Koha/debian/templates/koha-conf-site.xml.in
David Cook 5cef65a87f Bug 30843: Add mfa_range configuration option for TOTP
This change adds a mfa_range configuration option for TOTP
to koha-conf.xml, and overrides the "verify" method from
Auth::GoogleAuth in order to provide a new default for "range"

Test plan:
0. Apply the patch
1. koha-plack --restart kohadev
2. Go to
http://localhost:8081/cgi-bin/koha/admin/preferences.pl?op=search&searchfield=TwoFactorAuthentication
3. Change the syspref to "Enable"
4. Go to
http://localhost:8081/cgi-bin/koha/members/moremember.pl?borrowernumber=51
5. Click "More" and "Manage two-factor authentication"
6. Register using an app
7. In an Incognito window, go to
http://localhost:8081/cgi-bin/koha/mainpage.pl
8. Sign in with the "koha" user
9. Note down a code from your Authenticator app
10. Wait until after 60 seconds and try it
11. Note it says "Invalid two-factor code"
12. Try a new code from the app
13. Note that it works

14. Add <mfa_range>10</mfa_range> to /etc/koha/sites/kohadev/koha-conf.xml
15. Clear memcached and koha-plack --restart kohadev
16. Sign in with the "koha" user
17. Note down a code from your Authenticator app
18. Wait 4 minutes and then try it
19. Note that it works

20. Disable your two-factor authentication and click to re-enable it
21. Use a code older than 60 seconds when registering for the two
factor authentication
22. Note that the code works

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 6a0955946e)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2023-10-05 08:36:20 -10:00

489 lines
22 KiB
XML

<yazgfs>
<listen id="biblioserver" >unix:/var/run/koha/__KOHASITE__/bibliosocket</listen>
<listen id="authorityserver" >unix:/var/run/koha/__KOHASITE__/authoritysocket</listen>
<!-- Uncomment the following entry if you want to run the public Z39.50 server.
Also uncomment the <server> and <serverinfo> sections for id 'publicserver'
under PUBLICSERVER'S BIBLIOGRAPHIC RECORDS title-->
__START_SRU_PUBLICSERVER__
<listen id="publicserver" >tcp:@:__SRU_BIBLIOS_PORT__</listen>
__END_SRU_PUBLICSERVER__
<!-- BIBLIOGRAPHIC RECORDS -->
<server id="biblioserver" listenref="biblioserver">
<directory>/var/lib/koha/__KOHASITE__/biblios</directory>
<config>/etc/koha/sites/__KOHASITE__/zebra-biblios-dom.cfg</config>
<cql2rpn>/etc/koha/zebradb/pqf.properties</cql2rpn>
<xi:include href="/etc/koha/__ZEBRA_MARC_FORMAT__-retrieval-info-bib-dom.xml"
xmlns:xi="http://www.w3.org/2001/XInclude">
<xi:fallback>
<retrievalinfo>
<retrieval syntax="__ZEBRA_MARC_FORMAT__" name="F"/>
<retrieval syntax="__ZEBRA_MARC_FORMAT__" name="B"/>
<retrieval syntax="xml" name="F"/>
<retrieval syntax="xml" name="B"/>
<retrieval syntax="xml" name="marcxml"
identifier="info:srw/schema/1/marcxml-v1.1">
<backend syntax="__ZEBRA_MARC_FORMAT__" name="F">
<marc inputformat="marc" outputformat="marcxml"
inputcharset="utf-8"/>
</backend>
</retrieval>
<retrieval syntax="xml" name="dc">
<backend syntax="__ZEBRA_MARC_FORMAT__" name="F">
<marc inputformat="marc" outputformat="marcxml"
inputcharset="utf-8"/>
<xslt stylesheet="/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slim2DC.xsl"/>
</backend>
</retrieval>
<retrieval syntax="xml" name="mods">
<backend syntax="__ZEBRA_MARC_FORMAT__" name="F">
<marc inputformat="marc" outputformat="marcxml"
inputcharset="utf-8"/>
<xslt stylesheet="/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slim2MODS.xsl"/>
</backend>
</retrieval>
<retrieval syntax="xml" name="rdfdc">
<backend syntax="__ZEBRA_MARC_FORMAT__" name="F">
<marc inputformat="marc" outputformat="marcxml"
inputcharset="utf-8"/>
<xslt stylesheet="/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slim2RDFDC.xsl"/>
</backend>
</retrieval>
<retrieval syntax="xml" name="rss2">
<backend syntax="__ZEBRA_MARC_FORMAT__" name="F">
<marc inputformat="marc" outputformat="marcxml"
inputcharset="utf-8"/>
<xslt stylesheet="/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slim2RSS2.xsl"/>
</backend>
</retrieval>
<retrieval syntax="xml" name="utils">
<backend syntax="__ZEBRA_MARC_FORMAT__" name="F">
<marc inputformat="marc" outputformat="marcxml"
inputcharset="utf-8"/>
<xslt stylesheet="/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slimUtils.xsl"/>
</backend>
</retrieval>
</retrievalinfo>
</xi:fallback>
</xi:include>
<!-- The stuff below is used to enable SRU. It's currently disabled
until we come up with a good way to make it get magically set up by
the packaging system. If you need it, uncomment and set it up
manually.
