave out. Example, that includes all that are default: cardId,listId,oldListId,boardId,comment,user,card,commentId .
-REM  example: WEBHOOKS_ATTRIBUTES=cardId,listId,oldListId,boardId,comment,user,card,commentId
+REM # What to send to Outgoing Webhook, or leave out. Example, that includes all that are default: cardId,listId,oldListId,boardId,comment,user,card,commentId .
+REM # example: WEBHOOKS_ATTRIBUTES=cardId,listId,oldListId,boardId,comment,user,card,commentId
 REM SET WEBHOOKS_ATTRIBUTES=
 
-REM  Enable the OAuth2 connection
-REM  example: OAUTH2_ENABLED=true
+REM ------------------------------------------------------------
+
+REM # Enable the OAuth2 connection
+REM # OAuth2 docs: https://github.com/wekan/wekan/wiki/OAuth2
+REM # example: OAUTH2_ENABLED=true
 REM SET OAUTH2_ENABLED=false
-REM  OAuth2 docs: https://github.com/wekan/wekan/wiki/OAuth2
-REM  OAuth2 Client ID, for example from Rocket.Chat. Example: abcde12345
-REM  example: OAUTH2_CLIENT_ID=abcde12345
+
+REM # OAuth2 Client ID, for example from Rocket.Chat. Example: abcde12345
+REM # example: OAUTH2_CLIENT_ID=abcde12345
 REM SET OAUTH2_CLIENT_ID=
-REM  OAuth2 Secret, for example from Rocket.Chat: Example: 54321abcde
-REM  example: OAUTH2_SECRET=54321abcde
+
+REM # OAuth2 Secret, for example from Rocket.Chat: Example: 54321abcde
+REM # example: OAUTH2_SECRET=54321abcde
 REM SET OAUTH2_SECRET=
-REM  OAuth2 Server URL, for example Rocket.Chat. Example: https://chat.example.com
-REM  example: OAUTH2_SERVER_URL=https://chat.example.com
+
+REM # OAuth2 Server URL, for example Rocket.Chat. Example: https://chat.example.com
+REM # example: OAUTH2_SERVER_URL=https://chat.example.com
 REM SET OAUTH2_SERVER_URL=
-REM  OAuth2 Authorization Endpoint. Example: /oauth/authorize
-REM  example: OAUTH2_AUTH_ENDPOINT=/oauth/authorize
+
+REM # OAuth2 Authorization Endpoint. Example: /oauth/authorize
+REM # example: OAUTH2_AUTH_ENDPOINT=/oauth/authorize
 REM SET OAUTH2_AUTH_ENDPOINT=
-REM  OAuth2 Userinfo Endpoint. Example: /oauth/userinfo
-REM  example: OAUTH2_USERINFO_ENDPOINT=/oauth/userinfo
+
+REM # OAuth2 Userinfo Endpoint. Example: /oauth/userinfo
+REM # example: OAUTH2_USERINFO_ENDPOINT=/oauth/userinfo
 REM SET OAUTH2_USERINFO_ENDPOINT=
-REM  OAuth2 Token Endpoint. Example: /oauth/token
-REM  example: OAUTH2_TOKEN_ENDPOINT=/oauth/token
+
+REM # OAuth2 Token Endpoint. Example: /oauth/token
+REM # example: OAUTH2_TOKEN_ENDPOINT=/oauth/token
 REM SET OAUTH2_TOKEN_ENDPOINT=
 
-REM  LDAP_ENABLE : Enable or not the connection by the LDAP
-REM  example : LDAP_ENABLE=true
+REM ------------------------------------------------------------
+
+REM # LDAP_ENABLE : Enable or not the connection by the LDAP
+REM # example : LDAP_ENABLE=true
 REM SET LDAP_ENABLE=false
-REM  LDAP_PORT : The port of the LDAP server
-REM  example : LDAP_PORT=389
+
+REM # LDAP_PORT : The port of the LDAP server
+REM # example : LDAP_PORT=389
 REM SET LDAP_PORT=389
-REM  LDAP_HOST : The host server for the LDAP server
-REM  example : LDAP_HOST=localhost
+
+REM # LDAP_HOST : The host server for the LDAP server
+REM # example : LDAP_HOST=localhost
 REM SET LDAP_HOST=
-REM  LDAP_BASEDN : The base DN for the LDAP Tree
-REM  example : LDAP_BASEDN=ou=user,dc=example,dc=org
+
+REM # LDAP_BASEDN : The base DN for the LDAP Tree
+REM # example : LDAP_BASEDN=ou=user,dc=example,dc=org
 REM SET LDAP_BASEDN=
-REM  LDAP_LOGIN_FALLBACK : Fallback on the default authentication method
-REM  example : LDAP_LOGIN_FALLBACK=true
+
+REM # LDAP_LOGIN_FALLBACK : Fallback on the default authentication method
+REM # example : LDAP_LOGIN_FALLBACK=true
 REM SET LDAP_LOGIN_FALLBACK=false
-REM  LDAP_RECONNECT : Reconnect to the server if the connection is lost
-REM  example : LDAP_RECONNECT=false
+
+REM # LDAP_RECONNECT : Reconnect to the server if the connection is lost