<xi:include href="/etc/koha/zebradb/explain-biblios.xml"
xmlns:xi="http://www.w3.org/2001/XInclude">
<xi:fallback>
<explain xmlns="http://explain.z3950.org/dtd/2.0/">
<serverInfo>
<host>__ZEBRA_SRU_HOST__</host>
<port>__ZEBRA_SRU_BIBLIOS_PORT__</port>
<database>biblios</database>
</serverInfo>
</explain>
</xi:fallback>
</xi:include> -->
</server>
<serverinfo id="biblioserver">
<ccl2rpn>/etc/koha/zebradb/ccl.properties</ccl2rpn>
<user>kohauser</user>
<password>__ZEBRA_PASS__</password>
</serverinfo>
<!-- AUTHORITY RECORDS -->
<server id="authorityserver" listenref="authorityserver" >
<directory>/var/lib/koha/__KOHASITE__/authorities</directory>
<config>/etc/koha/sites/__KOHASITE__/zebra-authorities-dom.cfg</config>
<cql2rpn>/etc/koha/zebradb/pqf.properties</cql2rpn>
<xi:include href="/etc/koha/__ZEBRA_MARC_FORMAT__-retrieval-info-auth-dom.xml"
xmlns:xi="http://www.w3.org/2001/XInclude">
<xi:fallback>
<retrievalinfo>
<retrieval syntax="__ZEBRA_MARC_FORMAT__" name="F"/>
<retrieval syntax="__ZEBRA_MARC_FORMAT__" name="B"/>
<retrieval syntax="xml" name="marcxml"
identifier="info:srw/schema/1/marcxml-v1.1">
<backend syntax="__ZEBRA_MARC_FORMAT__" name="F">
<marc inputformat="marc" outputformat="marcxml"
inputcharset="utf-8"/>
</backend>
</retrieval>
<retrieval syntax="xml" name="dc">
<backend syntax="__ZEBRA_MARC_FORMAT__" name="F">
<marc inputformat="marc" outputformat="marcxml"
inputcharset="utf-8"/>
<xslt stylesheet="/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slim2DC.xsl"/>
</backend>
</retrieval>
<retrieval syntax="xml" name="mods">
<backend syntax="__ZEBRA_MARC_FORMAT__" name="F">
<marc inputformat="marc" outputformat="marcxml"
inputcharset="utf-8"/>
<xslt stylesheet="/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slim2MODS.xsl"/>
</backend>
</retrieval>
<retrieval syntax="xml" name="rdfdc">
<backend syntax="__ZEBRA_MARC_FORMAT__" name="F">
<marc inputformat="marc" outputformat="marcxml"
inputcharset="utf-8"/>
<xslt stylesheet="/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slim2RDFDC.xsl"/>
</backend>
</retrieval>
<retrieval syntax="xml" name="utils">
<backend syntax="__ZEBRA_MARC_FORMAT__" name="F">
<marc inputformat="marc" outputformat="marcxml"
inputcharset="utf-8"/>
<xslt stylesheet="/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slimUtils.xsl"/>
</backend>
</retrieval>
</retrievalinfo>
</xi:fallback>
</xi:include>
<!-- The stuff below is used to enable SRU. It's currently disabled
until we come up with a good way to make it get magically set up by
the packaging system. If you need it, uncomment and set it up
manually.
<xi:include href="/etc/koha/zebradb/explain-authorities.xml"
xmlns:xi="http://www.w3.org/2001/XInclude">
<xi:fallback>
<explain xmlns="http://explain.z3950.org/dtd/2.0/">
<serverInfo>
<host>__ZEBRA_SRU_HOST__</host>
<port>__ZEBRA_SRU_AUTHORITIES_PORT__</port>
<database>authorities</database>
</serverInfo>
</explain>
</xi:fallback>
</xi:include> -->
</server>
<serverinfo id="authorityserver">
<ccl2rpn>/etc/koha/zebradb/ccl.properties</ccl2rpn>
<user>kohauser</user>
<password>__ZEBRA_PASS__</password>
</serverinfo>
<!-- PUBLICSERVER'S BIBLIOGRAPHIC RECORDS -->
<!-- This can be used to set up a public Z39.50/SRU server. -->
__START_SRU_PUBLICSERVER__
<server id="publicserver" listenref="publicserver">
<directory>/var/lib/koha/__KOHASITE__/biblios</directory>
<config>/etc/koha/sites/__KOHASITE__/zebra-biblios-dom.cfg</config>
<cql2rpn>/etc/koha/zebradb/pqf.properties</cql2rpn>
<xi:include href="/etc/koha/__ZEBRA_MARC_FORMAT__-retrieval-info-bib-dom.xml"
xmlns:xi="http://www.w3.org/2001/XInclude">
<xi:fallback>
<retrievalinfo>
<retrieval syntax="__ZEBRA_MARC_FORMAT__" name="F"/>
<retrieval syntax="__ZEBRA_MARC_FORMAT__" name="B"/>
<retrieval syntax="xml" name="F"/>
<retrieval syntax="xml" name="B"/>
<retrieval syntax="xml" name="marcxml"
identifier="info:srw/schema/1/marcxml-v1.1">
<backend syntax="__ZEBRA_MARC_FORMAT__" name="F">
<marc inputformat="marc" outputformat="marcxml"
inputcharset="utf-8"/>
</backend>
</retrieval>
<retrieval syntax="xml" name="dc">
<backend syntax="__ZEBRA_MARC_FORMAT__" name="F">
<marc inputformat="marc" outputformat="marcxml"
inputcharset="utf-8"/>
<xslt stylesheet="/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slim2DC.xsl"/>
</backend>
</retrieval>
<retrieval syntax="xml" name="mods">
<backend syntax="__ZEBRA_MARC_FORMAT__" name="F">
<marc inputformat="marc" outputformat="marcxml"
inputcharset="utf-8"/>
<xslt stylesheet="/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slim2MODS.xsl"/>
</backend>
</retrieval>
<retrieval syntax="xml" name="rdfdc">
<backend syntax="__ZEBRA_MARC_FORMAT__" name="F">
<marc inputformat="marc" outputformat="marcxml"
inputcharset="utf-8"/>
<xslt stylesheet="/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slim2RDFDC.xsl"/>
</backend>
</retrieval>
<retrieval syntax="xml" name="rss2">
<backend syntax="__ZEBRA_MARC_FORMAT__" name="F">
<marc inputformat="marc" outputformat="marcxml"
inputcharset="utf-8"/>
<xslt stylesheet="/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slim2RSS2.xsl"/>
</backend>
</retrieval>
<retrieval syntax="xml" name="utils">
<backend syntax="__ZEBRA_MARC_FORMAT__" name="F">
<marc inputformat="marc" outputformat="marcxml"
inputcharset="utf-8"/>
<xslt stylesheet="/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slimUtils.xsl"/>
</backend>
</retrieval>
</retrievalinfo>
</xi:fallback>
</xi:include>
<xi:include href="/etc/koha/zebradb/explain-biblios.xml"
xmlns:xi="http://www.w3.org/2001/XInclude">
<xi:fallback>
<explain xmlns="http://explain.z3950.org/dtd/2.0/">
<serverInfo>
<host>__ZEBRA_SRU_HOST__</host>
<port>__ZEBRA_SRU_BIBLIOS_PORT__</port>
<database>biblios</database>
</serverInfo>