+REM # example : LDAP_RECONNECT=false
 REM SET LDAP_RECONNECT=true
-REM  LDAP_TIMEOUT : Overall timeout, in milliseconds
-REM  example : LDAP_TIMEOUT=12345
+
+REM # LDAP_TIMEOUT : Overall timeout, in milliseconds
+REM # example : LDAP_TIMEOUT=12345
 REM SET LDAP_TIMEOUT=10000
-REM  LDAP_IDLE_TIMEOUT : Specifies the timeout for idle LDAP connections in milliseconds
-REM  example : LDAP_IDLE_TIMEOUT=12345
+
+REM # LDAP_IDLE_TIMEOUT : Specifies the timeout for idle LDAP connections in milliseconds
+REM # example : LDAP_IDLE_TIMEOUT=12345
 REM SET LDAP_IDLE_TIMEOUT=10000
-REM  LDAP_CONNECT_TIMEOUT : Connection timeout, in milliseconds
-REM  example : LDAP_CONNECT_TIMEOUT=12345
+
+REM # LDAP_CONNECT_TIMEOUT : Connection timeout, in milliseconds
+REM # example : LDAP_CONNECT_TIMEOUT=12345
 REM SET LDAP_CONNECT_TIMEOUT=10000
-REM  LDAP_AUTHENTIFICATION : If the LDAP needs a user account to search
-REM  example : LDAP_AUTHENTIFICATION=true
+
+REM # LDAP_AUTHENTIFICATION : If the LDAP needs a user account to search
+REM # example : LDAP_AUTHENTIFICATION=true
 REM SET LDAP_AUTHENTIFICATION=false
-REM  LDAP_AUTHENTIFICATION_USERDN : The search user DN
-REM  example : LDAP_AUTHENTIFICATION_USERDN=cn=admin,dc=example,dc=org
+
+REM # LDAP_AUTHENTIFICATION_USERDN : The search user DN
+REM # example: LDAP_AUTHENTIFICATION_USERDN=cn=admin,dc=example,dc=org
 REM SET LDAP_AUTHENTIFICATION_USERDN=
-REM  LDAP_AUTHENTIFICATION_PASSWORD : The password for the search user
-REM  example : AUTHENTIFICATION_PASSWORD=admin
+
+REM # LDAP_AUTHENTIFICATION_PASSWORD : The password for the search user
+REM # example : AUTHENTIFICATION_PASSWORD=admin
 REM SET LDAP_AUTHENTIFICATION_PASSWORD=
-REM  LDAP_LOG_ENABLED : Enable logs for the module
-REM  example : LDAP_LOG_ENABLED=true
+
+REM # LDAP_LOG_ENABLED : Enable logs for the module
+REM # example : LDAP_LOG_ENABLED=true
 REM SET LDAP_LOG_ENABLED=false
-REM  LDAP_BACKGROUND_SYNC : If the sync of the users should be done in the background
-REM  example : LDAP_BACKGROUND_SYNC=true
+
+REM # LDAP_BACKGROUND_SYNC : If the sync of the users should be done in the background
+REM # example : LDAP_BACKGROUND_SYNC=true
 REM SET LDAP_BACKGROUND_SYNC=false
-REM  LDAP_BACKGROUND_SYNC_INTERVAL : At which interval does the background task sync in milliseconds
-REM  example : LDAP_BACKGROUND_SYNC_INTERVAL=12345
+
+REM # LDAP_BACKGROUND_SYNC_INTERVAL : At which interval does the background task sync in milliseconds
+REM # example : LDAP_BACKGROUND_SYNC_INTERVAL=12345
 REM SET LDAP_BACKGROUND_SYNC_INTERVAL=100
-REM  LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED :
-REM  example : LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=true
+
+REM # LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED :
+REM # example : LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=true
 REM SET LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=false
-REM  LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS :
-REM  example : LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=true
+
+REM # LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS :
+REM # example : LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=true
 REM SET LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=false
-REM  LDAP_ENCRYPTION : If using LDAPS
-REM  example : LDAP_ENCRYPTION=ssl
+
+REM # LDAP_ENCRYPTION : If using LDAPS
+REM # example : LDAP_ENCRYPTION=ssl
 REM SET LDAP_ENCRYPTION=false
-REM  LDAP_CA_CERT : The certification for the LDAPS server. Certificate needs to be included in this docker-compose.yml file.
-REM  example : LDAP_CA_CERT=-----BEGIN CERTIFICATE-----MIIE+zCCA+OgAwIBAgIkAhwR/6TVLmdRY6hHxvUFWc0+Enmu/Hu6cj+G2FIdAgIC...-----END CERTIFICATE-----
+
+REM # LDAP_CA_CERT : The certification for the LDAPS server. Certificate needs to be included in this docker-compose.yml file.