</explain>
</xi:fallback>
</xi:include>
</server>
<serverinfo id="publicserver">
<ccl2rpn>/etc/koha/zebradb/ccl.properties</ccl2rpn>
<user>kohauser</user>
<password>__ZEBRA_PASS__</password>
</serverinfo>
__END_SRU_PUBLICSERVER__
<config>
<db_scheme>mysql</db_scheme>
<database>__DB_NAME__</database>
<hostname>__DB_HOST__</hostname>
<port>3306</port>
<user>__DB_USER__</user>
<pass>__DB_PASS__</pass>
<tls>__DB_USE_TLS__</tls>
<ca>__DB_TLS_CA_CERTIFICATE__</ca>
<cert>__DB_TLS_CLIENT_CERTIFICATE__</cert>
<key>__DB_TLS_CLIENT_KEY__</key>
<biblioserver>biblios</biblioserver>
<biblioservershadow>1</biblioservershadow>
<authorityserver>authorities</authorityserver>
<authorityservershadow>1</authorityservershadow>
<pluginsdir>__PLUGINS_DIR__</pluginsdir> <!-- This entry can be repeated to use multiple directories -->
<enable_plugins>0</enable_plugins>
<upload_path>__UPLOAD_PATH__</upload_path>
<tmp_path>__TMP_PATH__</tmp_path>
<intranetdir>/usr/share/koha/intranet/cgi-bin</intranetdir>
<opacdir>/usr/share/koha/opac/cgi-bin/opac</opacdir>
<opachtdocs>/usr/share/koha/opac/htdocs/opac-tmpl</opachtdocs>
<intrahtdocs>/usr/share/koha/intranet/htdocs/intranet-tmpl</intrahtdocs>
<includes>/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/includes/</includes>
<logdir>__LOG_DIR__</logdir>
<docdir>/usr/share/doc/koha-common</docdir>
<backupdir>/var/spool/koha/__KOHASITE__</backupdir>
<!-- URL of the mana KB server -->
<!-- alternative value http://mana-test.koha-community.org to query the test server -->
<mana_config>https://mana-kb.koha-community.org</mana_config>
<!-- Enable the two following to allow superlibrarians to download
database and configuration dumps (respectively) from the Export
tool -->
<backup_db_via_tools>0</backup_db_via_tools>
<backup_conf_via_tools>0</backup_conf_via_tools>
<install_log>/usr/share/koha/misc/koha-install-log</install_log>
<useldapserver>0</useldapserver><!-- see C4::Auth_with_ldap for extra configs you must add if you want to turn this on -->
<useshibboleth>0</useshibboleth><!-- see C4::Auth_with_shibboleth for extra configs you must do to turn this on -->
<zebra_lockdir>/var/lock/koha/__KOHASITE__</zebra_lockdir>
<lockdir>/var/lock/koha/__KOHASITE__</lockdir>
<use_zebra_facets>1</use_zebra_facets>
<zebra_max_record_size>1024</zebra_max_record_size>
<zebra_connection_timeout>30</zebra_connection_timeout>
<log4perl_conf>__KOHA_CONF_DIR__/log4perl.conf</log4perl_conf>
<!-- Uncomment/edit next setting if you want to adjust zebra log levels.
Default is: none,fatal,warn.
You can also include: debug,log,malloc,all,request.
Use a comma-separated list of levels to include. -->
<!-- <zebra_loglevels>none,fatal,warn</zebra_loglevels> -->
<memcached_servers>__MEMCACHED_SERVERS__</memcached_servers>
<memcached_namespace>__MEMCACHED_NAMESPACE__</memcached_namespace>
<template_cache_dir>__TEMPLATE_CACHE_DIR__</template_cache_dir>
<!-- Secret passphrase used by Mojolicious for signed cookies -->
<api_secret_passphrase>__API_SECRET__</api_secret_passphrase>
<!-- default report results limit is 999,999. uncomment this and set a different number to override that limit.