+REM # example : LDAP_CA_CERT=-----BEGIN CERTIFICATE-----MIIE+zCCA+OgAwIBAgIkAhwR/6TVLmdRY6hHxvUFWc0+Enmu/Hu6cj+G2FIdAgIC...-----END CERTIFICATE-----
 REM SET LDAP_CA_CERT=
-REM  LDAP_REJECT_UNAUTHORIZED : Reject Unauthorized Certificate
-REM  example : LDAP_REJECT_UNAUTHORIZED=true
+
+REM # LDAP_REJECT_UNAUTHORIZED : Reject Unauthorized Certificate
+REM # example : LDAP_REJECT_UNAUTHORIZED=true
 REM SET LDAP_REJECT_UNAUTHORIZED=false
-REM  LDAP_USER_SEARCH_FILTER : Optional extra LDAP filters. Don't forget the outmost enclosing parentheses if needed
-REM  example : LDAP_USER_SEARCH_FILTER=
+
+REM # LDAP_USER_SEARCH_FILTER : Optional extra LDAP filters. Don't forget the outmost enclosing parentheses if needed
+REM # example : LDAP_USER_SEARCH_FILTER=
 REM SET LDAP_USER_SEARCH_FILTER=
-REM  LDAP_USER_SEARCH_SCOPE : base (search only in the provided DN), one (search only in the provided DN and one level deep), or sub (search the whole subtree)
-REM  example : LDAP_USER_SEARCH_SCOPE=one
+
+REM # LDAP_USER_SEARCH_SCOPE : base (search only in the provided DN), one (search only in the provided DN and one level deep), or sub (search the whole subtree)
+REM # example : LDAP_USER_SEARCH_SCOPE=one
 REM SET LDAP_USER_SEARCH_SCOPE=
-REM  LDAP_USER_SEARCH_FIELD : Which field is used to find the user
-REM  example : LDAP_USER_SEARCH_FIELD=uid
+
+REM # LDAP_USER_SEARCH_FIELD : Which field is used to find the user
+REM # example : LDAP_USER_SEARCH_FIELD=uid
 REM SET LDAP_USER_SEARCH_FIELD=
-REM  LDAP_SEARCH_PAGE_SIZE : Used for pagination (0=unlimited)
-REM  example : LDAP_SEARCH_PAGE_SIZE=12345
+
+REM # LDAP_SEARCH_PAGE_SIZE : Used for pagination (0=unlimited)
+REM # example : LDAP_SEARCH_PAGE_SIZE=12345
 REM SET LDAP_SEARCH_PAGE_SIZE=0
-REM  LDAP_SEARCH_SIZE_LIMIT : The limit number of entries (0=unlimited)
-REM  example : LDAP_SEARCH_SIZE_LIMIT=12345
+
+REM # LDAP_SEARCH_SIZE_LIMIT : The limit number of entries (0=unlimited)
+REM #33 example : LDAP_SEARCH_SIZE_LIMIT=12345
 REM SET LDAP_SEARCH_SIZE_LIMIT=0
-REM  LDAP_GROUP_FILTER_ENABLE : Enable group filtering
-REM  example : LDAP_GROUP_FILTER_ENABLE=true
+
+REM # LDAP_GROUP_FILTER_ENABLE : Enable group filtering
+REM # example : LDAP_GROUP_FILTER_ENABLE=true
 REM SET LDAP_GROUP_FILTER_ENABLE=false
-REM  LDAP_GROUP_FILTER_OBJECTCLASS : The object class for filtering
-REM  example : LDAP_GROUP_FILTER_OBJECTCLASS=group
+
+REM # LDAP_GROUP_FILTER_OBJECTCLASS : The object class for filtering
+REM # example : LDAP_GROUP_FILTER_OBJECTCLASS=group
 REM SET LDAP_GROUP_FILTER_OBJECTCLASS=
-REM  LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE :
-REM  example :
+
+REM # LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE :
+REM # example :
 REM SET LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE=
-REM  LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE :
-REM  example :
+
+REM # LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE :
+REM # example :
 REM SET LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE=
-REM  LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT :
-REM  example :
+
+REM # LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT :
+REM # example :
 REM SET LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT=
-REM  LDAP_GROUP_FILTER_GROUP_NAME :
-REM  example :
+
+REM # LDAP_GROUP_FILTER_GROUP_NAME :
+REM # example :
 REM SET LDAP_GROUP_FILTER_GROUP_NAME=
-REM  LDAP_UNIQUE_IDENTIFIER_FIELD : This field is sometimes class GUID (Globally Unique Identifier)
-REM  example : LDAP_UNIQUE_IDENTIFIER_FIELD=guid
+
+REM # LDAP_UNIQUE_IDENTIFIER_FIELD : This field is sometimes class GUID (Globally Unique Identifier)
+REM # example : LDAP_UNIQUE_IDENTIFIER_FIELD=guid
 REM SET LDAP_UNIQUE_IDENTIFIER_FIELD=
-REM  LDAP_UTF8_NAMES_SLUGIFY : Convert the username to utf8
-REM  example : LDAP_UTF8_NAMES_SLUGIFY=false
+
+REM # LDAP_UTF8_NAMES_SLUGIFY : Convert the username to utf8
+REM # example : LDAP_UTF8_NAMES_SLUGIFY=false
 REM SET LDAP_UTF8_NAMES_SLUGIFY=true
-REM  LDAP_USERNAME_FIELD : Which field contains the ldap username
-REM  example : LDAP_USERNAME_FIELD=username
+
+REM # LDAP_USERNAME_FIELD : Which field contains the ldap username
+REM # example : LDAP_USERNAME_FIELD=username
 REM SET LDAP_USERNAME_FIELD=
-REM  LDAP_MERGE_EXISTING_USERS :
-REM  example : LDAP_MERGE_EXISTING_USERS=true
+
+REM # LDAP_MERGE_EXISTING_USERS :
+REM # example : LDAP_MERGE_EXISTING_USERS=true
 REM SET LDAP_MERGE_EXISTING_USERS=false
-REM  LDAP_SYNC_USER_DATA :
-REM  example : LDAP_SYNC_USER_DATA=true
+
+REM # LDAP_SYNC_USER_DATA :
+REM # example : LDAP_SYNC_USER_DATA=true
 REM SET LDAP_SYNC_USER_DATA=false
-REM  LDAP_SYNC_USER_DATA_FIELDMAP :
-REM  example : LDAP_SYNC_USER_DATA_FIELDMAP={"cn":"name", "mail":"email"}
+
+REM # LDAP_SYNC_USER_DATA_FIELDMAP :
+REM # example : LDAP_SYNC_USER_DATA_FIELDMAP={"cn":"name", "mail":"email"}
 REM SET LDAP_SYNC_USER_DATA_FIELDMAP=
-REM  LDAP_SYNC_GROUP_ROLES :
-REM  example :
-REM SET LDAP_SYNC_GROUP_ROLES=
-REM  LDAP_DEFAULT_DOMAIN : The default domain of the ldap it is used to create email if the field is not map correctly with the LDAP_SYNC_USER_DATA_FIELDMAP
-REM  example :
+
+REM # LDAP_SYNC_GROUP_ROLES :
+REM # example :
+REM # SET LDAP_SYNC_GROUP_ROLES=
+
+REM # LDAP_DEFAULT_DOMAIN : The default domain of the ldap it is used to create email if the field is not map correctly with the LDAP_SYNC_USER_DATA_FIELDMAP
+REM # example :
 REM SET LDAP_DEFAULT_DOMAIN=
 
+REM ------------------------------------------------
+
+REM # LOGOUT_WITH_TIMER : Enables or not the option logout with timer
+REM # example : LOGOUT_WITH_TIMER=true
+REM SET LOGOUT_WITH_TIMER=
+
+REM # LOGOUT_IN : The number of days
+REM # example : LOGOUT_IN=1
+REM SET LOGOUT_IN=
+
+REM # LOGOUT_ON_HOURS : The number of hours
+REM # example : LOGOUT_ON_HOURS=9
+REM SET LOGOUT_ON_HOURS=
+
+REM # LOGOUT_ON_MINUTES : The number of minutes
+REM # example : LOGOUT_ON_MINUTES=55
+REM SET LOGOUT_ON_MINUTES=
+
 cd .build\bundle
 node main.js
 cd ..\..
\ No newline at end of file
diff --git a/start-wekan.sh b/start-wekan.sh
index dd8bf9eb..a7587e40 100755
--- a/start-wekan.sh
+++ b/start-wekan.sh
@@ -1,206 +1,225 @@
 #!/bin/bash
 
 function wekan_repo_check(){
-	git_remotes="$(git remote show 2>/dev/null)"
-	res=""
-	for i in $git_remotes; do
-		res="$(git remote get-url $i | sed 's/.*wekan\/wekan.*/wekan\/wekan/')"
-		if [[ "$res" == "wekan/wekan" ]]; then
-		    break
-		fi
-	done
+      git_remotes="$(git remote show 2>/dev/null)"
+      res=""
+      for i in $git_remotes; do
+            res="$(git remote get-url $i | sed 's/.*wekan\/wekan.*/wekan\/wekan/')"
+            if [[ "$res" == "wekan/wekan" ]]; then
+                break
+            fi
+      done
 
-	if [[ "$res" != "wekan/wekan" ]]; then
-		echo "$PWD is not a wekan repository"
-		exit;
-	fi
+      if [[ "$res" != "wekan/wekan" ]]; then
+            echo "$PWD is not a wekan repository"
+            exit;
+      fi
 }
 
 # If you want to restart even on crash, uncomment while and done lines.
 #while true; do
-	wekan_repo_check
-	cd .build/bundle
-	export MONGO_URL='mongodb://127.0.0.1:27019/wekan'
-	# Production: https://example.com/wekan
-	# Local: http://localhost:2000
-	#export ipaddress=$(ifdata -pa eth0)
-	export ROOT_URL='http://localhost:2000'
-	# https://github.com/wekan/wekan/wiki/Troubleshooting-Mail
-	# https://github.com/wekan/wekan-mongodb/blob/master/docker-compose.yml
-	export MAIL_URL='smtp://user:pass@mailserver.example.com:25/'
-	#export KADIRA_OPTIONS_ENDPOINT=http://127.0.0.1:11011
-	# This is local port where Wekan Node.js runs, same as below on Caddyfile settings.
-	export PORT=2000
-	# Wekan Export Board works when WITH_API=true.
-	# If you disable Wekan API with false, Export Board does not work.
-	export WITH_API='true'
-	#---------------------------------------------
-	## Optional: Integration with Matomo https://matomo.org that is installed to your server
-	## The address of the server where Matomo is hosted:
-	##export MATOMO_ADDRESS=https://example.com/matomo
-	#export MATOMO_ADDRESS=
-	## The value of the site ID given in Matomo server for Wekan
-	# Example: export MATOMO_SITE_ID=123456789
-	#export MATOMO_SITE_ID=''
-	## The option do not track which enables users to not be tracked by matomo"
-	#Example: export MATOMO_DO_NOT_TRACK=false
-	#export MATOMO_DO_NOT_TRACK=true
-	## The option that allows matomo to retrieve the username:
-	# Example: export MATOMO_WITH_USERNAME=true
-	#export MATOMO_WITH_USERNAME='false'
-	# Enable browser policy and allow one trusted URL that can have iframe that has Wekan embedded inside.
-	# Setting this to false is not recommended, it also disables all other browser policy protections
-	# and allows all iframing etc. See wekan/server/policy.js
-	# Default value: true
-	export BROWSER_POLICY_ENABLED=true
-	# When browser policy is enabled, HTML code at this Trusted URL can have iframe that embeds Wekan inside.
-	# Example: export TRUSTED_URL=http://example.com
-	export TRUSTED_URL=''
-	# What to send to Outgoing Webhook, or leave out. Example, that includes all that are default: cardId,listId,oldListId,boardId,comment,user,card,commentId .