<report_results_limit>999999</report_results_limit>
-->
<!-- Accessible directory from the staff interface, uncomment the following line and define a valid path to let the intranet user access it-->
<!--
<access_dirs>
<access_dir></access_dir>
<access_dir></access_dir>
</access_dirs>
-->
<!-- true type font mapping according to type from $font_types in C4/Creators/Lib.pm -->
<ttf>
<font type="TR" >/usr/share/fonts/truetype/dejavu/DejaVuSerif.ttf</font>
<font type="TB" >/usr/share/fonts/truetype/dejavu/DejaVuSerif-Bold.ttf</font>
<font type="TI" >/usr/share/fonts/truetype/dejavu/DejaVuSerif-Italic.ttf</font>
<font type="TBI">/usr/share/fonts/truetype/dejavu/DejaVuSerif-BoldItalic.ttf</font>
<font type="C" >/usr/share/fonts/truetype/dejavu/DejaVuSansMono.ttf</font>
<font type="CB" >/usr/share/fonts/truetype/dejavu/DejaVuSansMono-Bold.ttf</font>
<font type="CO" >/usr/share/fonts/truetype/dejavu/DejaVuSansMono-Oblique.ttf</font>
<font type="CBO">/usr/share/fonts/truetype/dejavu/DejaVuSansMono-BoldOblique.ttf</font>
<font type="H" >/usr/share/fonts/truetype/dejavu/DejaVuSans.ttf</font>
<font type="HO" >/usr/share/fonts/truetype/dejavu/DejaVuSans-Oblique.ttf</font>
<font type="HB" >/usr/share/fonts/truetype/dejavu/DejaVuSans-Bold.ttf</font>
<font type="HBO">/usr/share/fonts/truetype/dejavu/DejaVuSans-BoldOblique.ttf</font>
</ttf>
<!-- Path to the config file for SMS::Send -->
<sms_send_config>__KOHA_CONF_DIR__/sms_send/</sms_send_config>
<!-- Configuration for Plack -->
<plack_max_requests>50</plack_max_requests>
<plack_workers>2</plack_workers>
<!-- Configuration for X-Forwarded-For -->
<!--
<koha_trusted_proxies>1.2.3.4 2.3.4.5 3.4.5.6</koha_trusted_proxies>
-->
<!-- Elasticsearch Configuration -->
<elasticsearch>
<server>__ELASTICSEARCH_SERVER__</server> <!-- may be repeated to include all servers on your cluster -->
<index_name>koha___KOHASITE__</index_name> <!-- should be unique amongst all the indices on your cluster. _biblios and _authorities will be appended. -->
<!-- See https://metacpan.org/pod/Search::Elasticsearch#cxn_pool -->
<cxn_pool>Static</cxn_pool>
<!-- See https://metacpan.org/pod/Search::Elasticsearch#trace_to -->
<!-- <trace_to>Stderr</trace_to> -->
</elasticsearch>
<!-- Uncomment the following line if you want to override the Elasticsearch default index settings -->
<!-- <elasticsearch_index_config>__KOHA_CONF_DIR__/searchengine/elasticsearch/index_config.yaml</elasticsearch_index_config> -->
<!-- Uncomment the following line if you want to override the Elasticsearch default field settings -->
<!-- <elasticsearch_field_config>__KOHA_CONF_DIR__/searchengine/elasticsearch/field_config.yaml</elasticsearch_field_config> -->
<!-- Uncomment the following line if you want to override the Elasticsearch index default settings.
Note that any changes made to the mappings file only take effect if you reset the mappings in
by visiting /cgi-bin/koha/admin/searchengine/elasticsearch/mappings.pl?op=reset&i_know_what_i_am_doing=1&reset_fields=1.
Resetting mappings will override any changes made in the Search engine configuration UI.
-->
<!-- <elasticsearch_index_mappings>__KOHA_CONF_DIR__/searchengine/elasticsearch/mappings.yaml</elasticsearch_index_mappings> -->
<interlibrary_loans>
<!-- Path to where Illbackends are located on the system
- This setting should normally not be touched -->
<backend_directory>/usr/share/koha/lib/Koha/Illbackends</backend_directory>
<!-- At least one <branch> block is required. -->
<branch>
<!-- The code of this branch -->
<code>CPL</code>
<!-- An optional prefix for all ILL request IDs for this branch -->
<prefix>ILL</prefix>
</branch>
<!-- How should we treat staff comments?
- hide: don't show in OPAC
- show: show in OPAC -->
<staff_request_comments>hide</staff_request_comments>
<!-- How should we treat the reply_date field?