-	# Example: export WEBHOOKS_ATTRIBUTES=cardId,listId,oldListId,boardId,comment,user,card,commentId
-	export WEBHOOKS_ATTRIBUTES=''
-	#---------------------------------------------
-	# OAuth2 docs: https://github.com/wekan/wekan/wiki/OAuth2
-	# OAuth2 Client ID, for example from Rocket.Chat. Example: abcde12345
-	# example: export OAUTH2_CLIENT_ID=abcde12345
-	#export OAUTH2_CLIENT_ID=''
-	# OAuth2 Secret, for example from Rocket.Chat: Example: 54321abcde
-	# example: export OAUTH2_SECRET=54321abcde
-	#export OAUTH2_SECRET=''
-	# OAuth2 Server URL, for example Rocket.Chat. Example: https://chat.example.com
-	# example: export OAUTH2_SERVER_URL=https://chat.example.com
-	#export OAUTH2_SERVER_URL=''
-	# OAuth2 Authorization Endpoint. Example: /oauth/authorize
-	# example: export OAUTH2_AUTH_ENDPOINT=/oauth/authorize
-	#export OAUTH2_AUTH_ENDPOINT=''
-	# OAuth2 Userinfo Endpoint. Example: /oauth/userinfo
-	# example: export OAUTH2_USERINFO_ENDPOINT=/oauth/userinfo
-	#export OAUTH2_USERINFO_ENDPOINT=''
-	# OAuth2 Token Endpoint. Example: /oauth/token
-	# example: export OAUTH2_TOKEN_ENDPOINT=/oauth/token
-	#export OAUTH2_TOKEN_ENDPOINT=''
-	#---------------------------------------------
-	# LDAP_ENABLE : Enable or not the connection by the LDAP
-	# example :  export LDAP_ENABLE=true
-	#export LDAP_ENABLE=false
-	# LDAP_PORT : The port of the LDAP server
-	# example :  export LDAP_PORT=389
-	#export LDAP_PORT=389
-	# LDAP_HOST : The host server for the LDAP server
-	# example :  export LDAP_HOST=localhost
-	#export LDAP_HOST=
-	# LDAP_BASEDN : The base DN for the LDAP Tree
-	# example :  export LDAP_BASEDN=ou=user,dc=example,dc=org
-	#export LDAP_BASEDN=
-	# LDAP_LOGIN_FALLBACK : Fallback on the default authentication method
-	# example :  export LDAP_LOGIN_FALLBACK=true
-	#export LDAP_LOGIN_FALLBACK=false
-	# LDAP_RECONNECT : Reconnect to the server if the connection is lost
-	# example :  export LDAP_RECONNECT=false
-	#export LDAP_RECONNECT=true
-	# LDAP_TIMEOUT : Overall timeout, in milliseconds
-	# example :  export LDAP_TIMEOUT=12345
-	#export LDAP_TIMEOUT=10000
-	# LDAP_IDLE_TIMEOUT : Specifies the timeout for idle LDAP connections in milliseconds
-	# example :  export LDAP_IDLE_TIMEOUT=12345
-	#export LDAP_IDLE_TIMEOUT=10000
-	# LDAP_CONNECT_TIMEOUT : Connection timeout, in milliseconds
-	# example :  export LDAP_CONNECT_TIMEOUT=12345
-	#export LDAP_CONNECT_TIMEOUT=10000
-	# LDAP_AUTHENTIFICATION : If the LDAP needs a user account to search
-	# example :  export LDAP_AUTHENTIFICATION=true
-	#export LDAP_AUTHENTIFICATION=false
-	# LDAP_AUTHENTIFICATION_USERDN : The search user DN
-	# example :  export LDAP_AUTHENTIFICATION_USERDN=cn=admin,dc=example,dc=org
-	#export LDAP_AUTHENTIFICATION_USERDN=
-	# LDAP_AUTHENTIFICATION_PASSWORD : The password for the search user
-	# example : AUTHENTIFICATION_PASSWORD=admin
-	#export LDAP_AUTHENTIFICATION_PASSWORD=
-	# LDAP_LOG_ENABLED : Enable logs for the module
-	# example :  export LDAP_LOG_ENABLED=true
-	#export LDAP_LOG_ENABLED=false
-	# LDAP_BACKGROUND_SYNC : If the sync of the users should be done in the background
-	# example :  export LDAP_BACKGROUND_SYNC=true
-	#export LDAP_BACKGROUND_SYNC=false
-	# LDAP_BACKGROUND_SYNC_INTERVAL : At which interval does the background task sync in milliseconds
-	# example :  export LDAP_BACKGROUND_SYNC_INTERVAL=12345
-	#export LDAP_BACKGROUND_SYNC_INTERVAL=100
-	# LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED :
-	# example :  export LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=true
-	#export LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=false
-	# LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS :
-	# example :  export LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=true
-	#export LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=false
-	# LDAP_ENCRYPTION : If using LDAPS
-	# example :  export LDAP_ENCRYPTION=ssl
-	#export LDAP_ENCRYPTION=false
-	# LDAP_CA_CERT : The certification for the LDAPS server. Certificate needs to be included in this docker-compose.yml file.
-	# example :  export LDAP_CA_CERT=-----BEGIN CERTIFICATE-----MIIE+zCCA+OgAwIBAgIkAhwR/6TVLmdRY6hHxvUFWc0+Enmu/Hu6cj+G2FIdAgIC...-----END CERTIFICATE-----
-	#export LDAP_CA_CERT=
-	# LDAP_REJECT_UNAUTHORIZED : Reject Unauthorized Certificate
-	# example :  export LDAP_REJECT_UNAUTHORIZED=true
-	#export LDAP_REJECT_UNAUTHORIZED=false
-	# LDAP_USER_SEARCH_FILTER : Optional extra LDAP filters. Don't forget the outmost enclosing parentheses if needed
-	# example :  export LDAP_USER_SEARCH_FILTER=
-	#export LDAP_USER_SEARCH_FILTER=
-	# LDAP_USER_SEARCH_SCOPE : base (search only in the provided DN), one (search only in the provided DN and one level deep), or sub (search the whole subtree)
-	# example :  export LDAP_USER_SEARCH_SCOPE=one
-	#export LDAP_USER_SEARCH_SCOPE=
-	# LDAP_USER_SEARCH_FIELD : Which field is used to find the user
-	# example :  export LDAP_USER_SEARCH_FIELD=uid
-	#export LDAP_USER_SEARCH_FIELD=
-	# LDAP_SEARCH_PAGE_SIZE : Used for pagination (0=unlimited)
-	# example :  export LDAP_SEARCH_PAGE_SIZE=12345
-	#export LDAP_SEARCH_PAGE_SIZE=0
-	# LDAP_SEARCH_SIZE_LIMIT : The limit number of entries (0=unlimited)
-	# example :  export LDAP_SEARCH_SIZE_LIMIT=12345
-	#export LDAP_SEARCH_SIZE_LIMIT=0
-	# LDAP_GROUP_FILTER_ENABLE : Enable group filtering
-	# example :  export LDAP_GROUP_FILTER_ENABLE=true
-	#export LDAP_GROUP_FILTER_ENABLE=false
-	# LDAP_GROUP_FILTER_OBJECTCLASS : The object class for filtering
-	# example :  export LDAP_GROUP_FILTER_OBJECTCLASS=group
-	#export LDAP_GROUP_FILTER_OBJECTCLASS=
-	# LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE :
-	# example :
-	#export LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE=
-	# LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE :
-	# example :
-	#export LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE=
-	# LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT :
-	# example :
-	#export LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT=
-	# LDAP_GROUP_FILTER_GROUP_NAME :
-	# example :
-	#export LDAP_GROUP_FILTER_GROUP_NAME=
-	# LDAP_UNIQUE_IDENTIFIER_FIELD : This field is sometimes class GUID (Globally Unique Identifier)
-	# example :  export LDAP_UNIQUE_IDENTIFIER_FIELD=guid
-	#export LDAP_UNIQUE_IDENTIFIER_FIELD=
-	# LDAP_UTF8_NAMES_SLUGIFY : Convert the username to utf8
-	# example :  export LDAP_UTF8_NAMES_SLUGIFY=false
-	#export LDAP_UTF8_NAMES_SLUGIFY=true
-	# LDAP_USERNAME_FIELD : Which field contains the ldap username
-	# example :  export LDAP_USERNAME_FIELD=username
-	#export LDAP_USERNAME_FIELD=
-	# LDAP_FULLNAME_FIELD : Which field contains the ldap fullname
-	# example :  export LDAP_FULLNAME_FIELD=fullname
-	#export LDAP_FULLNAME_FIELD=
-	# LDAP_MERGE_EXISTING_USERS :
-	# example :  export LDAP_MERGE_EXISTING_USERS=true
-	#export LDAP_MERGE_EXISTING_USERS=false
-	# LDAP_SYNC_USER_DATA :
-	# example :  export LDAP_SYNC_USER_DATA=true
-	#export LDAP_SYNC_USER_DATA=false
-	# LDAP_SYNC_USER_DATA_FIELDMAP :
-	# example :  export LDAP_SYNC_USER_DATA_FIELDMAP={"cn":"name", "mail":"email"}
-	#export LDAP_SYNC_USER_DATA_FIELDMAP=
-	# LDAP_SYNC_GROUP_ROLES :
-	# example :
-	#export LDAP_SYNC_GROUP_ROLES=
-	# LDAP_DEFAULT_DOMAIN : The default domain of the ldap it is used to create email if the field is not map correctly with the LDAP_SYNC_USER_DATA_FIELDMAP
-	# example :
-	#export LDAP_DEFAULT_DOMAIN=
-	node main.js
-	# & >> ../../wekan.log
-	cd ../..
+      wekan_repo_check
+      cd .build/bundle
+      export MONGO_URL='mongodb://127.0.0.1:27019/wekan'
+      #---------------------------------------------
+      # Production: https://example.com/wekan
+      # Local: http://localhost:2000
+      #export ipaddress=$(ifdata -pa eth0)
+      export ROOT_URL='http://localhost:2000'
+      #---------------------------------------------
+      # https://github.com/wekan/wekan/wiki/Troubleshooting-Mail
+      # https://github.com/wekan/wekan-mongodb/blob/master/docker-compose.yml
+      export MAIL_URL='smtp://user:pass@mailserver.example.com:25/'
+      #---------------------------------------------
+      #export KADIRA_OPTIONS_ENDPOINT=http://127.0.0.1:11011
+      #---------------------------------------------
+      # This is local port where Wekan Node.js runs, same as below on Caddyfile settings.
+      export PORT=2000
+      #---------------------------------------------
+      # Wekan Export Board works when WITH_API=true.
+      # If you disable Wekan API with false, Export Board does not work.
+      export WITH_API='true'
+      #---------------------------------------------
+      # CORS: Set Access-Control-Allow-Origin header. Example: *
+      #- CORS=*
+      #---------------------------------------------
+      ## Optional: Integration with Matomo https://matomo.org that is installed to your server
+      ## The address of the server where Matomo is hosted:
+      ##export MATOMO_ADDRESS=https://example.com/matomo
+      #export MATOMO_ADDRESS=
+      ## The value of the site ID given in Matomo server for Wekan
+      # Example: export MATOMO_SITE_ID=123456789
+      #export MATOMO_SITE_ID=''
+      ## The option do not track which enables users to not be tracked by matomo"
+      #Example: export MATOMO_DO_NOT_TRACK=false
+      #export MATOMO_DO_NOT_TRACK=true
+      ## The option that allows matomo to retrieve the username:
+      # Example: export MATOMO_WITH_USERNAME=true
+      #export MATOMO_WITH_USERNAME='false'
+      # Enable browser policy and allow one trusted URL that can have iframe that has Wekan embedded inside.