- hide: don't show this field in the UI
- any other string: show, with this label -->
<reply_date>hide</reply_date>
<!-- Where should digital ILLs be sent?
- borrower: send it straight to the borrower email
- branch: send the ILL to the branch email -->
<digital_recipient>branch</digital_recipient>
<!-- What patron category should we use for p2p ILL requests?
- By default this is set to 'IL' -->
<partner_code>IL</partner_code>
</interlibrary_loans>
<!-- The timezone setting can let you force the timezone for this
instance to be something other then the local timezone of the
server. e.g. Antarctica/South_Pole -->
<timezone>__TIMEZONE__</timezone>
<!-- This is the bcrypt settings used to generated anonymized content -->
<bcrypt_settings>__BCRYPT_SETTINGS__</bcrypt_settings>
<!-- Encryption key for crypted password or sensitive data -->
<encryption_key>__ENCRYPTION_KEY__</encryption_key>
<!-- flag for development purposes
dev_install is used to adjust some paths specific to dev installations
strict_sql_modes should not be used in a production environment
developers use it to catch bugs related to strict SQL modes -->
<dev_install>0</dev_install>
<strict_sql_modes>0</strict_sql_modes>
<plugin_repos>
<!--
<repo>
<name>ByWater Solutions</name>
<org_name>bywatersolutions</org_name>
<service>github</service>
</repo>
<repo>
<name>Theke Solutions</name>
<org_name>thekesolutions</org_name>
<service>gitlab</service>
</repo>
<repo>
<name>PTFS Europe</name>
<org_name>ptfs-europe</org_name>
<service>github</service>
</repo>
<repo>
<name>Solutions inLibro</name>
<org_name>inLibro</org_name>
<service>github</service>
</repo>
-->
</plugin_repos>
<koha_xslt_security>
<!-- Uncomment the following entry ONLY when you explicitly want the XSLT
parser to expand entities like <!ENTITY secret SYSTEM "/etc/secrets">.
This is unsafe and therefore NOT recommended!
<expand_entities_unsafe>1</expand_entities_unsafe>
-->
</koha_xslt_security>
<smtp_server>
<host>__SMTP_HOST__</host>
<port>__SMTP_PORT__</port>
<timeout>__SMTP_TIMEOUT__</timeout>
<ssl_mode>__SMTP_SSL_MODE__</ssl_mode>
<user_name>__SMTP_USER_NAME__</user_name>
<password>__SMTP_PASSWORD__</password>
<debug>__SMTP_DEBUG__</debug>
</smtp_server>
<message_broker>
<hostname>__MESSAGE_BROKER_HOST__</hostname>
<port>__MESSAGE_BROKER_PORT__</port>
<username>__MESSAGE_BROKER_USER__</username>
<password>__MESSAGE_BROKER_PASS__</password>
<vhost>__MESSAGE_BROKER_VHOST__</vhost>
</message_broker>
<background_jobs_worker>
<!-- Max simultaneous processes per worker -->
<max_processes>1</max_processes>
</background_jobs_worker>
<do_not_remove_cookie>__KEEP_COOKIE__</do_not_remove_cookie>
<do_not_remove_cookie>catalogue_editor_\d+</do_not_remove_cookie>
<!-- Uncomment lines like hereunder to not clear cookies at logout:
The cookie name is case sensitive.
NOTE: You may use regex constructions like the example above.
<do_not_remove_cookie>KohaOpacLanguage</do_not_remove_cookie>
-->
<message_domain_limits>
<!-- Two types are supported: a regular limit and a grouped limit that refers to a regular limit -->
<!-- <domain><name>DOMAIN_NAME</name><limit>NUMBER</limit><unit>{NUMBER}{m[inutes]|h[ours]|d[ays]}</unit></domain> -->
<!-- <domain><name>OTHER_DOMAIN_NAME</name><belongs_to>DOMAIN_NAME</belongs_to></domain> -->
<!-- Like: <domain><name>outlook.com</name><limit>30</limit><unit>1m</unit></domain> -->
<!-- Like: <domain><name>hotmail.com</name><belongs_to>outlook.com</belongs_to></domain> -->
</message_domain_limits>
<mfa_range>1</mfa_range><!-- Number of 30 second iterations to allow for MFA code checking -->
</config>
</yazgfs>