+      # Setting this to false is not recommended, it also disables all other browser policy protections
+      # and allows all iframing etc. See wekan/server/policy.js
+      # Default value: true
+      export BROWSER_POLICY_ENABLED=true
+      # When browser policy is enabled, HTML code at this Trusted URL can have iframe that embeds Wekan inside.
+      # Example: export TRUSTED_URL=http://example.com
+      export TRUSTED_URL=''
+      # What to send to Outgoing Webhook, or leave out. Example, that includes all that are default: cardId,listId,oldListId,boardId,comment,user,card,commentId .
+      # Example: export WEBHOOKS_ATTRIBUTES=cardId,listId,oldListId,boardId,comment,user,card,commentId
+      export WEBHOOKS_ATTRIBUTES=''
+      #---------------------------------------------
+      # OAuth2 docs: https://github.com/wekan/wekan/wiki/OAuth2
+      # OAuth2 Client ID, for example from Rocket.Chat. Example: abcde12345
+      # example: export OAUTH2_CLIENT_ID=abcde12345
+      #export OAUTH2_CLIENT_ID=''
+      # OAuth2 Secret, for example from Rocket.Chat: Example: 54321abcde
+      # example: export OAUTH2_SECRET=54321abcde
+      #export OAUTH2_SECRET=''
+      # OAuth2 Server URL, for example Rocket.Chat. Example: https://chat.example.com
+      # example: export OAUTH2_SERVER_URL=https://chat.example.com
+      #export OAUTH2_SERVER_URL=''
+      # OAuth2 Authorization Endpoint. Example: /oauth/authorize
+      # example: export OAUTH2_AUTH_ENDPOINT=/oauth/authorize
+      #export OAUTH2_AUTH_ENDPOINT=''
+      # OAuth2 Userinfo Endpoint. Example: /oauth/userinfo
+      # example: export OAUTH2_USERINFO_ENDPOINT=/oauth/userinfo
+      #export OAUTH2_USERINFO_ENDPOINT=''
+      # OAuth2 Token Endpoint. Example: /oauth/token
+      # example: export OAUTH2_TOKEN_ENDPOINT=/oauth/token
+      #export OAUTH2_TOKEN_ENDPOINT=''
+      #---------------------------------------------
+      # LDAP_ENABLE : Enable or not the connection by the LDAP
+      # example :  export LDAP_ENABLE=true
+      #export LDAP_ENABLE=false
+      # LDAP_PORT : The port of the LDAP server
+      # example :  export LDAP_PORT=389
+      #export LDAP_PORT=389
+      # LDAP_HOST : The host server for the LDAP server
+      # example :  export LDAP_HOST=localhost
+      #export LDAP_HOST=
+      # LDAP_BASEDN : The base DN for the LDAP Tree
+      # example :  export LDAP_BASEDN=ou=user,dc=example,dc=org
+      #export LDAP_BASEDN=
+      # LDAP_LOGIN_FALLBACK : Fallback on the default authentication method
+      # example :  export LDAP_LOGIN_FALLBACK=true
+      #export LDAP_LOGIN_FALLBACK=false
+      # LDAP_RECONNECT : Reconnect to the server if the connection is lost
+      # example :  export LDAP_RECONNECT=false
+      #export LDAP_RECONNECT=true
+      # LDAP_TIMEOUT : Overall timeout, in milliseconds
+      # example :  export LDAP_TIMEOUT=12345
+      #export LDAP_TIMEOUT=10000
+      # LDAP_IDLE_TIMEOUT : Specifies the timeout for idle LDAP connections in milliseconds
+      # example :  export LDAP_IDLE_TIMEOUT=12345
+      #export LDAP_IDLE_TIMEOUT=10000
+      # LDAP_CONNECT_TIMEOUT : Connection timeout, in milliseconds
+      # example :  export LDAP_CONNECT_TIMEOUT=12345
+      #export LDAP_CONNECT_TIMEOUT=10000
+      # LDAP_AUTHENTIFICATION : If the LDAP needs a user account to search
+      # example :  export LDAP_AUTHENTIFICATION=true
+      #export LDAP_AUTHENTIFICATION=false
+      # LDAP_AUTHENTIFICATION_USERDN : The search user DN
+      # example :  export LDAP_AUTHENTIFICATION_USERDN=cn=admin,dc=example,dc=org
+      #export LDAP_AUTHENTIFICATION_USERDN=
+      # LDAP_AUTHENTIFICATION_PASSWORD : The password for the search user
+      # example : AUTHENTIFICATION_PASSWORD=admin
+      #export LDAP_AUTHENTIFICATION_PASSWORD=
+      # LDAP_LOG_ENABLED : Enable logs for the module
+      # example :  export LDAP_LOG_ENABLED=true
+      #export LDAP_LOG_ENABLED=false
+      # LDAP_BACKGROUND_SYNC : If the sync of the users should be done in the background
+      # example :  export LDAP_BACKGROUND_SYNC=true
+      #export LDAP_BACKGROUND_SYNC=false
+      # LDAP_BACKGROUND_SYNC_INTERVAL : At which interval does the background task sync in milliseconds
+      # example :  export LDAP_BACKGROUND_SYNC_INTERVAL=12345
+      #export LDAP_BACKGROUND_SYNC_INTERVAL=100
+      # LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED :
+      # example :  export LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=true
+      #export LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=false
+      # LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS :
+      # example :  export LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=true
+      #export LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=false
+      # LDAP_ENCRYPTION : If using LDAPS
+      # example :  export LDAP_ENCRYPTION=ssl
+      #export LDAP_ENCRYPTION=false
+      # LDAP_CA_CERT : The certification for the LDAPS server. Certificate needs to be included in this docker-compose.yml file.
+      # example :  export LDAP_CA_CERT=-----BEGIN CERTIFICATE-----MIIE+zCCA+OgAwIBAgIkAhwR/6TVLmdRY6hHxvUFWc0+Enmu/Hu6cj+G2FIdAgIC...-----END CERTIFICATE-----
+      #export LDAP_CA_CERT=
+      # LDAP_REJECT_UNAUTHORIZED : Reject Unauthorized Certificate
+      # example :  export LDAP_REJECT_UNAUTHORIZED=true
+      #export LDAP_REJECT_UNAUTHORIZED=false
+      # LDAP_USER_SEARCH_FILTER : Optional extra LDAP filters. Don't forget the outmost enclosing parentheses if needed
+      # example :  export LDAP_USER_SEARCH_FILTER=
+      #export LDAP_USER_SEARCH_FILTER=
+      # LDAP_USER_SEARCH_SCOPE : base (search only in the provided DN), one (search only in the provided DN and one level deep), or sub (search the whole subtree)
+      # example :  export LDAP_USER_SEARCH_SCOPE=one
+      #export LDAP_USER_SEARCH_SCOPE=
+      # LDAP_USER_SEARCH_FIELD : Which field is used to find the user
+      # example :  export LDAP_USER_SEARCH_FIELD=uid
+      #export LDAP_USER_SEARCH_FIELD=
+      # LDAP_SEARCH_PAGE_SIZE : Used for pagination (0=unlimited)
+      # example :  export LDAP_SEARCH_PAGE_SIZE=12345
+      #export LDAP_SEARCH_PAGE_SIZE=0
+      # LDAP_SEARCH_SIZE_LIMIT : The limit number of entries (0=unlimited)
+      # example :  export LDAP_SEARCH_SIZE_LIMIT=12345
+      #export LDAP_SEARCH_SIZE_LIMIT=0
+      # LDAP_GROUP_FILTER_ENABLE : Enable group filtering
+      # example :  export LDAP_GROUP_FILTER_ENABLE=true
+      #export LDAP_GROUP_FILTER_ENABLE=false
+      # LDAP_GROUP_FILTER_OBJECTCLASS : The object class for filtering
+      # example :  export LDAP_GROUP_FILTER_OBJECTCLASS=group
+      #export LDAP_GROUP_FILTER_OBJECTCLASS=
+      # LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE :
+      # example :
+      #export LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE=
+      # LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE :
+      # example :
+      #export LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE=
+      # LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT :
+      # example :
+      #export LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT=
+      # LDAP_GROUP_FILTER_GROUP_NAME :
+      # example :
+      #export LDAP_GROUP_FILTER_GROUP_NAME=
+      # LDAP_UNIQUE_IDENTIFIER_FIELD : This field is sometimes class GUID (Globally Unique Identifier)
+      # example :  export LDAP_UNIQUE_IDENTIFIER_FIELD=guid
+      #export LDAP_UNIQUE_IDENTIFIER_FIELD=
+      # LDAP_UTF8_NAMES_SLUGIFY : Convert the username to utf8
+      # example :  export LDAP_UTF8_NAMES_SLUGIFY=false
+      #export LDAP_UTF8_NAMES_SLUGIFY=true
+      # LDAP_USERNAME_FIELD : Which field contains the ldap username
+      # example :  export LDAP_USERNAME_FIELD=username
+      #export LDAP_USERNAME_FIELD=
+      # LDAP_FULLNAME_FIELD : Which field contains the ldap fullname
+      # example :  export LDAP_FULLNAME_FIELD=fullname
+      #export LDAP_FULLNAME_FIELD=
+      # LDAP_MERGE_EXISTING_USERS :
+      # example :  export LDAP_MERGE_EXISTING_USERS=true
+      #export LDAP_MERGE_EXISTING_USERS=false
+      # LDAP_SYNC_USER_DATA :
+      # example :  export LDAP_SYNC_USER_DATA=true
+      #export LDAP_SYNC_USER_DATA=false
+      # LDAP_SYNC_USER_DATA_FIELDMAP :
+      # example :  export LDAP_SYNC_USER_DATA_FIELDMAP={"cn":"name", "mail":"email"}
+      #export LDAP_SYNC_USER_DATA_FIELDMAP=
+      # LDAP_SYNC_GROUP_ROLES :
+      # example :
+      #export LDAP_SYNC_GROUP_ROLES=
+      # LDAP_DEFAULT_DOMAIN : The default domain of the ldap it is used to create email if the field is not map correctly with the LDAP_SYNC_USER_DATA_FIELDMAP
+      # example :
+      #export LDAP_DEFAULT_DOMAIN=
+      # LOGOUT_WITH_TIMER : Enables or not the option logout with timer
+      # example : LOGOUT_WITH_TIMER=true
+      #- LOGOUT_WITH_TIMER=
+      # LOGOUT_IN : The number of days
+      # example : LOGOUT_IN=1
+      #- LOGOUT_IN=
+      #- LOGOUT_ON_HOURS=
+      # LOGOUT_ON_MINUTES : The number of minutes
+      # example : LOGOUT_ON_MINUTES=55
+      #- LOGOUT_ON_MINUTES=
+
+      node main.js
+      # & >> ../../wekan.log
+      cd ../..
 #done